feat(sql): RBAC model with api_keys and application tenants

2026-03-31 23:40:51 -06:00
parent 0ca5423776
commit 005fad6048
5 changed files with 2661 additions and 1250 deletions
--- a/db/Models/sql_generated/schema.sql
+++ b/db/Models/sql_generated/schema.sql
@@ -1,5 +1,5 @@
 -- MySQL Script generated by MySQL Workbench
-- Sun Dec  7 08:38:42 2025
+-- Tue 31 Mar 2026 11:38:07 PM CST
 -- Model: New Model    Version: 1.0
 -- MySQL Workbench Forward Engineering

@@ -17,36 +17,16 @@ SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='ONLY_FULL_GROUP_BY,STRICT_TRANS_TABLES,N
 CREATE SCHEMA IF NOT EXISTS `u947463964_etaviaporte` DEFAULT CHARACTER SET utf8 ;
 USE `u947463964_etaviaporte` ;

-- -----------------------------------------------------
-- Table `u947463964_etaviaporte`.`user_types`
-- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `u947463964_etaviaporte`.`user_types` (
-  `id` INT UNSIGNED NOT NULL AUTO_INCREMENT,
-  `name` TEXT NOT NULL,
-  `description` TEXT NULL,
-  PRIMARY KEY (`id`),
-  UNIQUE INDEX `id_UNIQUE` (`id` ASC) VISIBLE)
-ENGINE = InnoDB;
-
-
 -- -----------------------------------------------------
 -- Table `u947463964_etaviaporte`.`users`
 -- -----------------------------------------------------
 CREATE TABLE IF NOT EXISTS `u947463964_etaviaporte`.`users` (
  `id` INT UNSIGNED NOT NULL AUTO_INCREMENT,
-  `user_type` INT UNSIGNED NOT NULL,
-  `name` TEXT NOT NULL,
-  `last_name` TEXT NOT NULL,
-  `created_at` DATETIME NOT NULL,
-  `updated_at` DATETIME NOT NULL,
-  UNIQUE INDEX `id_UNIQUE` (`id` ASC) VISIBLE,
-  PRIMARY KEY (`id`),
-  INDEX `fk_users_user_types1_idx` (`user_type` ASC) VISIBLE,
-  CONSTRAINT `fk_users_user_types1`
-    FOREIGN KEY (`user_type`)
-    REFERENCES `u947463964_etaviaporte`.`user_types` (`id`)
-    ON DELETE NO ACTION
-    ON UPDATE NO ACTION)
+  `name` VARCHAR(512) NOT NULL,
+  `last_name` VARCHAR(512) NOT NULL,
+  `created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  `updated_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+  PRIMARY KEY (`id`))
 ENGINE = InnoDB;


@@ -56,15 +36,16 @@ ENGINE = InnoDB;
 CREATE TABLE IF NOT EXISTS `u947463964_etaviaporte`.`auth_identities` (
  `id` INT UNSIGNED NOT NULL AUTO_INCREMENT,
  `user_id` INT UNSIGNED NOT NULL,
-  `provider` TEXT NOT NULL,
-  `identifier` TEXT NOT NULL COMMENT 'email, phone google, facebook, etc.',
+  `provider` VARCHAR(512) NOT NULL COMMENT 'type of identifier: email, phone, etc',
+  `identifier` VARCHAR(512) COLLATE 'Default Collation' NOT NULL COMMENT 'email, phone google, facebook, etc.',
+  `password_hash` VARCHAR(512) COLLATE 'Default Collation' NULL COMMENT 'password for phone or email',
  `is_primary` TINYINT NOT NULL DEFAULT 0,
  `is_verified` TINYINT NOT NULL DEFAULT 0,
-  `created_at` DATETIME NOT NULL,
-  `updated_at` DATETIME NOT NULL,
+  `created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  `updated_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT 'when phone or email, password goes here.',
  PRIMARY KEY (`id`),
-  UNIQUE INDEX `id_UNIQUE` (`id` ASC) VISIBLE,
  INDEX `fk_auth_identities_users_idx` (`user_id` ASC) VISIBLE,
+  UNIQUE INDEX `provider_UNIQUE` (`provider` ASC, `identifier` ASC) VISIBLE,
  CONSTRAINT `fk_auth_identities_users`
    FOREIGN KEY (`user_id`)
    REFERENCES `u947463964_etaviaporte`.`users` (`id`)
@@ -74,22 +55,18 @@ ENGINE = InnoDB;


