/** * ComplianceManager * * **Adapter-Agnostic Compliance Engine** * * Handles all compliance checks independent of storage adapter: * - Works with Cloudflare R2, Supabase, custom adapters, etc. * - Enforces retention policies * - Manages immutability rules * - Handles soft delete and grace periods * - Provides compliance audit trail * * Compliance is enforced at the SERVICE level, not adapter level. * This ensures consistent compliance regardless of which adapter is used. * * @module @plyaz/storage/compliance */ import type { StorageComplianceConfig, StorageComplianceCheckResult, StorageRetentionPolicy, FileMetadata, FILE_CATEGORY, StorageDeleteComplianceOptions, StorageSoftDeleteMetadata, StorageJurisdictionContext } from '@plyaz/types/storage'; import type { STORAGE_JURISDICTION, STORAGE_REGULATORY_FRAMEWORK } from '@plyaz/types/storage'; import type { StorageComplianceManagerConfig } from '@plyaz/types/storage'; /** * ComplianceManager * * Provides adapter-agnostic compliance enforcement */ export declare class ComplianceManager { private readonly config; private readonly logger?; constructor(config: StorageComplianceManagerConfig); /** * Check if a file can be deleted based on compliance rules * * @param metadata - File metadata * @param options - Delete compliance options * @returns Compliance check result */ canDeleteFile(metadata: FileMetadata, options?: StorageDeleteComplianceOptions): StorageComplianceCheckResult; /** * Check if file is immutable * * @private */ private checkImmutability; /** * Check retention period * * @private */ private checkRetentionPeriod; /** * Get retention policy for a file category * * @param category - File category * @param override - Optional policy override * @returns Retention policy */ getRetentionPolicy(category: FILE_CATEGORY, override?: Partial): StorageRetentionPolicy; /** * Calculate retention end date * * @param uploadedAt - Upload timestamp * @param retentionYears - Retention period in years * @returns Retention end date */ calculateRetentionEnd(uploadedAt: Date, retentionYears: number): Date; /** * Calculate grace period end date * * @param deletedAt - Deletion timestamp * @param gracePeriodDays - Grace period in days * @returns Grace period end date */ calculateGracePeriodEnd(deletedAt: Date, gracePeriodDays: number): Date; /** * Create soft delete metadata * * @param deletedBy - User ID who deleted the file * @param reason - Deletion reason * @param policy - Retention policy * @returns Soft delete metadata */ createSoftDeleteMetadata(deletedBy: string, reason?: string, policy?: StorageRetentionPolicy): StorageSoftDeleteMetadata; /** * Enforce immutability on a file * * Throws error if file is immutable * * @param metadata - File metadata * @throws {StoragePackageError} If file is immutable */ enforceImmutability(metadata: FileMetadata): void; /** * Apply retention policy to a file * * Updates file metadata with retention information * * @param metadata - File metadata * @returns Updated metadata with retention info */ applyRetentionPolicy(metadata: FileMetadata): FileMetadata; /** * Get compliance configuration * * @returns Compliance configuration */ getConfig(): StorageComplianceConfig; /** * Check if compliance is enabled * * @returns True if compliance is enabled */ isEnabled(): boolean; /** * Check if strict mode is enabled * * @returns True if strict mode is enabled */ isStrictMode(): boolean; /** * Resolve applicable jurisdictions for a file * * Determines which jurisdictions' regulations apply based on: * - User location * - Entity (company/org) location * - Storage location * - Data category * - Explicit jurisdictions * * @param context - Jurisdiction resolution context * @returns Array of applicable jurisdictions */ resolveJurisdictions(context: StorageJurisdictionContext): STORAGE_JURISDICTION[]; /** * Get applicable regulatory frameworks for jurisdictions * * @param category - File category * @param jurisdictions - Applicable jurisdictions * @returns Array of regulatory frameworks */ getApplicableFrameworks(category: FILE_CATEGORY, jurisdictions: STORAGE_JURISDICTION[]): STORAGE_REGULATORY_FRAMEWORK[]; /** * Get jurisdiction-specific retention period * * Checks if a specific jurisdiction has an override in jurisdictionRules * * @param policy - Retention policy * @param jurisdiction - Jurisdiction to check * @returns Retention period in years, or undefined if no override */ getJurisdictionSpecificRetention(policy: StorageRetentionPolicy, jurisdiction: STORAGE_JURISDICTION): number | undefined; /** * Resolve jurisdiction conflicts * * When multiple jurisdictions apply with different requirements, * resolve conflicts using the configured strategy * * @param jurisdictions - Applicable jurisdictions * @param policy - Retention policy * @returns Resolved compliance requirements */ resolveJurisdictionConflicts(jurisdictions: STORAGE_JURISDICTION[], policy: StorageRetentionPolicy): { resolvedRetentionYears: number; mandatoryRetention: boolean; rightToErasure: boolean; appliedStrategy: string; conflicts: Array<{ jurisdiction: STORAGE_JURISDICTION; requirement: string; }>; }; /** * Check if file can be deleted in a specific jurisdiction * * Jurisdiction-aware version of canDeleteFile() * * @param metadata - File metadata * @param jurisdiction - Jurisdiction to check against * @param options - Delete compliance options * @returns Compliance check result */ canDeleteFileInJurisdiction(metadata: FileMetadata, jurisdiction: STORAGE_JURISDICTION, options?: StorageDeleteComplianceOptions): StorageComplianceCheckResult; /** * Helper: Add frameworks from jurisdiction rules */ private addJurisdictionFrameworks; }