diff --git a/developer-portal/.dockerignore b/developer-portal/.dockerignore new file mode 100644 index 0000000..e421be9 --- /dev/null +++ b/developer-portal/.dockerignore @@ -0,0 +1,8 @@ +node_modules +.next +.git +.gitignore +README.md +*.log +.env.local +.env.*.local diff --git a/developer-portal/Dockerfile b/developer-portal/Dockerfile new file mode 100644 index 0000000..20267ee --- /dev/null +++ b/developer-portal/Dockerfile @@ -0,0 +1,45 @@ +# Build stage +FROM node:20-alpine AS builder + +WORKDIR /app + +# Copy package files +COPY package.json package-lock.json* ./ + +# Install dependencies +RUN npm install + +# Copy source code +COPY . . + +# Build the application +RUN npm run build + +# Production stage +FROM node:20-alpine AS runner + +WORKDIR /app + +# Set to production +ENV NODE_ENV=production + +# Create non-root user +RUN addgroup --system --gid 1001 nodejs +RUN adduser --system --uid 1001 nextjs + +# Copy built assets +COPY --from=builder /app/public ./public +COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./ +COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static + +# Switch to non-root user +USER nextjs + +# Expose port +EXPOSE 3000 + +# Set hostname +ENV HOSTNAME="0.0.0.0" + +# Start the application +CMD ["node", "server.js"] diff --git a/developer-portal/app/api/export/page.tsx b/developer-portal/app/api/export/page.tsx new file mode 100644 index 0000000..368768d --- /dev/null +++ b/developer-portal/app/api/export/page.tsx @@ -0,0 +1,271 @@ +import { DevPortalLayout, ApiEndpoint, CodeBlock, ParameterTable, InfoBox } from '@/components/DevPortalLayout' + +export default function ExportApiPage() { + return ( + +

Uebersicht

+

+ Die Export API ermoeglicht den Download aller Compliance-Daten in + verschiedenen Formaten fuer Audits, Dokumentation und Archivierung. +

+ +

Unterstuetzte Formate

+
+ + + + + + + + + + + + + + + + + + + + + + + + + +
FormatBeschreibungUse Case
jsonKompletter State als JSONBackup, Migration, API-Integration
pdfFormatierter PDF-ReportAudits, Management-Reports
zipAlle Dokumente als ZIP-ArchivVollstaendige Dokumentation
+
+ +

GET /export

+

Exportiert den aktuellen State im gewuenschten Format.

+ +

Query-Parameter

+ + +

JSON Export

+ +

Request

+ +{`curl -X GET "https://api.breakpilot.io/sdk/v1/export?format=json&tenantId=your-tenant-id" \\ + -H "Authorization: Bearer YOUR_API_KEY" \\ + -o compliance-export.json`} + + +

Response

+ +{`{ + "exportedAt": "2026-02-04T12:00:00Z", + "version": "1.0.0", + "tenantId": "your-tenant-id", + "state": { + "currentPhase": 2, + "currentStep": "dsfa", + "completedSteps": [...], + "useCases": [...], + "risks": [...], + "controls": [...], + "dsfa": {...}, + "toms": [...], + "vvt": [...] + }, + "meta": { + "completionPercentage": 75, + "lastModified": "2026-02-04T11:55:00Z" + } +}`} + + +

PDF Export

+ +

Request

+ +{`curl -X GET "https://api.breakpilot.io/sdk/v1/export?format=pdf&tenantId=your-tenant-id§ions=dsfa,toms" \\ + -H "Authorization: Bearer YOUR_API_KEY" \\ + -o compliance-report.pdf`} + + +

PDF Inhalt

+

Das generierte PDF enthaelt:

+ + + + Das PDF folgt einem professionellen Audit-Layout mit Corporate Design. + Enterprise-Kunden koennen ein Custom-Logo und Farbschema konfigurieren. + + +

ZIP Export

+ +

Request

+ +{`curl -X GET "https://api.breakpilot.io/sdk/v1/export?format=zip&tenantId=your-tenant-id" \\ + -H "Authorization: Bearer YOUR_API_KEY" \\ + -o compliance-export.zip`} + + +

ZIP Struktur

+ +{`compliance-export/ +├── README.md +├── state.json # Kompletter State +├── summary.pdf # Executive Summary +├── use-cases/ +│ ├── uc-1-ki-analyse.json +│ └── uc-2-chatbot.json +├── risks/ +│ ├── risk-matrix.pdf +│ └── risks.json +├── documents/ +│ ├── dsfa.pdf +│ ├── dsfa.json +│ ├── toms.pdf +│ ├── toms.json +│ ├── vvt.pdf +│ └── vvt.json +├── checkpoints/ +│ └── checkpoint-status.json +└── audit-trail/ + └── changes.json`} + + +

SDK Integration

+ +{`import { useSDK, exportToPDF, exportToZIP, downloadExport } from '@breakpilot/compliance-sdk' + +// Option 1: Ueber den Hook +function ExportButton() { + const { exportState } = useSDK() + + const handlePDFExport = async () => { + const blob = await exportState('pdf') + downloadExport(blob, 'compliance-report.pdf') + } + + const handleZIPExport = async () => { + const blob = await exportState('zip') + downloadExport(blob, 'compliance-export.zip') + } + + const handleJSONExport = async () => { + const blob = await exportState('json') + downloadExport(blob, 'compliance-state.json') + } + + return ( +
+ + + +
+ ) +} + +// Option 2: Direkte Funktionen +async function exportManually(state: SDKState) { + // PDF generieren + const pdfBlob = await exportToPDF(state) + downloadExport(pdfBlob, \`compliance-\${Date.now()}.pdf\`) + + // ZIP generieren + const zipBlob = await exportToZIP(state) + downloadExport(zipBlob, \`compliance-\${Date.now()}.zip\`) +}`} + + +

Command Bar Integration

+

+ Exporte sind auch ueber die Command Bar verfuegbar: +

+ +{`Cmd+K → "pdf" → "Als PDF exportieren" +Cmd+K → "zip" → "Als ZIP exportieren" +Cmd+K → "json" → "Als JSON exportieren"`} + + +

Automatisierte Exports

+

+ Fuer regelmaessige Backups oder CI/CD-Integration: +

+ +{`# Taeglicher Backup-Export um 02:00 Uhr +0 2 * * * curl -X GET "https://api.breakpilot.io/sdk/v1/export?format=zip&tenantId=my-tenant" \\ + -H "Authorization: Bearer $API_KEY" \\ + -o "/backups/compliance-$(date +%Y%m%d).zip"`} + + + + ZIP-Exporte koennen bei umfangreichen States mehrere MB gross werden. + Die API hat ein Timeout von 60 Sekunden. Bei sehr grossen States + verwenden Sie den asynchronen Export-Endpoint (Enterprise). + + +

Fehlerbehandlung

+ +{`import { exportState } from '@breakpilot/compliance-sdk' + +try { + const blob = await exportState('pdf') + downloadExport(blob, 'report.pdf') +} catch (error) { + if (error.code === 'EMPTY_STATE') { + console.error('Keine Daten zum Exportieren vorhanden') + } else if (error.code === 'GENERATION_FAILED') { + console.error('PDF-Generierung fehlgeschlagen:', error.message) + } else if (error.code === 'TIMEOUT') { + console.error('Export-Timeout - versuchen Sie ZIP fuer grosse States') + } else { + console.error('Unbekannter Fehler:', error) + } +}`} + + + ) +} diff --git a/developer-portal/app/api/generate/page.tsx b/developer-portal/app/api/generate/page.tsx new file mode 100644 index 0000000..7c82bd5 --- /dev/null +++ b/developer-portal/app/api/generate/page.tsx @@ -0,0 +1,381 @@ +import { DevPortalLayout, ApiEndpoint, CodeBlock, ParameterTable, InfoBox } from '@/components/DevPortalLayout' + +export default function GenerateApiPage() { + return ( + +

Uebersicht

+

+ Die Generation API nutzt LLM-Technologie (Claude) zur automatischen Erstellung + von Compliance-Dokumenten basierend auf Ihrem SDK-State: +

+ + + + Die Generierung verwendet Claude 3.5 Sonnet fuer optimale Qualitaet + bei deutschen Rechtstexten. RAG-Context wird automatisch einbezogen. + + +

POST /generate/dsfa

+

Generiert eine Datenschutz-Folgenabschaetzung basierend auf dem aktuellen State.

+ +

Request Body

+ + +

Request

+ +{`curl -X POST "https://api.breakpilot.io/sdk/v1/generate/dsfa" \\ + -H "Authorization: Bearer YOUR_API_KEY" \\ + -H "Content-Type: application/json" \\ + -d '{ + "tenantId": "your-tenant-id", + "useCaseId": "uc-ki-kundenanalyse", + "includeRisks": true, + "includeControls": true, + "language": "de" + }'`} + + +

Response (200 OK)

+ +{`{ + "success": true, + "data": { + "dsfa": { + "id": "dsfa-2026-02-04-abc123", + "version": "1.0", + "status": "DRAFT", + "createdAt": "2026-02-04T12:00:00Z", + "useCase": { + "id": "uc-ki-kundenanalyse", + "name": "KI-gestuetzte Kundenanalyse", + "description": "Analyse von Kundenverhalten mittels ML..." + }, + "sections": { + "systematicDescription": { + "title": "1. Systematische Beschreibung", + "content": "Die geplante Verarbeitungstaetigkeit umfasst..." + }, + "necessityAssessment": { + "title": "2. Bewertung der Notwendigkeit", + "content": "Die Verarbeitung ist notwendig fuer..." + }, + "riskAssessment": { + "title": "3. Risikobewertung", + "risks": [ + { + "id": "risk-1", + "title": "Unbefugter Datenzugriff", + "severity": "HIGH", + "likelihood": 3, + "impact": 4, + "description": "...", + "mitigations": ["Verschluesselung", "Zugriffskontrolle"] + } + ] + }, + "mitigationMeasures": { + "title": "4. Abhilfemassnahmen", + "controls": [...] + }, + "stakeholderConsultation": { + "title": "5. Einbeziehung Betroffener", + "content": "..." + }, + "dpoOpinion": { + "title": "6. Stellungnahme des DSB", + "content": "Ausstehend - Freigabe erforderlich" + } + }, + "conclusion": { + "overallRisk": "MEDIUM", + "recommendation": "PROCEED_WITH_CONDITIONS", + "conditions": [ + "Implementierung der TOM-Empfehlungen", + "Regelmaessige Ueberpruefung" + ] + } + }, + "generationMeta": { + "model": "claude-3.5-sonnet", + "ragContextUsed": true, + "tokensUsed": 4250, + "durationMs": 8500 + } + } +}`} + + +

POST /generate/tom

+

Generiert technische und organisatorische Massnahmen.

+ +

Request Body

+ + +

Request

+ +{`curl -X POST "https://api.breakpilot.io/sdk/v1/generate/tom" \\ + -H "Authorization: Bearer YOUR_API_KEY" \\ + -H "Content-Type: application/json" \\ + -d '{ + "tenantId": "your-tenant-id", + "categories": ["access_control", "encryption", "backup"], + "basedOnRisks": true + }'`} + + +

Response (200 OK)

+ +{`{ + "success": true, + "data": { + "toms": [ + { + "id": "tom-1", + "category": "access_control", + "categoryLabel": "Zugangskontrolle", + "title": "Multi-Faktor-Authentifizierung", + "description": "Implementierung von MFA fuer alle Systemzugaenge", + "technicalMeasures": [ + "TOTP-basierte 2FA", + "Hardware Security Keys (FIDO2)" + ], + "organizationalMeasures": [ + "Schulung der Mitarbeiter", + "Dokumentation der Zugaenge" + ], + "article32Reference": "Art. 32 Abs. 1 lit. b DSGVO", + "priority": "HIGH", + "implementationStatus": "PLANNED" + }, + { + "id": "tom-2", + "category": "encryption", + "categoryLabel": "Verschluesselung", + "title": "Transportverschluesselung", + "description": "TLS 1.3 fuer alle Datenuebert\\\\ragungen", + "technicalMeasures": [ + "TLS 1.3 mit PFS", + "HSTS Header" + ], + "organizationalMeasures": [ + "Zertifikatsmanagement", + "Regelmaessige Audits" + ], + "article32Reference": "Art. 32 Abs. 1 lit. a DSGVO", + "priority": "CRITICAL", + "implementationStatus": "IMPLEMENTED" + } + ], + "summary": { + "totalMeasures": 20, + "byCategory": { + "access_control": 5, + "encryption": 4, + "backup": 3, + "monitoring": 4, + "incident_response": 4 + }, + "implementationProgress": { + "implemented": 12, + "in_progress": 5, + "planned": 3 + } + } + } +}`} + + +

POST /generate/vvt

+

Generiert ein Verarbeitungsverzeichnis nach Art. 30 DSGVO.

+ +

Request Body

+ + +

Request

+ +{`curl -X POST "https://api.breakpilot.io/sdk/v1/generate/vvt" \\ + -H "Authorization: Bearer YOUR_API_KEY" \\ + -H "Content-Type: application/json" \\ + -d '{ + "tenantId": "your-tenant-id", + "organizationInfo": { + "name": "Beispiel GmbH", + "address": "Musterstrasse 1, 10115 Berlin", + "dpoContact": "datenschutz@beispiel.de" + }, + "includeRetentionPolicies": true + }'`} + + +

Response (200 OK)

+ +{`{ + "success": true, + "data": { + "vvt": { + "id": "vvt-2026-02-04", + "version": "1.0", + "organization": { + "name": "Beispiel GmbH", + "address": "Musterstrasse 1, 10115 Berlin", + "dpoContact": "datenschutz@beispiel.de" + }, + "processingActivities": [ + { + "id": "pa-1", + "name": "Kundendatenverarbeitung", + "purpose": "Vertragserfuellung und Kundenservice", + "legalBasis": "Art. 6 Abs. 1 lit. b DSGVO", + "dataCategories": ["Kontaktdaten", "Vertragsdaten", "Zahlungsdaten"], + "dataSubjects": ["Kunden", "Interessenten"], + "recipients": ["Zahlungsdienstleister", "Versanddienstleister"], + "thirdCountryTransfers": { + "exists": false, + "countries": [], + "safeguards": null + }, + "retentionPeriod": "10 Jahre nach Vertragsende (HGB)", + "technicalMeasures": ["Verschluesselung", "Zugriffskontrolle"] + } + ], + "lastUpdated": "2026-02-04T12:00:00Z" + } + } +}`} + + +

