Documentation
¶
Overview ¶
Package compliance implements GDPR/CCPA data export and compliance features.
This package provides functionality for:
- Complete user data export (GDPR Article 15 - Right to Access)
- Data portability in machine-readable format (GDPR Article 20)
- Secure delivery of exported data
- Audit trail of data export requests
Index ¶
- type ActivityLog
- type AdminLog
- type DataExportService
- func (s *DataExportService) CleanupExpiredExports(ctx context.Context) (int, error)
- func (s *DataExportService) GenerateDataExport(ctx context.Context, requestID uuid.UUID) error
- func (s *DataExportService) GetExportRequestByUser(ctx context.Context, userID uuid.UUID) (*ExportRequest, error)
- func (s *DataExportService) RequestDataExport(ctx context.Context, userID uuid.UUID) (*ExportRequest, error)
- type EmailLog
- type EncryptionAccessLog
- type ExportRequest
- type ExportStatus
- type SessionInfo
- type TwoFASettings
- type UserDataExport
- type UserProfile
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ActivityLog ¶
type ActivityLog struct {
ID uuid.UUID `json:"id"`
Action string `json:"action"`
IPAddress string `json:"ip_address"` // Decrypted
UserAgent string `json:"user_agent"` // Decrypted
CreatedAt time.Time `json:"created_at"`
}
ActivityLog represents a user activity log entry
type AdminLog ¶
type AdminLog struct {
ID uuid.UUID `json:"id"`
Action string `json:"action"`
TargetUserID *uuid.UUID `json:"target_user_id,omitempty"`
ActionDetails string `json:"action_details"` // Decrypted
CreatedAt time.Time `json:"created_at"`
}
AdminLog represents an admin action log (if user is admin)
type DataExportService ¶
type DataExportService struct {
// contains filtered or unexported fields
}
DataExportService handles GDPR data export requests
func NewDataExportService ¶
func NewDataExportService(db *sql.DB, exportDir string, exportRetention time.Duration, rateLimitDays int) *DataExportService
NewDataExportService creates a new data export service
Parameters:
- db: Database connection
- exportDir: Directory to store export files
- exportRetention: How long to keep export files (e.g., 7 days)
- rateLimitDays: Minimum days between export requests (e.g., 30 days)
func (*DataExportService) CleanupExpiredExports ¶
func (s *DataExportService) CleanupExpiredExports(ctx context.Context) (int, error)
CleanupExpiredExports deletes expired export files
func (*DataExportService) GenerateDataExport ¶
GenerateDataExport generates a complete data export for a user
This function should be called asynchronously (e.g., in a background job). It collects all user data, encrypts it, and saves it to a file.
Returns:
- Path to the generated export file
- Error if generation fails
func (*DataExportService) GetExportRequestByUser ¶
func (s *DataExportService) GetExportRequestByUser(ctx context.Context, userID uuid.UUID) (*ExportRequest, error)
GetExportRequestByUser retrieves the latest export request for a user
func (*DataExportService) RequestDataExport ¶
func (s *DataExportService) RequestDataExport(ctx context.Context, userID uuid.UUID) (*ExportRequest, error)
RequestDataExport creates a new data export request for a user
This function enforces rate limiting to prevent abuse (e.g., max 1 export per 30 days).
Returns:
- ExportRequest with pending status
- Error if rate limit exceeded or request fails
type EmailLog ¶
type EmailLog struct {
ID uuid.UUID `json:"id"`
Subject string `json:"subject"`
SentAt time.Time `json:"sent_at"`
Status string `json:"status"`
}
EmailLog represents an email sent to the user
type EncryptionAccessLog ¶
type EncryptionAccessLog struct {
ID uuid.UUID `json:"id"`
FieldName string `json:"field_name"`
Operation string `json:"operation"`
AccessedAt time.Time `json:"accessed_at"`
}
EncryptionAccessLog represents an encryption access log entry
type ExportRequest ¶
type ExportRequest struct {
ID uuid.UUID `json:"id"`
UserID uuid.UUID `json:"user_id"`
Status ExportStatus `json:"status"`
RequestedAt time.Time `json:"requested_at"`
CompletedAt *time.Time `json:"completed_at,omitempty"`
ExpiresAt *time.Time `json:"expires_at,omitempty"`
FilePath string `json:"file_path,omitempty"`
FileSize int64 `json:"file_size,omitempty"`
ErrorMsg string `json:"error_message,omitempty"`
}
ExportRequest represents a data export request
type ExportStatus ¶
type ExportStatus string
ExportStatus represents the status of a data export request
const ( // ExportStatusPending indicates the export request is queued ExportStatusPending ExportStatus = "pending" // ExportStatusProcessing indicates the export is being generated ExportStatusProcessing ExportStatus = "processing" // ExportStatusCompleted indicates the export is ready for download ExportStatusCompleted ExportStatus = "completed" // ExportStatusFailed indicates the export generation failed ExportStatusFailed ExportStatus = "failed" // ExportStatusExpired indicates the export download link has expired ExportStatusExpired ExportStatus = "expired" )
type SessionInfo ¶
type SessionInfo struct {
ID uuid.UUID `json:"id"`
CreatedAt time.Time `json:"created_at"`
ExpiresAt time.Time `json:"expires_at"`
IPAddress string `json:"ip_address,omitempty"`
}
SessionInfo represents a user session
type TwoFASettings ¶
type TwoFASettings struct {
Enabled bool `json:"enabled"`
EnabledAt *time.Time `json:"enabled_at,omitempty"`
BackupCodesGenerated bool `json:"backup_codes_generated"`
BackupCodesRemaining int `json:"backup_codes_remaining"`
}
TwoFASettings contains 2FA configuration
type UserDataExport ¶
type UserDataExport struct {
ExportDate time.Time `json:"export_date"`
UserProfile UserProfile `json:"user_profile"`
ActivityLogs []ActivityLog `json:"activity_logs"`
EmailLogs []EmailLog `json:"email_logs,omitempty"`
Sessions []SessionInfo `json:"sessions,omitempty"`
TwoFASettings *TwoFASettings `json:"two_fa_settings,omitempty"`
EncryptionLog []EncryptionAccessLog `json:"encryption_access_log,omitempty"`
AdminLogs []AdminLog `json:"admin_logs,omitempty"`
}
UserDataExport represents a complete export of user data
type UserProfile ¶
type UserProfile struct {
ID uuid.UUID `json:"id"`
Username string `json:"username"`
Email string `json:"email"` // Decrypted
Role string `json:"role"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
LastLoginAt *time.Time `json:"last_login_at,omitempty"`
TOTPEnabled bool `json:"totp_enabled"`
}
UserProfile contains user profile information
Source Files
Click to show internal directories.
Click to hide internal directories.