Lars/shinkan-jinkendo
1
0
Fork 0
Code Issues 7 Pull Requests Actions Packages Projects Releases 3 Wiki Activity

DGSVO Compliance update 1 #30

Merged
Lars merged 48 commits from develop into main 2026-05-12 06:34:15 +02:00
Conversation 0 Commits 48 Files Changed 73 +12731 -403
Lars commented 2026-05-12 06:34:00 +02:00
Owner
Copy Link
No description provided.
Lars added 48 commits 2026-05-12 06:34:00 +02:00
Implement compliance report and workspace configuration
All checks were successful
Deploy Development / deploy (push) Successful in 37s
Details
Test Suite / pytest-backend (push) Successful in 31s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 7s
Details
Test Suite / playwright-tests (push) Successful in 27s
Details
be0385922d 
- Added compliance implementation report detailing the status of various packages (P-03, P-04, P-05, P-07, P-23, P-24) and their technical changes, tests, and notes.
- Introduced a new workspace configuration file for the project to streamline development setup.
feat(compliance): update retention policy and enhance password reset validation
All checks were successful
Deploy Development / deploy (push) Successful in 37s
Details
Test Suite / pytest-backend (push) Successful in 34s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 8s
Details
Test Suite / playwright-tests (push) Successful in 26s
Details
fc33bfbdeb 
- Adjusted retention policy to align with compliance requirements:
  - Changed HIDDEN_TO_PURGE_DAYS from 90 to 30 days.
- Enhanced password reset functionality to enforce a minimum password length of 8 characters.
- Updated tests to validate new password requirements and retention logic.
- Corrected umlaut in copyright error messages for clarity.
feat(compliance): P-12 sessionStorage-Bereinigung bei Logout (0.8.68)
Some checks failed
Deploy Development / deploy (push) Successful in 34s
Details
Test Suite / pytest-backend (push) Successful in 31s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 7s
Details
Test Suite / playwright-tests (push) Failing after 26s
Details
28ca64b5b4 
Sicherheit P-12 (MITT-05): logout() entfernt alle sj_coach_*-Schlüssel
aus sessionStorage gezielt per Präfix-Löschung. Fremde Schlüssel
(Browser-Extensions etc.) bleiben erhalten. Verhindert Datenleak bei
Nutzerwechsel im selben Tab (geteilter Rechner).

- AuthContext.jsx: Präfix-Schleife in logout()
- tests/dev-smoke-test.spec.js: Playwright-Test P-12 (injects/checks 3
  sj_coach_*-Schlüssel + 1 Fremd-Schlüssel; prüft selektive Löschung)

Compliance-Dokumentation:
- docs/compliance-implementation.md: P-12 , Version 0.8.68
- docs/compliance-package-register.md: kanonisches Paketregister (neu)
- docs/compliance-roadmap.md: lebende Steuerungs-Roadmap (neu)
- docs/compliance-audit.md: §20 Paket-ID-Stabilitätsregel

version: 0.8.68 (backend + frontend)
module: auth 1.2.0

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
fix(test): P-12 Playwright-Test akzeptiert confirm()-Dialog beim Logout
All checks were successful
Deploy Development / deploy (push) Successful in 36s
Details
Test Suite / pytest-backend (push) Successful in 32s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 7s
Details
Test Suite / playwright-tests (push) Successful in 25s
Details
6abc911e94 
DesktopSidebar-Logout ruft App.jsx handleLogout() auf, welcher
confirm('Wirklich abmelden?') zeigt. In Playwright headless gibt
confirm() standardmäßig false zurück → Logout wurde nie ausgeführt.
page.once('dialog', dialog => dialog.accept()) behebt das.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
docs(compliance): Dokumentensynchronisierung nach P-12-Abschluss
All checks were successful
Deploy Development / deploy (push) Successful in 36s
Details
Test Suite / pytest-backend (push) Successful in 32s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 7s
Details
Test Suite / playwright-tests (push) Successful in 25s
Details
d73ed13f87 
- compliance-roadmap.md: App-Version 0.8.67→0.8.68 in §2; Etappe A als
  abgeschlossen markiert; §6 nächste Freigabe von P-12 auf P-01 umgestellt;
  Gate 1 P-12-Zeile auf "Bereits erfüllt"; 2× TMG §5 → § 5 DDG;
  Schnellreferenz-Anhang aktualisiert
- compliance-package-register.md: Header App-Version 0.8.67→0.8.68
- compliance-implementation.md: Versionsangaben 0.8.67→0.8.68
- compliance-audit.md: unverändert (historischer Befund)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
feat(compliance): P-01 Rechtstextseiten technisch anlegen (0.8.69)
All checks were successful
Deploy Development / deploy (push) Successful in 36s
Details
Test Suite / pytest-backend (push) Successful in 32s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 7s
Details
Test Suite / playwright-tests (push) Successful in 32s
Details
d7ed0c0e9b 
Öffentliche Routen /impressum /datenschutz /nutzungsbedingungen
/medienrichtlinie ohne Auth erreichbar. LegalPage-Komponente mit
deutlichem Platzhalterhinweis und strukturierten Pflichtfeldern je
Rechtstext. Links in LoginPage-Footer und DesktopSidebar-Footer.