SDK Integration

+ +{`import { getSDKBackendClient } from '@breakpilot/compliance-sdk' + +const client = getSDKBackendClient() + +// DSFA generieren +async function generateDSFA(useCaseId: string) { + const dsfa = await client.generateDSFA({ + useCaseId, + includeRisks: true, + includeControls: true, + }) + + console.log('DSFA generiert:', dsfa.id) + console.log('Gesamtrisiko:', dsfa.conclusion.overallRisk) + return dsfa +} + +// TOMs generieren +async function generateTOMs() { + const toms = await client.generateTOM({ + categories: ['access_control', 'encryption'], + basedOnRisks: true, + }) + + console.log(\`\${toms.length} TOMs generiert\`) + return toms +} + +// VVT generieren +async function generateVVT() { + const vvt = await client.generateVVT({ + organizationInfo: { + name: 'Beispiel GmbH', + address: 'Musterstrasse 1', + dpoContact: 'dpo@beispiel.de', + }, + }) + + console.log(\`VVT mit \${vvt.processingActivities.length} Verarbeitungen\`) + return vvt +}`} + + + + Die Dokumentengenerierung verbraucht LLM-Tokens. Durchschnittliche Kosten: + DSFA ~5.000 Tokens, TOMs ~3.000 Tokens, VVT ~4.000 Tokens. + Enterprise-Kunden haben unbegrenzte Generierungen. + + + ) +} diff --git a/developer-portal/app/api/page.tsx b/developer-portal/app/api/page.tsx new file mode 100644 index 0000000..2b660bf --- /dev/null +++ b/developer-portal/app/api/page.tsx @@ -0,0 +1,239 @@ +import Link from 'next/link' +import { DevPortalLayout, ApiEndpoint, InfoBox } from '@/components/DevPortalLayout' + +export default function ApiReferencePage() { + return ( + +

Base URL

+

+ Alle API-Endpunkte sind unter folgender Basis-URL erreichbar: +

+
+ https://api.breakpilot.io/sdk/v1 +
+

+ Für Self-Hosted-Installationen verwenden Sie Ihre eigene Domain. +

+ +

Authentifizierung

+

+ Alle API-Anfragen erfordern einen gültigen API Key im Header: +

+
+ Authorization: Bearer YOUR_API_KEY +
+ + + Die Tenant-ID wird aus dem API Key abgeleitet oder kann explizit + als Query-Parameter oder im Request-Body mitgegeben werden. + + +

API Endpoints

+ +

State Management

+

+ Verwalten Sie den SDK-State für Ihren Tenant. +

+ + + + + +

+ + → Vollständige State API Dokumentation + +

+ +

RAG Search

+

+ Durchsuchen Sie den Compliance-Korpus (DSGVO, AI Act, NIS2). +

+ + + + +

+ + → Vollständige RAG API Dokumentation + +

+ +

Document Generation

+

+ Generieren Sie Compliance-Dokumente automatisch. +

+ + + + + +

+ + → Vollständige Generation API Dokumentation + +

+ +

Export

+

+ Exportieren Sie den Compliance-Stand in verschiedenen Formaten. +

+ + + +

+ + → Vollständige Export API Dokumentation + +

+ +

Response Format

+

+ Alle Responses folgen einem einheitlichen Format: +

+ +

Erfolgreiche Response

+
+{`{ + "success": true, + "data": { ... }, + "meta": { + "version": 1, + "timestamp": "2026-02-04T12:00:00Z" + } +}`} +
+ +

Fehler Response

+
+{`{ + "success": false, + "error": { + "code": "VALIDATION_ERROR", + "message": "Tenant ID is required", + "details": { ... } + } +}`} +
+ +

Error Codes

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
HTTP StatusCodeBeschreibung
400VALIDATION_ERRORUngültige Request-Daten
401UNAUTHORIZEDFehlender oder ungültiger API Key
403FORBIDDENKeine Berechtigung für diese Ressource
404NOT_FOUNDRessource nicht gefunden
409CONFLICTVersions-Konflikt (Optimistic Locking)
429RATE_LIMITEDZu viele Anfragen
500INTERNAL_ERRORInterner Server-Fehler
+
+ +

Rate Limits

+
+ + + + + + + + + + + + + + + + + + + + + + + + + +
PlanRequests/MinuteRequests/Tag
Starter6010.000
Professional300100.000
EnterpriseUnbegrenztUnbegrenzt
+
+ + ) +} diff --git a/developer-portal/app/api/rag/page.tsx b/developer-portal/app/api/rag/page.tsx new file mode 100644 index 0000000..2847e6c --- /dev/null +++ b/developer-portal/app/api/rag/page.tsx @@ -0,0 +1,248 @@ +import { DevPortalLayout, ApiEndpoint, CodeBlock, ParameterTable, InfoBox } from '@/components/DevPortalLayout' + +export default function RAGApiPage() { + return ( + +

Uebersicht

+

+ Die RAG (Retrieval-Augmented Generation) API ermoeglicht semantische Suche + im Compliance-Korpus. Der Korpus enthaelt: +

+ + + + Die Suche verwendet BGE-M3 Embeddings fuer praezise semantische Aehnlichkeit. + Die Vektoren werden in Qdrant gespeichert. + + +

GET /rag/search

+

Durchsucht den Legal Corpus semantisch.

+ +

Query-Parameter

+ + +

Request

+ +{`curl -X GET "https://api.breakpilot.io/sdk/v1/rag/search?q=Einwilligung%20DSGVO&top_k=5" \\ + -H "Authorization: Bearer YOUR_API_KEY"`} + + +

Response (200 OK)

+ +{`{ + "success": true, + "data": { + "query": "Einwilligung DSGVO", + "results": [ + { + "id": "dsgvo-art-7", + "title": "Art. 7 DSGVO - Bedingungen fuer die Einwilligung", + "content": "Beruht die Verarbeitung auf einer Einwilligung, muss der Verantwortliche nachweisen koennen, dass die betroffene Person in die Verarbeitung ihrer personenbezogenen Daten eingewilligt hat...", + "corpus": "dsgvo", + "article": "Art. 7", + "score": 0.92, + "metadata": { + "chapter": "II", + "section": "Einwilligung", + "url": "https://dsgvo-gesetz.de/art-7-dsgvo/" + } + }, + { + "id": "dsgvo-art-6-1-a", + "title": "Art. 6 Abs. 1 lit. a DSGVO - Einwilligung als Rechtsgrundlage", + "content": "Die Verarbeitung ist nur rechtmaessig, wenn mindestens eine der nachstehenden Bedingungen erfuellt ist: a) Die betroffene Person hat ihre Einwilligung...", + "corpus": "dsgvo", + "article": "Art. 6", + "score": 0.88, + "metadata": { + "chapter": "II", + "section": "Rechtmaessigkeit", + "url": "https://dsgvo-gesetz.de/art-6-dsgvo/" + } + } + ], + "total_results": 2, + "search_time_ms": 45 + }, + "meta": { + "corpus_version": "2026-01", + "embedding_model": "bge-m3" + } +}`} + + +

GET /rag/status

+

Gibt Status-Informationen ueber das RAG-System zurueck.

+ +

Request

+ +{`curl -X GET "https://api.breakpilot.io/sdk/v1/rag/status" \\ + -H "Authorization: Bearer YOUR_API_KEY"`} + + +

Response (200 OK)

+ +{`{ + "success": true, + "data": { + "status": "healthy", + "corpus": { + "dsgvo": { + "documents": 99, + "chunks": 1250, + "last_updated": "2026-01-15T00:00:00Z" + }, + "ai_act": { + "documents": 89, + "chunks": 980, + "last_updated": "2026-01-20T00:00:00Z" + }, + "nis2": { + "documents": 46, + "chunks": 520, + "last_updated": "2026-01-10T00:00:00Z" + } + }, + "embedding_service": { + "status": "online", + "model": "bge-m3", + "dimension": 1024 + }, + "vector_db": { + "type": "qdrant", + "collections": 3, + "total_vectors": 2750 + } + } +}`} + + +

SDK Integration

+

+ Verwenden Sie den SDK-Client fuer einfache RAG-Suche: +

+ +{`import { getSDKBackendClient, isLegalQuery } from '@breakpilot/compliance-sdk' + +const client = getSDKBackendClient() + +// Pruefen ob die Query rechtliche Inhalte betrifft +if (isLegalQuery('Was ist eine Einwilligung?')) { + // RAG-Suche durchfuehren + const results = await client.search('Einwilligung DSGVO', 5) + + results.forEach(result => { + console.log(\`[\${result.corpus}] \${result.title}\`) + console.log(\`Score: \${result.score}\`) + console.log(\`URL: \${result.metadata.url}\`) + console.log('---') + }) +}`} + + +

Keyword-Erkennung

+

+ Die Funktion isLegalQuery erkennt automatisch rechtliche Anfragen: +

+ +{`import { isLegalQuery } from '@breakpilot/compliance-sdk' + +// Gibt true zurueck fuer: +isLegalQuery('DSGVO Art. 5') // true - Artikel-Referenz +isLegalQuery('Einwilligung') // true - DSGVO-Begriff +isLegalQuery('AI Act Hochrisiko') // true - AI Act Begriff +isLegalQuery('NIS2 Richtlinie') // true - NIS2 Referenz +isLegalQuery('personenbezogene Daten') // true - Datenschutz-Begriff + +// Gibt false zurueck fuer: +isLegalQuery('Wie ist das Wetter?') // false - Keine rechtliche Anfrage +isLegalQuery('Programmiere mir X') // false - Technische Anfrage`} + + +

Beispiel: Command Bar Integration

+ +{`import { useState } from 'react' +import { getSDKBackendClient, isLegalQuery } from '@breakpilot/compliance-sdk' + +function CommandBarSearch({ query }: { query: string }) { + const [results, setResults] = useState([]) + const [loading, setLoading] = useState(false) + + useEffect(() => { + if (query.length > 3 && isLegalQuery(query)) { + setLoading(true) + const client = getSDKBackendClient() + + client.search(query, 3).then(data => { + setResults(data) + setLoading(false) + }) + } + }, [query]) + + if (!isLegalQuery(query)) return null + + return ( +
+ {loading ? ( +

Suche im Legal Corpus...

+ ) : ( + results.map(result => ( +
+

{result.title}

+

{result.content.slice(0, 200)}...

+ + Volltext lesen + +
+ )) + )} +
+ ) +}`} + + + + Die RAG-Suche ist auf 100 Anfragen/Minute (Professional) bzw. + unbegrenzt (Enterprise) limitiert. Implementieren Sie Client-Side + Debouncing fuer Echtzeit-Suche. + + + ) +} diff --git a/developer-portal/app/api/state/page.tsx b/developer-portal/app/api/state/page.tsx new file mode 100644 index 0000000..f7f3188 --- /dev/null +++ b/developer-portal/app/api/state/page.tsx @@ -0,0 +1,266 @@ +import { DevPortalLayout, ApiEndpoint, CodeBlock, ParameterTable, InfoBox } from '@/components/DevPortalLayout' + +export default function StateApiPage() { + return ( + +

Übersicht

+

+ Die State API ermöglicht das Speichern und Abrufen des kompletten SDK-States. + Der State enthält alle Compliance-Daten: Use Cases, Risiken, Controls, + Checkpoints und mehr. +

+ + + Der State wird mit optimistischem Locking gespeichert. Bei jedem Speichern + wird die Version erhöht. Bei Konflikten erhalten Sie einen 409-Fehler. + + +

GET /state/{'{tenantId}'}

+

Lädt den aktuellen SDK-State für einen Tenant.

+ +

Request

+ +{`curl -X GET "https://api.breakpilot.io/sdk/v1/state/your-tenant-id" \\ + -H "Authorization: Bearer YOUR_API_KEY"`} + + +

Response (200 OK)

+ +{`{ + "success": true, + "data": { + "version": "1.0.0", + "lastModified": "2026-02-04T12:00:00Z", + "tenantId": "your-tenant-id", + "userId": "user-123", + "subscription": "PROFESSIONAL", + "currentPhase": 1, + "currentStep": "use-case-workshop", + "completedSteps": ["use-case-workshop", "screening"], + "checkpoints": { + "CP-UC": { + "checkpointId": "CP-UC", + "passed": true, + "validatedAt": "2026-02-01T10:00:00Z", + "validatedBy": "user-123", + "errors": [], + "warnings": [] + } + }, + "useCases": [ + { + "id": "uc-1", + "name": "KI-Kundenanalyse", + "description": "...", + "category": "Marketing", + "stepsCompleted": 5, + "assessmentResult": { + "riskLevel": "HIGH", + "dsfaRequired": true, + "aiActClassification": "LIMITED" + } + } + ], + "risks": [...], + "controls": [...], + "dsfa": {...}, + "toms": [...], + "vvt": [...] + }, + "meta": { + "version": 5, + "etag": "W/\\"abc123\\"" + } +}`} + + +

Response (404 Not Found)

+ +{`{ + "success": false, + "error": { + "code": "NOT_FOUND", + "message": "No state found for tenant your-tenant-id" + } +}`} + + +

POST /state

+

Speichert den SDK-State. Unterstützt Versionierung und optimistisches Locking.

+ +

Request Body

+ + +

Request

+ +{`curl -X POST "https://api.breakpilot.io/sdk/v1/state" \\ + -H "Authorization: Bearer YOUR_API_KEY" \\ + -H "Content-Type: application/json" \\ + -H "If-Match: W/\\"abc123\\"" \\ + -d '{ + "tenantId": "your-tenant-id", + "userId": "user-123", + "state": { + "currentPhase": 1, + "currentStep": "risks", + "useCases": [...], + "risks": [...] + } + }'`} + + +

Response (200 OK)

+ +{`{ + "success": true, + "data": { + "tenantId": "your-tenant-id", + "version": 6, + "updatedAt": "2026-02-04T12:05:00Z" + }, + "meta": { + "etag": "W/\\"def456\\"" + } +}`} + + +

Response (409 Conflict)

+ +{`{ + "success": false, + "error": { + "code": "CONFLICT", + "message": "Version conflict: expected 5, but current is 6", + "details": { + "expectedVersion": 5, + "currentVersion": 6 + } + } +}`} + + + + Bei einem 409-Fehler sollten Sie den State erneut laden, Ihre Änderungen + mergen und erneut speichern. + + +

DELETE /state/{'{tenantId}'}

+

Löscht den kompletten State für einen Tenant.

