Benjamin Admin
216c7b8eca
CI / detect-changes (push) Successful in 8s
CI / branch-name (push) Has been skipped
CI / build-sha-integrity (push) Failing after 4s
CI / validate-canonical-controls (push) Successful in 10s
CI / loc-budget (push) Successful in 14s
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 2m21s
CI / test-go (push) Failing after 37s
CI / iace-gt-coverage (push) Successful in 23s
CI / test-python-backend (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / secret-scan (push) Has been skipped
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / test-python-document-crawler (push) Has been skipped
CI / test-python-dsms-gateway (push) Successful in 17s
Punkt 1 — UI-CID-Badge nach erfolgreichem Tech-File-Export:
- archiveTechFile setzt X-DSMS-CID / X-DSMS-Filename / X-DSMS-Size response
headers + Access-Control-Expose-Headers, sobald DSMS-Archive durchlief
- Split iace_handler_techfile.go (war ueber 500 LOC) → archiveTechFile lebt
jetzt in iace_handler_techfile_archive.go, setDSMSResponseHeaders als
pure Helper mit 3 unit tests
- Next.js IACE-Proxy forwarded die X-DSMS-* Header und erkennt jetzt auch
XLSX/DOCX/MD als Binary-Response (vorher nur PDF/ZIP/octet-stream)
- ExportCIDBadge.tsx zeigt CID, Filename, Groesse + Kopieren-Button +
"Verlauf anzeigen" (oeffnet CIDHistoryModal)
Punkt 2 — Bulk-Diff Report V1 → V_latest:
- Neuer Endpoint GET /api/v1/documents/{cid}/bulk-diff im dsms-gateway:
laeuft parent_cid-Kette ab, berechnet chronologische Step-Diffs,
aggregiert Totals (added/removed lines, metadata_fields_changed,
binary_steps). Edge-Cases: einzelne Version, binaere Steps, abgebrochene
Kette
- BulkDiffPanel.tsx zeigt 4-Stat-Header + Step-Tabelle
- CIDHistoryModal bekommt Toggle-Button "Bulk-Diff V1 → V_latest anzeigen"
neben dem Versions-Counter; damit auch vom IACE-Export-Badge erreichbar
Tests: 3 neue Go-Tests, 4 neue pytest-Tests, alle gruen
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
161 lines
5.1 KiB
TypeScript
161 lines
5.1 KiB
TypeScript
/**
|
|
* IACE (Industrial AI Compliance Engine) API Proxy - Catch-all route
|
|
* Proxies all /api/sdk/v1/iace/* requests to ai-compliance-sdk backend
|
|
* Supports PDF/ZIP export for CE Technical File
|
|
*/
|
|
|
|
import { NextRequest, NextResponse } from 'next/server'
|
|
|
|
const SDK_BACKEND_URL = process.env.SDK_API_URL || 'http://ai-compliance-sdk:8090'
|
|
|
|
async function proxyRequest(
|
|
request: NextRequest,
|
|
pathSegments: string[] | undefined,
|
|
method: string
|
|
) {
|
|
const pathStr = pathSegments?.join('/') || ''
|
|
const searchParams = request.nextUrl.searchParams.toString()
|
|
const basePath = `${SDK_BACKEND_URL}/sdk/v1/iace`
|
|
const url = pathStr
|
|
? `${basePath}/${pathStr}${searchParams ? `?${searchParams}` : ''}`
|
|
: `${basePath}${searchParams ? `?${searchParams}` : ''}`
|
|
|
|
try {
|
|
const headers: HeadersInit = {
|
|
'Content-Type': 'application/json',
|
|
}
|
|
|
|
const authHeader = request.headers.get('authorization')
|
|
if (authHeader) {
|
|
headers['Authorization'] = authHeader
|
|
}
|
|
|
|
// Default tenant/user for IACE (same pattern as training proxy)
|
|
const DEFAULT_TENANT = process.env.DEFAULT_TENANT_ID || '9282a473-5c95-4b3a-bf78-0ecc0ec71d3e'
|
|
const DEFAULT_USER = '00000000-0000-0000-0000-000000000001'
|
|
|
|
const tenantHeader = request.headers.get('x-tenant-id')
|
|
headers['X-Tenant-Id'] = tenantHeader || DEFAULT_TENANT
|
|
|
|
const userHeader = request.headers.get('x-user-id')
|
|
headers['X-User-Id'] = userHeader || DEFAULT_USER
|
|
|
|
const fetchOptions: RequestInit = {
|
|
method,
|
|
headers,
|
|
signal: AbortSignal.timeout(60000), // 60s for LLM-based generation
|
|
}
|
|
|
|
if (['POST', 'PUT', 'PATCH'].includes(method)) {
|
|
const contentType = request.headers.get('content-type')
|
|
if (contentType?.includes('application/json')) {
|
|
try {
|
|
const text = await request.text()
|
|
if (text && text.trim()) {
|
|
fetchOptions.body = text
|
|
}
|
|
} catch {
|
|
// Empty or invalid body
|
|
}
|
|
} else if (contentType?.includes('multipart/form-data')) {
|
|
// Evidence upload: forward as-is
|
|
delete (headers as Record<string, string>)['Content-Type']
|
|
fetchOptions.body = await request.arrayBuffer()
|
|
}
|
|
}
|
|
|
|
const response = await fetch(url, fetchOptions)
|
|
|
|
// Handle non-JSON responses (PDF/ZIP CE technical file, XLSX/DOCX/MD exports).