 -- -----------------------------------------------------
-- Table `u947463964_etaviaporte`.`auth_credentials`
+-- Table `u947463964_etaviaporte`.`applications`
 -- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `u947463964_etaviaporte`.`auth_credentials` (
+CREATE TABLE IF NOT EXISTS `u947463964_etaviaporte`.`applications` (
  `id` INT UNSIGNED NOT NULL AUTO_INCREMENT,
-  `identity_id` INT UNSIGNED NOT NULL,
-  `password` TEXT NOT NULL,
-  `created_at` DATETIME NOT NULL,
-  `updated_at` DATETIME NOT NULL,
+  `name` VARCHAR(512) NOT NULL,
+  `slug` VARCHAR(512) NOT NULL,
+  `description` TEXT NULL,
+  `created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  `updated_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
  PRIMARY KEY (`id`),
-  UNIQUE INDEX `id_UNIQUE` (`id` ASC) VISIBLE,
-  INDEX `fk_auth_credentials_auth_identities1_idx` (`identity_id` ASC) VISIBLE,
-  CONSTRAINT `fk_auth_credentials_auth_identities1`
-    FOREIGN KEY (`identity_id`)
-    REFERENCES `u947463964_etaviaporte`.`auth_identities` (`id`)
-    ON DELETE CASCADE
-    ON UPDATE NO ACTION)
+  UNIQUE INDEX `slug_UNIQUE` (`slug` ASC) VISIBLE,
+  UNIQUE INDEX `name_UNIQUE` (`name` ASC) VISIBLE)
 ENGINE = InnoDB;


@@ -98,12 +75,19 @@ ENGINE = InnoDB;
 -- -----------------------------------------------------
 CREATE TABLE IF NOT EXISTS `u947463964_etaviaporte`.`roles` (
  `id` INT UNSIGNED NOT NULL AUTO_INCREMENT,
-  `name` TEXT NOT NULL,
+  `application_id` INT UNSIGNED NOT NULL,
+  `name` VARCHAR(512) NOT NULL,
  `description` TEXT NULL,
-  `created_at` DATETIME NOT NULL,
-  `updated_at` DATETIME NOT NULL,
+  `created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  `updated_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
  PRIMARY KEY (`id`),
-  UNIQUE INDEX `id_UNIQUE` (`id` ASC) VISIBLE)
+  UNIQUE INDEX `name_UNIQUE` (`application_id` ASC, `name` ASC) VISIBLE,
+  INDEX `fk_roles_applications1_idx` (`application_id` ASC) VISIBLE,
+  CONSTRAINT `fk_roles_applications1`
+    FOREIGN KEY (`application_id`)
+    REFERENCES `u947463964_etaviaporte`.`applications` (`id`)
+    ON DELETE NO ACTION
+    ON UPDATE NO ACTION)
 ENGINE = InnoDB;


@@ -112,10 +96,17 @@ ENGINE = InnoDB;
 -- -----------------------------------------------------
 CREATE TABLE IF NOT EXISTS `u947463964_etaviaporte`.`permissions` (
  `id` INT UNSIGNED NOT NULL AUTO_INCREMENT,
-  `name` TEXT NOT NULL,
+  `application_id` INT UNSIGNED NOT NULL,
+  `name` VARCHAR(512) NOT NULL,
  `description` TEXT NULL,
  PRIMARY KEY (`id`),
-  UNIQUE INDEX `id_UNIQUE` (`id` ASC) VISIBLE)
+  UNIQUE INDEX `name_UNIQUE` (`application_id` ASC, `name` ASC) VISIBLE,
+  INDEX `fk_permissions_applications1_idx` (`application_id` ASC) VISIBLE,
+  CONSTRAINT `fk_permissions_applications1`
+    FOREIGN KEY (`application_id`)
+    REFERENCES `u947463964_etaviaporte`.`applications` (`id`)
+    ON DELETE NO ACTION
+    ON UPDATE NO ACTION)
 ENGINE = InnoDB;