+ +

Request

+ +{`curl -X DELETE "https://api.breakpilot.io/sdk/v1/state/your-tenant-id" \\ + -H "Authorization: Bearer YOUR_API_KEY"`} + + +

Response (200 OK)

+ +{`{ + "success": true, + "data": { + "tenantId": "your-tenant-id", + "deleted": true + } +}`} + + +

State-Struktur

+

Der SDKState enthält alle Compliance-Daten:

+ + +{`interface SDKState { + // Metadata + version: string + lastModified: Date + + // Tenant & User + tenantId: string + userId: string + subscription: 'FREE' | 'STARTER' | 'PROFESSIONAL' | 'ENTERPRISE' + + // Progress + currentPhase: 1 | 2 + currentStep: string + completedSteps: string[] + checkpoints: Record + + // Phase 1 Data + useCases: UseCaseAssessment[] + activeUseCase: string | null + screening: ScreeningResult | null + modules: ServiceModule[] + requirements: Requirement[] + controls: Control[] + evidence: Evidence[] + checklist: ChecklistItem[] + risks: Risk[] + + // Phase 2 Data + aiActClassification: AIActResult | null + obligations: Obligation[] + dsfa: DSFA | null + toms: TOM[] + retentionPolicies: RetentionPolicy[] + vvt: ProcessingActivity[] + documents: LegalDocument[] + cookieBanner: CookieBannerConfig | null + consents: ConsentRecord[] + dsrConfig: DSRConfig | null + escalationWorkflows: EscalationWorkflow[] + + // UI State + preferences: UserPreferences +}`} + + +

Beispiel: SDK Integration

+ +{`import { getSDKApiClient } from '@breakpilot/compliance-sdk' + +const client = getSDKApiClient('your-tenant-id') + +// State laden +const state = await client.getState() +console.log('Current step:', state.currentStep) +console.log('Use cases:', state.useCases.length) + +// State speichern +await client.saveState({ + ...state, + currentStep: 'risks', + risks: [...state.risks, newRisk], +})`} + + + ) +} diff --git a/developer-portal/app/changelog/page.tsx b/developer-portal/app/changelog/page.tsx new file mode 100644 index 0000000..7a1bb7e --- /dev/null +++ b/developer-portal/app/changelog/page.tsx @@ -0,0 +1,164 @@ +import { DevPortalLayout, InfoBox } from '@/components/DevPortalLayout' + +export default function ChangelogPage() { + return ( + +

Versionierung

+

+ Das SDK folgt Semantic Versioning (SemVer): + MAJOR.MINOR.PATCH +

+ + + {/* Version 1.2.0 */} +
+
+ + v1.2.0 + + 2026-02-04 + Latest +
+ +

Neue Features

+ + +

Verbesserungen

+ + +

Bugfixes

+ +
+ + {/* Version 1.1.0 */} +
+
+ + v1.1.0 + + 2026-01-20 +
+ +

Neue Features

+ + +

Verbesserungen

+ +
+ + {/* Version 1.0.0 */} +
+
+ + v1.0.0 + + 2026-01-01 +
+ +

Initial Release

+ +
+ + {/* Breaking Changes Notice */} + +

+ Bei Major-Version-Updates (z.B. 1.x → 2.x) koennen Breaking Changes auftreten. + Pruefen Sie die Migration Guides vor dem Upgrade. +

+

+ Das SDK speichert die State-Version im localStorage. Bei inkompatiblen + Aenderungen wird automatisch eine Migration durchgefuehrt. +

+ + +

Geplante Features

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
FeatureVersionStatus
Multi-Tenant-Supportv1.3.0In Entwicklung
Workflow-Customizationv1.3.0Geplant
Audit-Trail Exportv1.4.0Geplant
White-Label Brandingv2.0.0Roadmap
+
+ +

Feedback & Issues

+

+ Fuer Bug-Reports und Feature-Requests nutzen Sie bitte: +

+ + + ) +} diff --git a/developer-portal/app/getting-started/page.tsx b/developer-portal/app/getting-started/page.tsx new file mode 100644 index 0000000..2be74c7 --- /dev/null +++ b/developer-portal/app/getting-started/page.tsx @@ -0,0 +1,203 @@ +import Link from 'next/link' +import { DevPortalLayout, CodeBlock, InfoBox, ParameterTable } from '@/components/DevPortalLayout' + +export default function GettingStartedPage() { + return ( + +

1. Installation

+

+ Installieren Sie das SDK über Ihren bevorzugten Paketmanager: +

+ +{`npm install @breakpilot/compliance-sdk +# oder +yarn add @breakpilot/compliance-sdk +# oder +pnpm add @breakpilot/compliance-sdk`} + + +

2. API Key erhalten

+

+ Nach dem Abo-Abschluss erhalten Sie Ihren API Key im{' '} + + Einstellungsbereich + . +

+ + + Speichern Sie den API Key niemals im Frontend-Code. Verwenden Sie + Umgebungsvariablen auf dem Server. + + +

3. Provider einrichten

+

+ Wrappen Sie Ihre App mit dem SDKProvider: +

+ +{`import { SDKProvider } from '@breakpilot/compliance-sdk' + +export default function RootLayout({ + children, +}: { + children: React.ReactNode +}) { + return ( + + + + {children} + + + + ) +}`} + + +

Provider Props

+ + +

4. SDK verwenden

+

+ Nutzen Sie den useSDK Hook in Ihren Komponenten: +

+ +{`'use client' + +import { useSDK } from '@breakpilot/compliance-sdk' + +export function ComplianceDashboard() { + const { + state, + completionPercentage, + goToStep, + currentStep, + } = useSDK() + + return ( +
+

+ Compliance Fortschritt: {completionPercentage}% +

+ +
+

Aktueller Schritt: {currentStep?.name}

+

Phase: {state.currentPhase}

+

Use Cases: {state.useCases.length}

+
+ +
+ + +
+
+ ) +}`} + + +

5. Erste Schritte im Workflow

+

+ Das SDK führt Sie durch einen 19-Schritte-Workflow in 2 Phasen: +

+ +
+
+
+

Phase 1: Assessment

+
    +
  1. Use Case Workshop
    2. +
  2. System Screening
    3. +
  3. Compliance Modules
    4. +
  4. Requirements
    5. +
  5. Controls
    6. +
  6. Evidence
    7. +
  7. Audit Checklist
    8. +
  8. Risk Matrix
    9. +
+
+
+

Phase 2: Dokumentation

+
    +
  1. AI Act Klassifizierung
    2. +
  2. Pflichtenübersicht
    3. +
  3. DSFA
    4. +
  4. TOMs
    5. +
  5. Löschfristen
    6. +
  6. VVT
    7. +
  7. Rechtliche Vorlagen
    8. +
  8. Cookie Banner
    9. +
  9. Einwilligungen
    10. +
  10. DSR Portal
    11. +
  11. Escalations
    12. +
+
+
+
+ +

6. Nächste Schritte

+ + + ) +} diff --git a/developer-portal/app/globals.css b/developer-portal/app/globals.css new file mode 100644 index 0000000..0857e21 --- /dev/null +++ b/developer-portal/app/globals.css @@ -0,0 +1,35 @@ +@tailwind base; +@tailwind components; +@tailwind utilities; + +/* Custom scrollbar */ +::-webkit-scrollbar { + width: 8px; + height: 8px; +} + +::-webkit-scrollbar-track { + background: #f1f5f9; +} + +::-webkit-scrollbar-thumb { + background: #cbd5e1; + border-radius: 4px; +} + +::-webkit-scrollbar-thumb:hover { + background: #94a3b8; +} + +/* Smooth transitions */ +* { + transition-property: background-color, border-color, color, fill, stroke; + transition-timing-function: cubic-bezier(0.4, 0, 0.2, 1); + transition-duration: 150ms; +} + +/* Focus styles */ +*:focus-visible { + outline: 2px solid #0ea5e9; + outline-offset: 2px; +} diff --git a/developer-portal/app/guides/page.tsx b/developer-portal/app/guides/page.tsx new file mode 100644 index 0000000..be27d41 --- /dev/null +++ b/developer-portal/app/guides/page.tsx @@ -0,0 +1,227 @@ +import Link from 'next/link' +import { DevPortalLayout, InfoBox } from '@/components/DevPortalLayout' + +export default function GuidesPage() { + return ( + +

Workflow-Guides

+

+ Das AI Compliance SDK fuehrt durch einen strukturierten 19-Schritte-Workflow + in zwei Phasen. Diese Guides erklaeren jeden Schritt im Detail. +

+ +
+ +
+
+ 1 +
+
+

Phase 1: Assessment

+

8 Schritte

+
+
+

+ Use Case Workshop, System Screening, Module-Auswahl, Requirements, + Controls, Evidence, Checkliste, Risk Matrix. +

+ + + +
+
+ 2 +
+
+

Phase 2: Dokumentation

+

11 Schritte

+
+
+

+ AI Act Klassifizierung, Pflichten, DSFA, TOMs, Loeschfristen, + VVT, Rechtliche Vorlagen, Cookie Banner, DSR Portal. +

+ +
+ +

Workflow-Uebersicht

+
+
+

Phase 1: Assessment (8 Schritte)

+
    +
  1. + 01 +

    Use Case Workshop

    +
    2. +
  2. + 02 +

    System Screening

    +
    3. +
  3. + 03 +

    Compliance Modules

    +
    4. +
  4. + 04 +

    Requirements

    +
    5. +
  5. + 05 +

    Controls

    +
    6. +
  6. + 06 +

    Evidence

    +
    7. +
  7. + 07 +

    Audit Checklist

    +
    8. +
  8. + 08 +

    Risk Matrix

    +
    9. +
+
+ +
+

Phase 2: Dokumentation (11 Schritte)

+
    +
  1. + 09 +

    AI Act Klassifizierung

    +
    2. +
  2. + 10 +

    Pflichtenuebersicht

    +
    3. +
  3. + 11 +

    DSFA

    +
    4. +
  4. + 12 +

    TOMs

    +
    5. +
  5. + 13 +

    Loeschfristen

    +
    6. +
  6. + 14 +

    VVT

    +
    7. +
  7. + 15 +

    Rechtliche Vorlagen

    +
    8. +
  8. + 16 +

    Cookie Banner

    +
    9. +
  9. + 17 +

    Einwilligungen

    +
    10. +
  10. + 18 +

    DSR Portal

    +
    11. +
  11. + 19 +

    Escalations

    +
    12. +
+
+
+ +

Checkpoints

+

+ Das SDK validiert den Fortschritt an definierten Checkpoints: +

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
CheckpointNach SchrittValidierung
CP-UCUse Case WorkshopMind. 1 Use Case angelegt
CP-SCREENSystem ScreeningScreening abgeschlossen
CP-CTRLControlsAlle Requirements haben Controls
CP-RISKRisk MatrixAlle Risiken bewertet
CP-DSFADSFADSFA generiert (falls erforderlich)
CP-TOMTOMsMind. 10 TOMs definiert
CP-VVTVVTVVT vollstaendig
+
+ + + Nicht bestandene Checkpoints blockieren den Fortschritt zu spaetere Schritte. + Verwenden Sie validateCheckpoint() um den Status zu pruefen. + + +

Best Practices

+ + + ) +} diff --git a/developer-portal/app/guides/phase1/page.tsx b/developer-portal/app/guides/phase1/page.tsx new file mode 100644 index 0000000..653b9d8 --- /dev/null +++ b/developer-portal/app/guides/phase1/page.tsx @@ -0,0 +1,391 @@ +import { DevPortalLayout, CodeBlock, InfoBox } from '@/components/DevPortalLayout' + +export default function Phase1GuidePage() { + return ( + +

Uebersicht Phase 1

+

+ Phase 1 umfasst die Erfassung und Bewertung Ihrer KI-Anwendungsfaelle. + Am Ende haben Sie eine vollstaendige Risikoanalyse und wissen, welche + Compliance-Dokumente Sie benoetigen. +

+ +
+

Phase 1 Schritte

+
    +
  1. Use Case Workshop
    2. +
  2. System Screening
    3. +
  3. Compliance Modules
    4. +
  4. Requirements
    5. +
  5. Controls
    6. +
  6. Evidence
    7. +
  7. Audit Checklist
    8. +
  8. Risk Matrix
    9. +
+
+ +

Schritt 1: Use Case Workshop

+

+ Erfassen Sie alle KI-Anwendungsfaelle in Ihrem Unternehmen. +

+ +

Code-Beispiel

+ +{`import { useSDK } from '@breakpilot/compliance-sdk' + +function UseCaseForm() { + const { updateUseCase, state } = useSDK() + + const handleCreateUseCase = async () => { + await updateUseCase({ + id: \`uc-\${Date.now()}\`, + name: 'KI-gestuetzte Kundenanalyse', + description: 'Analyse von Kundenverhalten mittels ML', + category: 'Marketing', + department: 'Marketing & Sales', + dataTypes: ['Kundendaten', 'Verhaltensdaten', 'Transaktionen'], + aiCapabilities: ['Profiling', 'Vorhersage'], + stepsCompleted: 0, + }) + } + + return ( +
+

Use Cases: {state.useCases.length}

+ + + {state.useCases.map(uc => ( +
+

{uc.name}

+

{uc.description}

+
+ ))} +
+ ) +}`} + + + + Nach dem Use Case Workshop muss mindestens ein Use Case angelegt sein, + um zum naechsten Schritt zu gelangen. + + +

Schritt 2: System Screening

+

+ Das Screening bewertet jeden Use Case hinsichtlich Datenschutz und AI Act. +

+ +

Code-Beispiel

+ +{`import { useSDK } from '@breakpilot/compliance-sdk' + +function ScreeningView() { + const { state, dispatch } = useSDK() + + const completeScreening = (useCaseId: string, result: ScreeningResult) => { + dispatch({ + type: 'UPDATE_USE_CASE', + payload: { + id: useCaseId, + screeningResult: result, + // Ergebnis bestimmt weitere Pflichten + assessmentResult: { + riskLevel: result.aiActRisk, + dsfaRequired: result.dsfaRequired, + aiActClassification: result.aiActClassification, + }, + }, + }) + } + + // Screening-Fragen beantworten + const screeningQuestions = [ + 'Werden personenbezogene Daten verarbeitet?', + 'Erfolgt automatisierte Entscheidungsfindung?', + 'Werden besondere Datenkategorien verarbeitet?', + 'Erfolgt Profiling?', + 'Werden Daten in Drittlaender uebermittelt?', + ] + + return ( +
+ {screeningQuestions.map((question, i) => ( + + ))} +
+ ) +}`} + + +

Schritt 3: Compliance Modules

+

+ Basierend auf dem Screening werden relevante Compliance-Module aktiviert. +

+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + +
ModulAktiviert wenn
DSGVO BasisImmer (personenbezogene Daten)
DSFAHohes Risiko, Profiling, Art. 9 Daten
AI ActKI-basierte Entscheidungen
NIS2Kritische Infrastruktur
+
+ +

Schritt 4: Requirements

+

+ Fuer jedes aktivierte Modul werden spezifische Anforderungen generiert. +

+ + +{`import { useSDK } from '@breakpilot/compliance-sdk' + +function RequirementsView() { + const { state } = useSDK() + + // Requirements nach Modul gruppieren + const byModule = state.requirements.reduce((acc, req) => { + const module = req.module || 'general' + if (!acc[module]) acc[module] = [] + acc[module].push(req) + return acc + }, {}) + + return ( +
+ {Object.entries(byModule).map(([module, reqs]) => ( +
+

{module}

+
    + {reqs.map(req => ( +
  • + {req.title} +

    {req.description}

    + Status: {req.status} +
    • + ))} +
+
+ ))} +
+ ) +}`} + + +

Schritt 5: Controls

+

+ Definieren Sie Kontrollen fuer jede Anforderung. +

+ + +{`import { useSDK } from '@breakpilot/compliance-sdk' + +function ControlsView() { + const { updateControl, state } = useSDK() + + const addControl = (requirementId: string) => { + updateControl({ + id: \`ctrl-\${Date.now()}\`, + requirementId, + title: 'Zugriffskontrolle implementieren', + description: 'Role-based access control fuer alle Datenzugaenge', + type: 'TECHNICAL', + status: 'PLANNED', + implementationDate: null, + owner: 'IT-Abteilung', + }) + } + + return ( +
+

Controls: {state.controls.length}

+ + {state.requirements.map(req => ( +
+

{req.title}

+

Controls: {state.controls.filter(c => c.requirementId === req.id).length}

+ +
+ ))} +
+ ) +}`} + + + + Jede Requirement muss mindestens ein Control haben, bevor Sie + zur Evidence-Phase uebergehen koennen. + + +

