Sicherheitsbefund erfassen

Titel * setForm(p => ({ ...p, title: e.target.value }))} placeholder="Kurzbeschreibung des Befunds" className="w-full border rounded px-3 py-2 text-sm" />

Beschreibung

setForm(p => ({ ...p, description: e.target.value }))}
              rows={3}
              className="w-full border rounded px-3 py-2 text-sm"
            />
          </div>
          <div className="grid grid-cols-2 gap-4">
            <div>
              <label className="block text-sm font-medium text-gray-700 mb-1">Typ</label>
              <select value={form.type} onChange={e => setForm(p => ({ ...p, type: e.target.value }))} className="w-full border rounded px-3 py-2 text-sm">
                <option value="vulnerability">Schwachstelle</option>
                <option value="misconfiguration">Fehlkonfiguration</option>
                <option value="compliance">Compliance</option>
                <option value="hardening">Haertung</option>
              </select>
            </div>
            <div>
              <label className="block text-sm font-medium text-gray-700 mb-1">Schweregrad</label>
              <select value={form.severity} onChange={e => setForm(p => ({ ...p, severity: e.target.value }))} className="w-full border rounded px-3 py-2 text-sm">
                <option value="critical">Kritisch</option>
                <option value="high">Hoch</option>
                <option value="medium">Mittel</option>
                <option value="low">Niedrig</option>
              </select>
            </div>
            <div>
              <label className="block text-sm font-medium text-gray-700 mb-1">Quelle</label>
              <input type="text" value={form.source} onChange={e => setForm(p => ({ ...p, source: e.target.value }))} placeholder="z.B. Penetrationstest" className="w-full border rounded px-3 py-2 text-sm" />
            </div>
            <div>
              <label className="block text-sm font-medium text-gray-700 mb-1">Betroffenes Asset</label>
              <input type="text" value={form.affected_asset} onChange={e => setForm(p => ({ ...p, affected_asset: e.target.value }))} placeholder="z.B. auth-service" className="w-full border rounded px-3 py-2 text-sm" />
            </div>
            <div>
              <label className="block text-sm font-medium text-gray-700 mb-1">CVE</label>
              <input type="text" value={form.cve} onChange={e => setForm(p => ({ ...p, cve: e.target.value }))} placeholder="CVE-2024-XXXXX" className="w-full border rounded px-3 py-2 text-sm" />
            </div>
            <div>
              <label className="block text-sm font-medium text-gray-700 mb-1">CVSS Score</label>
              <input type="number" step="0.1" min="0" max="10" value={form.cvss} onChange={e => setForm(p => ({ ...p, cvss: e.target.value }))} placeholder="0.0 - 10.0" className="w-full border rounded px-3 py-2 text-sm" />
            </div>
            <div>
              <label className="block text-sm font-medium text-gray-700 mb-1">Zugewiesen an</label>
              <input type="text" value={form.assigned_to} onChange={e => setForm(p => ({ ...p, assigned_to: e.target.value }))} placeholder="Team oder Person" className="w-full border rounded px-3 py-2 text-sm" />
            </div>
          </div>
          <div>
            <label className="block text-sm font-medium text-gray-700 mb-1">Massnahme</label>
            <textarea value={form.remediation} onChange={e => setForm(p => ({ ...p, remediation: e.target.value }))} rows={2} placeholder="Empfohlene Abhilfemassnahme..." className="w-full border rounded px-3 py-2 text-sm" />
          </div>
        </div>
        <div className="px-6 py-4 border-t border-gray-200 flex justify-end gap-3">
          <button onClick={onClose} className="px-4 py-2 text-sm text-gray-600 hover:bg-gray-100 rounded-lg">Abbrechen</button>
          <button
            onClick={() => onSave(form)}
            disabled={!form.title}
            className="px-4 py-2 text-sm text-white bg-purple-600 hover:bg-purple-700 rounded-lg font-medium disabled:opacity-50"
          >
            Speichern
          </button>
        </div>
      </div>
    </div>
  )
}

// =============================================================================
// MAIN PAGE
// =============================================================================

const API = '/api/sdk/v1/compliance/security-backlog'

export default function SecurityBacklogPage() {
  const { state } = useSDK()
  const [items, setItems] = useState<SecurityItem[]>([])
  const [stats, setStats] = useState<Stats>({ open: 0, in_progress: 0, critical: 0, high: 0, overdue: 0, total: 0 })
  const [filter, setFilter] = useState<string>('all')
  const [loading, setLoading] = useState(true)
  const [showModal, setShowModal] = useState(false)
  const [editItem, setEditItem] = useState<SecurityItem | null>(null)

useEffect(() => {
    loadData()
  }, [])

