dc0d38ea40
All checks were successful
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / test-go-ai-compliance (push) Successful in 35s
CI / test-python-backend-compliance (push) Successful in 31s
CI / test-python-document-crawler (push) Successful in 23s
CI / test-python-dsms-gateway (push) Successful in 19s
Paket A — Kritische Blocker: - compliance_scope_routes.py: GET + POST UPSERT für sdk_states JSONB-Feld - compliance/api/__init__.py: compliance_scope_router registriert - import/route.ts: POST-Proxy für multipart/form-data Upload - screening/route.ts: POST-Proxy für Dependency-File Upload Paket B — Backend + UI: - company_profile_routes.py: DELETE-Endpoint (DSGVO Art. 17) - company-profile/route.ts: DELETE-Proxy - company-profile/page.tsx: Profil-löschen-Button mit Bestätigungs-Dialog - source-policy/pii-rules/[id]/route.ts: GET ergänzt - source-policy/operations/[id]/route.ts: GET + DELETE ergänzt Paket C — Tests + UI: - test_compliance_scope_routes.py: 27 Tests (neu) - test_import_routes.py: +36 Tests → 60 gesamt - test_screening_routes.py: +28 Tests → 80+ gesamt - source-policy/page.tsx: "Blockierte Inhalte" Tab mit Tabelle + Remove Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
92 lines
2.6 KiB
TypeScript
92 lines
2.6 KiB
TypeScript
import { NextRequest, NextResponse } from 'next/server'
|
|
|
|
const BACKEND_URL = process.env.BACKEND_URL || 'http://localhost:8002'
|
|
|
|
/**
|
|
* Proxy: GET /api/sdk/v1/screening → Backend GET /api/v1/screening
|
|
* Lists screenings for the current tenant.
|
|
*/
|
|
export async function GET(request: NextRequest) {
|
|
try {
|
|
const { searchParams } = new URL(request.url)
|
|
const queryString = searchParams.toString()
|
|
const url = `${BACKEND_URL}/api/v1/screening${queryString ? `?${queryString}` : ''}`
|
|
|
|
const response = await fetch(url, {
|
|
method: 'GET',
|
|
headers: {
|
|
'Content-Type': 'application/json',
|
|
...(request.headers.get('X-Tenant-ID') && {
|
|
'X-Tenant-ID': request.headers.get('X-Tenant-ID') as string,
|
|
}),
|
|
},
|
|
})
|
|
|
|
if (!response.ok) {
|
|
const errorText = await response.text()
|
|
return NextResponse.json(
|
|
{ error: 'Backend error', details: errorText },
|
|
{ status: response.status }
|
|
)
|
|
}
|
|
|
|
const data = await response.json()
|
|
return NextResponse.json(data)
|
|
} catch (error) {
|
|
console.error('Failed to fetch screenings:', error)
|
|
return NextResponse.json(
|
|
{ error: 'Failed to connect to backend' },
|
|
{ status: 503 }
|
|
)
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Proxy: POST /api/sdk/v1/screening → Backend POST /api/v1/screening/scan
|
|
* Uploads a dependency file (package-lock.json, requirements.txt, etc.) for SBOM + vulnerability scan.
|
|
*/
|
|
export async function POST(request: NextRequest) {
|
|
try {
|
|
const contentType = request.headers.get('content-type') || ''
|
|
const url = `${BACKEND_URL}/api/v1/screening/scan`
|
|
|
|
let body: BodyInit
|
|
const headers: Record<string, string> = {}
|
|
|
|
if (contentType.includes('multipart/form-data')) {
|
|
body = await request.arrayBuffer()
|
|
headers['Content-Type'] = contentType
|
|
} else {
|
|
body = await request.text()
|
|
headers['Content-Type'] = 'application/json'
|
|
}
|
|
|
|
if (request.headers.get('X-Tenant-ID')) {
|
|
headers['X-Tenant-ID'] = request.headers.get('X-Tenant-ID') as string
|
|
}
|
|
|
|
const response = await fetch(url, {
|
|
method: 'POST',
|
|
headers,
|
|
body,
|
|
})
|
|
|
|
if (!response.ok) {
|
|
const errorText = await response.text()
|
|
return NextResponse.json(
|
|
{ error: 'Backend error', details: errorText },
|
|
{ status: response.status }
|
|
)
|
|
}
|
|
|
|
const data = await response.json()
|
|
return NextResponse.json(data)
|
|
} catch (error) {
|
|
console.error('Failed to upload file for screening scan:', error)
|
|
return NextResponse.json(
|
|
{ error: 'Failed to connect to backend' },
|
|
{ status: 503 }
|
|
)
|
|
}
|
|
}
|