Schritt 6: Evidence

+

+ Dokumentieren Sie Nachweise fuer implementierte Controls. +

+ + +{`import { useSDK } from '@breakpilot/compliance-sdk' + +function EvidenceUpload({ controlId }: { controlId: string }) { + const { dispatch } = useSDK() + + const addEvidence = (file: File) => { + dispatch({ + type: 'ADD_EVIDENCE', + payload: { + id: \`ev-\${Date.now()}\`, + controlId, + title: file.name, + type: 'DOCUMENT', + uploadedAt: new Date().toISOString(), + fileType: file.type, + // In Produktion: Upload zu Storage + }, + }) + } + + return ( + e.target.files?.[0] && addEvidence(e.target.files[0])} + /> + ) +}`} + + +

Schritt 7: Audit Checklist

+

+ Die Checkliste fasst alle Compliance-Punkte zusammen. +

+ +

Schritt 8: Risk Matrix

+

+ Bewerten Sie alle identifizierten Risiken nach Likelihood und Impact. +

+ + +{`import { useSDK, calculateRiskScore, getRiskSeverityFromScore } from '@breakpilot/compliance-sdk' + +function RiskMatrix() { + const { addRisk, state } = useSDK() + + const createRisk = () => { + const likelihood = 3 // 1-5 + const impact = 4 // 1-5 + const score = calculateRiskScore(likelihood, impact) // 12 + const severity = getRiskSeverityFromScore(score) // 'HIGH' + + addRisk({ + id: \`risk-\${Date.now()}\`, + title: 'Unbefugter Datenzugriff', + description: 'Risiko durch unzureichende Zugriffskontrolle', + likelihood, + impact, + inherentScore: score, + severity, + category: 'Security', + mitigations: [], + residualScore: null, + }) + } + + return ( +
+

Risiken: {state.risks.length}

+ + {/* 5x5 Matrix Visualisierung */} +
+ {[5,4,3,2,1].map(likelihood => ( + [1,2,3,4,5].map(impact => { + const score = likelihood * impact + const risksHere = state.risks.filter( + r => r.likelihood === likelihood && r.impact === impact + ) + return ( +
= 15 ? 'bg-red-500' : score >= 8 ? 'bg-yellow-500' : 'bg-green-500'}\`} + > + {risksHere.length > 0 && ( + {risksHere.length} + )} +
+ ) + }) + ))} +
+ + +
+ ) +}`} + + + + Nach erfolgreicher Bewertung aller Risiken koennen Sie zu Phase 2 + uebergehen. Der Checkpoint CP-RISK validiert, dass alle Risiken + eine Severity-Bewertung haben. + + +

Navigation nach Phase 2

+ +{`import { useSDK } from '@breakpilot/compliance-sdk' + +function PhaseTransition() { + const { validateCheckpoint, goToStep, phase1Completion } = useSDK() + + const handleContinueToPhase2 = async () => { + // Alle Phase-1-Checkpoints pruefen + const cpRisk = await validateCheckpoint('CP-RISK') + + if (cpRisk.passed) { + goToStep('ai-act-classification') // Erster Schritt Phase 2 + } else { + console.error('Checkpoint nicht bestanden:', cpRisk.errors) + } + } + + return ( +
+

Phase 1 Fortschritt: {phase1Completion}%

+ + {phase1Completion === 100 && ( + + )} +
+ ) +}`} + + + ) +} diff --git a/developer-portal/app/guides/phase2/page.tsx b/developer-portal/app/guides/phase2/page.tsx new file mode 100644 index 0000000..8f3c3fd --- /dev/null +++ b/developer-portal/app/guides/phase2/page.tsx @@ -0,0 +1,377 @@ +import { DevPortalLayout, CodeBlock, InfoBox } from '@/components/DevPortalLayout' + +export default function Phase2GuidePage() { + return ( + +

Uebersicht Phase 2

+

+ Phase 2 generiert alle erforderlichen Compliance-Dokumente basierend + auf dem Assessment aus Phase 1. Die Dokumente koennen exportiert und + fuer Audits verwendet werden. +

+ +
+

Phase 2 Schritte

+
    +
  1. AI Act Klassifizierung
    2. +
  2. Pflichtenuebersicht
    3. +
  3. DSFA (Datenschutz-Folgenabschaetzung)
    4. +
  4. TOMs (Technische/Organisatorische Massnahmen)
    5. +
  5. Loeschfristen
    6. +
  6. VVT (Verarbeitungsverzeichnis)
    7. +
  7. Rechtliche Vorlagen
    8. +
  8. Cookie Banner
    9. +
  9. Einwilligungen
    10. +
  10. DSR Portal
    11. +
  11. Escalations
    12. +
+
+ +

Schritt 9: AI Act Klassifizierung

+

+ Klassifizieren Sie jeden Use Case nach dem EU AI Act Risikosystem. +

+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
RisikostufeBeschreibungPflichten
VerbotenSocial Scoring, Manipulative KINicht zulaessig
HochrisikoBiometrie, Medizin, kritische InfrastrukturUmfangreiche Dokumentation, Konformitaetsbewertung
BegrenztChatbots, EmpfehlungssystemeTransparenzpflichten
MinimalSpam-Filter, SpieleFreiwillige Verhaltenskodizes
+
+ + +{`import { useSDK } from '@breakpilot/compliance-sdk' +import type { AIActRiskCategory } from '@breakpilot/compliance-sdk' + +function AIActClassification() { + const { state, dispatch } = useSDK() + + const classifyUseCase = (useCaseId: string, classification: AIActRiskCategory) => { + dispatch({ + type: 'UPDATE_USE_CASE', + payload: { + id: useCaseId, + assessmentResult: { + ...state.useCases.find(uc => uc.id === useCaseId)?.assessmentResult, + aiActClassification: classification, + }, + }, + }) + + // Wenn Hochrisiko, zusaetzliche Pflichten aktivieren + if (classification === 'HIGH_RISK') { + dispatch({ + type: 'SET_AI_ACT_RESULT', + payload: { + classification, + conformityRequired: true, + documentationRequired: true, + humanOversightRequired: true, + }, + }) + } + } + + return ( +
+ {state.useCases.map(uc => ( +
+

{uc.name}

+ +
+ ))} +
+ ) +}`} + + +

Schritt 10: Pflichtenuebersicht

+

+ Basierend auf der Klassifizierung werden alle anwendbaren Pflichten angezeigt. +

+ +

Schritt 11: DSFA

+

+ Die Datenschutz-Folgenabschaetzung wird automatisch generiert. +

+ + +{`import { useSDK, getSDKBackendClient } from '@breakpilot/compliance-sdk' + +function DSFAGeneration() { + const { state, dispatch } = useSDK() + const [generating, setGenerating] = useState(false) + + const generateDSFA = async () => { + setGenerating(true) + + const client = getSDKBackendClient() + const dsfa = await client.generateDSFA({ + useCases: state.useCases, + risks: state.risks, + controls: state.controls, + }) + + dispatch({ + type: 'SET_DSFA', + payload: dsfa, + }) + + setGenerating(false) + } + + // DSFA nur anzeigen wenn erforderlich + const dsfaRequired = state.useCases.some( + uc => uc.assessmentResult?.dsfaRequired + ) + + if (!dsfaRequired) { + return

Keine DSFA erforderlich fuer die aktuellen Use Cases.

+ } + + return ( +
+ {state.dsfa ? ( +
+

DSFA generiert

+

Status: {state.dsfa.status}

+

Gesamtrisiko: {state.dsfa.conclusion?.overallRisk}

+ + {/* DSFA-Sektionen anzeigen */} + {Object.entries(state.dsfa.sections || {}).map(([key, section]) => ( +
+

{section.title}

+

{section.content}

+
+ ))} +
+ ) : ( + + )} +
+ ) +}`} + + + + Wenn eine DSFA erforderlich ist (basierend auf Screening), muss diese + generiert werden, bevor Sie fortfahren koennen. + + +

Schritt 12: TOMs

+

+ Technische und Organisatorische Massnahmen nach Art. 32 DSGVO. +

+ + +{`import { useSDK, getSDKBackendClient } from '@breakpilot/compliance-sdk' + +function TOMsView() { + const { state, dispatch } = useSDK() + + const generateTOMs = async () => { + const client = getSDKBackendClient() + const toms = await client.generateTOM({ + risks: state.risks, + controls: state.controls, + }) + + dispatch({ + type: 'SET_TOMS', + payload: toms, + }) + } + + const tomCategories = [ + { id: 'access_control', label: 'Zugangskontrolle' }, + { id: 'access_rights', label: 'Zugriffskontrolle' }, + { id: 'transfer_control', label: 'Weitergabekontrolle' }, + { id: 'input_control', label: 'Eingabekontrolle' }, + { id: 'availability', label: 'Verfuegbarkeitskontrolle' }, + { id: 'separation', label: 'Trennungsgebot' }, + ] + + return ( +
+

TOMs: {state.toms.length}

+ + {tomCategories.map(cat => { + const tomsInCategory = state.toms.filter(t => t.category === cat.id) + return ( +
+

{cat.label} ({tomsInCategory.length})

+
    + {tomsInCategory.map(tom => ( +
  • + {tom.title} +

    {tom.description}

    + Status: {tom.implementationStatus} +
    • + ))} +
+
+ ) + })} + + +
+ ) +}`} + + +

Schritt 13: Loeschfristen

+

+ Definieren Sie Aufbewahrungsfristen fuer verschiedene Datenkategorien. +

+ +

Schritt 14: VVT

+

+ Das Verarbeitungsverzeichnis nach Art. 30 DSGVO. +

+ + +{`import { useSDK } from '@breakpilot/compliance-sdk' + +function VVTView() { + const { state, dispatch } = useSDK() + + const addProcessingActivity = () => { + dispatch({ + type: 'ADD_PROCESSING_ACTIVITY', + payload: { + id: \`pa-\${Date.now()}\`, + name: 'Kundendatenverarbeitung', + purpose: 'Vertragserfuellung', + legalBasis: 'Art. 6 Abs. 1 lit. b DSGVO', + dataCategories: ['Kontaktdaten', 'Vertragsdaten'], + dataSubjects: ['Kunden'], + recipients: [], + retentionPeriod: '10 Jahre', + technicalMeasures: ['Verschluesselung', 'Zugriffskontrolle'], + }, + }) + } + + return ( +
+

Verarbeitungstaetigkeiten: {state.vvt.length}

+ + {state.vvt.map(activity => ( +
+

{activity.name}

+

Zweck: {activity.purpose}

+

Rechtsgrundlage: {activity.legalBasis}

+

Datenkategorien: {activity.dataCategories.join(', ')}

+

Betroffene: {activity.dataSubjects.join(', ')}

+

Loeschfrist: {activity.retentionPeriod}

+
+ ))} + + +
+ ) +}`} + + +

Schritt 15-19: Weitere Dokumentation

+

+ Die verbleibenden Schritte umfassen: +

+ + +

Export der Dokumentation

+ +{`import { useSDK } from '@breakpilot/compliance-sdk' + +function ExportAll() { + const { exportState, completionPercentage } = useSDK() + + const handleExport = async (format: 'pdf' | 'zip' | 'json') => { + const blob = await exportState(format) + + // Download ausloesen + const url = URL.createObjectURL(blob) + const a = document.createElement('a') + a.href = url + a.download = \`compliance-export.\${format === 'json' ? 'json' : format}\` + a.click() + URL.revokeObjectURL(url) + } + + return ( +
+

Compliance Fortschritt: {completionPercentage}%

+ +
+ + + +
+
+ ) +}`} + + + + Nach Abschluss aller 19 Schritte haben Sie eine vollstaendige + Compliance-Dokumentation, die Sie fuer Audits und regulatorische + Anforderungen verwenden koennen. + + + ) +} diff --git a/developer-portal/app/layout.tsx b/developer-portal/app/layout.tsx new file mode 100644 index 0000000..57f1735 --- /dev/null +++ b/developer-portal/app/layout.tsx @@ -0,0 +1,22 @@ +import type { Metadata } from 'next' +import { Inter } from 'next/font/google' +import './globals.css' + +const inter = Inter({ subsets: ['latin'] }) + +export const metadata: Metadata = { + title: 'BreakPilot Developer Portal', + description: 'SDK-Dokumentation und API-Referenz fuer BreakPilot AI Compliance SDK', +} + +export default function RootLayout({ + children, +}: { + children: React.ReactNode +}) { + return ( + + {children} + + ) +} diff --git a/developer-portal/app/page.tsx b/developer-portal/app/page.tsx new file mode 100644 index 0000000..0e98f81 --- /dev/null +++ b/developer-portal/app/page.tsx @@ -0,0 +1,188 @@ +import Link from 'next/link' +import { DevPortalLayout, CodeBlock, InfoBox } from '@/components/DevPortalLayout' +import { Zap, Code, Terminal, Book, ArrowRight } from 'lucide-react' + +export default function DevelopersPage() { + return ( + + {/* Quick Links */} +
+ +
+
+ +
+

Quick Start

+
+

+ Starten Sie in 5 Minuten mit dem AI Compliance SDK +

+ + Jetzt starten + + + + +
+
+ +
+

API Reference

+
+

+ Vollständige API-Dokumentation aller Endpoints +

+ + API erkunden + + + + +
+
+ +
+

SDK Documentation

+
+

+ TypeScript SDK für React und Next.js +

+ + Dokumentation lesen + + + + +
+
+ +
+

Guides

+
+

+ Schritt-für-Schritt-Anleitungen und Best Practices +

+ + Guides ansehen + + +
+ + {/* Installation */} +

Installation

+ +{`npm install @breakpilot/compliance-sdk +# oder +yarn add @breakpilot/compliance-sdk +# oder +pnpm add @breakpilot/compliance-sdk`} + + + {/* Quick Example */} +

Schnellstart-Beispiel

+ +{`import { SDKProvider, useSDK } from '@breakpilot/compliance-sdk' + +function App() { + return ( + + + + ) +} + +function ComplianceDashboard() { + const { state, goToStep, completionPercentage } = useSDK() + + return ( +
+

Compliance Status: {completionPercentage}%

+

Aktueller Schritt: {state.currentStep}

+ +
+ ) +}`} + + + +
    +
  • Node.js 18 oder höher
    • +
  • React 18 oder höher
    • +
  • Breakpilot API Key (erhältlich nach Abo-Abschluss)
    • +
+ + + {/* Features */} +

Hauptfunktionen

+
+
+

19-Schritt-Workflow

+

+ Geführter Compliance-Prozess von Use Case bis DSR-Portal +

+
+
+

RAG-basierte Suche

+

+ Durchsuchen Sie DSGVO, AI Act, NIS2 mit semantischer Suche +

+
+
+

Dokumentengenerierung

+

+ Automatische Erstellung von DSFA, TOMs, VVT +

+
+
+

Export

+

+ PDF, JSON, ZIP-Export für Audits und Dokumentation +

+
+
+ + {/* Next Steps */} +

Nächste Schritte

+
    +
  1. + + Quick Start Guide + + {' '}- Erste Integration in 5 Minuten +
    2. +
  2. + + State API + + {' '}- Verstehen Sie das State Management +
    3. +
  3. + + Phase 1 Workflow + + {' '}- Durchlaufen Sie den Compliance-Prozess +
    4. +
+ + ) +} diff --git a/developer-portal/app/sdk/configuration/page.tsx b/developer-portal/app/sdk/configuration/page.tsx new file mode 100644 index 0000000..47d392d --- /dev/null +++ b/developer-portal/app/sdk/configuration/page.tsx @@ -0,0 +1,256 @@ +import { DevPortalLayout, CodeBlock, InfoBox, ParameterTable } from '@/components/DevPortalLayout' + +export default function SDKConfigurationPage() { + return ( + +

