WIP
This commit is contained in:
@@ -20,13 +20,102 @@ model SystemPostMigration {
|
||||
createdAt DateTime @default(now())
|
||||
}
|
||||
|
||||
//
|
||||
// Namespace: Auth
|
||||
//
|
||||
model AuthRealm {
|
||||
id Int @id @default(autoincrement())
|
||||
name String @unique
|
||||
createdAt DateTime @default(now())
|
||||
|
||||
oauth2Clients AuthOauth2Client[]
|
||||
groups IdentityGroup[]
|
||||
profileAttributeNames IdentityProfileAttributeName[]
|
||||
roles AuthRole[]
|
||||
}
|
||||
|
||||
model AuthOauth2Client {
|
||||
id Int @id @default(autoincrement())
|
||||
|
||||
realmId Int
|
||||
realm AuthRealm @relation(fields: [realmId], references: [id])
|
||||
|
||||
clientId String
|
||||
clientSecret String?
|
||||
|
||||
authorizationCodeFlowEnabled Boolean @default(false)
|
||||
resourceOwnerPasswordCredentialsFlowEnabled Boolean @default(false)
|
||||
clientCredentialsFlowEnabled Boolean @default(false)
|
||||
idTokenEnabled Boolean @default(false)
|
||||
refreshTokenEnabled Boolean @default(false)
|
||||
|
||||
scopeMappings AuthOauth2ClientToAuthOauth2Scope[]
|
||||
|
||||
@@unique([realmId, clientId])
|
||||
}
|
||||
|
||||
model AuthOauth2Scope {
|
||||
id Int @id @default(autoincrement())
|
||||
realmId Int
|
||||
scope String
|
||||
|
||||
profileAttributeMappings AuthOauth2ScopeToIdentityProfileAttributeName[]
|
||||
clientMappings AuthOauth2ClientToAuthOauth2Scope[]
|
||||
|
||||
@@unique([realmId, scope])
|
||||
}
|
||||
|
||||
model AuthOauth2ClientToAuthOauth2Scope {
|
||||
clientId Int
|
||||
oauth2Client AuthOauth2Client @relation(fields: [clientId], references: [id])
|
||||
|
||||
scopeId Int
|
||||
scope AuthOauth2Scope @relation(fields: [scopeId], references: [id])
|
||||
|
||||
@@id([clientId, scopeId])
|
||||
}
|
||||
|
||||
model AuthOauth2ScopeToIdentityProfileAttributeName {
|
||||
scopeId Int
|
||||
scope AuthOauth2Scope @relation(fields: [scopeId], references: [id])
|
||||
|
||||
claimName String
|
||||
|
||||
attributeId Int
|
||||
attributes IdentityProfileAttributeName @relation(fields: [attributeId], references: [id])
|
||||
|
||||
@@id([scopeId, attributeId])
|
||||
@@unique([scopeId, claimName])
|
||||
}
|
||||
|
||||
model AuthRole {
|
||||
realmId Int
|
||||
realm AuthRealm @relation(fields: [realmId], references: [id])
|
||||
|
||||
roleName String
|
||||
|
||||
@@id([realmId, roleName])
|
||||
}
|
||||
|
||||
//
|
||||
// Namespace: Identity
|
||||
//
|
||||
model EnumIdentityGroupRole {
|
||||
enumValue String @id
|
||||
|
||||
groups IdentityGroup[]
|
||||
}
|
||||
|
||||
model IdentityGroup {
|
||||
id Int @id @default(autoincrement())
|
||||
isAdmin Boolean @default(false)
|
||||
name String?
|
||||
id Int @id @default(autoincrement())
|
||||
|
||||
realmId Int
|
||||
realm AuthRealm @relation(fields: [realmId], references: [id])
|
||||
|
||||
role String
|
||||
roleRelation EnumIdentityGroupRole @relation(fields: [role], references: [enumValue])
|
||||
|
||||
name String?
|
||||
|
||||
users IdentityGroupToIdentityUser[]
|
||||
davResources CloudDavResource[]
|
||||
@@ -35,8 +124,11 @@ model IdentityGroup {
|
||||
model IdentityGroupToIdentityUser {
|
||||
groupId Int
|
||||
group IdentityGroup @relation(fields: [groupId], references: [id])
|
||||
userId Int
|
||||
user IdentityUser @relation(fields: [userId], references: [id])
|
||||
|
||||
userId Int
|
||||
user IdentityUser @relation(fields: [userId], references: [id])
|
||||
|
||||
userIsGroupAdmin Boolean @default(false)
|
||||
|
||||
@@id([groupId, userId])
|
||||
}
|
||||
@@ -52,15 +144,29 @@ model IdentityUser {
|
||||
authDevices IdentityAuthDevice[]
|
||||
}
|
||||
|
||||
model IdentityProfileAttributeName {
|
||||
id Int @id @default(autoincrement())
|
||||
|
||||
realmId Int
|
||||
realm AuthRealm @relation(fields: [realmId], references: [id])
|
||||
|
||||
name String
|
||||
|
||||
attributeUses IdentityProfileNonNormalized[]
|
||||
scopeMappings AuthOauth2ScopeToIdentityProfileAttributeName[]
|
||||
}
|
||||
|
||||
model IdentityProfileNonNormalized {
|
||||
userId Int
|
||||
user IdentityUser @relation(fields: [userId], references: [id])
|
||||
|
||||
hashKey String
|
||||
attributeNameId Int
|
||||
attributeName IdentityProfileAttributeName @relation(fields: [attributeNameId], references: [id])
|
||||
|
||||
hashValue String
|
||||
createdAt DateTime @default(now())
|
||||
|
||||
@@id([userId, hashKey])
|
||||
@@id([userId, attributeNameId])
|
||||
}
|
||||
|
||||
model IdentityUserEmails {
|
||||
@@ -98,7 +204,7 @@ model IdentityAuthDevice {
|
||||
|
||||
model IdentityAuthDeviceNonNormalized {
|
||||
authDeviceId Int
|
||||
davResource IdentityAuthDevice @relation(fields: [authDeviceId], references: [id])
|
||||
authDevice IdentityAuthDevice @relation(fields: [authDeviceId], references: [id])
|
||||
|
||||
hashKey String
|
||||
hashValue String
|
||||
|
||||
Reference in New Issue
Block a user