async function loadData() {
    setLoading(true)
    try {
      const [itemsRes, statsRes] = await Promise.all([
        fetch(`${API}?limit=200`),
        fetch(`${API}/stats`),
      ])
      if (itemsRes.ok) {
        const data = await itemsRes.json()
        setItems(Array.isArray(data.items) ? data.items : [])
      }
      if (statsRes.ok) {
        const data = await statsRes.json()
        setStats(data)
      }
    } catch (err) {
      console.error('Failed to load security backlog:', err)
    } finally {
      setLoading(false)
    }
  }

async function handleCreate(form: NewItem) {
    try {
      const res = await fetch(API, {
        method: 'POST',
        headers: { 'Content-Type': 'application/json' },
        body: JSON.stringify({
          ...form,
          cvss: form.cvss ? parseFloat(form.cvss) : null,
        }),
      })
      if (res.ok) {
        const created = await res.json()
        setItems(prev => [created, ...prev])
        setStats(prev => ({ ...prev, open: prev.open + 1, total: prev.total + 1 }))
        setShowModal(false)
      }
    } catch (err) {
      console.error('Failed to create item:', err)
    }
  }

async function handleUpdate(form: NewItem) {
    if (!editItem) return
    try {
      const res = await fetch(`${API}/${editItem.id}`, {
        method: 'PUT',
        headers: { 'Content-Type': 'application/json' },
        body: JSON.stringify({
          ...form,
          cvss: form.cvss ? parseFloat(form.cvss) : null,
        }),
      })
      if (res.ok) {
        const updated = await res.json()
        setItems(prev => prev.map(i => i.id === updated.id ? updated : i))
        setEditItem(null)
      }
    } catch (err) {
      console.error('Failed to update item:', err)
    }
  }

async function handleDelete(id: string) {
    try {
      const res = await fetch(`${API}/${id}`, { method: 'DELETE' })
      if (res.ok || res.status === 204) {
        setItems(prev => prev.filter(i => i.id !== id))
        loadData() // refresh stats
      }
    } catch (err) {
      console.error('Failed to delete item:', err)
    }
  }

async function handleStatusChange(id: string, status: string) {
    try {
      const res = await fetch(`${API}/${id}`, {
        method: 'PUT',
        headers: { 'Content-Type': 'application/json' },
        body: JSON.stringify({ status }),
      })
      if (res.ok) {
        const updated = await res.json()
        setItems(prev => prev.map(i => i.id === updated.id ? updated : i))
        loadData() // refresh stats
      }
    } catch (err) {
      console.error('Failed to update status:', err)
    }
  }

const filteredItems = filter === 'all'
    ? items
    : items.filter(i => i.severity === filter || i.status === filter || i.type === filter)

return (
    <div className="space-y-6">
      {/* Header */}
      <div className="flex items-center justify-between">
        <div>
          <h1 className="text-2xl font-bold text-gray-900">Security Backlog</h1>
          <p className="mt-1 text-gray-500">
            Verwalten Sie Sicherheitsbefunde und verfolgen Sie deren Behebung
          </p>
        </div>
        <div className="flex items-center gap-2">
          <button
            onClick={() => { setEditItem(null); setShowModal(true) }}
            className="flex items-center gap-2 px-4 py-2 bg-purple-600 text-white rounded-lg hover:bg-purple-700 transition-colors"
          >
            <svg className="w-5 h-5" fill="none" stroke="currentColor" viewBox="0 0 24 24">
              <path strokeLinecap="round" strokeLinejoin="round" strokeWidth={2} d="M12 6v6m0 0v6m0-6h6m-6 0H6" />
            </svg>
            Befund erfassen
          </button>
        </div>
      </div>

{/* Stats */}
      <div className="grid grid-cols-1 md:grid-cols-4 gap-4">
        <div className="bg-white rounded-xl border border-gray-200 p-6">
          <div className="text-sm text-gray-500">Offen</div>
          <div className="text-3xl font-bold text-gray-900">{stats.open}</div>
        </div>
        <div className="bg-white rounded-xl border border-red-200 p-6">
          <div className="text-sm text-red-600">Kritisch</div>
          <div className="text-3xl font-bold text-red-600">{stats.critical}</div>
        </div>
        <div className="bg-white rounded-xl border border-orange-200 p-6">
          <div className="text-sm text-orange-600">Hoch</div>
          <div className="text-3xl font-bold text-orange-600">{stats.high}</div>
        </div>
        <div className="bg-white rounded-xl border border-yellow-200 p-6">
          <div className="text-sm text-yellow-600">Ueberfaellig</div>
          <div className="text-3xl font-bold text-yellow-600">{stats.overdue}</div>
        </div>
      </div>

