{
"event": "PreToolUse",
"tool_name": "Edit",
"tool_input": {
"file_path": "\/var\/www\/dev.campus.systemische-tools.de\/src\/Controller\/ContentController.php",
"old_string": " echo '<script>setTimeout(() => window.location.reload(), 1000);<\/script>';\n }\n\n \/**\n * Allowed Python commands (whitelist).\n *\/\n private const ALLOWED_COMMANDS = ['generate', 'critique', 'revise'];\n\n \/**\n * Call Python script\n *\/\n private function callPython(string $command, int $entityId, array $args = []): array\n {\n \/\/ Validate command against whitelist\n if (!in_array($command, self::ALLOWED_COMMANDS, true)) {\n return ['error' => 'Ungültiger Command: ' . $command];\n }\n\n $scriptPath = $this->pipelinePath . '\/web_generate.py';\n\n \/\/ Build command array for proc_open (safer than shell_exec)\n $cmdArray = [\n $this->pythonPath,\n $scriptPath,\n $command,\n (string) $entityId,\n ...$args,\n ];\n\n $descriptors = [\n 0 => ['pipe', 'r'],\n 1 => ['pipe', 'w'],\n 2 => ['pipe', 'w'],\n ];\n\n $process = proc_open($cmdArray, $descriptors, $pipes); \/\/ nosemgrep: exec-use\n\n if (!is_resource($process)) {\n return ['error' => 'Script konnte nicht gestartet werden'];\n }\n\n fclose($pipes[0]);\n $stdout = stream_get_contents($pipes[1]);\n $stderr = stream_get_contents($pipes[2]);\n fclose($pipes[1]);\n fclose($pipes[2]);\n $exitCode = proc_close($process);\n\n $output = $stdout . $stderr;\n\n if ($exitCode !== 0 && $output === '') {\n return ['error' => 'Script fehlgeschlagen (Exit: ' . $exitCode . ')'];\n }\n\n if (preg_match('\/\\{[\\s\\S]*\\}\/', $output, $matches)) {\n $result = json_decode($matches[0], true);\n if (json_last_error() === JSON_ERROR_NONE) {\n return $result;\n }\n }\n\n return ['error' => 'Ungültige Antwort: ' . substr($output, 0, 500)];\n }\n\n \/**\n * Render version partial\n *\/",
"new_string": " echo '<script>setTimeout(() => window.location.reload(), 1000);<\/script>';\n }\n\n \/**\n * Render version partial\n *\/"
}
}
{
"tool_response": {
"filePath": "\/var\/www\/dev.campus.systemische-tools.de\/src\/Controller\/ContentController.php",
"oldString": " echo '<script>setTimeout(() => window.location.reload(), 1000);<\/script>';\n }\n\n \/**\n * Allowed Python commands (whitelist).\n *\/\n private const ALLOWED_COMMANDS = ['generate', 'critique', 'revise'];\n\n \/**\n * Call Python script\n *\/\n private function callPython(string $command, int $entityId, array $args = []): array\n {\n \/\/ Validate command against whitelist\n if (!in_array($command, self::ALLOWED_COMMANDS, true)) {\n return ['error' => 'Ungültiger Command: ' . $command];\n }\n\n $scriptPath = $this->pipelinePath . '\/web_generate.py';\n\n \/\/ Build command array for proc_open (safer than shell_exec)\n $cmdArray = [\n $this->pythonPath,\n $scriptPath,\n $command,\n (string) $entityId,\n ...$args,\n ];\n\n $descriptors = [\n 0 => ['pipe', 'r'],\n 1 => ['pipe', 'w'],\n 2 => ['pipe', 'w'],\n ];\n\n $process = proc_open($cmdArray, $descriptors, $pipes); \/\/ nosemgrep: exec-use\n\n if (!is_resource($process)) {\n return ['error' => 'Script konnte nicht gestartet werden'];\n }\n\n fclose($pipes[0]);\n $stdout = stream_get_contents($pipes[1]);\n $stderr = stream_get_contents($pipes[2]);\n fclose($pipes[1]);\n fclose($pipes[2]);\n $exitCode = proc_close($process);\n\n $output = $stdout . $stderr;\n\n if ($exitCode !== 0 && $output === '') {\n return ['error' => 'Script fehlgeschlagen (Exit: ' . $exitCode . ')'];\n }\n\n if (preg_match('\/\\{[\\s\\S]*\\}\/', $output, $matches)) {\n $result = json_decode($matches[0], true);\n if (json_last_error() === JSON_ERROR_NONE) {\n return $result;\n }\n }\n\n return ['error' => 'Ungültige Antwort: ' . substr($output, 0, 500)];\n }\n\n \/**\n * Render version partial\n *\/",