KRIT-01 technischer Teil geschlossen. Juristische Inhalte bleiben
offen — Betreiber + Rechtsanwalt erforderlich.

- frontend/src/pages/LegalPage.jsx (neu)
- frontend/src/App.jsx: 4 öffentliche Routen
- frontend/src/pages/LoginPage.jsx: Rechtstext-Links im Footer
- frontend/src/components/DesktopSidebar.jsx: Links im Sidebar-Footer
- tests/dev-smoke-test.spec.js: 5 neue P-01-Tests

version: 0.8.69 (backend + frontend)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
docs(compliance): P-01 Dokumentation nach technischer Umsetzung
All checks were successful
Deploy Development / deploy (push) Successful in 35s
Details
Test Suite / pytest-backend (push) Successful in 32s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 7s
Details
Test Suite / playwright-tests (push) Successful in 32s
Details
75d6a40817 
- compliance-implementation.md: P-01-Abschnitt hinzugefügt (technisch
  teilweise umgesetzt), Testergebnisse, Version 0.8.69
- compliance-package-register.md: P-01  open → ⚠️ partially
  implemented; Fortschrittsblock aktualisiert; App-Version 0.8.69
- compliance-roadmap.md: P-01 in teilweise umgesetzte Pakete; Blocker 1
  aktualisiert; §6 nächste Freigabe auf P-06 / Etappe B; Anhang

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
feat(compliance): P-01b Mobile/PWA-Zugriff auf Rechtstexte via Einstellungen
Some checks failed
Deploy Development / deploy (push) Successful in 34s
Details
Test Suite / pytest-backend (push) Successful in 32s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 8s
Details
Test Suite / playwright-tests (push) Failing after 49s
Details
8261fa4420 
- SettingsLegalPage.jsx: neue Hub-Seite /settings/legal mit allen 4 Rechtstext-Links
- App.jsx: Route /settings/legal in ProtectedLayout registriert
- AccountSettingsPage.jsx: Link zu /settings/legal unterhalb System-Info
- 3 Playwright-Tests für P-01b (Einstellungen → Rechtliches → Links → Routen)
- Version: 0.8.69 → 0.8.70 (backend + frontend)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
fix(tests): stabilize login() helper with waitForURL before navigation
All checks were successful
Deploy Development / deploy (push) Successful in 35s
Details
Test Suite / pytest-backend (push) Successful in 32s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 7s
Details
Test Suite / playwright-tests (push) Successful in 37s
Details
cfab5c2d69 
Replace waitForLoadState('networkidle') with waitForURL (not /login) to
ensure React auth processing completes before tests proceed with
page.goto(). Prevents race condition where page.goto() interrupted
in-progress token storage.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
docs(compliance): sync P-01b in compliance documents (v0.8.70)
All checks were successful
Deploy Development / deploy (push) Successful in 36s
Details
Test Suite / pytest-backend (push) Successful in 31s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 6s
Details
Test Suite / playwright-tests (push) Successful in 37s
Details
8bed0199b6 
- compliance-implementation.md: P-01b section added, version to 0.8.70
- compliance-package-register.md: P-01 entry updated with P-01b, version to 0.8.70
- compliance-roadmap.md: P-01b in closed table, Blocker 1 technical stand updated

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
feat(compliance): P-01c Admin-konfigurierbare Rechtstexte (0.8.71)
Some checks failed
Deploy Development / deploy (push) Successful in 46s
Details
Test Suite / pytest-backend (push) Failing after 2s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 7s
Details
Test Suite / playwright-tests (push) Successful in 50s
Details
80936b226d 
DB 047: legal_documents (versioniert, draft/published/archived) +
legal_document_audit (Änderungslog); Partial-Unique-Index garantiert
max. ein published-Dokument pro document_type.

Backend: GET /api/legal-documents/{type}/published (kein Auth);
Superadmin-CRUD + Publish/Archive + Audit unter /api/admin/legal-documents.