@@ -127,9 +118,9 @@ CREATE TABLE IF NOT EXISTS `u947463964_etaviaporte`.`role_permissions` (
  `role_id` INT UNSIGNED NOT NULL,
  `permission_id` INT UNSIGNED NOT NULL,
  PRIMARY KEY (`id`),
-  UNIQUE INDEX `id_UNIQUE` (`id` ASC) VISIBLE,
  INDEX `fk_role_permissions_roles1_idx` (`role_id` ASC) VISIBLE,
  INDEX `fk_role_permissions_permissions1_idx` (`permission_id` ASC) VISIBLE,
+  UNIQUE INDEX `role_id_UNIQUE` (`role_id` ASC, `permission_id` ASC) VISIBLE,
  CONSTRAINT `fk_role_permissions_roles1`
    FOREIGN KEY (`role_id`)
    REFERENCES `u947463964_etaviaporte`.`roles` (`id`)
@@ -150,12 +141,12 @@ CREATE TABLE IF NOT EXISTS `u947463964_etaviaporte`.`user_roles` (
  `id` INT UNSIGNED NOT NULL AUTO_INCREMENT,
  `user_id` INT UNSIGNED NOT NULL,
  `role_id` INT UNSIGNED NOT NULL,
-  `created_at` DATETIME NOT NULL,
+  `created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
  `expires_at` DATETIME NULL,
  PRIMARY KEY (`id`),
-  UNIQUE INDEX `id_UNIQUE` (`id` ASC) VISIBLE,
  INDEX `fk_user_roles_users1_idx` (`user_id` ASC) VISIBLE,
  INDEX `fk_user_roles_roles1_idx` (`role_id` ASC) VISIBLE,
+  UNIQUE INDEX `user_id_UNIQUE` (`user_id` ASC, `role_id` ASC) VISIBLE,
  CONSTRAINT `fk_user_roles_users1`
    FOREIGN KEY (`user_id`)
    REFERENCES `u947463964_etaviaporte`.`users` (`id`)
@@ -169,6 +160,130 @@ CREATE TABLE IF NOT EXISTS `u947463964_etaviaporte`.`user_roles` (
 ENGINE = InnoDB;


