fix(quality): Ruff/CVE/TS-Fixes, 104 neue Tests, Complexity-Refactoring

- Ruff: 144 auto-fixes (unused imports, == None → is None), F821/F811/F841 manuell - CVEs: python-multipart>=0.0.22, weasyprint>=68.0, pillow>=12.1.1, npm audit fix (0 vulns) - TS: 5 tote Drafting-Engine-Dateien entfernt, allowed-facts/sanitizer/StepHeader/context fixes - Tests: +104 (ISMS 58, Evidence 18, VVT 14, Generation 14) → 1449 passed - Refactoring: collect_ci_evidence (F→A), row_to_response (E→A), extract_requirements (E→A) - Dead Code: pca-platform, 7 Go-Handler, dsr_api.py, duplicate Schemas entfernt Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-07 19:00:33 +01:00
parent 6509e64dd9
commit 95fcba34cd
124 changed files with 2533 additions and 15709 deletions
--- a/backend-compliance/compliance/api/isms_routes.py
+++ b/backend-compliance/compliance/api/isms_routes.py
@@ -14,7 +14,7 @@ Provides endpoints for ISO 27001 certification-ready ISMS management:
 import uuid
 import hashlib
 from datetime import datetime, date
-from typing import Optional, List
+from typing import Optional

 from fastapi import APIRouter, HTTPException, Query, Depends
 from sqlalchemy.orm import Session
@@ -53,7 +53,7 @@ from .schemas import (
    # Readiness
    ISMSReadinessCheckResponse, ISMSReadinessCheckRequest, PotentialFinding,
    # Audit Trail
-    AuditTrailResponse, AuditTrailEntry, PaginationMeta,
+    AuditTrailResponse, PaginationMeta,
    # Overview
    ISO27001OverviewResponse, ISO27001ChapterStatus
 )
@@ -673,10 +673,6 @@ async def list_findings(
    ofi_count = sum(1 for f in findings if f.finding_type == FindingTypeEnum.OFI)
    open_count = sum(1 for f in findings if f.status != FindingStatusEnum.CLOSED)

-    # Add is_blocking property to each finding
-    for f in findings:
-        f.is_blocking = f.finding_type == FindingTypeEnum.MAJOR and f.status != FindingStatusEnum.CLOSED
-
    return AuditFindingListResponse(
        findings=findings,
        total=len(findings),
@@ -746,7 +742,6 @@ async def create_finding(data: AuditFindingCreate, db: Session = Depends(get_db)
    db.commit()
    db.refresh(finding)

-    finding.is_blocking = finding.finding_type == FindingTypeEnum.MAJOR
    return finding


@@ -775,7 +770,6 @@ async def update_finding(
    db.commit()
    db.refresh(finding)

-    finding.is_blocking = finding.finding_type == FindingTypeEnum.MAJOR and finding.status != FindingStatusEnum.CLOSED
    return finding


@@ -824,7 +818,6 @@ async def close_finding(
    db.commit()
    db.refresh(finding)

-    finding.is_blocking = False
    return finding


@@ -1271,10 +1264,9 @@ async def run_readiness_check(

    # Chapter 6: Planning - Risk Assessment
    from ..db.models import RiskDB
-    risks = db.query(RiskDB).filter(RiskDB.status == "open").count()
    risks_without_treatment = db.query(RiskDB).filter(
        RiskDB.status == "open",
-        RiskDB.treatment_plan == None
+        RiskDB.treatment_plan is None
    ).count()
    if risks_without_treatment > 0:
        potential_majors.append(PotentialFinding(
@@ -1299,7 +1291,7 @@ async def run_readiness_check(
    # SoA
    soa_total = db.query(StatementOfApplicabilityDB).count()
    soa_unapproved = db.query(StatementOfApplicabilityDB).filter(
-        StatementOfApplicabilityDB.approved_at == None
+        StatementOfApplicabilityDB.approved_at is None
    ).count()
    if soa_total == 0:
        potential_majors.append(PotentialFinding(
@@ -1525,7 +1517,7 @@ async def get_iso27001_overview(db: Session = Depends(get_db)):

    soa_total = db.query(StatementOfApplicabilityDB).count()
    soa_approved = db.query(StatementOfApplicabilityDB).filter(
-        StatementOfApplicabilityDB.approved_at != None
+        StatementOfApplicabilityDB.approved_at is not None
    ).count()
    soa_all_approved = soa_total > 0 and soa_approved == soa_total