feat: BreakPilot PWA - Full codebase (clean push without large binaries)

All services: admin-v2, studio-v2, website, ai-compliance-sdk,
consent-service, klausur-service, voice-service, and infrastructure.
Large PDFs and compiled binaries excluded via .gitignore.

admin-v2/app/api/sdk/v1/vendor-compliance/processing-activities/[id]/route.ts

@@ -0,0 +1,70 @@
+import { NextRequest, NextResponse } from 'next/server'
+
+// This would reference the same storage as the main route
+// In production, this would be database calls
+
+export async function GET(
+  request: NextRequest,
+  { params }: { params: Promise<{ id: string }> }
+) {
+  try {
+    const { id } = await params
+
+    // In production, fetch from database
+    return NextResponse.json({
+      success: true,
+      data: null, // Would return the activity
+      timestamp: new Date().toISOString(),
+    })
+  } catch (error) {
+    console.error('Error fetching processing activity:', error)
+    return NextResponse.json(
+      { success: false, error: 'Failed to fetch processing activity' },
+      { status: 500 }
+    )
+  }
+}
+
+export async function PUT(
+  request: NextRequest,
+  { params }: { params: Promise<{ id: string }> }
+) {
+  try {
+    const { id } = await params
+    const body = await request.json()
+
+    // In production, update in database
+    return NextResponse.json({
+      success: true,
+      data: { id, ...body, updatedAt: new Date() },
+      timestamp: new Date().toISOString(),
+    })
+  } catch (error) {
+    console.error('Error updating processing activity:', error)
+    return NextResponse.json(
+      { success: false, error: 'Failed to update processing activity' },
+      { status: 500 }
+    )
+  }
+}
+
+export async function DELETE(
+  request: NextRequest,
+  { params }: { params: Promise<{ id: string }> }
+) {
+  try {
+    const { id } = await params
+
+    // In production, delete from database
+    return NextResponse.json({
+      success: true,
+      timestamp: new Date().toISOString(),
+    })
+  } catch (error) {
+    console.error('Error deleting processing activity:', error)
+    return NextResponse.json(
+      { success: false, error: 'Failed to delete processing activity' },
+      { status: 500 }
+    )
+  }
+}

admin-v2/app/api/sdk/v1/vendor-compliance/processing-activities/route.ts

@@ -0,0 +1,84 @@
+import { NextRequest, NextResponse } from 'next/server'
+import { v4 as uuidv4 } from 'uuid'
+import { ProcessingActivity, generateVVTId } from '@/lib/sdk/vendor-compliance'
+
+// In-memory storage for demo purposes
+// In production, this would be replaced with database calls
+const processingActivities: Map<string, ProcessingActivity> = new Map()
+
+export async function GET(request: NextRequest) {
+  try {
+    const activities = Array.from(processingActivities.values())
+
+    return NextResponse.json({
+      success: true,
+      data: activities,
+      timestamp: new Date().toISOString(),
+    })
+  } catch (error) {
+    console.error('Error fetching processing activities:', error)
+    return NextResponse.json(
+      { success: false, error: 'Failed to fetch processing activities' },
+      { status: 500 }
+    )
+  }
+}
+
+export async function POST(request: NextRequest) {
+  try {
+    const body = await request.json()
+
+    // Generate IDs
+    const id = uuidv4()
+    const existingIds = Array.from(processingActivities.values()).map((a) => a.vvtId)
+    const vvtId = body.vvtId || generateVVTId(existingIds)
+
+    const activity: ProcessingActivity = {
+      id,
+      tenantId: 'default', // Would come from auth context
+      vvtId,
+      name: body.name,
+      responsible: body.responsible,
+      dpoContact: body.dpoContact,
+      purposes: body.purposes || [],
+      dataSubjectCategories: body.dataSubjectCategories || [],
+      personalDataCategories: body.personalDataCategories || [],
+      recipientCategories: body.recipientCategories || [],
+      thirdCountryTransfers: body.thirdCountryTransfers || [],
+      retentionPeriod: body.retentionPeriod || { description: { de: '', en: '' } },
+      technicalMeasures: body.technicalMeasures || [],
+      legalBasis: body.legalBasis || [],
+      dataSources: body.dataSources || [],
+      systems: body.systems || [],
+      dataFlows: body.dataFlows || [],
+      protectionLevel: body.protectionLevel || 'MEDIUM',
+      dpiaRequired: body.dpiaRequired || false,
+      dpiaJustification: body.dpiaJustification,
+      subProcessors: body.subProcessors || [],
+      legalRetentionBasis: body.legalRetentionBasis,
+      status: body.status || 'DRAFT',
+      owner: body.owner || '',
+      lastReviewDate: body.lastReviewDate,
+      nextReviewDate: body.nextReviewDate,
+      createdAt: new Date(),
+      updatedAt: new Date(),
+    }
+
+    processingActivities.set(id, activity)
+
+    return NextResponse.json(
+      {
+        success: true,
+        data: activity,
+        timestamp: new Date().toISOString(),
+      },
+      { status: 201 }
+    )
+  } catch (error) {
+    console.error('Error creating processing activity:', error)
+    return NextResponse.json(
+      { success: false, error: 'Failed to create processing activity' },
+      { status: 500 }
+    )
+  }
+}