Frontend: LegalPage lädt aus API mit Platzhalter-Fallback;
AdminLegalDocumentsPage (/admin/legal-documents) mit Tab-Navigation,
Versionsliste, Entwurf-Editor, Publish/Archive-Workflow, Änderungslog.
AdminPageNav: Link „Rechtstexte" ergänzt.

version: 0.8.71 (backend + frontend)
module:  legal_documents 1.0.0

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
fix(access-layer): legal_documents in EXEMPT_ROUTERS eintragen
All checks were successful
Deploy Development / deploy (push) Successful in 37s
Details
Test Suite / pytest-backend (push) Successful in 37s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 7s
Details
Test Suite / playwright-tests (push) Successful in 43s
Details
b9adf6da84 
Router hat keinen Vereinsbezug (Plattform-Rechtstexte).
Öffentlicher Endpoint ohne Auth; Admin-Endpoints require_auth + is_superadmin().
ACCESS_LAYER_STRICT schlägt jetzt nicht mehr an.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
feat(legal): Als-Entwurf-kopieren für Rechtstexte
Some checks failed
Deploy Development / deploy (push) Successful in 35s
Details
Test Suite / pytest-backend (push) Successful in 33s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 8s
Details
Test Suite / playwright-tests (push) Failing after 51s
Details
8992c300f1 
POST /api/admin/legal-documents/{id}/copy-as-draft übernimmt Titel +
Inhalt des Quelldokuments und legt einen neuen Entwurf mit
nächster Versionsnummer an. Funktioniert für alle Status (draft/published/archived).

UI: Copy-Button (⎘) in jeder Dokumentzeile; nach Kopie wird die
Liste automatisch aktualisiert und der neue Entwurf ist sichtbar.

version: 0.8.72
module:  legal_documents 1.1.0

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
feat(legal): PDF-Export fuer Rechtstexte (Browser-Print)
Some checks failed
Deploy Development / deploy (push) Successful in 47s
Details
Test Suite / pytest-backend (push) Successful in 58s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 7s
Details
Test Suite / playwright-tests (push) Failing after 49s
Details
5db8f8588c 
printLegalDocument() oeffnet formatiertes Druckfenster mit Titel,
Versionsnummer, Gueltigkeitsdatum und allen Abschnitten.

AdminLegalDocumentsPage: Drucker-Button laedt Volldokument und druckt.
LegalPage: PDF/Drucken-Button neben h1 wenn veroeffentlichtes Dokument geladen.

version: 0.8.73

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Refactor code structure for improved readability and maintainability
Some checks failed
Deploy Development / deploy (push) Successful in 34s
Details
Test Suite / pytest-backend (push) Successful in 32s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 7s
Details
Test Suite / playwright-tests (push) Failing after 49s
Details
030eb41429
feat(legal): echtes PDF-Download via jsPDF + Abschnitts-Sortierung/-Einfuegen
Some checks failed
Deploy Development / deploy (push) Successful in 37s
Details
Test Suite / pytest-backend (push) Successful in 32s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 13s
Details
Test Suite / playwright-tests (push) Failing after 50s
Details
456ead72b6 
- LegalPage und AdminLegalDocumentsPage: pdf.save() statt window.open/print
- AdminLegalDocumentsPage: Abschnitte per Pfeil-Buttons verschieben
- AdminLegalDocumentsPage: neuen Abschnitt an beliebiger Stelle einfuegen
- npm: jspdf installiert

version: 0.8.74
module: legal_documents 1.2.0

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
docs(compliance): Dokumentation auf Stand P-01b und P-01c aktualisiert (0.8.74)
Some checks failed
Deploy Development / deploy (push) Successful in 39s
Details
Test Suite / pytest-backend (push) Successful in 33s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 18s
Details
Test Suite / playwright-tests (push) Failing after 58s
Details
aff3020b13 
- compliance-implementation.md: P-01c um copy-as-draft (0.8.72) und jsPDF
  + Abschnitts-Sortierung/-Einfuegen (0.8.74) ergaenzt; Testzusammenfassung
  auf 17 Playwright-Tests aktualisiert; Versionheader 0.8.74
- compliance-roadmap.md: App-Version 0.8.74; P-01-Blocker-Beschreibung
  vollstaendig (alle technischen Faehigkeiten); P-01c-Erweiterungen in
  Abschlussliste; Schnellreferenz aktualisiert
- compliance-package-register.md: P-01 Letzter Stand auf 0.8.74; Verweise
  und Hinweise ergaenzt (copy-as-draft, jsPDF, Sortierung); Fortschritt 0.8.74
- compliance-audit.md: Amendment §14.2 und §14.3 mit aktuellem Umsetzungsstand
  P-01/P-01b/P-01c; historische Befunde unveraendert

