Benjamin_Boenisch/breakpilot-compliance
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
df5b6d69ef01ac71d83cff2942cf4d5987631d90
breakpilot-compliance/ai-compliance-sdk/internal/ucca/scope_facts_mapper.go
Benjamin Admin 38e278ee3c
All checks were successful
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Successful in 32s
Details
CI / test-python-backend-compliance (push) Successful in 29s
Details
CI / test-python-document-crawler (push) Successful in 20s
Details
CI / test-python-dsms-gateway (push) Successful in 18s
Details
feat(ucca): Pflichtendatenbank v2 (325 Obligations), Trigger-Engine, TOM-Control-Mapping 
- 9 Regulation-JSON-Dateien (DSGVO 80, AI Act 60, NIS2 40, BDSG 30, TTDSG 20, DSA 35, Data Act 25, EU-Maschinen 15, DORA 20)
- Condition-Tree-Engine fuer automatische Pflichtenselektion (all_of/any_of, 80+ Field-Paths)
- Generischer JSONRegulationModule-Loader mit YAML-Fallback
- Bidirektionales TOM-Control-Mapping (291 Obligation→Control, 92 Control→Obligation)
- Gap-Analyse-Engine (Compliance-%, Priority Actions, Domain Breakdown)
- ScopeDecision→UnifiedFacts Bridge fuer Auto-Profiling
- 4 neue API-Endpoints (assess-from-scope, tom-controls, gap-analysis, reverse-lookup)
- Frontend: Auto-Profiling Button, Regulation-Filter Chips, TOM-Panel, Gap-Analyse-View
- 18 Unit Tests (Condition Engine, v2 Loader, TOM Mapper)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-05 14:51:44 +01:00

129 lines
5.5 KiB
Go
Raw Blame History

package ucca
// ScopeDecision represents the output from the frontend Scope Wizard
type ScopeDecision struct {
// Company profile
EmployeeCount int `json:"employee_count"`
AnnualRevenue float64 `json:"annual_revenue"`
Country string `json:"country"`
Industry string `json:"industry"`
LegalForm string `json:"legal_form,omitempty"`
// Scope wizard answers
ProcessesPersonalData bool `json:"processes_personal_data"`
IsController bool `json:"is_controller"`
IsProcessor bool `json:"is_processor"`
DataArt9 bool `json:"data_art9"`
DataMinors bool `json:"data_minors"`
LargeScale bool `json:"large_scale"`
SystematicMonitoring bool `json:"systematic_monitoring"`
CrossBorderTransfer bool `json:"cross_border_transfer"`
UsesProcessors bool `json:"uses_processors"`
AutomatedDecisions bool `json:"automated_decisions"`
ProcessesEmployeeData bool `json:"processes_employee_data"`
ProcessesHealthData bool `json:"processes_health_data"`
ProcessesFinancialData bool `json:"processes_financial_data"`
UsesCookies bool `json:"uses_cookies"`
UsesTracking bool `json:"uses_tracking"`
UsesVideoSurveillance bool `json:"uses_video_surveillance"`
OperatesPlatform bool `json:"operates_platform"`
PlatformUserCount int `json:"platform_user_count,omitempty"`
// AI usage
ProcAIUsage bool `json:"proc_ai_usage"`
IsAIProvider bool `json:"is_ai_provider"`
IsAIDeployer bool `json:"is_ai_deployer"`
HighRiskAI bool `json:"high_risk_ai"`
LimitedRiskAI bool `json:"limited_risk_ai"`
// Sector / NIS2
Sector string `json:"sector,omitempty"`
SpecialServices []string `json:"special_services,omitempty"`
IsKRITIS bool `json:"is_kritis"`
IsFinancialInstitution bool `json:"is_financial_institution"`
// Scope engine results
DeterminedLevel string `json:"determined_level,omitempty"` // L1-L4
TriggeredRules []string `json:"triggered_rules,omitempty"`
