agentic-dev/packages/core-dsr/src/data-delete.interface.ts

import type { DeletionCertificate, DeletionMode } from "./dsr-types";

/**
 * GDPR Art. 17 (right to erasure / "right to be forgotten").
 *
 * Two modes:
 *
 * - `"soft"` — sets `processingRestrictedAt`, NULLs all `exportable: true`
 *   PII fields, and redacts `reference`-role linked fields to null. The row
 *   structure is preserved so other subjects' data in shared rows remains
 *   intact. Emits one RESTRICT audit entry per affected collection.
 *
 * - `"cascade-hard"` — hard-deletes `self` and `owner` rows immediately, then
 *   redacts `reference` fields. Auth-guarded at the procedure layer; must not
 *   be called from user-facing flows. Emits DELETE audit entries.
 */
export interface IDataDelete {
  /**
   * Delete or erase all personal data held for the given subject.
   *
   * @param subjectId - The subject's canonical ID.
   * @param mode      - Deletion strategy (soft redaction vs hard cascade).
   * @returns A signed `DeletionCertificate` linking to the audit log entry.
   */
  deleteSubjectData(
    subjectId: string,
    mode: DeletionMode,
  ): Promise<DeletionCertificate>;
}