SDKProvider Props

+

+ Der SDKProvider akzeptiert folgende Konfigurationsoptionen: +

+ void', + required: false, + description: 'Callback fuer Fehlerbehandlung', + }, + { + name: 'onStateChange', + type: '(state: SDKState) => void', + required: false, + description: 'Callback bei State-Aenderungen', + }, + ]} + /> + +

Vollstaendiges Beispiel

+ +{`'use client' + +import { SDKProvider } from '@breakpilot/compliance-sdk' +import { useRouter } from 'next/navigation' + +export default function SDKLayout({ children }: { children: React.ReactNode }) { + const router = useRouter() + + return ( + { + console.error('SDK Error:', error) + // Optional: Sentry oder anderes Error-Tracking + }} + onStateChange={(state) => { + console.log('State changed:', state.currentStep) + // Optional: Analytics-Events + }} + > + {children} + + ) +}`} + + +

Synchronisations-Strategien

+ +

1. Nur localStorage (Offline-Only)

+ +{` + {children} +`} + +

+ Ideal fuer: Lokale Entwicklung, Demos, Privacy-fokussierte Installationen. + Daten werden nur im Browser gespeichert. +

+ +

2. Backend-Sync mit Fallback

+ +{` + {children} +`} + +

+ Empfohlen fuer: Produktionsumgebungen. Daten werden mit dem Backend + synchronisiert, localStorage dient als Fallback bei Netzwerkproblemen. +

+ +

3. Nur Backend (kein lokaler Cache)

+ +{` + {children} +`} + +

+ Ideal fuer: Strenge Compliance-Anforderungen, Multi-User-Szenarien. + Daten werden nur im Backend gespeichert. +

+ + + Im Backend-Only Modus ist eine aktive Internetverbindung erforderlich. + Bei Netzwerkproblemen koennen Daten verloren gehen. + + +

API URL Konfiguration

+ +

Cloud-Version (Standard)

+

Keine zusaetzliche Konfiguration erforderlich:

+ +{` + {/* Nutzt automatisch https://api.breakpilot.io/sdk/v1 */} +`} + + +

Self-Hosted

+ +{` + {children} +`} + + +

Lokale Entwicklung

+ +{` + {children} +`} + + +

Feature Flags

+

+ Das SDK unterstuetzt Feature Flags ueber Subscription-Levels: +

+ +{`import { useSDK } from '@breakpilot/compliance-sdk' + +function MyComponent() { + const { state } = useSDK() + + // Subscription-basierte Features + const isEnterprise = state.subscription === 'ENTERPRISE' + const isProfessional = ['PROFESSIONAL', 'ENTERPRISE'].includes(state.subscription) + + // Feature-Gates + const canExportPDF = isProfessional + const canUseRAG = isProfessional + const canCustomizeDSFA = isEnterprise + const canUseAPI = isProfessional + + return ( +
+ {canExportPDF && } + {canUseRAG && } +
+ ) +}`} + + +

Logging & Debugging

+

+ Aktivieren Sie detailliertes Logging fuer die Entwicklung: +

+ +{`// In Ihrer .env.local +NEXT_PUBLIC_SDK_DEBUG=true + +// Oder programmatisch + { + if (process.env.NODE_ENV === 'development') { + console.log('[SDK] State Update:', { + phase: state.currentPhase, + step: state.currentStep, + useCases: state.useCases.length, + risks: state.risks.length, + }) + } + }} +> + {children} +`} + + + + Der SDK-State ist im React DevTools unter dem SDKProvider-Context sichtbar. + Installieren Sie die React Developer Tools Browser-Extension fuer einfaches Debugging. + + + ) +} diff --git a/developer-portal/app/sdk/consent/api-reference/page.tsx b/developer-portal/app/sdk/consent/api-reference/page.tsx new file mode 100644 index 0000000..89599c0 --- /dev/null +++ b/developer-portal/app/sdk/consent/api-reference/page.tsx @@ -0,0 +1,482 @@ +'use client' + +import React, { useState } from 'react' +import { SDKDocsSidebar } from '@/components/SDKDocsSidebar' +import { Copy, Check } from 'lucide-react' + +function CopyButton({ text }: { text: string }) { + const [copied, setCopied] = useState(false) + + const handleCopy = async () => { + await navigator.clipboard.writeText(text) + setCopied(true) + setTimeout(() => setCopied(false), 2000) + } + + return ( + + ) +} + +function CodeBlock({ code }: { code: string }) { + return ( +
+
+ +
+ 
+        {code}
+
+
+ ) +} + +function MethodCard({ + name, + signature, + description, + params, + returns, + example, +}: { + name: string + signature: string + description: string + params?: { name: string; type: string; description: string }[] + returns?: string + example?: string +}) { + return ( +
+
+ {name} +
+
+
+ {signature} +
+

{description}

+ + {params && params.length > 0 && ( +
+

Parameter

+ + + {params.map((param) => ( + + + + + + ))} + +
+ {param.name} + + {param.type} + {param.description}
+
+ )} + + {returns && ( +
+

Rueckgabe

+ {returns} +
+ )} + + {example && ( +
+

Beispiel

+ +
+ )} +
+
+ ) +} + +export default function APIReferencePage() { + return ( +
+ + +
+
+

API Referenz

+

+ Vollstaendige Dokumentation aller Methoden und Konfigurationsoptionen des Consent SDK. +

+ + {/* ConsentManager */} +
+

ConsentManager

+

+ Die zentrale Klasse fuer das Consent Management. Verwaltet Einwilligungen, Script-Blocking und Events. +

+ + {/* Constructor */} +
+ + + + + + + + + { + await consent.acceptAll(); +});`} + /> + + { + await consent.rejectAll(); +});`} + /> + + { + await consent.revokeAll(); + location.reload(); +});`} + /> + + { + console.log('Consent geaendert:', state); +}); + +// Spaeter: Listener entfernen +unsubscribe();`} + /> + + + + +
+
+ + {/* Configuration */} +
+

Konfiguration

+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ Option + + Typ + + Default + + Beschreibung +
+ apiEndpoint + + string + erforderlichURL des Consent-Backends
+ siteId + + string + erforderlichEindeutige Site-ID
+ debug + + boolean + falseAktiviert Debug-Logging
+ language + + string + 'de'Sprache fuer UI-Texte
+ consent.rememberDays + + number + 365Gueltigkeitsdauer in Tagen
+ consent.recheckAfterDays + + number + 180Erneute Abfrage nach X Tagen
+
+
+ + {/* Events */} +
+

Events

+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ Event + + Daten + + Beschreibung +
+ init + + ConsentState | null + SDK initialisiert
+ change + + ConsentState + Consent geaendert
+ accept_all + + ConsentState + Alle akzeptiert
+ reject_all + + ConsentState + Alle abgelehnt
+ banner_show + + undefined + Banner angezeigt
+ banner_hide + + undefined + Banner versteckt
+ error + + Error + Fehler aufgetreten
+
+
+ + {/* Types */} +
+

TypeScript Types

+ ; + vendors: Record; + timestamp: string; + version: string; + consentId?: string; + expiresAt?: string; +} + +// Konfiguration +interface ConsentConfig { + apiEndpoint: string; + siteId: string; + debug?: boolean; + language?: string; + fallbackLanguage?: string; + ui?: ConsentUIConfig; + consent?: ConsentBehaviorConfig; + onConsentChange?: (state: ConsentState) => void; + onBannerShow?: () => void; + onBannerHide?: () => void; + onError?: (error: Error) => void; +}`} + /> +
+
+
+
+ ) +} diff --git a/developer-portal/app/sdk/consent/frameworks/angular/page.tsx b/developer-portal/app/sdk/consent/frameworks/angular/page.tsx new file mode 100644 index 0000000..431d64c --- /dev/null +++ b/developer-portal/app/sdk/consent/frameworks/angular/page.tsx @@ -0,0 +1,281 @@ +'use client' + +import React, { useState } from 'react' +import { SDKDocsSidebar } from '@/components/SDKDocsSidebar' +import { Copy, Check } from 'lucide-react' + +function CopyButton({ text }: { text: string }) { + const [copied, setCopied] = useState(false) + const handleCopy = async () => { + await navigator.clipboard.writeText(text) + setCopied(true) + setTimeout(() => setCopied(false), 2000) + } + return ( + + ) +} + +function CodeBlock({ code, filename }: { code: string; filename?: string }) { + return ( +
+ {filename && ( +
+ {filename} +
+ )} +
+
+ +
+ 
+          {code}
+
+
+
+ ) +} + +export default function AngularIntegrationPage() { + return ( +
+ + +
+
+
+
+ A +
+

Angular Integration

+
+

+ Service und Module fuer Angular 14+ Projekte. +

+ + {/* Installation */} +
+

Installation

+ +
+ + {/* Module Setup */} +
+

Module Setup

+ +
+ + {/* Standalone Setup */} +
+

Standalone Setup (Angular 15+)

+ +
+ + {/* Service Usage */} +
+

Service Usage

+ + +
+ \`, +}) +export class AnalyticsComponent implements OnInit { + hasAnalyticsConsent$ = this.consentService.hasConsent$('analytics'); + + constructor(private consentService: ConsentService) {} + + async loadAnalytics() { + if (await this.consentService.hasConsent('analytics')) { + // Load analytics + } + } +}`} + /> + + + {/* Cookie Banner */} +
+

Cookie Banner Component

+ +
+

+ Wir verwenden Cookies um Ihr Erlebnis zu verbessern. +

+
+ + + +
+
+
+ \`, +}) +export class CookieBannerComponent { + isBannerVisible$ = this.consentService.isBannerVisible$; + + constructor(private consentService: ConsentService) {} + + async acceptAll() { + await this.consentService.acceptAll(); + } + + async rejectAll() { + await this.consentService.rejectAll(); + } + + showSettings() { + this.consentService.showSettings(); + } +}`} + /> + + + {/* Directive */} +
+

ConsentGate Directive

+ + + + +
+ +
+ +
+

Bitte stimmen Sie Statistik-Cookies zu.

+ +
+`} + /> +
+ + {/* Service API */} +
+

Service API

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ Property/Method + + Typ + + Beschreibung +
consent$Observable<ConsentState>Observable des aktuellen Consent
hasConsent$()Observable<boolean>Reaktive Consent-Pruefung
hasConsent()Promise<boolean>Async Consent-Pruefung
isBannerVisible$Observable<boolean>Banner-Sichtbarkeit
acceptAll()Promise<void>Akzeptiert alle
rejectAll()Promise<void>Lehnt alle ab
setConsent()Promise<void>Setzt spezifische Kategorien
+
+
+ + + + ) +} diff --git a/developer-portal/app/sdk/consent/frameworks/page.tsx b/developer-portal/app/sdk/consent/frameworks/page.tsx new file mode 100644 index 0000000..f2df7a7 --- /dev/null +++ b/developer-portal/app/sdk/consent/frameworks/page.tsx @@ -0,0 +1,98 @@ +'use client' + +import React from 'react' +import Link from 'next/link' +import { SDKDocsSidebar } from '@/components/SDKDocsSidebar' +import { ChevronRight } from 'lucide-react' + +const frameworks = [ + { + name: 'React', + href: '/sdk/consent/frameworks/react', + logo: '/logos/react.svg', + description: 'Hooks und Provider fuer React 17+ und Next.js', + features: ['ConsentProvider', 'useConsent Hook', 'ConsentGate Component'], + color: 'bg-cyan-500', + }, + { + name: 'Vue 3', + href: '/sdk/consent/frameworks/vue', + logo: '/logos/vue.svg', + description: 'Composables und Plugin fuer Vue 3 und Nuxt', + features: ['Vue Plugin', 'useConsent Composable', 'ConsentGate Component'], + color: 'bg-emerald-500', + }, + { + name: 'Angular', + href: '/sdk/consent/frameworks/angular', + logo: '/logos/angular.svg', + description: 'Service und Module fuer Angular 14+', + features: ['ConsentService', 'ConsentModule', 'Dependency Injection'], + color: 'bg-red-500', + }, +] + +export default function FrameworksPage() { + return ( +
+ + +
+
+

Framework Integration

+

+ Das Consent SDK bietet native Integrationen fuer alle gaengigen Frontend-Frameworks. +

+ +
+ {frameworks.map((framework) => ( + +
+
+ {framework.name[0]} +
+
+
+

+ {framework.name} +

+ +
+

{framework.description}

+
+ {framework.features.map((feature) => ( + + {feature} + + ))} +
+
+
+ + ))} +
+ + {/* Vanilla JS Note */} +
+

Vanilla JavaScript

+

+ Sie koennen das SDK auch ohne Framework verwenden. Importieren Sie einfach den ConsentManager direkt + aus dem Hauptpaket. Siehe{' '} + + Installation + {' '} + fuer Details. +

+
+
+
+
+ ) +} diff --git a/developer-portal/app/sdk/consent/frameworks/react/page.tsx b/developer-portal/app/sdk/consent/frameworks/react/page.tsx new file mode 100644 index 0000000..4b44249 --- /dev/null +++ b/developer-portal/app/sdk/consent/frameworks/react/page.tsx @@ -0,0 +1,277 @@ +'use client' + +import React, { useState } from 'react' +import { SDKDocsSidebar } from '@/components/SDKDocsSidebar' +import { Copy, Check } from 'lucide-react' + +function CopyButton({ text }: { text: string }) { + const [copied, setCopied] = useState(false) + const handleCopy = async () => { + await navigator.clipboard.writeText(text) + setCopied(true) + setTimeout(() => setCopied(false), 2000) + } + return ( + + ) +} + +function CodeBlock({ code, filename }: { code: string; filename?: string }) { + return ( +
+ {filename && ( +
+ {filename} +
+ )} +
+
+ +
+ 
+          {code}
+
+
+
+ ) +} + +export default function ReactIntegrationPage() { + return ( +
+ + +
+
+
+
+ R +
+

React Integration

+
+

+ Hooks und Provider fuer React 17+ und Next.js Projekte. +

+ + {/* Installation */} +
+

Installation

+ +
+ + {/* Provider Setup */} +
+

Provider Setup

+

+ Umschliessen Sie Ihre App mit dem ConsentProvider: +

+ + + + {children} + + + + ); +}`} + /> +
+ + {/* useConsent Hook */} +
+

useConsent Hook

+

+ Verwenden Sie den Hook in jeder Komponente: +

+ + ); +}`} + /> +
+ + {/* ConsentGate */} +
+

ConsentGate Component

+

+ Zeigt Inhalte nur wenn Consent vorhanden ist: +

+ +

Video erfordert Ihre Zustimmung.

