Benjamin_Boenisch/breakpilot-compliance
1
0
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Document Templates v2 — 11 migrations + scope-based generator

Browse Source 
Complete overhaul of document generator templates based on paragraph-by-paragraph
legal review of attorney-drafted templates (TOM, AVV, AGB, DSI, Community
Guidelines, Nutzungsbedingungen, Widerrufsbelehrung, Cookie-Richtlinie).

Templates (11 migrations 087-097):
- 087: TOM-Dokumentation v2 (11 categories incl. Trennungskontrolle)
- 088: AVV Art. 28 DSGVO (complete, §§ 1-11, 3 annexes)
- 089: Cross-document updates (Löschkonzept DIN 66399, VVT recipients)
- 090: AGB SaaS/Shop v2 (18 §§, B2B/B2C, IoT, physical goods, IP protection)
- 091: Community Guidelines v2 (3 tones, 11 modular categories, DSA-compliant)
- 092: Media & Content modules (MStV, AI Act Art. 50, UWG, Pressekodex)
- 093: DSI/Privacy Policy v2 (Art. 13 complete, shop+corporate modules)
- 094: Nutzungsbedingungen (Terms of Use, UGC, tipping, wallet, CC licenses)
- 095: Widerrufsbelehrung (SaaS + physical + IoT bundle + combo)
- 096: Social Media DSI (Facebook, YouTube, LinkedIn, TikTok, Meta Pixel)
- 097: Cookie-Richtlinie v2 (TDDDG § 25, consent banner, browser links)

Frontend (generator):
- scopeDefaults.ts: L1-L4 scope-based defaults from Compliance Scope Engine
- contextBridge.ts: TOMCtx + DPACtx interfaces (70+ new fields)
- contextBridge-helpers.ts: 35+ placeholder mappings for TOM/DPA/AGB
- _constants.ts: 120+ new generator fields (TOM, DPA, AGB, community,
  media, social, nutzungsbedingungen, widerruf, cookie, shop, IoT)
- page.tsx: Auto-prefill TOM/DPA from scope engine decision

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
2026-05-01 01:18:33 +02:00
parent 58957a4aaa
commit bae59e2ce0
16 changed files with 3271 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
admin-compliance/app/sdk/document-generator/scopeDefaults.ts
+270
View File
@@ -0,0 +1,270 @@
/**
* Scope-basierte Generator-Defaults
*
* Nimmt ScopeDecision.determinedLevel + CompanyProfile und liefert
* vorausgefuellte TOM/DPA-Context-Werte. Alle Felder bleiben vom
* Kunden aenderbar — die Defaults sind Empfehlungen.
*
* Mapping:
* L1 = Lean Startup (≤10 MA, Cloud-only, Home Office)
* L2 = KMU Standard (11-249 MA)
* L3 = Erweitert (risikoreich oder >100 MA)
* L4 = Zertifizierungsbereit (≥250 MA oder regulierte Branche)
*/
import type { ComplianceDepthLevel } from '../../lib/sdk/compliance-scope-types/core-levels'
import type { CompanyProfile } from '../../lib/sdk/types'
import type { TOMCtx, DPACtx } from './contextBridge'
// ============================================================================
// TOM Defaults per Level
// ============================================================================
const TOM_DEFAULTS: Record<ComplianceDepthLevel, Partial<TOMCtx>> = {
L1: {
// Lean Startup: Cloud-only, kein eigener Serverraum, Home Office
HAS_MFA: true,
HAS_USB_LOCKED: false,
HAS_MOBILE_MEDIA: false,
HAS_FOUR_EYES_DELETE: false,
HAS_EXTERNAL_DESTRUCTION: false,
HAS_PHYSICAL_TRANSPORT: false,
HAS_THIRD_COUNTRY_TRANSFER: false,
HAS_CLOUD_SERVICES: true,
HAS_REDUNDANCY: false,
HAS_GEO_REDUNDANCY: false,