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
docs(compliance): P-06 fachlich-technische Spezifikation erstellt
Some checks failed
Deploy Development / deploy (push) Successful in 40s
Details
Test Suite / pytest-backend (push) Successful in 33s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 11s
Details
Test Suite / playwright-tests (push) Failing after 53s
Details
8cda5c27ec 
- docs/p06-upload-rights-spec.md (neu): vollständige Spezifikation für
  Upload-Einwilligungsdialog (§22 KUG, §8 DSGVO, Minderjährigenschutz)
  — IST-Analyse, Entscheidungsmatrix, Zielmodell (media_asset_rights_declarations
  + 3 neue Felder in media_assets), 10 Ziel-Flows, Legacy-Konzept,
  12 juristische Klärungspunkte, Umsetzungsplan P-06a–P-06e
- compliance-roadmap.md: Blocker 2 (P-06) mit Spec-Hinweis und
  juristischer Klärungsliste; §6 Freigabe-Empfehlung aktualisiert
- compliance-package-register.md: P-06 Letzter Stand mit Spec-Verweis
  und Zielmodell-Zusammenfassung ergänzt
- compliance-implementation.md: P-06 in Tabelle mit Spec-Hinweis

Keine Code-Umsetzung; Umsetzung erst nach juristischer Klärung.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
feat(compliance): P-06 Upload-Einwilligungsdialog v1-conservative
Some checks failed
Deploy Development / deploy (push) Successful in 39s
Details
Test Suite / pytest-backend (push) Successful in 34s
Details
Test Suite / lint-backend (push) Successful in 1s
Details
Test Suite / build-frontend (push) Successful in 11s
Details
Test Suite / playwright-tests (push) Failing after 1m23s
Details
34235ef46d 
Implementiert server-seitige Rechteerklärungspflicht für alle Medien-Uploads
und Sichtbarkeits-Promotions (konservative Erstannahme: alle Uploads).

Backend:
- backend/media_rights.py (NEU): Kernmodul — validate_rights_declaration,
  check_rights_coverage, assert_rights_for_promotion, assert_rights_for_exercise_link,
  write_rights_declaration, update_rights_quick_fields
- backend/migrations/048_media_rights_declarations.sql (NEU): Tabelle
  media_asset_rights_declarations (Append-only Audit-Log), Felder
  rights_status/rights_visibility_level in media_assets
- backend/routers/media_assets.py: P-06-Pflichtprüfung in PATCH (single + bulk),
  POST /api/media-assets/{id}/rights-declarations (Re-Deklaration),
  GET /api/admin/media-rights/legacy-summary|legacy-assets (Admin-Endpoints)
- backend/routers/exercises.py: P-06-Felder in upload_exercise_media,
  assert_rights_for_exercise_link in attach_exercise_media_from_asset
- backend/main.py: admin_rights_router registriert

Frontend:
- frontend/src/components/RightsDeclarationDialog.jsx (NEU): 9-Felder-Dialog
  (konservativ: immer alle Fragen), Client-Validierung, VORLÄUFIG-Hinweis
- frontend/src/pages/MediaLibraryPage.jsx: Dialog-Intercept vor Upload,
  Altbestand-Indikator (legacy_unreviewed)
- frontend/src/utils/api.js: P-06-Felder in bulkUploadMediaAssets weitergeleitet

Tests:
- backend/tests/test_media_rights_declaration.py (NEU): 28 Unit-/Integrationstests
- backend/tests/test_media_assets_archive.py: P-06 fetchone-Slots + Mock ergänzt
- backend/tests/test_media_assets_copyright_promotion.py: check_rights_coverage gemockt
- tests/dev-smoke-test.spec.js: 5 P-06 E2E-Tests ergänzt

Dokumentation:
- docs/compliance-implementation.md: P-06-Abschnitt
- docs/compliance-package-register.md: Status ⚠️ teilweise umgesetzt (KRIT-04 offen)
- docs/compliance-roadmap.md: P-06 im Freigaben-Log

Offen: KRIT-04 (rechtliche Finalisierung Einwilligungsformulierung) — technisch
vollständig, Rechtstext VORLÄUFIG.

version: 0.8.75
module: media_rights 1.0.0, media_assets 1.13.0, exercises 2.20.0

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
fix(p06): RightsDeclarationDialog in Exercise-Upload-Modals integriert
Some checks failed
Deploy Development / deploy (push) Successful in 41s
Details
Test Suite / pytest-backend (push) Successful in 35s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 11s
Details
Test Suite / playwright-tests (push) Failing after 1m19s
Details
000e78e976 
ExerciseInlineFileMediaModal (Upload-Tab) und ExerciseInlineEmbedModal
zeigen jetzt den vollstaendigen P-06-Einwilligungsdialog bevor der
API-Call ausgefuehrt wird. Vorher wurde der Backend-Fehler (400)
als nicht benutzbarer browser alert angezeigt.