"newString": " echo '<script>setTimeout(() => window.location.reload(), 1000);<\/script>';\n }\n\n \/**\n * Render version partial\n *\/",
"originalFile": "<?php\n\nnamespace Controller;\n\nuse Framework\\Controller;\nuse Infrastructure\\AI\\ModelConfig;\nuse Infrastructure\\Persistence\\CollectionRepository;\nuse Infrastructure\\Persistence\\ContentRepository;\nuse Infrastructure\\Validation\\CollectionValidator;\nuse UseCases\\Content\\GenerateContentUseCase;\n\nclass ContentController extends Controller\n{\n private ContentRepository $repository;\n private CollectionRepository $collectionRepository;\n private CollectionValidator $collectionValidator;\n private GenerateContentUseCase $generateUseCase;\n\n public function __construct()\n {\n $this->repository = new ContentRepository();\n $this->collectionRepository = new CollectionRepository();\n $this->collectionValidator = new CollectionValidator($this->collectionRepository);\n $this->generateUseCase = new GenerateContentUseCase();\n }\n\n \/**\n * GET \/content\n * List all content orders\n *\/\n public function index(): void\n {\n $filters = [];\n if (isset($_GET['status']) && $_GET['status'] !== '') {\n $filters['status'] = $_GET['status'];\n }\n\n $orders = $this->repository->findAllOrders($filters);\n $stats = $this->repository->getStatistics();\n\n $this->view('content.index', [\n 'title' => 'Content Studio',\n 'orders' => $orders,\n 'stats' => $stats,\n 'currentStatus' => $_GET['status'] ?? '',\n ]);\n }\n\n \/**\n * GET \/content\/new\n * Show create form\n *\/\n public function contentNew(): void\n {\n $collections = $this->getAvailableCollections();\n $lastSettings = $this->repository->getLastOrderSettings();\n\n $this->view('content.new', [\n 'title' => 'Neuer Content-Auftrag',\n 'profiles' => $this->repository->findAllProfiles(),\n 'contracts' => $this->repository->findAllContracts(),\n 'structures' => $this->repository->findAllStructures(),\n 'models' => ModelConfig::getAll(),\n 'collections' => $collections,\n \/\/ Defaults from last order\n 'defaultModel' => $lastSettings['model'],\n 'defaultCollections' => $lastSettings['collections'],\n 'defaultContextLimit' => $lastSettings['context_limit'],\n 'defaultProfileId' => $lastSettings['author_profile_id'],\n 'defaultContractId' => $lastSettings['contract_id'],\n 'defaultStructureId' => $lastSettings['structure_id'],\n ]);\n }\n\n \/**\n * POST \/content\n * Store new order\n *\/\n public function store(): void\n {\n $this->requireCsrf();\n\n $title = trim($_POST['title'] ?? '');\n $briefing = trim($_POST['briefing'] ?? '');\n\n if ($title === '' || $briefing === '') {\n $_SESSION['error'] = 'Titel und Briefing sind erforderlich.';\n header('Location: \/content\/new');\n exit;\n }\n\n \/\/ Auto-apply first active contract if none selected\n $contractId = $_POST['contract_id'] ?? null;\n if ($contractId === null || $contractId === '') {\n $contracts = $this->repository->findAllContracts();\n if ($contracts !== []) {\n $contractId = $contracts[0]['id'];\n }\n }\n\n \/\/ Process collections (multi-select)\n $collections = $_POST['collections'] ?? ['documents'];\n if (!is_array($collections)) {\n $collections = [$collections];\n }\n\n \/\/ Validate collection compatibility\n $collections = $this->validateCollections($collections);\n $compatibility = $this->validateCollectionCompatibility($collections);\n if (!$compatibility['valid']) {\n $_SESSION['error'] = 'Collection-Fehler: ' . $compatibility['error'];\n header('Location: \/content\/new');\n exit;\n }\n\n $model = ModelConfig::validate($_POST['model'] ?? ModelConfig::DEFAULT_MODEL);\n $contextLimit = (int) ($_POST['context_limit'] ?? 