GdprUseCases

koprogo_api::application::use_cases::gdpr_use_cases

Struct GdprUseCases 

Source 
pub struct GdprUseCases { /* private fields */ }
Expand description

GDPR Use Cases for data export and erasure operations Implements business logic for GDPR Articles 15, 16, 17, 18, 21

Implementations§

Source§

impl GdprUseCases

Source

pub fn new( gdpr_repository: Arc<dyn GdprRepository>, user_repository: Arc<dyn UserRepository>, ) -> Self

Source

pub async fn export_user_data( &self, user_id: Uuid, requesting_user_id: Uuid, organization_id: Option<Uuid>, ) -> Result<GdprExportResponseDto, String>

Export all personal data for a user (GDPR Article 15 - Right to Access)

§Arguments
  • user_id - UUID of the user requesting data export
  • requesting_user_id - UUID of the user making the request (for authorization)
  • organization_id - Optional organization scope (None for SuperAdmin)
§Authorization
  • Users can only export their own data
  • SuperAdmin can export any user’s data
§Returns
  • Ok(GdprExportResponseDto) - Complete data export in JSON format
  • Err(String) - If user not found, not authorized, or database error
Source

pub async fn erase_user_data( &self, user_id: Uuid, requesting_user_id: Uuid, organization_id: Option<Uuid>, ) -> Result<GdprEraseResponseDto, String>

Erase user data by anonymization (GDPR Article 17 - Right to Erasure)

Anonymizes user account and linked owner profiles. Does not delete data entirely to preserve referential integrity and comply with legal retention requirements (e.g., financial records must be kept for 7 years in Belgium).

§Arguments
  • user_id - UUID of the user to anonymize
  • requesting_user_id - UUID of the user making the request (for authorization)
  • organization_id - Optional organization scope (None for SuperAdmin)
§Authorization
  • Users can only erase their own data
  • SuperAdmin can erase any user’s data
§Returns
  • Ok(GdprEraseResponseDto) - Anonymization confirmation
  • Err(String) - If user not found, not authorized, already anonymized, or legal holds exist
Source

pub async fn can_erase_user(&self, user_id: Uuid) -> Result<bool, String>

Check if user data can be erased (no legal holds)

§Arguments
  • user_id - UUID of the user to check
§Returns
  • Ok(true) - User can be erased
  • Ok(false) - User has legal holds preventing erasure
  • Err(String) - Database error
Source

pub async fn rectify_user_data( &self, user_id: Uuid, requesting_user_id: Uuid, email: Option<String>, first_name: Option<String>, last_name: Option<String>, ) -> Result<(), String>

Rectify user personal data (GDPR Article 16 - Right to Rectification)

Allows users to correct inaccurate or incomplete personal data.

§Arguments
  • user_id - UUID of the user whose data to rectify
  • requesting_user_id - UUID of the user making the request (for authorization)
  • email - Optional new email address
  • first_name - Optional new first name
  • last_name - Optional new last name
§Authorization
  • Users can only rectify their own data
  • SuperAdmin can rectify any user’s data (organization_id = None)
§Returns
  • Ok(User) - Updated user entity
  • Err(String) - If user not found, not authorized, or validation error
Source

pub async fn restrict_user_processing( &self, user_id: Uuid, requesting_user_id: Uuid, ) -> Result<(), String>

Restrict data processing (GDPR Article 18 - Right to Restriction of Processing)

Allows users to request temporary limitation of data processing. When processing is restricted:

  • Data is stored but not processed for certain operations
  • Marketing communications are blocked
  • Profiling/analytics are disabled
§Arguments
  • user_id - UUID of the user
  • requesting_user_id - UUID of the user making the request (for authorization)
§Authorization
  • Users can only restrict their own data processing
§Returns
  • Ok(()) - Processing restriction applied
  • Err(String) - If user not found, not authorized, or already restricted
Source

pub async fn unrestrict_user_processing( &self, user_id: Uuid, ) -> Result<(), String>

Unrestrict data processing (Admin action or legal requirement met)

§Arguments
  • user_id - UUID of the user
  • admin_user_id - UUID of the admin performing the action
§Authorization
  • Only admins/SuperAdmin can unrestrict processing
§Returns
  • Ok(()) - Processing restriction removed
  • Err(String) - If user not found
Source

pub async fn set_marketing_preference( &self, user_id: Uuid, requesting_user_id: Uuid, opt_out: bool, ) -> Result<(), String>

Set marketing opt-out preference (GDPR Article 21 - Right to Object)

Allows users to object to marketing communications and profiling.

§Arguments
  • user_id - UUID of the user
  • requesting_user_id - UUID of the user making the request (for authorization)
  • opt_out - true to opt out of marketing, false to opt back in
§Authorization
  • Users can only change their own marketing preferences
§Returns
  • Ok(()) - Marketing preference updated
  • Err(String) - If user not found or not authorized

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
§

impl<T> Chain<T> for T

§

fn len(&self) -> usize

The number of items that this chain link consists of.
§

fn append_to(self, v: &mut Vec<T>)

Append the elements in this link to the chain.
§

impl<T> Fake for T

§

fn fake<U>(&self) -> U
where Self: FakeBase<U>,

§

fn fake_with_rng<U, R>(&self, rng: &mut R) -> U
where R: Rng + ?Sized, Self: FakeBase<U>,

Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T> Instrument for T

§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided [Span], returning an Instrumented wrapper. Read more
§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
§

impl<Unshared, Shared> IntoShared<Shared> for Unshared
where Shared: FromUnshared<Unshared>,

§

fn into_shared(self) -> Shared

Creates a shared type from an unshared type.
§

impl<T> Pointable for T

§

const ALIGN: usize

The alignment of pointer.
§

type Init = T

The type for initializers.
§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
§

impl<T> PolicyExt for T
where T: ?Sized,

§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns [Action::Follow] only if self and other return Action::Follow. Read more
§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns [Action::Follow] if either self or other returns Action::Follow. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

§

impl<T> WithSubscriber for T

§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a [WithDispatch] wrapper. Read more
§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a [WithDispatch] wrapper. Read more
§

impl<T> ErasedDestructor for T
where T: 'static,