Benjamin_Boenisch/breakpilot-pwa
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2026-02-15. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
09dd1487b4dd6395627ac3e70f3f28781ca00607
breakpilot-pwa/developer-portal/app/api/generate/page.tsx
BreakPilot Dev 09dd1487b4 feat: Extract Developer Portal as standalone Next.js app on port 3006 
SDK customers can now access the documentation publicly without login.
The portal runs independently from admin-v2 on https://macmini:3006/.

- New developer-portal/ app with 26 pages, 2 components
- Docker service + nginx SSL reverse proxy on port 3006
- All /developers/* routes remapped to /* in the new app
- admin-v2 developer pages remain unchanged

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-09 17:15:54 +01:00

382 lines
11 KiB
TypeScript
Raw Blame History

import { DevPortalLayout, ApiEndpoint, CodeBlock, ParameterTable, InfoBox } from '@/components/DevPortalLayout'
export default function GenerateApiPage() {
return (
<DevPortalLayout
title="Generation API"
description="Automatische Generierung von Compliance-Dokumenten"
>
<h2>Uebersicht</h2>
<p>
Die Generation API nutzt LLM-Technologie (Claude) zur automatischen Erstellung
von Compliance-Dokumenten basierend auf Ihrem SDK-State:
</p>
<ul>
<li><strong>DSFA</strong> - Datenschutz-Folgenabschaetzung</li>
<li><strong>TOM</strong> - Technische und Organisatorische Massnahmen</li>
<li><strong>VVT</strong> - Verarbeitungsverzeichnis nach Art. 30 DSGVO</li>
</ul>
<InfoBox type="info" title="LLM-Model">
Die Generierung verwendet Claude 3.5 Sonnet fuer optimale Qualitaet
bei deutschen Rechtstexten. RAG-Context wird automatisch einbezogen.
</InfoBox>
<h2>POST /generate/dsfa</h2>
<p>Generiert eine Datenschutz-Folgenabschaetzung basierend auf dem aktuellen State.</p>
<h3>Request Body</h3>
<ParameterTable
parameters={[
{
name: 'tenantId',
type: 'string',
required: true,
description: 'Tenant-ID fuer State-Zugriff',
},
{
name: 'useCaseId',
type: 'string',
required: false,
description: 'Optional: Nur fuer bestimmten Use Case generieren',
},
{
name: 'includeRisks',
type: 'boolean',
required: false,
description: 'Risiken aus Risk Matrix einbeziehen (default: true)',
},
{
name: 'includeControls',
type: 'boolean',
required: false,
description: 'Bestehende Controls referenzieren (default: true)',
},
{
name: 'language',
type: 'string',
required: false,
description: 'Sprache: de, en (default: de)',
},
]}
/>
<h3>Request</h3>
<CodeBlock language="bash" filename="cURL">
{`curl -X POST "https://api.breakpilot.io/sdk/v1/generate/dsfa" \\
-H "Authorization: Bearer YOUR_API_KEY" \\
-H "Content-Type: application/json" \\
-d '{
"tenantId": "your-tenant-id",
"useCaseId": "uc-ki-kundenanalyse",
"includeRisks": true,
"includeControls": true,
"language": "de"
}'`}
</CodeBlock>
<h3>Response (200 OK)</h3>
<CodeBlock language="json" filename="Response">
{`{
"success": true,
"data": {
"dsfa": {
"id": "dsfa-2026-02-04-abc123",
"version": "1.0",
"status": "DRAFT",
"createdAt": "2026-02-04T12:00:00Z",
"useCase": {
"id": "uc-ki-kundenanalyse",
"name": "KI-gestuetzte Kundenanalyse",
"description": "Analyse von Kundenverhalten mittels ML..."
},
"sections": {
"systematicDescription": {
"title": "1. Systematische Beschreibung",
"content": "Die geplante Verarbeitungstaetigkeit umfasst..."
},
"necessityAssessment": {
"title": "2. Bewertung der Notwendigkeit",
"content": "Die Verarbeitung ist notwendig fuer..."