+ +
+ } + > + `} + /> + + + {/* Requirements */} +
+

Systemvoraussetzungen

+
+ + + + + + + + + + + + + + + + + + + + + + + + + +
+ Anforderung + + Minimum +
Node.js>= 18.0.0
React (optional)>= 17.0.0
Vue (optional)>= 3.0.0
TypeScript (optional)>= 4.7.0
+
+
+ + {/* Browser Support */} +
+

Browser-Unterstuetzung

+ + Das SDK unterstuetzt alle modernen Browser mit ES2017+ Unterstuetzung. + Fuer aeltere Browser wird ein automatischer Fallback fuer Crypto-Funktionen bereitgestellt. + +
+ + + + + + + + + + + + + + + + + + + + + + + + + +
+ Browser + + Minimum Version +
Chrome>= 60
Firefox>= 55
Safari>= 11
Edge>= 79 (Chromium)
+
+
+ + {/* Next Steps */} +
+

Naechste Schritte

+ +
+
+ + + ) +} diff --git a/developer-portal/app/sdk/consent/mobile/android/page.tsx b/developer-portal/app/sdk/consent/mobile/android/page.tsx new file mode 100644 index 0000000..04f240d --- /dev/null +++ b/developer-portal/app/sdk/consent/mobile/android/page.tsx @@ -0,0 +1,269 @@ +'use client' + +import React, { useState } from 'react' +import { SDKDocsSidebar } from '@/components/SDKDocsSidebar' +import { Copy, Check, Smartphone } from 'lucide-react' + +function CopyButton({ text }: { text: string }) { + const [copied, setCopied] = useState(false) + const handleCopy = async () => { + await navigator.clipboard.writeText(text) + setCopied(true) + setTimeout(() => setCopied(false), 2000) + } + return ( + + ) +} + +function CodeBlock({ code, filename }: { code: string; filename?: string }) { + return ( +
+ {filename && ( +
+ {filename} +
+ )} +
+
+ +
+ 
+          {code}
+
+
+
+ ) +} + +export default function AndroidSDKPage() { + return ( +
+ + +
+
+
+
+ +
+

Android SDK (Kotlin)

+
+

+ Native Kotlin SDK fuer Android API 26+ mit Jetpack Compose Unterstuetzung. +

+ + {/* Requirements */} +
+

Systemvoraussetzungen

+
+ + + + + + + + + + + + + + + +
Kotlin Version1.9+
Min SDKAPI 26 (Android 8.0)
Compile SDK34+
+
+
+ + {/* Installation */} +
+

Installation

+ +
+ + {/* Basic Setup */} +
+

Grundlegende Einrichtung

+ +
+ + {/* Jetpack Compose */} +
+

Jetpack Compose Integration

+ +
+ + {/* Traditional Android */} +
+

View-basierte Integration

+ + updateUI(state) + } + } + + // Banner anzeigen wenn noetig + if (ConsentManager.needsConsent()) { + ConsentManager.showBanner(this) + } + } + + private fun updateUI(state: ConsentState?) { + if (state?.hasConsent(ConsentCategory.ANALYTICS) == true) { + loadAnalytics() + } + } + + fun onAcceptAllClick(view: View) { + lifecycleScope.launch { + ConsentManager.acceptAll() + } + } +}`} + /> +
+ + {/* API Reference */} +
+

API Referenz

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
MethodeBeschreibung
configure()SDK konfigurieren
initialize()SDK initialisieren (suspend)
hasConsent()Consent fuer Kategorie pruefen
consentFlowFlow fuer reaktive Updates
acceptAll()Alle akzeptieren (suspend)
rejectAll()Alle ablehnen (suspend)
setConsent()Kategorien setzen (suspend)
showBanner()Banner als DialogFragment
+
+
+
+
+
+ ) +} diff --git a/developer-portal/app/sdk/consent/mobile/flutter/page.tsx b/developer-portal/app/sdk/consent/mobile/flutter/page.tsx new file mode 100644 index 0000000..1f713ad --- /dev/null +++ b/developer-portal/app/sdk/consent/mobile/flutter/page.tsx @@ -0,0 +1,313 @@ +'use client' + +import React, { useState } from 'react' +import { SDKDocsSidebar } from '@/components/SDKDocsSidebar' +import { Copy, Check, Smartphone } from 'lucide-react' + +function CopyButton({ text }: { text: string }) { + const [copied, setCopied] = useState(false) + const handleCopy = async () => { + await navigator.clipboard.writeText(text) + setCopied(true) + setTimeout(() => setCopied(false), 2000) + } + return ( + + ) +} + +function CodeBlock({ code, filename }: { code: string; filename?: string }) { + return ( +
+ {filename && ( +
+ {filename} +
+ )} +
+
+ +
+ 
+          {code}
+
+
+
+ ) +} + +export default function FlutterSDKPage() { + return ( +
+ + +
+
+
+
+ +
+

Flutter SDK

+
+

+ Cross-Platform SDK fuer Flutter 3.16+ mit iOS, Android und Web Support. +

+ + {/* Requirements */} +
+

Systemvoraussetzungen

+
+ + + + + + + + + + + + + + + +
Dart Version3.0+
Flutter Version3.16+
PlattformeniOS, Android, Web
+
+
+ + {/* Installation */} +
+

Installation

+ +
+ +
+
+ + {/* Basic Setup */} +
+

Grundlegende Einrichtung

+ +
+ + {/* Widget Usage */} +
+

Widget Integration

+ ( + stream: ConsentManager.instance.consentStream, + builder: (context, snapshot) { + final consent = snapshot.data; + + if (consent?.hasConsent(ConsentCategory.analytics) ?? false) { + return const AnalyticsWidget(); + } + + return const SizedBox.shrink(); + }, + ), + + // ConsentGate Widget + ConsentGate( + category: ConsentCategory.marketing, + fallback: const Center( + child: Text('Marketing-Zustimmung erforderlich'), + ), + child: const MarketingWidget(), + ), + + // Buttons + ElevatedButton( + onPressed: () => ConsentManager.instance.acceptAll(), + child: const Text('Alle akzeptieren'), + ), + + ElevatedButton( + onPressed: () => ConsentManager.instance.rejectAll(), + child: const Text('Alle ablehnen'), + ), + + TextButton( + onPressed: () => ConsentManager.instance.showSettings(context), + child: const Text('Einstellungen'), + ), + ], + ), + ); + } +}`} + /> +
+ + {/* Custom Banner */} +
+

Custom Cookie Banner

+ ( + stream: ConsentManager.instance.isBannerVisibleStream, + builder: (context, snapshot) { + if (!(snapshot.data ?? false)) { + return const SizedBox.shrink(); + } + + return Container( + padding: const EdgeInsets.all(16), + decoration: BoxDecoration( + color: Colors.white, + boxShadow: [ + BoxShadow( + color: Colors.black.withOpacity(0.1), + blurRadius: 10, + ), + ], + ), + child: SafeArea( + child: Column( + mainAxisSize: MainAxisSize.min, + children: [ + const Text( + 'Wir verwenden Cookies um Ihr Erlebnis zu verbessern.', + style: TextStyle(fontSize: 14), + ), + const SizedBox(height: 16), + Row( + mainAxisAlignment: MainAxisAlignment.end, + children: [ + TextButton( + onPressed: () => ConsentManager.instance.rejectAll(), + child: const Text('Ablehnen'), + ), + TextButton( + onPressed: () => ConsentManager.instance.showSettings(context), + child: const Text('Einstellungen'), + ), + ElevatedButton( + onPressed: () => ConsentManager.instance.acceptAll(), + child: const Text('Alle akzeptieren'), + ), + ], + ), + ], + ), + ), + ); + }, + ); + } +}`} + /> +
+ + {/* API Reference */} +
+

API Referenz

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Methode/PropertyBeschreibung
initialize()SDK initialisieren (Future)
hasConsent()Consent pruefen
consentStreamStream fuer Consent-Updates
isBannerVisibleStreamStream fuer Banner-Sichtbarkeit
acceptAll()Alle akzeptieren (Future)
rejectAll()Alle ablehnen (Future)
setConsent()Kategorien setzen (Future)
showSettings()Einstellungs-Dialog oeffnen
+
+
+
+
+
+ ) +} diff --git a/developer-portal/app/sdk/consent/mobile/ios/page.tsx b/developer-portal/app/sdk/consent/mobile/ios/page.tsx new file mode 100644 index 0000000..62db91f --- /dev/null +++ b/developer-portal/app/sdk/consent/mobile/ios/page.tsx @@ -0,0 +1,283 @@ +'use client' + +import React, { useState } from 'react' +import { SDKDocsSidebar } from '@/components/SDKDocsSidebar' +import { Copy, Check, Apple } from 'lucide-react' + +function CopyButton({ text }: { text: string }) { + const [copied, setCopied] = useState(false) + const handleCopy = async () => { + await navigator.clipboard.writeText(text) + setCopied(true) + setTimeout(() => setCopied(false), 2000) + } + return ( + + ) +} + +function CodeBlock({ code, filename }: { code: string; filename?: string }) { + return ( +
+ {filename && ( +
+ {filename} +
+ )} +
+
+ +
+ 
+          {code}
+
+
+
+ ) +} + +export default function iOSSDKPage() { + return ( +
+ + +
+
+
+
+ +
+

iOS SDK (Swift)

+
+

+ Native Swift SDK fuer iOS 15+ und iPadOS mit SwiftUI-Unterstuetzung. +

+ + {/* Requirements */} +
+

Systemvoraussetzungen

+
+ + + + + + + + + + + + + + + +
Swift Version5.9+
iOS Deployment TargetiOS 15.0+
Xcode Version15.0+
+
+
+ + {/* Installation */} +
+

Installation

+

Swift Package Manager

+ +

+ Oder in Xcode: File → Add Package Dependencies → URL eingeben +

+
+ + {/* Basic Usage */} +
+

Grundlegende Verwendung

+ Bool { + + // Consent Manager konfigurieren + ConsentManager.shared.configure( + apiEndpoint: "https://api.example.com/consent", + siteId: "my-ios-app" + ) + + // Initialisieren + Task { + await ConsentManager.shared.initialize() + } + + return true + } +}`} + /> +
+ + {/* SwiftUI Integration */} +
+

SwiftUI Integration

+ +
+ + {/* UIKit Integration */} +
+

UIKit Integration

+ () + + override func viewDidLoad() { + super.viewDidLoad() + + // Reaktiv auf Consent-Aenderungen reagieren + ConsentManager.shared.$consent + .receive(on: DispatchQueue.main) + .sink { [weak self] state in + self?.updateUI(consent: state) + } + .store(in: &cancellables) + } + + private func updateUI(consent: ConsentState?) { + if consent?.hasConsent(.analytics) == true { + loadAnalytics() + } + } + + @IBAction func acceptAllTapped(_ sender: UIButton) { + Task { + await ConsentManager.shared.acceptAll() + } + } +}`} + /> +
+ + {/* Consent Categories */} +
+

Consent-Kategorien

+ +
+ + {/* API Reference */} +
+

API Referenz

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
MethodeBeschreibung
configure()SDK konfigurieren
initialize()SDK initialisieren (async)
hasConsent(_:)Consent fuer Kategorie pruefen
acceptAll()Alle Kategorien akzeptieren (async)
rejectAll()Alle ablehnen (async)
setConsent(_:)Spezifische Kategorien setzen (async)
showBanner()Banner anzeigen
exportConsent()Consent-Daten exportieren (DSGVO)
+
+
+
+
+
+ ) +} diff --git a/developer-portal/app/sdk/consent/mobile/page.tsx b/developer-portal/app/sdk/consent/mobile/page.tsx new file mode 100644 index 0000000..6173669 --- /dev/null +++ b/developer-portal/app/sdk/consent/mobile/page.tsx @@ -0,0 +1,95 @@ +'use client' + +import React from 'react' +import Link from 'next/link' +import { SDKDocsSidebar } from '@/components/SDKDocsSidebar' +import { ChevronRight, Apple, Smartphone } from 'lucide-react' + +const platforms = [ + { + name: 'iOS (Swift)', + href: '/sdk/consent/mobile/ios', + description: 'Native Swift SDK fuer iOS 15+ und iPadOS', + features: ['Swift 5.9+', 'iOS 15.0+', 'SwiftUI Support', 'Combine Integration'], + color: 'bg-gray-900', + icon: Apple, + }, + { + name: 'Android (Kotlin)', + href: '/sdk/consent/mobile/android', + description: 'Native Kotlin SDK fuer Android API 26+', + features: ['Kotlin 1.9+', 'API 26+', 'Jetpack Compose', 'Coroutines'], + color: 'bg-green-600', + icon: Smartphone, + }, + { + name: 'Flutter', + href: '/sdk/consent/mobile/flutter', + description: 'Cross-Platform SDK fuer Flutter 3.16+', + features: ['Dart 3.0+', 'Flutter 3.16+', 'iOS & Android', 'Web Support'], + color: 'bg-blue-500', + icon: Smartphone, + }, +] + +export default function MobileSDKsPage() { + return ( +
+ + +
+
+

Mobile SDKs

+

+ Native SDKs fuer iOS, Android und Flutter mit vollstaendiger DSGVO-Konformitaet. +

+ +
+ {platforms.map((platform) => ( + +
+
+ +
+
+
+

+ {platform.name} +

+ +
+

{platform.description}

+
+ {platform.features.map((feature) => ( + + {feature} + + ))} +
+
+
+ + ))} +
+ + {/* Cross-Platform Note */} +
+

Cross-Platform Konsistenz

+

+ Alle Mobile SDKs bieten dieselbe API-Oberflaeche wie das Web SDK. + Consent-Daten werden ueber die API synchronisiert, sodass Benutzer auf allen Geraeten + denselben Consent-Status haben. +

+
+
+
+
+ ) +} diff --git a/developer-portal/app/sdk/consent/page.tsx b/developer-portal/app/sdk/consent/page.tsx new file mode 100644 index 0000000..3d0caff --- /dev/null +++ b/developer-portal/app/sdk/consent/page.tsx @@ -0,0 +1,262 @@ +'use client' + +import React, { useState } from 'react' +import Link from 'next/link' +import { + Shield, Code, Download, Smartphone, FileCode, Lock, + ChevronRight, Copy, Check, Zap, Globe, Layers, + BookOpen, Terminal +} from 'lucide-react' +import { SDKDocsSidebar } from '@/components/SDKDocsSidebar' + +type Framework = 'npm' | 'yarn' | 'pnpm' + +const installCommands: Record = { + npm: 'npm install @breakpilot/consent-sdk', + yarn: 'yarn add @breakpilot/consent-sdk', + pnpm: 'pnpm add @breakpilot/consent-sdk', +} + +function CopyButton({ text }: { text: string }) { + const [copied, setCopied] = useState(false) + + const handleCopy = async () => { + await navigator.clipboard.writeText(text) + setCopied(true) + setTimeout(() => setCopied(false), 2000) + } + + return ( + + ) +} + +export default function ConsentSDKHubPage() { + const [selectedPM, setSelectedPM] = useState('npm') + + const quickLinks = [ + { + title: 'Installation', + description: 'SDK in wenigen Minuten einrichten', + href: '/sdk/consent/installation', + icon: Download, + color: 'bg-blue-500', + }, + { + title: 'API Referenz', + description: 'Vollstaendige API-Dokumentation', + href: '/sdk/consent/api-reference', + icon: FileCode, + color: 'bg-purple-500', + }, + { + title: 'Frameworks', + description: 'React, Vue, Angular Integration', + href: '/sdk/consent/frameworks', + icon: Layers, + color: 'bg-green-500', + }, + { + title: 'Mobile SDKs', + description: 'iOS, Android, Flutter', + href: '/sdk/consent/mobile', + icon: Smartphone, + color: 'bg-orange-500', + }, + { + title: 'Sicherheit', + description: 'Best Practices & Compliance', + href: '/sdk/consent/security', + icon: Lock, + color: 'bg-red-500', + }, + ] + + const features = [ + { + title: 'DSGVO & TTDSG Konform', + description: 'Vollstaendige Unterstuetzung fuer EU-Datenschutzverordnungen mit revisionssicherer Consent-Speicherung.', + icon: Shield, + }, + { + title: 'Google Consent Mode v2', + description: 'Native Integration mit automatischer Synchronisation zu Google Analytics und Ads.', + icon: Globe, + }, + { + title: 'Script Blocking', + description: 'Automatisches Blockieren von Third-Party Scripts bis zur Einwilligung.', + icon: Code, + }, + { + title: 'Multi-Platform', + description: 'Unterstuetzung fuer Web, PWA, iOS, Android und Flutter aus einer Codebasis.', + icon: Smartphone, + }, + ] + + return ( +
+ + +
+
+ {/* Header */} +
+
+
+ +
+
+

