You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
"PII bulgular" (PII findings) page comes up empty.
Where
Frontend loadPii → GET /api/compliance/pii/findings?page=1&page_size=100 (src/dashboard/static/index.html:7293). Empty → "Bulgu yok. PII taramasi kapaliysa... aciksa once bir tarama calistirin." (index.html:7318-7322).
Backend pii_findings (plain def) src/dashboard/api.py:6792 reads the pii_findings table (src/storage/database.py:966), populated only by PiiEngine.scan_source (src/compliance/pii/pii_engine.py:312-432), triggered only by POST /api/compliance/pii/scan/{id} (api.py:6772) which reads file content (pii_engine.py:244-245). The metadata scan cannot populate it.
Root-cause hypotheses (ranked)
HIGH — feature off by default + no scan ever run.compliance.pii.enabled defaults false (config.yaml:399-400, pii_engine.py:75). Rule-8 banner exists ("kapali — config.yaml > compliance.pii.enabled: true ile aciliyor", index.html:1247-1249). Empty is by-design until enabled + scanned.
HIGH — real UX gap: there is NO dashboard button to launch a PII scan. The PII page (index.html:1237-1245) has only source/pattern filters + Subject Export. Nothing calls POST .../pii/scan. So even with enabled:true, the page stays empty forever from the UI — the operator can only trigger via curl. The page literally says "once bir tarama calistirin" but offers no way to.
LOW-MED — "feature off" banner may not render if /api/compliance/config fetch fails (catch at index.html:7302 leaves banner hidden) → bare empty page, no explanation.
Ruled out: S-SHAPE clean; pii_scan async correctly offloads via run_in_executor; PII uses stdlib re (optional libs degrade gracefully, not the cause).
SELECT COUNT(*) FROM pii_findings; — 0 → no scan run.
Log line PII scan_source done: source=... scanned=N hits=M — absent = never ran.
Fix plan
Main fix — add a "PII Tara" button on the PII page that POSTs /api/compliance/pii/scan/{source_id} for the selected source, with progress/feedback (matches the "run a scan first" instruction). Gate it on enabled.
Make the "feature off" banner robust to a failed config fetch (don't leave a bare empty page).
Severity: medium (feature effectively unusable from the UI).
Symptom (customer)
"PII bulgular" (PII findings) page comes up empty.
Where
loadPii→GET /api/compliance/pii/findings?page=1&page_size=100(src/dashboard/static/index.html:7293). Empty → "Bulgu yok. PII taramasi kapaliysa... aciksa once bir tarama calistirin." (index.html:7318-7322).pii_findings(plain def)src/dashboard/api.py:6792reads thepii_findingstable (src/storage/database.py:966), populated only byPiiEngine.scan_source(src/compliance/pii/pii_engine.py:312-432), triggered only byPOST /api/compliance/pii/scan/{id}(api.py:6772) which reads file content (pii_engine.py:244-245). The metadata scan cannot populate it.Root-cause hypotheses (ranked)
compliance.pii.enableddefaults false (config.yaml:399-400,pii_engine.py:75). Rule-8 banner exists ("kapali — config.yaml > compliance.pii.enabled: true ile aciliyor",index.html:1247-1249). Empty is by-design until enabled + scanned.index.html:1237-1245) has only source/pattern filters + Subject Export. Nothing callsPOST .../pii/scan. So even withenabled:true, the page stays empty forever from the UI — the operator can only trigger via curl. The page literally says "once bir tarama calistirin" but offers no way to./api/compliance/configfetch fails (catchatindex.html:7302leaves banner hidden) → bare empty page, no explanation.Ruled out: S-SHAPE clean;
pii_scanasync correctly offloads viarun_in_executor; PII uses stdlibre(optional libs degrade gracefully, not the cause).On-box confirm
compliance.pii.enabled: true, restart).SELECT COUNT(*) FROM pii_findings;— 0 → no scan run.PII scan_source done: source=... scanned=N hits=M— absent = never ran.Fix plan
/api/compliance/pii/scan/{source_id}for the selected source, with progress/feedback (matches the "run a scan first" instruction). Gate it onenabled.Severity: medium (feature effectively unusable from the UI).