HAS_USV: false,
HAS_OWN_SERVER_ROOM: false,
HAS_MULTI_TENANT: false,
HAS_TEST_DATA_ANONYMIZED: true,
LOG_RETENTION_MONTHS: 3,
DIN_66399_LEVEL: '3',
AVAILABILITY_TARGET: '99.0',
SEPARATION_TYPE: 'logisch',
},
L2: {
// KMU Standard
HAS_MFA: true,
HAS_USB_LOCKED: false,
HAS_MOBILE_MEDIA: false,
HAS_FOUR_EYES_DELETE: false,
HAS_EXTERNAL_DESTRUCTION: false,
HAS_PHYSICAL_TRANSPORT: false,
HAS_THIRD_COUNTRY_TRANSFER: false,
HAS_CLOUD_SERVICES: true,
HAS_REDUNDANCY: false,
HAS_GEO_REDUNDANCY: false,
HAS_USV: false,
HAS_OWN_SERVER_ROOM: false,
HAS_MULTI_TENANT: false,
HAS_TEST_DATA_ANONYMIZED: true,
LOG_RETENTION_MONTHS: 6,
DIN_66399_LEVEL: '3',
AVAILABILITY_TARGET: '99.5',
SEPARATION_TYPE: 'logisch',
},
L3: {
// Erweitert
HAS_MFA: true,
HAS_USB_LOCKED: false,
HAS_MOBILE_MEDIA: false,
HAS_FOUR_EYES_DELETE: true,
HAS_EXTERNAL_DESTRUCTION: true,
HAS_PHYSICAL_TRANSPORT: false,
HAS_THIRD_COUNTRY_TRANSFER: false,
HAS_CLOUD_SERVICES: true,
HAS_REDUNDANCY: true,
HAS_GEO_REDUNDANCY: false,
HAS_USV: true,
HAS_OWN_SERVER_ROOM: true,
HAS_MULTI_TENANT: true,
HAS_TEST_DATA_ANONYMIZED: true,
LOG_RETENTION_MONTHS: 12,
DIN_66399_LEVEL: '4',
AVAILABILITY_TARGET: '99.9',
SEPARATION_TYPE: 'logisch',
},
L4: {
// Zertifizierungsbereit / Enterprise
HAS_MFA: true,
HAS_USB_LOCKED: true,
HAS_MOBILE_MEDIA: false,
HAS_FOUR_EYES_DELETE: true,
HAS_EXTERNAL_DESTRUCTION: true,
HAS_PHYSICAL_TRANSPORT: false,
HAS_THIRD_COUNTRY_TRANSFER: false,
HAS_CLOUD_SERVICES: true,
HAS_REDUNDANCY: true,
HAS_GEO_REDUNDANCY: true,
HAS_USV: true,
HAS_OWN_SERVER_ROOM: true,
HAS_MULTI_TENANT: true,
HAS_TEST_DATA_ANONYMIZED: true,
LOG_RETENTION_MONTHS: 24,
DIN_66399_LEVEL: '5',
AVAILABILITY_TARGET: '99.99',
SEPARATION_TYPE: 'logisch',
},
}
// ============================================================================
// DPA Defaults per Level
// ============================================================================
const DPA_DEFAULTS: Record<ComplianceDepthLevel, Partial<DPACtx>> = {
L1: {
BREACH_NOTIFICATION_HOURS: 48,
INSTRUCTION_RETENTION_YEARS: 3,
SUB_PROCESSOR_NOTICE_WEEKS: 2,
SUB_PROCESSOR_OBJECTION_WEEKS: 2,
DATA_EXPORT_FORMAT: 'CSV/JSON',
RETURN_CHOICE_WEEKS: 4,
DELETION_DAYS: 90,
HAS_LIABILITY_PROTECTION: false,
HAS_SUPPORT_COST_CLAUSE: false,
HAS_SUB_PROCESSOR_SILENCE_APPROVAL: true,
HAS_SUB_PROCESSOR_TERMINATION_RIGHT: false,
HAS_REACTIVATION_PERIOD: true,
REACTIVATION_MONTHS: 3,
HAS_RETURN_COST_CLAUSE: false,
HAS_GERICHTSSTAND_CLAUSE: false,
HAS_UNILATERAL_CHANGE_RIGHT: false,
HAS_THIRD_COUNTRY_OBJECTION: false,
},
L2: {
BREACH_NOTIFICATION_HOURS: 24,
INSTRUCTION_RETENTION_YEARS: 3,
SUB_PROCESSOR_NOTICE_WEEKS: 4,
SUB_PROCESSOR_OBJECTION_WEEKS: 2,
DATA_EXPORT_FORMAT: 'CSV/JSON',
RETURN_CHOICE_WEEKS: 4,
DELETION_DAYS: 90,
HAS_LIABILITY_PROTECTION: false,
HAS_SUPPORT_COST_CLAUSE: false,
HAS_SUB_PROCESSOR_SILENCE_APPROVAL: true,
HAS_SUB_PROCESSOR_TERMINATION_RIGHT: false,
HAS_REACTIVATION_PERIOD: true,
REACTIVATION_MONTHS: 3,
HAS_RETURN_COST_CLAUSE: false,
HAS_GERICHTSSTAND_CLAUSE: true,
HAS_UNILATERAL_CHANGE_RIGHT: false,
HAS_THIRD_COUNTRY_OBJECTION: false,
},
L3: {
BREACH_NOTIFICATION_HOURS: 24,
INSTRUCTION_RETENTION_YEARS: 5,
SUB_PROCESSOR_NOTICE_WEEKS: 4,