+-- -----------------------------------------------------
+-- Table `u947463964_etaviaporte`.`user_permissions`
+-- -----------------------------------------------------
+CREATE TABLE IF NOT EXISTS `u947463964_etaviaporte`.`user_permissions` (
+  `id` INT UNSIGNED NOT NULL AUTO_INCREMENT,
+  `user_id` INT UNSIGNED NOT NULL,
+  `permission_id` INT UNSIGNED NOT NULL,
+  `created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  `expires_at` DATETIME NULL,
+  PRIMARY KEY (`id`),
+  INDEX `fk_user_permissions_permissions1_idx` (`permission_id` ASC) VISIBLE,
+  INDEX `fk_user_permissions_users1_idx` (`user_id` ASC) VISIBLE,
+  UNIQUE INDEX `user_id_UNIQUE` (`user_id` ASC, `permission_id` ASC) VISIBLE,
+  CONSTRAINT `fk_user_permissions_permissions1`
+    FOREIGN KEY (`permission_id`)
+    REFERENCES `u947463964_etaviaporte`.`permissions` (`id`)
+    ON DELETE CASCADE
+    ON UPDATE NO ACTION,
+  CONSTRAINT `fk_user_permissions_users1`
+    FOREIGN KEY (`user_id`)
+    REFERENCES `u947463964_etaviaporte`.`users` (`id`)
+    ON DELETE CASCADE
+    ON UPDATE NO ACTION)
+ENGINE = InnoDB;
+
+
+-- -----------------------------------------------------
+-- Table `u947463964_etaviaporte`.`verification_tokens`
+-- -----------------------------------------------------
+CREATE TABLE IF NOT EXISTS `u947463964_etaviaporte`.`verification_tokens` (
+  `id` INT UNSIGNED NOT NULL AUTO_INCREMENT,
+  `auth_identity_id` INT UNSIGNED NOT NULL,
+  `token_hash` VARCHAR(255) NOT NULL COMMENT 'Verification token for email/phone/notification mechanisms to either validate or reset passwords',
+  `purpose` ENUM('email_verification', 'phone_verification', 'password_reset') NOT NULL,
+  `created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  `expires_at` DATETIME NOT NULL,
+  `used_at` DATETIME NULL,
+  PRIMARY KEY (`id`),
+  INDEX `fk_verification_tokens_auth_identities1_idx` (`auth_identity_id` ASC) VISIBLE,
+  UNIQUE INDEX `token_hash_UNIQUE` (`token_hash` ASC) VISIBLE,
+  CONSTRAINT `fk_verification_tokens_auth_identities1`
+    FOREIGN KEY (`auth_identity_id`)
+    REFERENCES `u947463964_etaviaporte`.`auth_identities` (`id`)
+    ON DELETE CASCADE
+    ON UPDATE NO ACTION)
+ENGINE = InnoDB;
+
+
+-- -----------------------------------------------------
+-- Table `u947463964_etaviaporte`.`sessions`
+-- -----------------------------------------------------
+CREATE TABLE IF NOT EXISTS `u947463964_etaviaporte`.`sessions` (
+  `id` INT UNSIGNED NOT NULL AUTO_INCREMENT,
+  `user_id` INT UNSIGNED NOT NULL,
+  `application_id` INT UNSIGNED NOT NULL,
+  `session_token_hash` VARCHAR(255) NOT NULL,
+  `created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  `updated_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+  `expires_at` DATETIME NOT NULL,
+  `revoked_at` DATETIME NULL,
+  PRIMARY KEY (`id`),
+  INDEX `fk_sessions_users1_idx` (`user_id` ASC) VISIBLE,
+  UNIQUE INDEX `session_token_hash_UNIQUE` (`application_id` ASC, `session_token_hash` ASC) VISIBLE,
+  INDEX `fk_sessions_applications1_idx` (`application_id` ASC) VISIBLE,
+  CONSTRAINT `fk_sessions_users1`
+    FOREIGN KEY (`user_id`)
+    REFERENCES `u947463964_etaviaporte`.`users` (`id`)
+    ON DELETE CASCADE
+    ON UPDATE NO ACTION,
+  CONSTRAINT `fk_sessions_applications1`
+    FOREIGN KEY (`application_id`)
+    REFERENCES `u947463964_etaviaporte`.`applications` (`id`)
+    ON DELETE NO ACTION
+    ON UPDATE NO ACTION)
+ENGINE = InnoDB;
+
+
+-- -----------------------------------------------------
+-- Table `u947463964_etaviaporte`.`user_applications`
+-- -----------------------------------------------------
+CREATE TABLE IF NOT EXISTS `u947463964_etaviaporte`.`user_applications` (
+  `id` INT UNSIGNED NOT NULL AUTO_INCREMENT,
+  `user_id` INT UNSIGNED NOT NULL,
+  `application_id` INT UNSIGNED NOT NULL,
+  `created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  PRIMARY KEY (`id`),
+  INDEX `fk_user_application_users1_idx` (`user_id` ASC) VISIBLE,
+  INDEX `fk_user_application_applications1_idx` (`application_id` ASC) VISIBLE,
+  UNIQUE INDEX `user_id_UNIQUE` (`user_id` ASC, `application_id` ASC) VISIBLE,
+  CONSTRAINT `fk_user_application_users1`
+    FOREIGN KEY (`user_id`)
+    REFERENCES `u947463964_etaviaporte`.`users` (`id`)
+    ON DELETE CASCADE
+    ON UPDATE NO ACTION,
+  CONSTRAINT `fk_user_application_applications1`
+    FOREIGN KEY (`application_id`)
+    REFERENCES `u947463964_etaviaporte`.`applications` (`id`)
+    ON DELETE CASCADE
+    ON UPDATE NO ACTION)
+ENGINE = InnoDB;
+
+
+-- -----------------------------------------------------
+-- Table `u947463964_etaviaporte`.`api_keys`
+-- -----------------------------------------------------
+CREATE TABLE IF NOT EXISTS `u947463964_etaviaporte`.`api_keys` (
+  `id` INT UNSIGNED NOT NULL AUTO_INCREMENT,
+  `application_id` INT UNSIGNED NOT NULL,
+  `name` VARCHAR(512) NOT NULL,
+  `description` TEXT NULL,
+  `key_hash` VARCHAR(255) NOT NULL,
+  `created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  `expires_at` DATETIME NULL,
+  PRIMARY KEY (`id`),
+  UNIQUE INDEX `key_hash_UNIQUE` (`key_hash` ASC) VISIBLE,
+  INDEX `fk_api_keys_applications1_idx` (`application_id` ASC) VISIBLE,
+  CONSTRAINT `fk_api_keys_applications1`
+    FOREIGN KEY (`application_id`)
+    REFERENCES `u947463964_etaviaporte`.`applications` (`id`)
+    ON DELETE CASCADE
+    ON UPDATE NO ACTION)
+ENGINE = InnoDB;
+
+
 SET SQL_MODE=@OLD_SQL_MODE;
 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;