|
|
const responseContentType = response.headers.get('content-type') || ''
|
|
const isBinary =
|
|
responseContentType.includes('application/pdf') ||
|
|
responseContentType.includes('application/zip') ||
|
|
responseContentType.includes('application/octet-stream') ||
|
|
responseContentType.includes('application/vnd.openxmlformats-officedocument') ||
|
|
responseContentType.includes('application/vnd.ms-excel') ||
|
|
responseContentType.includes('application/msword') ||
|
|
responseContentType.includes('text/markdown')
|
|
if (isBinary) {
|
|
const blob = await response.blob()
|
|
const forwardedHeaders: Record<string, string> = {
|
|
'Content-Type': responseContentType,
|
|
'Content-Disposition': response.headers.get('content-disposition') || '',
|
|
}
|
|
// Forward DSMS archive metadata so the frontend can render the CID badge
|
|
// (set by archiveTechFile when the backend persisted the export to DSMS).
|
|
for (const h of ['x-dsms-cid', 'x-dsms-filename', 'x-dsms-size']) {
|
|
const v = response.headers.get(h)
|
|
if (v) forwardedHeaders[h] = v
|
|
}
|
|
return new NextResponse(blob, {
|
|
status: response.status,
|
|
headers: forwardedHeaders,
|
|
})
|
|
}
|
|
|
|
if (!response.ok) {
|
|
const errorText = await response.text()
|
|
let errorJson
|
|
try {
|
|
errorJson = JSON.parse(errorText)
|
|
} catch {
|
|
errorJson = { error: errorText }
|
|
}
|
|
return NextResponse.json(
|
|
{ error: `Backend Error: ${response.status}`, ...errorJson },
|
|
{ status: response.status }
|
|
)
|
|
}
|
|
|
|
const data = await response.json()
|
|
return NextResponse.json(data)
|
|
} catch (error) {
|
|
console.error('IACE API proxy error:', error)
|
|
return NextResponse.json(
|
|
{ error: 'Verbindung zum SDK Backend fehlgeschlagen' },
|
|
{ status: 503 }
|
|
)
|
|
}
|
|
}
|
|
|
|
export async function GET(
|
|
request: NextRequest,
|
|
{ params }: { params: Promise<{ path?: string[] }> }
|
|
) {
|
|
const { path } = await params
|
|
return proxyRequest(request, path, 'GET')
|
|
}
|
|
|
|
export async function POST(
|
|
request: NextRequest,
|
|
{ params }: { params: Promise<{ path?: string[] }> }
|
|
) {
|
|
const { path } = await params
|
|
return proxyRequest(request, path, 'POST')
|
|
}
|
|
|
|
export async function PUT(
|
|
request: NextRequest,
|
|
{ params }: { params: Promise<{ path?: string[] }> }
|
|
) {
|
|
const { path } = await params
|
|
return proxyRequest(request, path, 'PUT')
|
|
}
|
|
|
|
export async function PATCH(
|
|
request: NextRequest,
|
|
{ params }: { params: Promise<{ path?: string[] }> }
|
|
) {
|
|
const { path } = await params
|
|
return proxyRequest(request, path, 'PATCH')
|
|
}
|
|
|
|
export async function DELETE(
|
|
request: NextRequest,
|
|
{ params }: { params: Promise<{ path?: string[] }> }
|
|
) {
|
|
const { path } = await params
|
|
return proxyRequest(request, path, 'DELETE')
|
|
}
|