SUB_PROCESSOR_OBJECTION_WEEKS: 4,
DATA_EXPORT_FORMAT: 'CSV/JSON',
RETURN_CHOICE_WEEKS: 4,
DELETION_DAYS: 60,
HAS_LIABILITY_PROTECTION: true,
HAS_SUPPORT_COST_CLAUSE: true,
HAS_SUB_PROCESSOR_SILENCE_APPROVAL: true,
HAS_SUB_PROCESSOR_TERMINATION_RIGHT: true,
HAS_REACTIVATION_PERIOD: true,
REACTIVATION_MONTHS: 3,
HAS_RETURN_COST_CLAUSE: true,
HAS_GERICHTSSTAND_CLAUSE: true,
HAS_UNILATERAL_CHANGE_RIGHT: false,
HAS_THIRD_COUNTRY_OBJECTION: false,
},
L4: {
BREACH_NOTIFICATION_HOURS: 12,
INSTRUCTION_RETENTION_YEARS: 5,
SUB_PROCESSOR_NOTICE_WEEKS: 6,
SUB_PROCESSOR_OBJECTION_WEEKS: 4,
DATA_EXPORT_FORMAT: 'CSV/JSON',
RETURN_CHOICE_WEEKS: 8,
DELETION_DAYS: 30,
HAS_LIABILITY_PROTECTION: true,
HAS_SUPPORT_COST_CLAUSE: true,
HAS_SUB_PROCESSOR_SILENCE_APPROVAL: false,
HAS_SUB_PROCESSOR_TERMINATION_RIGHT: true,
HAS_REACTIVATION_PERIOD: false,
REACTIVATION_MONTHS: 3,
HAS_RETURN_COST_CLAUSE: true,
HAS_GERICHTSSTAND_CLAUSE: true,
HAS_UNILATERAL_CHANGE_RIGHT: false,
HAS_THIRD_COUNTRY_OBJECTION: false,
},
}
// ============================================================================
// Public API
// ============================================================================
export interface GeneratorDefaults {
tom: Partial<TOMCtx>
dpa: Partial<DPACtx>
/** Which fields were set by the scope engine (for UI highlighting) */
scopeSet: Set<string>
}
/**
* Berechnet Generator-Defaults basierend auf dem Compliance-Level
* und dem CompanyProfile. Alle Werte sind Vorschlaege — der Kunde
* kann sie aendern.
*/
export function getGeneratorDefaults(
level: ComplianceDepthLevel,
profile?: CompanyProfile | null,
): GeneratorDefaults {
const tomBase = { ...TOM_DEFAULTS[level] }
const dpaBase = { ...DPA_DEFAULTS[level] }
const scopeSet = new Set<string>()
// CompanyProfile-Felder in TOM/DPA uebernehmen
if (profile) {
if (profile.company_name) {
dpaBase.AN_NAME = profile.company_name
scopeSet.add('DPA.AN_NAME')
}
if (profile.address) {
dpaBase.AN_STRASSE = profile.address
scopeSet.add('DPA.AN_STRASSE')
}
if (profile.city && profile.postal_code) {
dpaBase.AN_PLZ_ORT = `${profile.postal_code} ${profile.city}`
scopeSet.add('DPA.AN_PLZ_ORT')
}
if (profile.dpo_name) {
tomBase.ISB_NAME = tomBase.ISB_NAME || ''
dpaBase.AN_DSB_NAME = profile.dpo_name
scopeSet.add('DPA.AN_DSB_NAME')
}
if (profile.dpo_email) {
dpaBase.AN_DSB_EMAIL = profile.dpo_email
scopeSet.add('DPA.AN_DSB_EMAIL')
}
if (profile.ceo_name) {
dpaBase.AN_UNTERZEICHNER_NAME = profile.ceo_name
tomBase.GF_NAME = profile.ceo_name
scopeSet.add('DPA.AN_UNTERZEICHNER_NAME')
scopeSet.add('TOM.GF_NAME')
}
}
// Alle gesetzten TOM/DPA Felder als scope-set markieren
for (const key of Object.keys(tomBase)) {
scopeSet.add(`TOM.${key}`)
}
for (const key of Object.keys(dpaBase)) {
scopeSet.add(`DPA.${key}`)
}
return { tom: tomBase, dpa: dpaBase, scopeSet }
}
/**
* Gibt das empfohlene Profil-Label zurueck (fuer UI-Anzeige).
*/
export function getProfileLabel(level: ComplianceDepthLevel): string {
const labels: Record<ComplianceDepthLevel, string> = {
L1: 'Startup / Kleinstunternehmen',
L2: 'KMU Standard',
L3: 'Erweiterte Compliance',
L4: 'Zertifizierungsbereit / Enterprise',
}
return labels[level]
}