5);\n\n $orderId = $this->repository->createOrder([\n 'title' => $title,\n 'briefing' => $briefing,\n 'author_profile_id' => $_POST['author_profile_id'] ?? null,\n 'contract_id' => $contractId,\n 'structure_id' => $_POST['structure_id'] ?? null,\n 'model' => $model,\n 'collections' => json_encode($collections),\n 'context_limit' => $contextLimit,\n ]);\n\n \/\/ If \"generate\" action: generate content immediately\n if (($_POST['action'] ?? 'save') === 'generate') {\n $collection = $collections[0] ?? 'documents';\n $result = $this->generateUseCase->generate($orderId, $model, $collection, $contextLimit);\n\n if ($result->hasError()) {\n $_SESSION['error'] = 'Generierung fehlgeschlagen: ' . $result->getError();\n } else {\n $_SESSION['success'] = 'Content wurde generiert.';\n }\n }\n\n header('Location: \/content\/' . $orderId);\n exit;\n }\n\n \/**\n * GET \/content\/{id}\n * Show order details\n *\/\n public function show(int $id): void\n {\n $order = $this->repository->findOrder($id);\n\n if ($order === null) {\n $this->notFound('Auftrag nicht gefunden');\n }\n\n $versions = $this->repository->findVersionsByOrder($id);\n $latestVersion = $versions[0] ?? null;\n $critiques = $latestVersion ? $this->repository->findCritiquesByVersion($latestVersion['id']) : [];\n $sources = $this->repository->findSourcesByOrder($id);\n\n \/\/ Get available collections for the dropdown\n $availableCollections = $this->getAvailableCollections();\n\n $this->view('content.show', [\n 'title' => $order['title'],\n 'order' => $order,\n 'versions' => $versions,\n 'latestVersion' => $latestVersion,\n 'critiques' => $critiques,\n 'sources' => $sources,\n 'models' => ModelConfig::getAll(),\n 'availableCollections' => $availableCollections,\n ]);\n }\n\n \/**\n * GET \/content\/{id}\/edit\n * Show edit form\n *\/\n public function edit(int $id): void\n {\n $order = $this->repository->findOrder($id);\n\n if ($order === null) {\n $this->notFound('Auftrag nicht gefunden');\n }\n\n $this->view('content.edit', [\n 'title' => 'Auftrag bearbeiten',\n 'order' => $order,\n 'profiles' => $this->repository->findAllProfiles(),\n 'contracts' => $this->repository->findAllContracts(),\n 'structures' => $this->repository->findAllStructures(),\n ]);\n }\n\n \/**\n * POST \/content\/{id}\/generate\n * Generate content (HTMX)\n *\/\n public function generate(int $id): void\n {\n $this->requireCsrf();\n\n $model = $_POST['model'] ?? 'claude-opus-4-5-20251101';\n $collection = $_POST['collection'] ?? 'documents';\n $limit = (int) ($_POST['context_limit'] ?? 5);\n\n \/\/ Validate collection\n $collections = $this->validateCollections([$collection]);\n if (empty($collections)) {\n echo '<div class=\"alert error\">Ungültige Collection: ' . htmlspecialchars($collection) . '<\/div>';\n\n return;\n }\n $collection = $collections[0];\n\n \/\/ Validate compatibility (single collection always valid, but check exists)\n $compatibility = $this->validateCollectionCompatibility($collections);\n if (!$compatibility['valid']) {\n echo '<div class=\"alert error\">' . htmlspecialchars($compatibility['error']) . '<\/div>';\n\n return;\n }\n\n $result = $this->generateUseCase->generate($id, $model, $collection, $limit);\n\n if ($result->hasError()) {\n echo '<div class=\"alert error\">Fehler: ' . htmlspecialchars($result->getError()) . '<\/div>';\n\n return;\n }\n\n \/\/ Return updated content section\n $this->renderVersionPartial($result->toArray());\n }\n\n \/**\n * POST \/content\/{id}\/critique\n * Run critique round (HTMX)\n *\/\n public function critique(int $id): void\n {\n $this->requireCsrf();\n\n \/\/ Get latest version\n $version = $this->repository->findLatestVersion($id);\n\n if ($version === null) {\n echo '<div class=\"alert error\">Keine Version vorhanden.