RequiredDocuments []string `json:"required_documents,omitempty"`
CertTarget string `json:"cert_target,omitempty"`
}
// MapScopeToFacts converts a ScopeDecision to UnifiedFacts
func MapScopeToFacts(scope *ScopeDecision) *UnifiedFacts {
facts := NewUnifiedFacts()
// Organization
facts.Organization.EmployeeCount = scope.EmployeeCount
facts.Organization.AnnualRevenue = scope.AnnualRevenue
facts.Organization.Country = scope.Country
facts.Organization.LegalForm = scope.LegalForm
if scope.Country != "" {
facts.Organization.EUMember = isEUCountryScope(scope.Country)
}
// Data Protection
facts.DataProtection.ProcessesPersonalData = scope.ProcessesPersonalData
facts.DataProtection.IsController = scope.IsController
facts.DataProtection.IsProcessor = scope.IsProcessor
facts.DataProtection.ProcessesSpecialCategories = scope.DataArt9
facts.DataProtection.ProcessesMinorData = scope.DataMinors
facts.DataProtection.LargeScaleProcessing = scope.LargeScale
facts.DataProtection.SystematicMonitoring = scope.SystematicMonitoring
facts.DataProtection.TransfersToThirdCountries = scope.CrossBorderTransfer
facts.DataProtection.CrossBorderProcessing = scope.CrossBorderTransfer
facts.DataProtection.UsesExternalProcessor = scope.UsesProcessors
facts.DataProtection.AutomatedDecisionMaking = scope.AutomatedDecisions
facts.DataProtection.AutomatedDecisions = scope.AutomatedDecisions
facts.DataProtection.ProcessesEmployeeData = scope.ProcessesEmployeeData
facts.DataProtection.ProcessesHealthData = scope.ProcessesHealthData
facts.DataProtection.ProcessesFinancialData = scope.ProcessesFinancialData
facts.DataProtection.UsesCookies = scope.UsesCookies
facts.DataProtection.UsesTracking = scope.UsesTracking
facts.DataProtection.UsesVideoSurveillance = scope.UsesVideoSurveillance
facts.DataProtection.OperatesPlatform = scope.OperatesPlatform
facts.DataProtection.PlatformUserCount = scope.PlatformUserCount
// DPO requirement (German law: >= 20 employees processing personal data)
if scope.EmployeeCount >= 20 && scope.ProcessesPersonalData {
facts.DataProtection.RequiresDSBByLaw = true
}
// AI Usage
facts.AIUsage.UsesAI = scope.ProcAIUsage
facts.AIUsage.IsAIProvider = scope.IsAIProvider
facts.AIUsage.IsAIDeployer = scope.IsAIDeployer
facts.AIUsage.HasHighRiskAI = scope.HighRiskAI
facts.AIUsage.HasLimitedRiskAI = scope.LimitedRiskAI
// Sector
if scope.Sector != "" {
facts.Sector.PrimarySector = scope.Sector
} else if scope.Industry != "" {
facts.MapDomainToSector(scope.Industry)
}
facts.Sector.SpecialServices = scope.SpecialServices
facts.Sector.IsKRITIS = scope.IsKRITIS
facts.Sector.KRITISThresholdMet = scope.IsKRITIS
facts.Sector.IsFinancialInstitution = scope.IsFinancialInstitution
// Financial
if scope.IsFinancialInstitution {
facts.Financial.IsRegulated = true
facts.Financial.DORAApplies = true
}
return facts
}
func isEUCountryScope(country string) bool {
euCountries := map[string]bool{
"DE": true, "AT": true, "BE": true, "BG": true, "HR": true, "CY": true,
"CZ": true, "DK": true, "EE": true, "FI": true, "FR": true, "GR": true,
"HU": true, "IE": true, "IT": true, "LV": true, "LT": true, "LU": true,
"MT": true, "NL": true, "PL": true, "PT": true, "RO": true, "SK": true,
"SI": true, "ES": true, "SE": true,
}
return euCountries[country]
}
Reference in New Issue View Git Blame Copy Permalink