- ExerciseInlineFileMediaModal: handleUploadAndInsert oeffnet Dialog,
  doUploadWithDecl haengt die 9 P-06-Felder an FormData an
- ExerciseInlineEmbedModal: submit oeffnet Dialog, doSubmitWithDecl
  haengt P-06-Felder an FormData an
- Backdrop-Click deaktiviert wenn Dialog offen

version: 0.8.76

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
fix(p06): P-06-Fragen direkt in Exercise-Upload-Modals eingebettet
Some checks failed
Deploy Development / deploy (push) Successful in 42s
Details
Test Suite / pytest-backend (push) Successful in 41s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 11s
Details
Test Suite / playwright-tests (push) Failing after 1m41s
Details
9ac8200b41 
Kein zweites Dialog-Overlay mehr. Die Rechte-Erklarung ist jetzt
direkt als Formular-Abschnitt im Upload-Tab von
ExerciseInlineFileMediaModal und ExerciseInlineEmbedModal integriert.

- Datei auswaehlen + Titel + Rechte-Erklaerung in einem Schritt
- Validierung beim Klick auf Hochladen (Fehler inline angezeigt)
- RightsDeclarationDialog-Import entfernt
- radio-Namen eindeutig per Praefix (up-/emb-) damit beide Modals
  unabhaengig voneinander funktionieren

version: 0.8.76

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
fix(p06): RightsDeclarationDialog als echtes Modal (admin-modal-backdrop)
Some checks failed
Deploy Development / deploy (push) Successful in 38s
Details
Test Suite / pytest-backend (push) Successful in 47s
Details
Test Suite / lint-backend (push) Successful in 1s
Details
Test Suite / build-frontend (push) Successful in 10s
Details
Test Suite / playwright-tests (push) Failing after 1m1s
Details
42aec79ad1 
modal-overlay/modal-content existierten nicht im CSS und hatten kein
Styling -- daher kein Backdrop, keine Zentrierung. Umgestellt auf
admin-modal-backdrop + admin-modal-sheet wie alle anderen Modals in der App.

version: 0.8.76

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
feat(p06): Copyright-Feld und Einwilligungskontext in Rechte-Erklaerung
Some checks failed
Deploy Development / deploy (push) Successful in 40s
Details
Test Suite / pytest-backend (push) Successful in 33s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 10s
Details
Test Suite / playwright-tests (push) Failing after 1m2s
Details
4bc24b4caf 
Migration 049: 4 optionale TEXT-Spalten in media_asset_rights_declarations
(person_consent_context, parental_consent_context, music_rights_context,
third_party_rights_context) fuer Freitext zum Einwilligungskontext.

Backend:
- media_rights.py: write_rights_declaration speichert 4 Kontextfelder
- media_assets.py: copyright_notice + 4 Kontextfelder in Bulk-Upload,
  RightsDeclarationBody, MediaAssetPatch, MediaBulkPatchBody
- exercises.py: copyright_notice + 4 Kontextfelder in upload_exercise_media,
  wird in INSERT gespeichert

Frontend (alle 3 Formulare):
- RightsDeclarationDialog: Copyright-Eingabefeld (immer sichtbar) +
  Freitext-Textarea bei jeder Ja-Antwort (Personen, Minderjaehrige,
  Musik, Fremdinhalte)
- ExerciseInlineFileMediaModal: gleiche Felder inline im Upload-Tab
- ExerciseInlineEmbedModal: gleiche Felder inline
- api.js: copyright_notice + 4 Kontextfelder in bulkUploadMediaAssets

version: 0.8.77
module: media_rights 1.1.0, media_assets 1.14.0, exercises 2.21.0