<\/div>';\n\n return;\n }\n\n $model = $_POST['model'] ?? 'claude-opus-4-5-20251101';\n $result = $this->generateUseCase->critique($version['id'], $model);\n\n if ($result->hasError()) {\n echo '<div class=\"alert error\">Fehler: ' . htmlspecialchars($result->getError()) . '<\/div>';\n\n return;\n }\n\n \/\/ Return critique results\n $this->renderCritiquePartial($result->toArray());\n }\n\n \/**\n * POST \/content\/{id}\/revise\n * Create revision (HTMX)\n *\/\n public function revise(int $id): void\n {\n $this->requireCsrf();\n\n $version = $this->repository->findLatestVersion($id);\n\n if ($version === null) {\n echo '<div class=\"alert error\">Keine Version vorhanden.<\/div>';\n\n return;\n }\n\n $model = $_POST['model'] ?? 'claude-opus-4-5-20251101';\n $result = $this->generateUseCase->revise($version['id'], $model);\n\n if ($result->hasError()) {\n echo '<div class=\"alert error\">Fehler: ' . htmlspecialchars($result->getError()) . '<\/div>';\n\n return;\n }\n\n $this->renderVersionPartial($result->toArray());\n }\n\n \/**\n * POST \/content\/{id}\/approve\n * Approve content\n *\/\n public function approve(int $id): void\n {\n $this->requireCsrf();\n\n $this->repository->updateOrderStatus($id, 'approve');\n echo '<div class=\"alert success\">Content genehmigt!<\/div>';\n echo '<script>setTimeout(() => window.location.reload(), 1000);<\/script>';\n }\n\n ... [TRUNCATED-4f2e3731b1139133]",
"structuredPatch": [
{
"oldStart": 322,
"oldLines": 67,
"newStart": 322,
"newLines": 6,
"lines": [
" }",
" ",
" \/**",
"- * Allowed Python commands (whitelist).",
"- *\/",
"- private const ALLOWED_COMMANDS = ['generate', 'critique', 'revise'];",
"-",
"- \/**",
"- * Call Python script",
"- *\/",
"- private function callPython(string $command, int $entityId, array $args = []): array",
"- {",
"- \/\/ Validate command against whitelist",
"- if (!in_array($command, self::ALLOWED_COMMANDS, true)) {",
"- return ['error' => 'Ungültiger Command: ' . $command];",
"- }",
"-",
"- $scriptPath = $this->pipelinePath . '\/web_generate.py';",
"-",
"- \/\/ Build command array for proc_open (safer than shell_exec)",
"- $cmdArray = [",
"- $this->pythonPath,",
"- $scriptPath,",
"- $command,",
"- (string) $entityId,",
"- ...$args,",
"- ];",
"-",
"- $descriptors = [",
"- 0 => ['pipe', 'r'],",
"- 1 => ['pipe', 'w'],",
"- 2 => ['pipe', 'w'],",
"- ];",
"-",
"- $process = proc_open($cmdArray, $descriptors, $pipes); \/\/ nosemgrep: exec-use",
"-",
"- if (!is_resource($process)) {",
"- return ['error' => 'Script konnte nicht gestartet werden'];",
"- }",
"-",
"- fclose($pipes[0]);",
"- $stdout = stream_get_contents($pipes[1]);",
"- $stderr = stream_get_contents($pipes[2]);",
"- fclose($pipes[1]);",
"- fclose($pipes[2]);",
"- $exitCode = proc_close($process);",
"-",
"- $output = $stdout . $stderr;",
"-",
"- if ($exitCode !== 0 && $output === '') {",
"- return ['error' => 'Script fehlgeschlagen (Exit: ' . $exitCode . ')'];",
"- }",
"-",
"- if (preg_match('\/\\{[\\s\\S]*\\}\/', $output, $matches)) {",
"- $result = json_decode($matches[0], true);",
"- if (json_last_error() === JSON_ERROR_NONE) {",
"- return $result;",
"- }",
"- }",
"-",
"- return ['error' => 'Ungültige Antwort: ' . substr($output, 0, 500)];",
"- }",
"-",
"- \/**",
" * Render version partial",
" *\/",
" private function renderVersionPartial(array $result): void"
]
}
],
"userModified": false,
"replaceAll": false
}
}