Benjamin_Boenisch/breakpilot-pwa
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2026-02-15. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
fa5fe4baceca4d5526eeb7c6afadc283d7f031ea
breakpilot-pwa/breakpilot-compliance-sdk/services/api-gateway/internal/api/security.go
Benjamin Admin 21a844cb8a fix: Restore all files lost during destructive rebase 
A previous `git pull --rebase origin main` dropped 177 local commits,
losing 3400+ files across admin-v2, backend, studio-v2, website,
klausur-service, and many other services. The partial restore attempt
(660295e2) only recovered some files.

This commit restores all missing files from pre-rebase ref 98933f5e
while preserving post-rebase additions (night-scheduler, night-mode UI,
NightModeWidget dashboard integration).

Restored features include:
- AI Module Sidebar (FAB), OCR Labeling, OCR Compare
- GPU Dashboard, RAG Pipeline, Magic Help
- Klausur-Korrektur (8 files), Abitur-Archiv (5+ files)
- Companion, Zeugnisse-Crawler, Screen Flow
- Full backend, studio-v2, website, klausur-service
- All compliance SDKs, agent-core, voice-service
- CI/CD configs, documentation, scripts

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-09 09:51:32 +01:00

207 lines
5.2 KiB
Go
Raw Blame History

// Package api provides HTTP handlers for the API Gateway
package api
import (
"net/http"
"time"
"github.com/gin-gonic/gin"
"github.com/google/uuid"
)
// =============================================================================
// SBOM
// =============================================================================
// GenerateSBOM generates a Software Bill of Materials
func GenerateSBOM(c *gin.Context) {
var req map[string]interface{}
c.ShouldBindJSON(&req)
// In production, forward to security scanner service
c.JSON(http.StatusOK, gin.H{
"id": uuid.New().String(),
"format": "cyclonedx",
"version": "1.5",
"generated_at": time.Now().Format(time.RFC3339),
"components": 144,
"licenses": gin.H{
"MIT": 89,
"Apache-2.0": 42,
"BSD-3": 8,
"Other": 5,
},
})
}
// GetSBOMComponents returns SBOM components
func GetSBOMComponents(c *gin.Context) {
category := c.Query("category")
c.JSON(http.StatusOK, gin.H{
"category": category,
"components": []gin.H{
{
"name": "react",
"version": "18.2.0",
"category": "frontend",
"license": "MIT",
"vulnerabilities": 0,
},
{
"name": "express",
"version": "4.18.2",
"category": "backend",
"license": "MIT",
"vulnerabilities": 0,
},
},
"total": 144,
})
}
// ExportSBOM exports SBOM in requested format
func ExportSBOM(c *gin.Context) {
format := c.Param("format")
var contentType string
switch format {
case "cyclonedx":
contentType = "application/json"
case "spdx":
contentType = "application/spdx+json"
default:
c.JSON(http.StatusBadRequest, gin.H{"error": "Unsupported format"})
return
}
c.Header("Content-Type", contentType)
c.Header("Content-Disposition", "attachment; filename=sbom."+format+".json")
c.JSON(http.StatusOK, gin.H{
"bomFormat": "CycloneDX",
"specVersion": "1.5",
"serialNumber": uuid.New().String(),
"version": 1,
"metadata": gin.H{
"timestamp": time.Now().Format(time.RFC3339),
"tools": []gin.H{
{
"vendor": "BreakPilot",
"name": "compliance-sdk",
"version": "0.0.1",
},
},
},
"components": []gin.H{},
})
}
// =============================================================================
// Security Scanning
// =============================================================================
// ScanRequest represents a security scan request
type ScanRequest struct {
Tools []string `json:"tools,omitempty"`
TargetPath string `json:"target_path,omitempty"`
ExcludePaths []string `json:"exclude_paths,omitempty"`
}
// StartSecurityScan starts a security scan
func StartSecurityScan(c *gin.Context) {
var req ScanRequest
c.ShouldBindJSON(&req)
tools := req.Tools
if len(tools) == 0 {
tools = []string{"gitleaks", "semgrep", "trivy", "grype", "syft"}
}
// In production, forward to security scanner service
c.JSON(http.StatusAccepted, gin.H{
"scan_id": uuid.New().String(),
"status": "RUNNING",
"tools": tools,
"started_at": time.Now().Format(time.RFC3339),
"message": "Scan started. Check /findings for results.",
})
}
// GetSecurityFindings returns security findings
func GetSecurityFindings(c *gin.Context) {
severity := c.Query("severity")
tool := c.Query("tool")
c.JSON(http.StatusOK, gin.H{
"filters": gin.H{
"severity": severity,
"tool": tool,
},
"findings": []gin.H{
{
"id": uuid.New().String(),
"tool": "trivy",
"severity": "HIGH",
"title": "CVE-2024-1234",
"description": "Vulnerability in dependency",
"file": "package-lock.json",
"recommendation": "Update to version 2.0.0",
},
},
"summary": gin.H{
"critical": 0,
"high": 1,
"medium": 3,
"low": 5,
"total": 9,
},
})
}
// GetRecommendations returns fix recommendations
func GetRecommendations(c *gin.Context) {
c.JSON(http.StatusOK, gin.H{
"recommendations": []gin.H{
{
"priority": "HIGH",
"category": "DEPENDENCIES",
"title": "Update vulnerable packages",
"description": "Several npm packages have known vulnerabilities. " +
"Run 'npm audit fix' to automatically update compatible versions.",
"affected": []string{"lodash@4.17.20", "axios@0.21.0"},
},
{
"priority": "MEDIUM",
"category": "SECRETS",
"title": "Review detected secrets",
"description": "Gitleaks detected potential secrets in the codebase. " +
"Review and rotate if they are real credentials.",
"affected": []string{".env.example:3"},
},
},
})
}
// GetSecurityReports returns security reports
func GetSecurityReports(c *gin.Context) {
c.JSON(http.StatusOK, gin.H{
"reports": []gin.H{
{
"id": uuid.New().String(),
"name": "Weekly Security Scan",
"generated_at": time.Now().AddDate(0, 0, -7).Format(time.RFC3339),
"findings": 12,
"status": "COMPLETED",
},
{
"id": uuid.New().String(),
"name": "Monthly Compliance Audit",
"generated_at": time.Now().AddDate(0, -1, 0).Format(time.RFC3339),
"findings": 5,
"status": "COMPLETED",
},
},
})
}
Reference in New Issue View Git Blame Copy Permalink