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
feat(media-journal): add Superadmin media journal endpoint and UI integration
Some checks failed
Deploy Development / deploy (push) Successful in 40s
Details
Test Suite / pytest-backend (push) Successful in 34s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 10s
Details
Test Suite / playwright-tests (push) Failing after 1m5s
Details
f544975a6c
fix(media-library): update username references to name in media asset queries
Some checks failed
Deploy Development / deploy (push) Successful in 37s
Details
Test Suite / pytest-backend (push) Successful in 34s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 10s
Details
Test Suite / playwright-tests (push) Failing after 1m1s
Details
fff30b49e1
feat(version): update app version to 0.8.80 and add changelog entries for recent fixes and enhancements
All checks were successful
Deploy Development / deploy (push) Successful in 37s
Details
Test Suite / pytest-backend (push) Successful in 34s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 10s
Details
Test Suite / playwright-tests (push) Successful in 54s
Details
6586d3b68b 
fix(RightsDeclarationDialog): change cancel button to icon for improved UI
feat(MediaLibraryPage): implement rights dialog for visibility promotions and enhance error handling
fix(version): update MediaLibraryPage version to 1.4.0 reflecting rights dialog changes
fix(p06): declared-Status deckt alle Sichtbarkeiten ab (kein Level-Vergleich mehr)
All checks were successful
Deploy Development / deploy (push) Successful in 39s
Details
Test Suite / pytest-backend (push) Successful in 34s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 10s
Details
Test Suite / playwright-tests (push) Successful in 58s
Details
56e952f084 
- check_rights_coverage: rights_status='declared' gibt immer 'ok' zurück
  (P-06-Erklärung gilt inhaltlich, nicht sichtbarkeitsabhängig)
- assert_rights_for_promotion: 'insufficient'-Pfad entfernt
- Tests: test_declared_private_insufficient_for_club → test_declared_covers_any_visibility

