breakpilot-compliance/developer-portal/app/api/iace/_components/AuditRagSdkSection.tsx

'use client'

import { ApiEndpoint, CodeBlock, InfoBox } from '@/components/DevPortalLayout'

export function AuditRagSdkSection() {
  return (
    <>
      <h2>Audit Trail</h2>
      <p>Lueckenloser Audit-Trail aller Projektaenderungen fuer Compliance-Nachweise.</p>

      <ApiEndpoint method="GET" path="/sdk/v1/iace/projects/:id/audit-trail" description="Projekt-Audit-Trail abrufen" />

      <CodeBlock language="bash" filename="cURL">
{`curl -X GET "https://api.breakpilot.io/sdk/v1/iace/projects/proj_a1b2c3d4/audit-trail" \\
  -H "Authorization: Bearer YOUR_API_KEY"`}
      </CodeBlock>

      <h3>Response (200 OK)</h3>
      <CodeBlock language="json" filename="Response">
{`{
  "success": true,
  "data": [
    { "id": "aud_001", "action": "hazard_created", "entity_type": "hazard", "entity_id": "haz_5678", "user_id": "user_abc", "changes": { "title": "Quetschgefahr durch Linearantrieb", "severity": "high" }, "timestamp": "2026-03-16T10:15:00Z" },
    { "id": "aud_002", "action": "risk_assessed", "entity_type": "hazard", "entity_id": "haz_5678", "user_id": "user_abc", "changes": { "inherent_risk": 12, "risk_level": "high" }, "timestamp": "2026-03-16T10:20:00Z" },
    { "id": "aud_003", "action": "tech_file_section_approved", "entity_type": "tech_file", "entity_id": "risk_assessment", "user_id": "user_def", "changes": { "status": "approved", "approved_by": "Dr. Mueller" }, "timestamp": "2026-03-16T15:00:00Z" }
  ]
}`}
      </CodeBlock>

      <h2>RAG Library Search</h2>
      <p>
        Semantische Suche in der Compliance-Bibliothek via RAG (Retrieval-Augmented Generation).
        Ermoeglicht kontextbasierte Anreicherung von Tech-File-Abschnitten.
      </p>

      <ApiEndpoint method="POST" path="/sdk/v1/iace/library-search" description="Compliance-Bibliothek via RAG durchsuchen" />

      <CodeBlock language="bash" filename="cURL">
{`curl -X POST "https://api.breakpilot.io/sdk/v1/iace/library-search" \\
  -H "Authorization: Bearer YOUR_API_KEY" \\
  -H "Content-Type: application/json" \\
  -d '{
    "query": "Schutzeinrichtungen fuer Industrieroboter Maschinenverordnung",
    "top_k": 5
  }'`}
      </CodeBlock>

      <h3>Response (200 OK)</h3>
      <CodeBlock language="json" filename="Response">
{`{
  "success": true,
  "data": {
    "query": "Schutzeinrichtungen fuer Industrieroboter Maschinenverordnung",
    "results": [
      { "id": "mr-annex-iii-1.1.4", "title": "Maschinenverordnung Anhang III 1.1.4 — Schutzmassnahmen", "content": "Trennende Schutzeinrichtungen muessen fest angebracht oder verriegelt sein...", "source": "machinery_regulation", "score": 0.93 }
    ],
    "total_results": 5,
    "search_time_ms": 38
  }
}`}
      </CodeBlock>

      <ApiEndpoint method="POST" path="/sdk/v1/iace/projects/:id/tech-file/:section/enrich" description="Tech-File-Abschnitt mit RAG-Kontext anreichern" />

      <CodeBlock language="bash" filename="cURL">
{`curl -X POST "https://api.breakpilot.io/sdk/v1/iace/projects/proj_a1b2c3d4/tech-file/safety_requirements/enrich" \\
  -H "Authorization: Bearer YOUR_API_KEY"`}
      </CodeBlock>

      <h3>Response (200 OK)</h3>
      <CodeBlock language="json" filename="Response">
{`{
  "success": true,
  "data": {
    "section": "safety_requirements",
    "enriched_content": "... (aktualisierter Abschnitt mit Regulierungsreferenzen) ...",
    "citations_added": 4,
    "sources": [
      { "id": "mr-annex-iii-1.1.4", "title": "Maschinenverordnung Anhang III 1.1.4", "relevance_score": 0.93 }
    ]
  }
}`}
      </CodeBlock>

      <h2>SDK Integration</h2>
      <p>Beispiel fuer die Integration der IACE-API in eine Anwendung:</p>

      <CodeBlock language="typescript" filename="iace-workflow.ts">
{`import { getSDKBackendClient } from '@breakpilot/compliance-sdk'

const client = getSDKBackendClient()

// 1. Projekt erstellen
const project = await client.post('/iace/projects', {
  machine_name: 'RoboArm X500',
  machine_type: 'Industrieroboter',
  manufacturer: 'TechCorp GmbH'
})

// 2. Aus Firmenprofil initialisieren
await client.post(\`/iace/projects/\${project.id}/init-from-profile\`)

// 3. Komponenten hinzufuegen
await client.post(\`/iace/projects/\${project.id}/components\`, {
  name: 'Servo-Antrieb Achse 1',
  component_type: 'actuator',
  is_safety_relevant: true
})

// 4. Regulierungen klassifizieren
const classifications = await client.post(\`/iace/projects/\${project.id}/classify\`)

// 5. Pattern-Matching ausfuehren
const patterns = await client.post(\`/iace/projects/\${project.id}/match-patterns\`)
console.log(\`\${patterns.matches} Gefahren erkannt von \${patterns.total_patterns_checked} Patterns\`)

// 6. Erkannte Patterns als Gefahren uebernehmen
await client.post(\`/iace/projects/\${project.id}/apply-patterns\`)

// 7. Risiken bewerten
for (const hazard of await client.get(\`/iace/projects/\${project.id}/hazards\`)) {
  await client.post(\`/iace/projects/\${project.id}/hazards/\${hazard.id}/assess\`, {
    severity: 3, exposure: 2, probability: 2, avoidance: 2
  })
}

// 8. Tech File generieren
const techFile = await client.post(\`/iace/projects/\${project.id}/tech-file/generate\`)
console.log(\`\${techFile.sections_generated} Abschnitte generiert\`)

// 9. PDF exportieren
const pdf = await client.get(\`/iace/projects/\${project.id}/tech-file/export?format=pdf\`)
`}
      </CodeBlock>

      <InfoBox type="warning" title="Rate Limits &amp; LLM-Kosten">
        LLM-basierte Endpoints (Tech-File-Generierung, Hazard-Suggest, RAG-Enrichment)
        verbrauchen LLM-Tokens. Professional-Plan: 50 Generierungen/Tag.
        Enterprise-Plan: unbegrenzt. Implementieren Sie Caching fuer wiederholte Anfragen.
      </InfoBox>

      <InfoBox type="success" title="Human Oversight">
        Alle LLM-generierten Inhalte muessen vor der Freigabe manuell geprueft werden.
        Die API erzwingt dies ueber den Approve-Workflow: generierte Abschnitte haben
        den Status &quot;generated&quot; und muessen explizit auf &quot;approved&quot; gesetzt werden.
      </InfoBox>
    </>
  )
}