{/* Critical Alert */}
      {stats.critical > 0 && (
        <div className="bg-red-50 border border-red-200 rounded-xl p-4 flex items-center gap-4">
          <div className="w-10 h-10 bg-red-100 rounded-full flex items-center justify-center">
            <svg className="w-5 h-5 text-red-600" fill="none" stroke="currentColor" viewBox="0 0 24 24">
              <path strokeLinecap="round" strokeLinejoin="round" strokeWidth={2} d="M12 9v2m0 4h.01m-6.938 4h13.856c1.54 0 2.502-1.667 1.732-3L13.732 4c-.77-1.333-2.694-1.333-3.464 0L3.34 16c-.77 1.333.192 3 1.732 3z" />
            </svg>
          </div>
          <div>
            <h4 className="font-medium text-red-800">{stats.critical} kritische Schwachstelle(n) erfordern sofortige Aufmerksamkeit</h4>
            <p className="text-sm text-red-600">Diese Befunde haben ein CVSS von 9.0 oder hoeher und sollten priorisiert werden.</p>
          </div>
        </div>
      )}

{/* Filter */}
      <div className="flex items-center gap-2 flex-wrap">
        <span className="text-sm text-gray-500">Filter:</span>
        {['all', 'open', 'in-progress', 'critical', 'high', 'vulnerability', 'misconfiguration'].map(f => (
          <button
            key={f}
            onClick={() => setFilter(f)}
            className={`px-3 py-1 text-sm rounded-full transition-colors ${
              filter === f ? 'bg-purple-600 text-white' : 'bg-gray-100 text-gray-600 hover:bg-gray-200'
            }`}
          >
            {f === 'all' ? 'Alle' : f === 'open' ? 'Offen' : f === 'in-progress' ? 'In Bearbeitung' :
             f === 'critical' ? 'Kritisch' : f === 'high' ? 'Hoch' :
             f === 'vulnerability' ? 'Schwachstellen' : 'Fehlkonfigurationen'}
          </button>
        ))}
      </div>

{/* Items List */}
      {loading ? (
        <div className="bg-white rounded-xl border border-gray-200 p-12 text-center text-gray-400">
          Lade Sicherheitsbefunde...
        </div>
      ) : (
        <div className="space-y-4">
          {filteredItems
            .sort((a, b) => {
              const sOrder = { critical: 0, high: 1, medium: 2, low: 3 }
              const stOrder = { open: 0, 'in-progress': 1, 'accepted-risk': 2, resolved: 3 }
              const sd = sOrder[a.severity] - sOrder[b.severity]
              if (sd !== 0) return sd
              return stOrder[a.status] - stOrder[b.status]
            })
            .map(item => (
              <SecurityItemCard
                key={item.id}
                item={item}
                onEdit={i => { setEditItem(i); setShowModal(true) }}
                onDelete={handleDelete}
                onStatusChange={handleStatusChange}
              />
            ))}

{filteredItems.length === 0 && (
            <div className="bg-white rounded-xl border border-gray-200 p-12 text-center">
              <div className="w-16 h-16 mx-auto bg-green-100 rounded-full flex items-center justify-center mb-4">
                <svg className="w-8 h-8 text-green-600" fill="none" stroke="currentColor" viewBox="0 0 24 24">
                  <path strokeLinecap="round" strokeLinejoin="round" strokeWidth={2} d="M9 12l2 2 4-4m5.618-4.016A11.955 11.955 0 0112 2.944a11.955 11.955 0 01-8.618 3.04A12.02 12.02 0 003 9c0 5.591 3.824 10.29 9 11.622 5.176-1.332 9-6.03 9-11.622 0-1.042-.133-2.052-.382-3.016z" />
                </svg>
              </div>
              <h3 className="text-lg font-semibold text-gray-900">Keine Befunde gefunden</h3>
              <p className="mt-2 text-gray-500">Passen Sie den Filter an oder erfassen Sie einen neuen Befund.</p>
            </div>
          )}
        </div>
      )}

{/* Create/Edit Modal */}
      {showModal && (
        <ItemModal
          item={editItem ? {
            title: editItem.title,
            description: editItem.description || '',
            type: editItem.type,
            severity: editItem.severity,
            source: editItem.source || '',
            cve: editItem.cve || '',
            cvss: editItem.cvss !== null ? String(editItem.cvss) : '',
            affected_asset: editItem.affected_asset || '',
            assigned_to: editItem.assigned_to || '',
            remediation: editItem.remediation || '',
          } : EMPTY_NEW_ITEM}
          onClose={() => { setShowModal(false); setEditItem(null) }}
          onSave={editItem ? handleUpdate : handleCreate}
        />
      )}
    </div>
  )
}

{item.title}

Sicherheitsbefund erfassen