Benjamin_Boenisch/breakpilot-compliance
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b6e6ffaaee7b49e3a1a37f57ab241587cb345f9e
breakpilot-compliance/backend-compliance/migrations/038_change_requests.sql
Benjamin Admin 1e84df9769
All checks were successful
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Successful in 32s
Details
CI / test-python-backend-compliance (push) Successful in 30s
Details
CI / test-python-document-crawler (push) Successful in 21s
Details
CI / test-python-dsms-gateway (push) Successful in 18s
Details
feat(sdk): Multi-Tenancy, Versionierung, Change-Requests, Dokumentengenerierung (Phase 1-6) 
6-Phasen-Implementation fuer cloud-faehiges, mandantenfaehiges Compliance SDK:

Phase 1: Multi-Tenancy Fix
- Shared tenant_utils.py Dependency (UUID-Validierung, kein "default" mehr)
- VVT tenant_id Column + tenant-scoped Queries
- DSFA/Vendor DEFAULT_TENANT_ID von "default" auf UUID migriert
- Migration 035

Phase 2: Stammdaten-Erweiterung
- Company Profile um JSONB-Felder erweitert (processing_systems, ai_systems, technical_contacts)
- Regulierungs-Flags (NIS2, AI Act, ISO 27001)
- GET /template-context Endpoint
- Migration 036

Phase 3: Dokument-Versionierung
- 5 Versions-Tabellen (DSFA, VVT, TOM, Loeschfristen, Obligations)
- Shared versioning_utils.py Helper
- /{id}/versions Endpoints auf allen 5 Dokumenttypen
- Migration 037

Phase 4: Change-Request System
- Zentrale CR-Inbox mit CRUD + Accept/Reject/Edit Workflow
- Regelbasierte CR-Engine (VVT DPIA → DSFA CR, Datenkategorien → Loeschfristen CR)
- Audit-Trail
- Migration 038

Phase 5: Dokumentengenerierung
- 5 Template-Generatoren (DSFA, VVT, TOM, Loeschfristen, Obligations)
- Preview + Apply Endpoints (erzeugt CRs, keine direkten Dokumente)

Phase 6: Frontend-Integration
- Change-Request Inbox Page mit Stats, Filtern, Modals
- VersionHistory Timeline-Komponente
- SDKSidebar CR-Badge (60s Polling)
- Company Profile: 2 neue Wizard-Steps + "Dokumente generieren" CTA

Docs: 5 neue MkDocs-Seiten, CLAUDE.md aktualisiert
Tests: 97 neue Tests (alle bestanden)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-07 14:12:34 +01:00

65 lines
2.7 KiB
PL/PgSQL
Raw Blame History

-- Migration 038: Change-Request System
-- Central inbox for compliance changes triggered by events or manual creation
BEGIN;
-- ============================================================================
-- 1. Change Requests Table
-- ============================================================================
CREATE TABLE IF NOT EXISTS compliance_change_requests (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
tenant_id VARCHAR(255) NOT NULL,
-- Trigger source
trigger_type VARCHAR(50) NOT NULL DEFAULT 'manual',
trigger_source_id UUID,
-- Target document
target_document_type VARCHAR(50) NOT NULL,
target_document_id UUID,
target_section VARCHAR(100),
-- Proposal
proposal_title VARCHAR(500) NOT NULL,
proposal_body TEXT,
proposed_changes JSONB DEFAULT '{}'::jsonb,
-- Workflow
status VARCHAR(30) NOT NULL DEFAULT 'pending',
priority VARCHAR(20) DEFAULT 'normal',
decided_by VARCHAR(200),
decided_at TIMESTAMPTZ,
rejection_reason TEXT,
resulting_version_id UUID,
-- Soft delete
is_deleted BOOLEAN DEFAULT FALSE,
-- Metadata
created_by VARCHAR(200) DEFAULT 'system',
created_at TIMESTAMPTZ DEFAULT NOW(),
updated_at TIMESTAMPTZ DEFAULT NOW(),
CONSTRAINT chk_cr_status CHECK (status IN ('pending', 'accepted', 'rejected', 'edited_and_accepted')),
CONSTRAINT chk_cr_priority CHECK (priority IN ('low', 'normal', 'high', 'critical')),
CONSTRAINT chk_cr_doc_type CHECK (target_document_type IN ('dsfa', 'vvt', 'tom', 'loeschfristen', 'obligation'))
);
CREATE INDEX IF NOT EXISTS idx_cr_tenant ON compliance_change_requests(tenant_id);
CREATE INDEX IF NOT EXISTS idx_cr_status ON compliance_change_requests(tenant_id, status) WHERE NOT is_deleted;
CREATE INDEX IF NOT EXISTS idx_cr_doc_type ON compliance_change_requests(tenant_id, target_document_type) WHERE NOT is_deleted;
CREATE INDEX IF NOT EXISTS idx_cr_priority ON compliance_change_requests(tenant_id, priority) WHERE status = 'pending' AND NOT is_deleted;
-- ============================================================================
-- 2. Audit Log for Change Requests
-- ============================================================================
CREATE TABLE IF NOT EXISTS compliance_change_request_audit (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
change_request_id UUID NOT NULL REFERENCES compliance_change_requests(id) ON DELETE CASCADE,
tenant_id VARCHAR(255) NOT NULL,
action VARCHAR(50) NOT NULL,
performed_by VARCHAR(200) DEFAULT 'system',
before_state JSONB,
after_state JSONB,
created_at TIMESTAMPTZ DEFAULT NOW()
);
CREATE INDEX IF NOT EXISTS idx_cra_cr ON compliance_change_request_audit(change_request_id);
COMMIT;
Reference in New Issue View Git Blame Copy Permalink