feat(legal-docs): 5-stage lifecycle (draft → review_internal → review_client → approved → published)

Phase 1 of the workspace-cutover initiative: compliance becomes the single source of truth for documents. Step one is making the existing compliance_legal_documents workflow rich enough to express the DSB→ Mandant approval pattern that the workspace's 5-stage UI needed. Migration 148: - Adds CHECK constraint on status (was free-form VARCHAR20) - Allows: draft, review, review_internal, review_client, approved, published, archived, rejected (legacy "review" kept for backward compat — 0 existing rows so no backfill needed) - Adds CHECK on approvals.action with extended values: submitted_internal, submitted_client, approved_internal, approved_client, rejected_internal, rejected_client - Adds 6 new columns for the richer audit trail: submitted_by/at, approved_internal_by/at, approved_client_by/at Service: - New methods submit_internal_review, approve_internal, approve_client - submit_review / approve kept as backwards-compat aliases that map to the new methods - reject() now reads current status to log specific rejected_internal or rejected_client action - _version_to_response includes all new audit fields Routes: - POST /versions/{id}/submit-internal-review - POST /versions/{id}/approve-internal (DSB sagt OK → Mandant ist dran) - POST /versions/{id}/approve-client (Mandant sagt OK → approved) - Existing submit-review / approve endpoints stay but map through aliases Schema: - VersionResponse extended with optional submitted_by/at, approved_internal_by/at, approved_client_by/at fields This unlocks Phase 2 (Generate-All in compliance generator), Phase 3 (Document-Library tab in admin), Phase 4 (workspace cutover — drop its own document storage and route everything through this lifecycle). [migration-approved] Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-06-08 08:31:08 +02:00
parent 327e6a8984
commit e34f7cb507
5 changed files with 221 additions and 13 deletions
@@ -0,0 +1,76 @@
+-- =========================================================
+-- Migration 148: 5-stufiger Lifecycle für Legal Documents
+--
+-- Erweitert compliance_legal_document_versions.status um:
+--   - review_internal (DSB-interne Pruefung, war vorher implizit 'review')
+--   - review_client   (Mandanten-Freigabe-Phase nach DSB-OK)
+--
+-- Plus CHECK-Constraint, der bisher fehlte (status war freier VARCHAR(20)).
+-- 'review' bleibt erlaubt für Rückwärts-Kompatibilität.
+--
+-- Approvals-Tabelle bekommt neue action-Werte:
+--   - submitted_internal | approved_internal
+--   - submitted_client   | approved_client
+--   - rejected_internal  | rejected_client (zur Differenzierung im Audit)
+-- =========================================================
+
+DO $$
+BEGIN
+    -- Status-CHECK falls noch nicht vorhanden
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_constraint
+        WHERE conrelid = 'compliance.compliance_legal_document_versions'::regclass
+        AND conname = 'chk_legal_doc_version_status'
+    ) THEN
+        ALTER TABLE compliance.compliance_legal_document_versions
+            ADD CONSTRAINT chk_legal_doc_version_status
+            CHECK (status IN (
+                'draft',
+                'review',           -- backward-compat (deprecated; neuer Code nutzt review_internal/review_client)
+                'review_internal',  -- DSB-Phase (NEU)
+                'review_client',    -- Mandant-Phase (NEU)
+                'approved',
+                'published',
+                'archived',
+                'rejected'
+            ));
+    END IF;
+
+    -- Approvals-Action-CHECK falls noch nicht vorhanden
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_constraint
+        WHERE conrelid = 'compliance.compliance_legal_document_approvals'::regclass
+        AND conname = 'chk_legal_doc_approval_action'
+    ) THEN
+        ALTER TABLE compliance.compliance_legal_document_approvals
+            ADD CONSTRAINT chk_legal_doc_approval_action
+            CHECK (action IN (
+                'created', 'submitted',
+                'submitted_internal', 'submitted_client',  -- NEU
+                'approved',
+                'approved_internal', 'approved_client',    -- NEU
+                'rejected',
+                'rejected_internal', 'rejected_client',    -- NEU
+                'published', 'archived'
+            ));
+    END IF;
+END $$;
+
+-- Neue Felder für 5-stufige Audit-Trail-Anreicherung
+DO $$
+BEGIN
+    IF NOT EXISTS (
+        SELECT 1 FROM information_schema.columns
+        WHERE table_schema = 'compliance'
+        AND table_name = 'compliance_legal_document_versions'
+        AND column_name = 'approved_internal_by'
+    ) THEN
+        ALTER TABLE compliance.compliance_legal_document_versions
+            ADD COLUMN approved_internal_by VARCHAR(200),
+            ADD COLUMN approved_internal_at TIMESTAMPTZ,
+            ADD COLUMN approved_client_by VARCHAR(200),
+            ADD COLUMN approved_client_at TIMESTAMPTZ,
+            ADD COLUMN submitted_by VARCHAR(200),
+            ADD COLUMN submitted_at TIMESTAMPTZ;
+    END IF;
+END $$;