},
"riskAssessment": {
"title": "3. Risikobewertung",
"risks": [
{
"id": "risk-1",
"title": "Unbefugter Datenzugriff",
"severity": "HIGH",
"likelihood": 3,
"impact": 4,
"description": "...",
"mitigations": ["Verschluesselung", "Zugriffskontrolle"]
}
]
},
"mitigationMeasures": {
"title": "4. Abhilfemassnahmen",
"controls": [...]
},
"stakeholderConsultation": {
"title": "5. Einbeziehung Betroffener",
"content": "..."
},
"dpoOpinion": {
"title": "6. Stellungnahme des DSB",
"content": "Ausstehend - Freigabe erforderlich"
}
},
"conclusion": {
"overallRisk": "MEDIUM",
"recommendation": "PROCEED_WITH_CONDITIONS",
"conditions": [
"Implementierung der TOM-Empfehlungen",
"Regelmaessige Ueberpruefung"
]
}
},
"generationMeta": {
"model": "claude-3.5-sonnet",
"ragContextUsed": true,
"tokensUsed": 4250,
"durationMs": 8500
}
}
}`}
</CodeBlock>
<h2>POST /generate/tom</h2>
<p>Generiert technische und organisatorische Massnahmen.</p>
<h3>Request Body</h3>
<ParameterTable
parameters={[
{
name: 'tenantId',
type: 'string',
required: true,
description: 'Tenant-ID',
},
{
name: 'categories',
type: 'string[]',
required: false,
description: 'TOM-Kategorien: access_control, encryption, pseudonymization, etc.',
},
{
name: 'basedOnRisks',
type: 'boolean',
required: false,
description: 'TOMs basierend auf Risk Matrix generieren (default: true)',
},
]}
/>
<h3>Request</h3>
<CodeBlock language="bash" filename="cURL">
{`curl -X POST "https://api.breakpilot.io/sdk/v1/generate/tom" \\
-H "Authorization: Bearer YOUR_API_KEY" \\
-H "Content-Type: application/json" \\
-d '{
"tenantId": "your-tenant-id",
"categories": ["access_control", "encryption", "backup"],
"basedOnRisks": true
}'`}
</CodeBlock>
<h3>Response (200 OK)</h3>
<CodeBlock language="json" filename="Response">
{`{
"success": true,
"data": {
"toms": [
{
"id": "tom-1",
"category": "access_control",
"categoryLabel": "Zugangskontrolle",
"title": "Multi-Faktor-Authentifizierung",
"description": "Implementierung von MFA fuer alle Systemzugaenge",
"technicalMeasures": [
"TOTP-basierte 2FA",
"Hardware Security Keys (FIDO2)"
],
"organizationalMeasures": [
"Schulung der Mitarbeiter",
"Dokumentation der Zugaenge"
],
"article32Reference": "Art. 32 Abs. 1 lit. b DSGVO",
"priority": "HIGH",
"implementationStatus": "PLANNED"
},
{
"id": "tom-2",
"category": "encryption",
"categoryLabel": "Verschluesselung",
"title": "Transportverschluesselung",
"description": "TLS 1.3 fuer alle Datenuebert\\\\ragungen",
"technicalMeasures": [
"TLS 1.3 mit PFS",
"HSTS Header"
],
"organizationalMeasures": [
"Zertifikatsmanagement",
"Regelmaessige Audits"
],
"article32Reference": "Art. 32 Abs. 1 lit. a DSGVO",
"priority": "CRITICAL",
"implementationStatus": "IMPLEMENTED"
}
],
"summary": {
"totalMeasures": 20,
"byCategory": {
"access_control": 5,
"encryption": 4,
"backup": 3,
"monitoring": 4,
"incident_response": 4
},
"implementationProgress": {
"implemented": 12,
"in_progress": 5,
"planned": 3
}
}
}
}`}
</CodeBlock>
<h2>POST /generate/vvt</h2>
<p>Generiert ein Verarbeitungsverzeichnis nach Art. 30 DSGVO.</p>
