Review API-Guidelines: Soft-delete

[cgendreau]

Fixes #46

[cgendreau]

Q-1.: How will we know that a record is soft-deleted?

R-1.: For the API user no, the get by id will return a 410 and deleted records are not included in list and query results. As for the backend, they can be added to the where clause or moved somewhere else (e.g. audit table).

Q-2. We need cleanup jobs to finally delete a soft-deleted record.

R-2. No, it must be automated. It could be time-based but preferably based on usage report (you get a report of all the modules with usage of external id, once you can validate a local id is not used, you perform hard delete)

Q-3. What is the intention behind a soft-delete?

R-3. It's not about auditing and history (this is required but not in the guideline yet) it's more about resolvability in distributed system where modules can't talk to each other directly (#47). If I have a image/document that says created by agent fcfc0360-3b05-4622-ae19-e7c468f04641, I can't prevent the agent module from deleting that entry, but with a soft-delete I will make sure it can still be resolved until a permanent fix is done. In that context the object-store will have in its report that the agent is gone, and the agent will have an entry saying it is in used.

[cgendreau]

Actually, if we focus on the main goal we could rewrite the text to say that a deleted resource should still be resolvable and send a 410. The deletedDate part is only a way to implement it (the audit would probably be even be better). I would keep the part that it should still be possible to completely removed a resource. Would that be better @jdobber ?

[ssbilkhu]

Are we OK to merge the suggested changes @falkogloeckler and @jdobber ?