feat(legal-docs): 5-stage lifecycle (draft → review_internal → review_client → approved → published)

Phase 1 of the workspace-cutover initiative: compliance becomes the single source of truth for documents. Step one is making the existing compliance_legal_documents workflow rich enough to express the DSB→ Mandant approval pattern that the workspace's 5-stage UI needed. Migration 148: - Adds CHECK constraint on status (was free-form VARCHAR20) - Allows: draft, review, review_internal, review_client, approved, published, archived, rejected (legacy "review" kept for backward compat — 0 existing rows so no backfill needed) - Adds CHECK on approvals.action with extended values: submitted_internal, submitted_client, approved_internal, approved_client, rejected_internal, rejected_client - Adds 6 new columns for the richer audit trail: submitted_by/at, approved_internal_by/at, approved_client_by/at Service: - New methods submit_internal_review, approve_internal, approve_client - submit_review / approve kept as backwards-compat aliases that map to the new methods - reject() now reads current status to log specific rejected_internal or rejected_client action - _version_to_response includes all new audit fields Routes: - POST /versions/{id}/submit-internal-review - POST /versions/{id}/approve-internal (DSB sagt OK → Mandant ist dran) - POST /versions/{id}/approve-client (Mandant sagt OK → approved) - Existing submit-review / approve endpoints stay but map through aliases Schema: - VersionResponse extended with optional submitted_by/at, approved_internal_by/at, approved_client_by/at fields This unlocks Phase 2 (Generate-All in compliance generator), Phase 3 (Document-Library tab in admin), Phase 4 (workspace cutover — drop its own document storage and route everything through this lifecycle). [migration-approved] Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-06-08 08:31:08 +02:00
parent 327e6a8984
commit e34f7cb507
5 changed files with 221 additions and 13 deletions
@@ -198,6 +198,52 @@ async def publish_version(
        return service.publish(version_id, request)


+# ============================================================================
+# 5-stage Workflow (draft → review_internal → review_client → approved → published)
+# ============================================================================
+
+@router.post(
+    "/versions/{version_id}/submit-internal-review",
+    response_model=VersionResponse,
+)
+async def submit_internal_review(
+    version_id: str,
+    request: ActionRequest,
+    service: LegalDocumentService = Depends(_get_doc_service),
+) -> VersionResponse:
+    """draft (oder rejected) → review_internal: DSB-Phase beginnt."""
+    with translate_domain_errors():
+        return service.submit_internal_review(version_id, request)
+
+
+@router.post(
+    "/versions/{version_id}/approve-internal",
+    response_model=VersionResponse,
+)
+async def approve_internal(
+    version_id: str,
+    request: ActionRequest,
+    service: LegalDocumentService = Depends(_get_doc_service),
+) -> VersionResponse:
+    """review_internal → review_client: DSB hat freigegeben, Mandant ist dran."""
+    with translate_domain_errors():
+        return service.approve_internal(version_id, request)
+
+
+@router.post(
+    "/versions/{version_id}/approve-client",
+    response_model=VersionResponse,
+)
+async def approve_client(
+    version_id: str,
+    request: ActionRequest,
+    service: LegalDocumentService = Depends(_get_doc_service),
+) -> VersionResponse:
+    """review_client → approved: Mandant hat freigegeben."""
+    with translate_domain_errors():
+        return service.approve_client(version_id, request)
+
+
 # ============================================================================
 # Approval History
 # ============================================================================