version: 0.8.81
module: media_rights

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
feat(audit-log): implement full audit log for media assets, including visibility, copyright, metadata, and lifecycle changes; add correction declaration functionality
Some checks failed
Deploy Development / deploy (push) Failing after 18s
Details
Test Suite / pytest-backend (push) Successful in 32s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Failing after 3s
Details
Test Suite / playwright-tests (push) Successful in 55s
Details
b2b7bd423d
refactor(MediaLibraryPage): remove unused lcLabel function for lifecycle state
All checks were successful
Deploy Development / deploy (push) Successful in 36s
Details
Test Suite / pytest-backend (push) Successful in 34s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 10s
Details
Test Suite / playwright-tests (push) Successful in 57s
Details
0edc86e05a
feat(version): update app version to 0.8.83 and fix club_admin check in journal/correction endpoints
All checks were successful
Deploy Development / deploy (push) Successful in 37s
Details
Test Suite / pytest-backend (push) Successful in 33s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 10s
Details
Test Suite / playwright-tests (push) Successful in 56s
Details
61baf26da6
feat(compliance): update compliance documents for app version 0.8.83, including full implementation of P-06 and P-06+ features
All checks were successful
Deploy Development / deploy (push) Successful in 40s
Details
Test Suite / pytest-backend (push) Successful in 34s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 10s
Details
Test Suite / playwright-tests (push) Successful in 54s
Details
1640fe6045
feat(P-11): Implement Legal Hold functionality for media assets
All checks were successful
Deploy Development / deploy (push) Successful in 40s
Details
Test Suite / pytest-backend (push) Successful in 34s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 10s
Details
Test Suite / playwright-tests (push) Successful in 54s
Details
1ce6d929ce 
- Added backend support for Legal Hold with new endpoints to set and release holds on media assets.
- Introduced new database columns for managing Legal Hold status and reasons.
- Updated frontend to include UI elements for setting and releasing Legal Holds, including a confirmation dialog.
- Enhanced Media Library page to display Legal Hold status and actions for superadmins.
- Implemented comprehensive backend tests covering all aspects of Legal Hold functionality.
- Updated documentation to reflect changes in the upload rights specification and interface models.
- Bumped version to 0.8.84 and updated MediaLibraryPage version to 1.6.0.
feat(exercise): add support for exercise variants in ExerciseFullContent and related components
All checks were successful
Deploy Development / deploy (push) Successful in 38s
Details
Test Suite / pytest-backend (push) Successful in 35s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 10s
Details
Test Suite / playwright-tests (push) Successful in 55s
Details
fb8837574e 
- Updated ExerciseFullContent to accept a new `variantId` prop and display variant-specific information.
- Enhanced TrainingCoachPage to pass `variantId` when rendering ExerciseFullContent.
- Refactored TrainingUnitRunPage to manage exercise context with variant support, including updates to modal handling.
- Improved UI to show variant details, including name, description, and execution changes where applicable.
feat(P-11): enhance media asset handling with legal hold attributes and update version to 0.8.85
All checks were successful
Deploy Development / deploy (push) Successful in 39s
Details
Test Suite / pytest-backend (push) Successful in 35s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 10s
Details
Test Suite / playwright-tests (push) Successful in 54s
Details
f79f83e8f9
feat(P-11): implement legal hold functionality for media assets and update app version to 0.8.86
All checks were successful
Deploy Development / deploy (push) Successful in 39s
Details
Test Suite / pytest-backend (push) Successful in 39s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 10s
Details
Test Suite / playwright-tests (push) Successful in 57s
Details
ee54f8380f
feat(compliance): update compliance documents to reflect app version 0.8.86 and finalize P-11 implementation details
All checks were successful
Deploy Development / deploy (push) Successful in 39s
Details
Test Suite / pytest-backend (push) Successful in 34s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 10s
Details
Test Suite / playwright-tests (push) Successful in 55s
Details
3c0e63757c
feat: Implement Content Reporting Backend
All checks were successful
Deploy Development / deploy (push) Successful in 37s
Details
Test Suite / pytest-backend (push) Successful in 35s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 11s
Details
Test Suite / playwright-tests (push) Successful in 58s
Details
60709df615 
- Added new API endpoints for content reporting, including submission, retrieval, and status updates.
- Created database migration for `content_reports` table to store report data.
- Integrated content reports into the existing admin inbox for better management.
- Implemented validation for report submissions, including required fields and email format.
- Added tests for content reporting functionality, covering various scenarios and edge cases.
- Updated frontend API utility to include new content report methods.
- Bumped app version to 0.8.87 and updated relevant page versions.
feat(P-13): add content reporting functionality with modal and update version to 0.8.88
All checks were successful
Deploy Development / deploy (push) Successful in 36s
Details
Test Suite / pytest-backend (push) Successful in 35s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 10s
Details
Test Suite / playwright-tests (push) Successful in 56s
Details
2f7e1e50ad
feat: add report button for active media items without legal hold
All checks were successful
Deploy Development / deploy (push) Successful in 39s
Details
Test Suite / pytest-backend (push) Successful in 35s
Details
Test Suite / lint-backend (push) Successful in 1s
Details
Test Suite / build-frontend (push) Successful in 11s
Details
Test Suite / playwright-tests (push) Successful in 1m1s
Details
0dbcd4175c
feat(P-13): update app version to 0.8.89, implement MediaPreviewModal and reporting functionality across media components
All checks were successful
Deploy Development / deploy (push) Successful in 40s
Details
Test Suite / pytest-backend (push) Successful in 35s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 10s
Details
Test Suite / playwright-tests (push) Successful in 1m1s
Details
24bf3f7035
feat(P-13): implement content reporting enhancements, including email notifications and audit log entries
Some checks failed
Deploy Development / deploy (push) Successful in 36s
Details
Test Suite / pytest-backend (push) Failing after 0s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 10s
Details
Test Suite / playwright-tests (push) Failing after 3m41s
Details
bacba311ae
fix(P-13): include legal_hold_set/released in audit log constraint (migration 053)
Some checks failed
Deploy Development / deploy (push) Successful in 35s
Details
Test Suite / pytest-backend (push) Failing after 34s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 10s
Details
Test Suite / playwright-tests (push) Successful in 58s
Details
8dd748e7d9 
Die CHECK-Constraint auf media_asset_audit_log.event_type schloss
legal_hold_set und legal_hold_released aus, die P-11 bereits in
bestehende Zeilen geschrieben hatte (CREATE TABLE IF NOT EXISTS hatte
die Constraint in Migration 050 nie angewendet).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
fix(P-13): leserliche Journals, readOnly-Felder, Meldungs-Badge auf Medienkacheln
Some checks failed
Deploy Development / deploy (push) Successful in 37s
Details
Test Suite / pytest-backend (push) Failing after 36s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 10s
Details
Test Suite / playwright-tests (push) Successful in 56s
Details
bb4d927090 
- ReportContentModal: Name/E-Mail readOnly fuer eingeloggte Nutzer
- MediaLibraryPage: content_report_filed im Journal leserlich (Meldegrund, Prioritaet, Status DE)
- MediaLibraryPage: Badge auf Medienkacheln zeigt offene Meldungsanzahl (nur Admins)
- media_assets.py: open_report_count Subquery fuer Admin-Sicht in Listendaten
- Inbox-500-Fix: ma.media_kind -> ma.mime_type (alle 3 Stellen)
- PATCH content_reports: Statuswechsel wird in Audit-Log protokolliert
- E-Mails: Dateiname statt Medium-ID, lesbarer Inhalt

version: 0.8.91

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
feat(P-13): Workflow-Management, Fehleranzeige, Badge-Update, Wieder-öffnen
Some checks failed
Deploy Development / deploy (push) Successful in 40s
Details
Test Suite / pytest-backend (push) Failing after 41s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 11s
Details
Test Suite / playwright-tests (push) Successful in 56s
Details
34e93101f1 
- InboxPage: Workflow-Balken (Eingegangen > In Bearbeitung > Abgeschlossen)
- InboxPage: Meldungen können nach Abschluss wieder geöffnet werden (PATCH status=submitted)
- InboxPage: Bearbeitungskommentar separat speicherbar; Reviewer + Datum sichtbar
- InboxPage: Fehler beim Laden von Meldungen wird angezeigt statt leerem Bereich
- OrgInboxContext: contentReportsError State exposed
- ReportContentModal: onSuccess Callback -> Badge in Medienbibliothek sofort aktuell
- content_reports PATCH: Reviewer-Felder werden beim Wieder-öffnen zurückgesetzt
- content_reports PATCH: Kommentar-Änderungen ohne Statuswechsel werden im Audit-Log protokolliert