Consent SDK

+
+ + v1.0.0 + + DSGVO/TTDSG Compliant +
+
+
+

+ Das Consent SDK ermoeglicht DSGVO-konforme Einwilligungsverwaltung fuer Web, PWA und Mobile Apps. + Mit nativer Unterstuetzung fuer React, Vue, Angular und Mobile Platforms. +

+
+ + {/* Quick Install */} +
+
+

Schnellinstallation

+
+ {(['npm', 'yarn', 'pnpm'] as const).map((pm) => ( + + ))} +
+
+
+ + $ {installCommands[selectedPM]} + + +
+
+ + {/* Quick Links */} +
+

Dokumentation

+
+ {quickLinks.map((link) => ( + +
+
+ +
+
+

+ {link.title} + +

+

{link.description}

+
+
+ + ))} +
+
+ + {/* Quick Start Code */} +
+
+

Schnellstart

+
+
+ 
+{`import { ConsentManager } from '@breakpilot/consent-sdk';
+
+// Manager initialisieren
+const consent = new ConsentManager({
+  apiEndpoint: 'https://api.example.com/consent',
+  siteId: 'your-site-id',
+});
+
+// SDK starten
+await consent.init();
+
+// Consent pruefen
+if (consent.hasConsent('analytics')) {
+  // Analytics laden
+}
+
+// Events abonnieren
+consent.on('change', (state) => {
+  console.log('Consent geaendert:', state);
+});`}
+
+
+
+ + {/* Features */} +
+

Features

+
+ {features.map((feature) => ( +
+
+
+ +
+
+

{feature.title}

+

{feature.description}

+
+
+
+ ))} +
+
+ + {/* Compliance Notice */} +
+
+ +
+

DSGVO & TTDSG Compliance

+

+ Das Consent SDK erfuellt alle Anforderungen der DSGVO (Art. 6, 7, 13, 14, 17, 20) und des TTDSG (§ 25). + Alle Einwilligungen werden revisionssicher gespeichert und koennen jederzeit exportiert werden. +

+
+
+
+
+
+
+ ) +} diff --git a/developer-portal/app/sdk/consent/security/page.tsx b/developer-portal/app/sdk/consent/security/page.tsx new file mode 100644 index 0000000..9ca2bec --- /dev/null +++ b/developer-portal/app/sdk/consent/security/page.tsx @@ -0,0 +1,290 @@ +'use client' + +import React from 'react' +import { SDKDocsSidebar } from '@/components/SDKDocsSidebar' +import { Shield, Lock, Eye, Database, Key, AlertTriangle, CheckCircle } from 'lucide-react' + +function SecurityCard({ + title, + description, + icon: Icon, + items, +}: { + title: string + description: string + icon: React.ComponentType<{ className?: string }> + items: string[] +}) { + return ( +
+
+
+ +
+
+

{title}

+

{description}

+
    + {items.map((item, i) => ( +
  • + + {item} +
    • + ))} +
+
+
+
+ ) +} + +export default function SecurityPage() { + return ( +
+ + +
+
+

Sicherheit & Compliance

+

+ Best Practices fuer sichere Implementierung und DSGVO-konforme Nutzung des Consent SDK. +

+ + {/* Security Features */} +
+

Sicherheits-Features

+
+ + + + + + + +
+
+ + {/* DSGVO Compliance */} +
+

DSGVO Compliance

+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ DSGVO Artikel + + Anforderung + + SDK-Unterstuetzung +
Art. 6Rechtmaessigkeit der Verarbeitung + + Vollstaendig + +
Art. 7Bedingungen fuer Einwilligung + + Vollstaendig + +
Art. 13/14Informationspflichten + + Vollstaendig + +
Art. 17Recht auf Loeschung + + Vollstaendig + +
Art. 20Datenportabilitaet + + Vollstaendig + +
+
+
+ + {/* TTDSG Compliance */} +
+

TTDSG Compliance

+
+
+
+ +
+
+

§ 25 TTDSG - Schutz der Privatsphaere

+

+ Das SDK erfuellt alle Anforderungen des § 25 TTDSG (Telemediengesetz): +

+
    +
  • + + + Einwilligung vor Speicherung: Cookies und localStorage werden erst nach + Einwilligung gesetzt (ausser technisch notwendige). + +
    • +
  • + + + Informierte Einwilligung: Klare Kategorisierung und Beschreibung + aller Cookies und Tracker. + +
    • +
  • + + + Widerrufsrecht: Jederzeit widerrufbare Einwilligung mit einem Klick. + +
    • +
+
+
+
+
+ + {/* Best Practices */} +
+

Best Practices

+ +
+
+

+ + Empfohlen +

+
    +
  • • HTTPS fuer alle API-Aufrufe verwenden
    • +
  • • Consent-Banner vor dem Laden von Third-Party Scripts anzeigen
    • +
  • • Alle Kategorien klar und verstaendlich beschreiben
    • +
  • • Ablehnen-Button gleichwertig zum Akzeptieren-Button darstellen
    • +
  • • Consent-Aenderungen serverseitig protokollieren
    • +
  • • Regelmaessige Ueberpruefung der Consent-Gultigkeit (recheckAfterDays)
    • +
+
+ +
+

+ + Vermeiden +

+
    +
  • • Dark Patterns (versteckte Ablehnen-Buttons)
    • +
  • • Pre-checked Consent-Optionen
    • +
  • • Tracking vor Einwilligung
    • +
  • • Cookie-Walls ohne echte Alternative
    • +
  • • Unklare oder irrefuehrende Kategoriebezeichnungen
    • +
+
+
+
+ + {/* Audit Trail */} +
+

Audit Trail

+
+

+ Das SDK speichert fuer jeden Consent-Vorgang revisionssichere Daten: +

+
+ 
+{`{
+  "consentId": "consent_abc123...",
+  "timestamp": "2024-01-15T10:30:00.000Z",
+  "categories": {
+    "essential": true,
+    "analytics": true,
+    "marketing": false
+  },
+  "metadata": {
+    "userAgent": "Mozilla/5.0...",
+    "language": "de-DE",
+    "platform": "web",
+    "screenResolution": "1920x1080"
+  },
+  "signature": "sha256=...",
+  "version": "1.0.0"
+}`}
+
+
+

+ Diese Daten werden sowohl lokal als auch auf dem Server gespeichert und koennen + jederzeit fuer Audits exportiert werden. +

+
+
+
+
+
+ ) +} diff --git a/developer-portal/app/sdk/installation/page.tsx b/developer-portal/app/sdk/installation/page.tsx new file mode 100644 index 0000000..df7771f --- /dev/null +++ b/developer-portal/app/sdk/installation/page.tsx @@ -0,0 +1,186 @@ +import { DevPortalLayout, CodeBlock, InfoBox, ParameterTable } from '@/components/DevPortalLayout' + +export default function SDKInstallationPage() { + return ( + +

Voraussetzungen

+
    +
  • Node.js 18 oder hoeher
    • +
  • React 18+ / Next.js 14+
    • +
  • TypeScript 5.0+ (empfohlen)
    • +
+ +

Installation

+

+ Installieren Sie das SDK ueber Ihren bevorzugten Paketmanager: +

+ +{`npm install @breakpilot/compliance-sdk`} + + +{`yarn add @breakpilot/compliance-sdk`} + + +{`pnpm add @breakpilot/compliance-sdk`} + + +

Peer Dependencies

+

+ Das SDK hat folgende Peer Dependencies, die automatisch installiert werden sollten: +

+ +{`{ + "peerDependencies": { + "react": ">=18.0.0", + "react-dom": ">=18.0.0" + } +}`} + + +

Zusaetzliche Pakete (optional)

+

+ Fuer erweiterte Funktionen koennen Sie folgende Pakete installieren: +

+ + +

TypeScript Konfiguration

+

+ Das SDK ist vollstaendig in TypeScript geschrieben. Stellen Sie sicher, + dass Ihre tsconfig.json folgende Optionen enthaelt: +

+ +{`{ + "compilerOptions": { + "target": "ES2020", + "lib": ["dom", "dom.iterable", "esnext"], + "module": "esnext", + "moduleResolution": "bundler", + "strict": true, + "esModuleInterop": true, + "skipLibCheck": true, + "forceConsistentCasingInFileNames": true + } +}`} + + +

Next.js Integration

+

+ Fuer Next.js 14+ mit App Router, fuegen Sie den Provider in Ihr Root-Layout ein: +

+ +{`import { SDKProvider } from '@breakpilot/compliance-sdk' + +export default function RootLayout({ + children, +}: { + children: React.ReactNode +}) { + return ( + + + + {children} + + + + ) +}`} + + + + Der SDKProvider ist ein Client-Component. Wenn Sie Server Components + verwenden, wrappen Sie nur die Teile der App, die das SDK benoetigen. + + +

Umgebungsvariablen

+

+ Erstellen Sie eine .env.local Datei mit folgenden Variablen: +

+ +{`# Pflicht +NEXT_PUBLIC_TENANT_ID=your-tenant-id + +# Optional (fuer Backend-Sync) +BREAKPILOT_API_KEY=sk_live_... + +# Optional (fuer Self-Hosted) +NEXT_PUBLIC_SDK_API_URL=https://your-server.com/sdk/v1`} + + + + Der API Key sollte niemals im Frontend-Code oder in NEXT_PUBLIC_ Variablen + erscheinen. Verwenden Sie Server-Side API Routes fuer authentifizierte Anfragen. + + +

Verifizierung

+

+ Testen Sie die Installation mit einer einfachen Komponente: +

+ +{`'use client' + +import { useSDK } from '@breakpilot/compliance-sdk' + +export default function TestPage() { + const { state, completionPercentage } = useSDK() + + return ( +
+

SDK Test

+

Fortschritt: {completionPercentage}%

+

Aktuelle Phase: {state.currentPhase}

+

Use Cases: {state.useCases.length}

+
+ ) +}`} + + +

Fehlerbehebung

+ +

Error: useSDK must be used within SDKProvider

+

+ Stellen Sie sicher, dass der SDKProvider das gesamte Layout umschliesst + und dass Sie {'\'use client\''} in Client-Komponenten verwenden. +

+ +

Error: Module not found

+

+ Loeschen Sie node_modules und package-lock.json, dann reinstallieren: +

+ +{`rm -rf node_modules package-lock.json +npm install`} + + +

TypeScript Errors

+

+ Stellen Sie sicher, dass TypeScript 5.0+ installiert ist: +

+ +{`npm install typescript@latest`} + + + ) +} diff --git a/developer-portal/app/sdk/page.tsx b/developer-portal/app/sdk/page.tsx new file mode 100644 index 0000000..5df3e16 --- /dev/null +++ b/developer-portal/app/sdk/page.tsx @@ -0,0 +1,281 @@ +import Link from 'next/link' +import { DevPortalLayout, CodeBlock, InfoBox } from '@/components/DevPortalLayout' + +export default function SDKOverviewPage() { + return ( + +

Übersicht

+

+ Das AI Compliance SDK ist ein TypeScript-Paket für die Integration des + Compliance-Workflows in React und Next.js Anwendungen. Es bietet: +

+
    +
  • React Context Provider für State Management
    • +
  • Hooks für einfachen Zugriff auf Compliance-Daten
    • +
  • Automatische Synchronisation mit dem Backend
    • +
  • Offline-Support mit localStorage Fallback
    • +
  • Export-Funktionen (PDF, JSON, ZIP)
    • +
+ +

Kernkomponenten

+ +

SDKProvider

+

+ Der Provider wrappet Ihre App und stellt den SDK-Kontext bereit: +

+ +{`import { SDKProvider } from '@breakpilot/compliance-sdk' + +export default function Layout({ children }) { + return ( + + {children} + + ) +}`} + + +

useSDK Hook

+

+ Der Haupt-Hook für den Zugriff auf alle SDK-Funktionen: +

+ +{`import { useSDK } from '@breakpilot/compliance-sdk' + +function MyComponent() { + const { + // State + state, + dispatch, + + // Navigation + currentStep, + goToStep, + goToNextStep, + goToPreviousStep, + canGoNext, + canGoPrevious, + + // Progress + completionPercentage, + phase1Completion, + phase2Completion, + + // Checkpoints + validateCheckpoint, + overrideCheckpoint, + getCheckpointStatus, + + // Data Updates + updateUseCase, + addRisk, + updateControl, + + // Persistence + saveState, + loadState, + + // Demo Data + seedDemoData, + clearDemoData, + isDemoDataLoaded, + + // Sync + syncState, + forceSyncToServer, + isOnline, + + // Export + exportState, + + // Command Bar + isCommandBarOpen, + setCommandBarOpen, + } = useSDK() + + return ( +
+

Progress: {completionPercentage}%

+ +
+ ) +}`} + + +

Types

+

+ Das SDK exportiert alle TypeScript-Types für volle Typsicherheit: +

+ +{`import type { + // Core Types + SDKState, + SDKAction, + SDKStep, + SDKPhase, + + // Use Cases + UseCaseAssessment, + AssessmentResult, + + // Risk Management + Risk, + RiskSeverity, + RiskMitigation, + + // Controls & Evidence + Control, + Evidence, + Requirement, + + // Checkpoints + Checkpoint, + CheckpointStatus, + ValidationError, + + // DSFA + DSFA, + DSFASection, + DSFAApproval, + + // TOMs & VVT + TOM, + ProcessingActivity, + RetentionPolicy, + + // AI Act + AIActResult, + AIActRiskCategory, +} from '@breakpilot/compliance-sdk'`} + + +

Utility Functions

+

+ Hilfreiche Funktionen für die Arbeit mit dem SDK: +

+ +{`import { + // Step Navigation + getStepById, + getStepByUrl, + getNextStep, + getPreviousStep, + getStepsForPhase, + + // Risk Calculation + calculateRiskScore, + getRiskSeverityFromScore, + calculateResidualRisk, + + // Progress + getCompletionPercentage, + getPhaseCompletionPercentage, +} from '@breakpilot/compliance-sdk' + +// Beispiel: Risk Score berechnen +const inherentRisk = calculateRiskScore(4, 5) // likelihood * impact = 20 +const severity = getRiskSeverityFromScore(20) // 'CRITICAL'`} + + +

