init: documentation and prototypes

This commit is contained in:
2025-12-01 22:01:19 +01:00
parent e936fb41fa
commit 45d60fc1a9
51 changed files with 2476 additions and 1 deletions

View File

@@ -0,0 +1,59 @@
# Implementation Guide DirektVermittlungDe (FastAPI)
This guide explains how this codebase implements the architectural decisions
and API specification of DirektVermittlungDe.
## 1. Architecture Mapping
- **Belegorientierung**: `Document` is the central aggregate.
- Domain models in `app/domain/models.py`
- ORM model in `app/adapters/orm.py::Document`
- **Interaction Threads**: `Thread` and `Message` map to interaction threads and their logs.
- Cursor-based pagination implemented in `app/service/threads_service.py::list_messages`
- The `created_at` timestamp is used as the pagination cursor.
- **Routing Engine**:
- Implemented as an adapter in `app/adapters/routing.py`
- Operates solely on `DocumentMetadata` (plaintext) as required by the split-payload model.
- **Asynchronous Exports**:
- `POST /exports``start_export()` in `app/service/exports_service.py`
- Returns `202 Accepted` with `jobId` and uses a job registry (`app/adapters/jobs.py`)
- In a production system this would publish to Redis / RabbitMQ and be processed by workers.
## 2. Security
- **Auth**:
- OAuth2 / JWT is abstracted in `app/adapters/auth.py`.
- In this reference implementation, we parse unverified claims; in production, validate via JWKS.
- **Data Protection**:
- Encrypted payloads are treated as opaque strings and stored via `app/adapters/storage.py`.
- Only routing metadata is stored in PostgreSQL for server-side logic.
- **Retention**:
- Each `Document` gets a `retention_date`, set to a grace period in the future.
- Implement a periodic cleanup job that deletes rows where `retention_date < NOW()`.
## 3. Performance / Hybrid Concurrency
- All endpoints are `async def` and rely on the async SQLAlchemy engine.
- CPU-heavy operations (PDF merge, crypto) must not be run inside the event loop.
- To extend this, create a `ProcessPoolExecutor` in `workers/` and call via `loop.run_in_executor`.
## 4. Extending the System
- **Real Routing Rules**:
- Add a `routing_rules` table and adapt `app/adapters/routing.py` to query it.
- **Real Export Workers**:
- Replace `jobs.py` with a Redis-backed queue and a worker process in `workers/exports_worker.py`.
- **Authority Integration**:
- Call the authoritys eAkte ingress API from the worker, using authority-specific keys.
## 5. Definition of Done Checklist
Before going to production:
- Load-test `POST /documents` and `GET /threads/{id}/messages`.
- Verify that logs never contain Aktenzeichen or other PII.
- Verify that retention cleanup jobs work correctly on staging data.