<h3>Request Body</h3>
<ParameterTable
parameters={[
{
name: 'tenantId',
type: 'string',
required: true,
description: 'Tenant-ID',
},
{
name: 'organizationInfo',
type: 'object',
required: false,
description: 'Organisationsdaten (Name, Anschrift, DSB-Kontakt)',
},
{
name: 'includeRetentionPolicies',
type: 'boolean',
required: false,
description: 'Loeschfristen einbeziehen (default: true)',
},
]}
/>
<h3>Request</h3>
<CodeBlock language="bash" filename="cURL">
{`curl -X POST "https://api.breakpilot.io/sdk/v1/generate/vvt" \\
-H "Authorization: Bearer YOUR_API_KEY" \\
-H "Content-Type: application/json" \\
-d '{
"tenantId": "your-tenant-id",
"organizationInfo": {
"name": "Beispiel GmbH",
"address": "Musterstrasse 1, 10115 Berlin",
"dpoContact": "datenschutz@beispiel.de"
},
"includeRetentionPolicies": true
}'`}
</CodeBlock>
<h3>Response (200 OK)</h3>
<CodeBlock language="json" filename="Response">
{`{
"success": true,
"data": {
"vvt": {
"id": "vvt-2026-02-04",
"version": "1.0",
"organization": {
"name": "Beispiel GmbH",
"address": "Musterstrasse 1, 10115 Berlin",
"dpoContact": "datenschutz@beispiel.de"
},
"processingActivities": [
{
"id": "pa-1",
"name": "Kundendatenverarbeitung",
"purpose": "Vertragserfuellung und Kundenservice",
"legalBasis": "Art. 6 Abs. 1 lit. b DSGVO",
"dataCategories": ["Kontaktdaten", "Vertragsdaten", "Zahlungsdaten"],
"dataSubjects": ["Kunden", "Interessenten"],
"recipients": ["Zahlungsdienstleister", "Versanddienstleister"],
"thirdCountryTransfers": {
"exists": false,
"countries": [],
"safeguards": null
},
"retentionPeriod": "10 Jahre nach Vertragsende (HGB)",
"technicalMeasures": ["Verschluesselung", "Zugriffskontrolle"]
}
],
"lastUpdated": "2026-02-04T12:00:00Z"
}
}
}`}
</CodeBlock>
<h2>SDK Integration</h2>
<CodeBlock language="typescript" filename="document-generation.ts">
{`import { getSDKBackendClient } from '@breakpilot/compliance-sdk'
const client = getSDKBackendClient()
// DSFA generieren
async function generateDSFA(useCaseId: string) {
const dsfa = await client.generateDSFA({
useCaseId,
includeRisks: true,
includeControls: true,
})
console.log('DSFA generiert:', dsfa.id)
console.log('Gesamtrisiko:', dsfa.conclusion.overallRisk)
return dsfa
}
// TOMs generieren
async function generateTOMs() {
const toms = await client.generateTOM({
categories: ['access_control', 'encryption'],
basedOnRisks: true,
})
console.log(\`\${toms.length} TOMs generiert\`)
return toms
}
// VVT generieren
async function generateVVT() {
const vvt = await client.generateVVT({
organizationInfo: {
name: 'Beispiel GmbH',
address: 'Musterstrasse 1',
dpoContact: 'dpo@beispiel.de',
},
})
console.log(\`VVT mit \${vvt.processingActivities.length} Verarbeitungen\`)
return vvt
}`}
</CodeBlock>
<InfoBox type="warning" title="Kosten">
Die Dokumentengenerierung verbraucht LLM-Tokens. Durchschnittliche Kosten:
DSFA ~5.000 Tokens, TOMs ~3.000 Tokens, VVT ~4.000 Tokens.
Enterprise-Kunden haben unbegrenzte Generierungen.
</InfoBox>
</DevPortalLayout>
)
}
Reference in New Issue View Git Blame Copy Permalink