"""
data_protection_policy.py

PUBLIC FILE -- Published at houseclick.net/security.
Defines which fields are encrypted, hashed, tokenized, homomorphic, or plain.
"""

FIELD_CLASSIFICATION = {
    "users": {
        "email": "ENCRYPT",
        "email_hash": "HASH",
        "full_name": "ENCRYPT",
        "phone": "ENCRYPT",
        "tax_id": "ENCRYPT",
        "tax_id_hash": "HASH",
        "language": "PLAIN",
        "jurisdiction": "PLAIN",
        "company_type": "PLAIN",
        "created_at": "PLAIN",
    },
    "documents": {
        "extracted_json": "ENCRYPT",
        "document_hash": "HASH",
        "doc_type": "PLAIN",
        "confidence": "PLAIN",
        "status": "PLAIN",
    },
    "transactions": {
        "vendor_name": "ENCRYPT",
        "amount": "ENCRYPT",
        "amount_phe": "HOMOMORPHIC",
        "vat_amount": "ENCRYPT",
        "vat_amount_phe": "HOMOMORPHIC",
        "notes": "ENCRYPT",
        "date": "PLAIN",
        "category": "PLAIN",
        "debit_account": "PLAIN",
        "credit_account": "PLAIN",
    },
    "payroll_entries": {
        "employee_name": "ENCRYPT",
        "gross_salary": "ENCRYPT",
        "gross_salary_phe": "HOMOMORPHIC",
        "net_salary": "ENCRYPT",
        "employer_tax": "ENCRYPT",
    },
    "tax_forms": {
        "form_content_json": "ENCRYPT",
        "submitted_form_pdf_path": "ENCRYPT",
        "submission_reference": "TOKENISE",
    },
    "subscriptions": {
        "stripe_customer_id": "TOKENISE",
        "plan": "PLAIN",
        "status": "PLAIN",
    },
}