API Client

+

+ Für direkten API-Zugriff ohne React Context: +

+ +{`import { + getSDKApiClient, + SDKApiClient, +} from '@breakpilot/compliance-sdk' + +const client = getSDKApiClient('your-tenant-id') + +// State laden +const state = await client.getState() + +// State speichern +await client.saveState(updatedState) + +// Checkpoint validieren +const result = await client.validateCheckpoint('CP-UC', state) + +// Export +const blob = await client.exportState('pdf')`} + + +

RAG & LLM Client

+

+ Zugriff auf die RAG-Suche und Dokumentengenerierung: +

+ +{`import { + getSDKBackendClient, + isLegalQuery, +} from '@breakpilot/compliance-sdk' + +const client = getSDKBackendClient() + +// RAG-Suche +const results = await client.search('DSGVO Art. 5', 5) +console.log(results) // SearchResult[] + +// Dokumentengenerierung +const dsfa = await client.generateDSFA(context) +const toms = await client.generateTOM(context) +const vvt = await client.generateVVT(context) + +// Prüfen ob eine Query rechtliche Inhalte betrifft +if (isLegalQuery('Einwilligung DSGVO')) { + // RAG-Suche durchführen +}`} + + +

Export

+

+ Exportieren Sie Compliance-Daten in verschiedenen Formaten: +

+ +{`import { exportToPDF, exportToZIP, downloadExport } from '@breakpilot/compliance-sdk' + +// PDF Export +const pdfBlob = await exportToPDF(state) +downloadExport(pdfBlob, 'compliance-report.pdf') + +// ZIP Export (alle Dokumente) +const zipBlob = await exportToZIP(state) +downloadExport(zipBlob, 'compliance-export.zip') + +// Über den Hook +const { exportState } = useSDK() +const blob = await exportState('pdf') // 'json' | 'pdf' | 'zip'`} + + + +
    +
  • + + Installation Guide + +
    • +
  • + + Konfigurationsoptionen + +
    • +
  • + + Phase 1 Workflow Guide + +
    • +
+ + + ) +} diff --git a/developer-portal/components/DevPortalLayout.tsx b/developer-portal/components/DevPortalLayout.tsx new file mode 100644 index 0000000..0d0bc97 --- /dev/null +++ b/developer-portal/components/DevPortalLayout.tsx @@ -0,0 +1,313 @@ +'use client' + +import React from 'react' +import Link from 'next/link' +import { usePathname } from 'next/navigation' +import { Book, Code, FileText, HelpCircle, Zap, Terminal, Database, Shield, ChevronRight, Clock } from 'lucide-react' + +interface NavItem { + title: string + href: string + icon?: React.ReactNode + items?: NavItem[] +} + +const navigation: NavItem[] = [ + { + title: 'Getting Started', + href: '/getting-started', + icon: , + items: [ + { title: 'Quick Start', href: '/getting-started' }, + ], + }, + { + title: 'SDK Documentation', + href: '/sdk', + icon: , + items: [ + { title: 'Overview', href: '/sdk' }, + { title: 'Installation', href: '/sdk/installation' }, + { title: 'Configuration', href: '/sdk/configuration' }, + ], + }, + { + title: 'Consent SDK', + href: '/sdk/consent', + icon: , + items: [ + { title: 'Uebersicht', href: '/sdk/consent' }, + { title: 'Installation', href: '/sdk/consent/installation' }, + { title: 'API Referenz', href: '/sdk/consent/api-reference' }, + { title: 'Frameworks', href: '/sdk/consent/frameworks' }, + { title: 'Mobile SDKs', href: '/sdk/consent/mobile' }, + { title: 'Sicherheit', href: '/sdk/consent/security' }, + ], + }, + { + title: 'API Reference', + href: '/api', + icon: , + items: [ + { title: 'Overview', href: '/api' }, + { title: 'State API', href: '/api/state' }, + { title: 'RAG Search API', href: '/api/rag' }, + { title: 'Generation API', href: '/api/generate' }, + { title: 'Export API', href: '/api/export' }, + ], + }, + { + title: 'Guides', + href: '/guides', + icon: , + items: [ + { title: 'Overview', href: '/guides' }, + { title: 'Phase 1: Assessment', href: '/guides/phase1' }, + { title: 'Phase 2: Dokumentation', href: '/guides/phase2' }, + ], + }, + { + title: 'Changelog', + href: '/changelog', + icon: , + items: [ + { title: 'Versionshistorie', href: '/changelog' }, + ], + }, +] + +interface DevPortalLayoutProps { + children: React.ReactNode + title?: string + description?: string +} + +export function DevPortalLayout({ children, title, description }: DevPortalLayoutProps) { + const pathname = usePathname() + + return ( +
+ {/* Header */} +
+
+
+
+ +
+ +
+ Developer Portal + + | + AI Compliance SDK +
+
+ + SDK Dashboard + + + GitHub + +
+
+
+
+ +
+ {/* Sidebar */} + + + {/* Main Content */} +
+
+ {(title || description) && ( +
+ {title && ( +

{title}

+ )} + {description && ( +

{description}

+ )} +
+ )} +
+ {children} +
+
+
+
+
+ ) +} + +// Re-usable components for documentation +export function ApiEndpoint({ + method, + path, + description, +}: { + method: 'GET' | 'POST' | 'PUT' | 'DELETE' + path: string + description: string +}) { + const methodColors = { + GET: 'bg-green-100 text-green-800', + POST: 'bg-blue-100 text-blue-800', + PUT: 'bg-yellow-100 text-yellow-800', + DELETE: 'bg-red-100 text-red-800', + } + + return ( +
+
+ + {method} + + {path} +
+

{description}

+
+ ) +} + +export function CodeBlock({ + language, + children, + filename, +}: { + language: string + children: string + filename?: string +}) { + return ( +
+ {filename && ( +
+ {filename} +
+ )} + 
+        {children}
+
+
+ ) +} + +export function ParameterTable({ + parameters, +}: { + parameters: Array<{ + name: string + type: string + required?: boolean + description: string + }> +}) { + return ( +
+ + + + + + + + + + + {parameters.map((param) => ( + + + + + + + ))} + +
ParameterTypeRequiredDescription
+ {param.name} + + {param.type} + + {param.required ? ( + Yes + ) : ( + No + )} + {param.description}
+
+ ) +} + +export function InfoBox({ + type = 'info', + title, + children, +}: { + type?: 'info' | 'warning' | 'success' | 'error' + title?: string + children: React.ReactNode +}) { + const styles = { + info: 'bg-blue-50 border-blue-200 text-blue-800', + warning: 'bg-yellow-50 border-yellow-200 text-yellow-800', + success: 'bg-green-50 border-green-200 text-green-800', + error: 'bg-red-50 border-red-200 text-red-800', + } + + const icons = { + info: , + warning: , + success: , + error: , + } + + return ( +
+
+
{icons[type]}
+
+ {title &&

{title}

} +
{children}
+
+
+
+ ) +} diff --git a/developer-portal/components/SDKDocsSidebar.tsx b/developer-portal/components/SDKDocsSidebar.tsx new file mode 100644 index 0000000..ca8fbf3 --- /dev/null +++ b/developer-portal/components/SDKDocsSidebar.tsx @@ -0,0 +1,165 @@ +'use client' + +import React from 'react' +import Link from 'next/link' +import { usePathname } from 'next/navigation' +import { + Shield, Download, FileCode, Layers, Smartphone, Lock, + ChevronDown, ChevronRight, Home, BookOpen, + Code2 +} from 'lucide-react' + +interface NavItem { + title: string + href: string + icon?: React.ReactNode + children?: NavItem[] +} + +const navigation: NavItem[] = [ + { + title: 'Uebersicht', + href: '/sdk/consent', + icon: , + }, + { + title: 'Installation', + href: '/sdk/consent/installation', + icon: , + }, + { + title: 'API Referenz', + href: '/sdk/consent/api-reference', + icon: , + }, + { + title: 'Frameworks', + href: '/sdk/consent/frameworks', + icon: , + children: [ + { title: 'React', href: '/sdk/consent/frameworks/react' }, + { title: 'Vue', href: '/sdk/consent/frameworks/vue' }, + { title: 'Angular', href: '/sdk/consent/frameworks/angular' }, + ], + }, + { + title: 'Mobile SDKs', + href: '/sdk/consent/mobile', + icon: , + children: [ + { title: 'iOS (Swift)', href: '/sdk/consent/mobile/ios' }, + { title: 'Android (Kotlin)', href: '/sdk/consent/mobile/android' }, + { title: 'Flutter', href: '/sdk/consent/mobile/flutter' }, + ], + }, + { + title: 'Sicherheit', + href: '/sdk/consent/security', + icon: , + }, +] + +function NavLink({ item, depth = 0 }: { item: NavItem; depth?: number }) { + const pathname = usePathname() + const isActive = pathname === item.href + const isParentActive = item.children?.some((child) => pathname === child.href) + const [isOpen, setIsOpen] = React.useState(isActive || isParentActive) + + const hasChildren = item.children && item.children.length > 0 + + return ( +
+
+ + {item.icon && {item.icon}} + {item.title} + + {hasChildren && ( + + )} +
+ {hasChildren && isOpen && ( +
+ {item.children?.map((child) => ( + + ))} +
+ )} +
+ ) +} + +export function SDKDocsSidebar() { + return ( + + ) +} + +export default SDKDocsSidebar diff --git a/developer-portal/next.config.js b/developer-portal/next.config.js new file mode 100644 index 0000000..f0eab76 --- /dev/null +++ b/developer-portal/next.config.js @@ -0,0 +1,10 @@ +/** @type {import('next').NextConfig} */ +const nextConfig = { + output: 'standalone', + reactStrictMode: true, + typescript: { + ignoreBuildErrors: true, + }, +} + +module.exports = nextConfig diff --git a/developer-portal/package.json b/developer-portal/package.json new file mode 100644 index 0000000..9bf7020 --- /dev/null +++ b/developer-portal/package.json @@ -0,0 +1,25 @@ +{ + "name": "breakpilot-developer-portal", + "version": "1.0.0", + "private": true, + "scripts": { + "dev": "next dev -p 3006", + "build": "next build", + "start": "next start -p 3006" + }, + "dependencies": { + "lucide-react": "^0.468.0", + "next": "^15.1.0", + "react": "^18.3.1", + "react-dom": "^18.3.1" + }, + "devDependencies": { + "@types/node": "^22.10.2", + "@types/react": "^18.3.16", + "@types/react-dom": "^18.3.5", + "autoprefixer": "^10.4.20", + "postcss": "^8.4.49", + "tailwindcss": "^3.4.16", + "typescript": "^5.7.2" + } +} diff --git a/developer-portal/postcss.config.mjs b/developer-portal/postcss.config.mjs new file mode 100644 index 0000000..d0c615b --- /dev/null +++ b/developer-portal/postcss.config.mjs @@ -0,0 +1,9 @@ +/** @type {import('postcss-load-config').Config} */ +const config = { + plugins: { + tailwindcss: {}, + autoprefixer: {}, + }, +} + +export default config diff --git a/developer-portal/tailwind.config.ts b/developer-portal/tailwind.config.ts new file mode 100644 index 0000000..527c226 --- /dev/null +++ b/developer-portal/tailwind.config.ts @@ -0,0 +1,18 @@ +import type { Config } from 'tailwindcss' + +const config: Config = { + content: [ + './components/**/*.{js,ts,jsx,tsx,mdx}', + './app/**/*.{js,ts,jsx,tsx,mdx}', + ], + theme: { + extend: { + fontFamily: { + sans: ['Inter', 'system-ui', 'sans-serif'], + }, + }, + }, + plugins: [], +} + +export default config diff --git a/developer-portal/tsconfig.json b/developer-portal/tsconfig.json new file mode 100644 index 0000000..d81d4ee --- /dev/null +++ b/developer-portal/tsconfig.json @@ -0,0 +1,40 @@ +{ + "compilerOptions": { + "lib": [ + "dom", + "dom.iterable", + "esnext" + ], + "allowJs": true, + "skipLibCheck": true, + "strict": true, + "noEmit": true, + "esModuleInterop": true, + "module": "esnext", + "moduleResolution": "bundler", + "resolveJsonModule": true, + "isolatedModules": true, + "jsx": "preserve", + "incremental": true, + "plugins": [ + { + "name": "next" + } + ], + "paths": { + "@/*": [ + "./*" + ] + }, + "target": "ES2017" + }, + "include": [ + "next-env.d.ts", + "**/*.ts", + "**/*.tsx", + ".next/types/**/*.ts" + ], + "exclude": [ + "node_modules" + ] +} diff --git a/docker-compose.yml b/docker-compose.yml index 046eb08..4a0d390 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -18,6 +18,7 @@ services: - "8089:8089" # HTTPS Edu-Search proxy (edu-search runs on 8088) - "8093:8093" # HTTPS AI Compliance SDK - "8443:8443" # HTTPS Jitsi Meet (https://macmini:8443/) + - "3006:3006" # HTTPS Developer Portal (https://macmini:3006/) volumes: - ./nginx/conf.d:/etc/nginx/conf.d:ro - vault_certs:/etc/nginx/certs:ro @@ -40,6 +41,8 @@ services: condition: service_started jitsi-web: condition: service_started + developer-portal: + condition: service_started extra_hosts: - "breakpilot-edu-search:host-gateway" networks: @@ -756,6 +759,24 @@ services: - breakpilot-pwa-network restart: unless-stopped + # ============================================ + # Developer Portal - Oeffentliches SDK-Dokumentationsportal + # Access: https://macmini:3006/ + # ============================================ + developer-portal: + build: + context: ./developer-portal + dockerfile: Dockerfile + platform: linux/arm64 + container_name: breakpilot-pwa-developer-portal + expose: + - "3000" + environment: + - NODE_ENV=production + networks: + - breakpilot-pwa-network + restart: unless-stopped + # ============================================ # AI Compliance SDK - Multi-Tenant RBAC & LLM Gateway # Go auf Port 8090 (intern), 8093 (extern) diff --git a/nginx/conf.d/default.conf b/nginx/conf.d/default.conf index 746c854..642f390 100644 --- a/nginx/conf.d/default.conf +++ b/nginx/conf.d/default.conf @@ -317,6 +317,33 @@ server { } } +# HTTPS - Developer Portal on port 3006 +# Oeffentliches SDK-Dokumentationsportal (kein Auth) +server { + listen 3006 ssl; + http2 on; + server_name macmini localhost; + + ssl_certificate /etc/nginx/certs/macmini.crt; + ssl_certificate_key /etc/nginx/certs/macmini.key; + + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256; + ssl_prefer_server_ciphers off; + + location / { + set $upstream_devportal developer-portal:3000; + proxy_pass http://$upstream_devportal; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; + } +} + # HTTPS - AI Compliance SDK on port 8093 # Multi-Tenant RBAC, LLM Gateway, Audit Trail server {