version: 0.8.92

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
fix(P-13): exercises.name -> exercises.title (500 in Inbox und Detail-Endpoint)
Some checks failed
Deploy Development / deploy (push) Successful in 41s
Details
Test Suite / pytest-backend (push) Failing after 36s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 11s
Details
Test Suite / playwright-tests (push) Successful in 1m4s
Details
9af28faa35 
Die Tabelle exercises hat keine Spalte 'name', sondern 'title'.
Alle drei Stellen korrigiert: list_inbox (beide Branches) + get_content_report + Email-Lookup.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
feat(P-13): Club-Admin Bearbeitung + Archiv-Trennung in Inbox
Some checks failed
Deploy Development / deploy (push) Successful in 41s
Details
Test Suite / pytest-backend (push) Failing after 40s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 10s
Details
Test Suite / playwright-tests (push) Successful in 1m3s
Details
5cf61289ec 
Berechtigungen:
- Club-Admins koennen Meldungen zu Vereinsmedien bearbeiten (PATCH + GET-Detail)
- Club-Admins koennen Legal Hold auf Vereinsmedien (visibility != 'official') setzen
- Neue Helfer: _assert_can_manage_report, _assert_can_set_legal_hold_from_report
- set_legal_hold_from_report: Superadmin-Only aufgehoben fuer Vereinsebene

Inbox UI:
- Offene Meldungen (submitted/under_review) im Hauptbereich
- Abgeschlossene Meldungen im kollabierbaren Archiv (standardmaessig zugeklappt)
- Legal-Hold-Button sichtbar fuer Club-Admins bei nicht-offiziellen Medien
- isClubAdmin + isPlatformAdmin aus OrgInboxContext verfuegbar

version: 0.8.93

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
fix(P-13): repair 3 failing CI pytest tests for content_reports
All checks were successful
Deploy Development / deploy (push) Successful in 37s
Details
Test Suite / pytest-backend (push) Successful in 34s
Details
Test Suite / lint-backend (push) Successful in 1s
Details
Test Suite / build-frontend (push) Successful in 11s
Details
Test Suite / playwright-tests (push) Successful in 59s
Details
56fc6d853d 
- Add early 403 in set_legal_hold_from_report for plain admin (before DB
  call), fixing test_legal_hold_from_report_requires_superadmin
- Update test_list_inbox_requires_platform_admin to mock DB COUNT query
  (returns cnt=0) so it exercises the club_admin code path correctly
- Extend test_patch_report_under_review mock row with target_type,
  target_id, resolution_note fields now required by the audit-log path

version: 0.8.94
module:  content_reports 1.5.1

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
docs: update compliance docs and HANDOVER to reflect P-13 full state (0.8.94)
All checks were successful
Deploy Development / deploy (push) Successful in 36s
Details
Test Suite / pytest-backend (push) Successful in 34s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 10s
Details
Test Suite / playwright-tests (push) Successful in 1m3s
Details
Test Suite / pytest-backend (pull_request) Successful in 23s
Details
Test Suite / lint-backend (pull_request) Successful in 0s
Details
Test Suite / build-frontend (pull_request) Successful in 6s
Details
Test Suite / playwright-tests (pull_request) Successful in 55s
Details
04663e090a 
- compliance-implementation.md: expand P-13 section with all extensions
  (0.8.88-0.8.94: audit log, email notifications, club-admin rights,
  workflow bar, archive split, badge, CI fix); update test summary to
  159 passed; add operativ check items 9-13 for P-13 extensions;
  bump app version header to 0.8.94
- compliance-package-register.md: expand P-13 Letzter Stand with full
  extension list through 0.8.94; update Fortschritt version
- compliance-roadmap.md: update app version to 0.8.94; P-13 row in
  Schnellreferenz marked done (was showing as "next recommended");
  Etappe B P-13 hint updated with full feature summary
- HANDOVER.md: update app version header to 0.8.94; §5b P-13 section
  rewritten with complete feature list including all 0.8.88-0.8.94
  additions; §6 next session updated

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Lars merged commit 4c974620d8 into main 2026-05-12 06:34:15 +02:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Lars/shinkan-jinkendo#30
No description provided.
Delete Branch "develop"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?