breakpilot-compliance/backend-compliance/compliance/db/einwilligungen_models.py

"""
SQLAlchemy models for Einwilligungen — Consent-Tracking und Cookie-Banner Konfiguration.

Tables:
- compliance_einwilligungen_catalog: Tenant-Katalog (aktive Datenpunkte)
- compliance_einwilligungen_company: Firmeninformationen fuer DSI-Generierung
- compliance_einwilligungen_cookies: Cookie-Banner-Konfiguration
- compliance_einwilligungen_consents: Endnutzer-Consent-Aufzeichnungen
"""

import uuid
from datetime import datetime

from sqlalchemy import (
    Column, String, Text, Boolean, DateTime, JSON, Index
)
from sqlalchemy.dialects.postgresql import UUID

from classroom_engine.database import Base


class EinwilligungenCatalogDB(Base):
    """Tenant-spezifischer Datenpunktkatalog — welche Datenpunkte sind aktiv?"""

    __tablename__ = 'compliance_einwilligungen_catalog'

    id = Column(UUID(as_uuid=True), primary_key=True, default=uuid.uuid4)
    tenant_id = Column(String(100), nullable=False, unique=True)
    selected_data_point_ids = Column(JSON, default=list)
    custom_data_points = Column(JSON, default=list)
    updated_at = Column(DateTime, default=datetime.utcnow, onupdate=datetime.utcnow)

    __table_args__ = (
        Index('idx_einw_catalog_tenant', 'tenant_id'),
    )

    def __repr__(self):
        return f"<EinwilligungenCatalog tenant={self.tenant_id}>"


class EinwilligungenCompanyDB(Base):
    """Firmeninformationen fuer die DSI-Generierung."""

    __tablename__ = 'compliance_einwilligungen_company'

    id = Column(UUID(as_uuid=True), primary_key=True, default=uuid.uuid4)
    tenant_id = Column(String(100), nullable=False, unique=True)
    data = Column(JSON, nullable=False, default=dict)
    updated_at = Column(DateTime, default=datetime.utcnow, onupdate=datetime.utcnow)

    def __repr__(self):
        return f"<EinwilligungenCompany tenant={self.tenant_id}>"


class EinwilligungenCookiesDB(Base):
    """Cookie-Banner-Konfiguration pro Tenant."""

    __tablename__ = 'compliance_einwilligungen_cookies'

    id = Column(UUID(as_uuid=True), primary_key=True, default=uuid.uuid4)
    tenant_id = Column(String(100), nullable=False, unique=True)
    categories = Column(JSON, default=list)
    config = Column(JSON, default=dict)
    updated_at = Column(DateTime, default=datetime.utcnow, onupdate=datetime.utcnow)

    __table_args__ = (
        Index('idx_einw_cookies_tenant', 'tenant_id'),
    )

    def __repr__(self):
        return f"<EinwilligungenCookies tenant={self.tenant_id}>"


class EinwilligungenConsentDB(Base):
    """Endnutzer-Consent-Aufzeichnung — granulare Einwilligungen pro Datenpunkt."""

    __tablename__ = 'compliance_einwilligungen_consents'

    id = Column(UUID(as_uuid=True), primary_key=True, default=uuid.uuid4)
    tenant_id = Column(String(100), nullable=False)
    user_id = Column(String(200), nullable=False)
    data_point_id = Column(String(100), nullable=False)
    granted = Column(Boolean, nullable=False, default=True)
    granted_at = Column(DateTime, nullable=False, default=datetime.utcnow)
    revoked_at = Column(DateTime)
    ip_address = Column(String(45))
    user_agent = Column(Text)
    consent_version = Column(String(20), default='1.0')
    source = Column(String(100))
    created_at = Column(DateTime, default=datetime.utcnow, nullable=False)

    __table_args__ = (
        Index('idx_einw_consents_tenant', 'tenant_id'),
        Index('idx_einw_consents_user', 'tenant_id', 'user_id'),
        Index('idx_einw_consents_dpid', 'data_point_id'),
    )

    def __repr__(self):
        return f"<EinwilligungenConsent user={self.user_id} dp={self.data_point_id} granted={self.granted}>"