243 lines
5.5 KiB
Plaintext
243 lines
5.5 KiB
Plaintext
generator client {
|
|
provider = "prisma-client-js"
|
|
}
|
|
|
|
datasource db {
|
|
provider = "sqlite"
|
|
url = "file:../../data/core.db"
|
|
}
|
|
|
|
//
|
|
// Namespace: System
|
|
//
|
|
model SystemSetting {
|
|
hashKey String @id
|
|
hashValueType String
|
|
hashValue String
|
|
}
|
|
|
|
model SystemPostMigration {
|
|
name String @id
|
|
createdAt DateTime @default(now())
|
|
}
|
|
|
|
//
|
|
// Namespace: Auth
|
|
//
|
|
model AuthRealm {
|
|
id Int @id @default(autoincrement())
|
|
name String @unique
|
|
createdAt DateTime @default(now())
|
|
|
|
oauth2Clients AuthOauth2Client[]
|
|
groups IdentityGroup[]
|
|
users IdentityUser[]
|
|
profileAttributeNames IdentityProfileAttributeName[]
|
|
roles AuthRole[]
|
|
}
|
|
|
|
model AuthOauth2Client {
|
|
id Int @id @default(autoincrement())
|
|
|
|
realmId Int
|
|
realm AuthRealm @relation(fields: [realmId], references: [id])
|
|
|
|
clientId String
|
|
clientSecret String?
|
|
|
|
consentRequired Boolean @default(false)
|
|
authorizationCodeFlowEnabled Boolean @default(false)
|
|
resourceOwnerPasswordCredentialsFlowEnabled Boolean @default(false)
|
|
clientCredentialsFlowEnabled Boolean @default(false)
|
|
idTokenEnabled Boolean @default(false)
|
|
refreshTokenEnabled Boolean @default(false)
|
|
|
|
scopeMappings AuthOauth2ClientToAuthOauth2Scope[]
|
|
|
|
@@unique([realmId, clientId])
|
|
}
|
|
|
|
model AuthOauth2Scope {
|
|
id Int @id @default(autoincrement())
|
|
realmId Int
|
|
scope String
|
|
|
|
profileAttributeMappings AuthOauth2ScopeToIdentityProfileAttributeName[]
|
|
clientMappings AuthOauth2ClientToAuthOauth2Scope[]
|
|
|
|
@@unique([realmId, scope])
|
|
}
|
|
|
|
model AuthOauth2ClientToAuthOauth2Scope {
|
|
clientId Int
|
|
oauth2Client AuthOauth2Client @relation(fields: [clientId], references: [id])
|
|
|
|
scopeId Int
|
|
scope AuthOauth2Scope @relation(fields: [scopeId], references: [id])
|
|
|
|
@@id([clientId, scopeId])
|
|
}
|
|
|
|
model AuthOauth2ScopeToIdentityProfileAttributeName {
|
|
scopeId Int
|
|
scope AuthOauth2Scope @relation(fields: [scopeId], references: [id])
|
|
|
|
claimName String
|
|
|
|
attributeId Int
|
|
attributes IdentityProfileAttributeName @relation(fields: [attributeId], references: [id])
|
|
|
|
@@id([scopeId, attributeId])
|
|
@@unique([scopeId, claimName])
|
|
}
|
|
|
|
model AuthRole {
|
|
realmId Int
|
|
realm AuthRealm @relation(fields: [realmId], references: [id])
|
|
|
|
roleName String
|
|
|
|
@@id([realmId, roleName])
|
|
}
|
|
|
|
model AuthAccessAttempt {
|
|
id String @id @default(uuid())
|
|
username String
|
|
ip String
|
|
userAgent String
|
|
requestPath String
|
|
valid Boolean
|
|
attemptedOn DateTime @default(now())
|
|
}
|
|
|
|
//
|
|
// Namespace: Identity
|
|
//
|
|
model EnumIdentityGroupRole {
|
|
enumValue String @id
|
|
|
|
groups IdentityGroup[]
|
|
}
|
|
|
|
model IdentityGroup {
|
|
id Int @id @default(autoincrement())
|
|
|
|
realmId Int
|
|
realm AuthRealm @relation(fields: [realmId], references: [id])
|
|
|
|
role String
|
|
roleRelation EnumIdentityGroupRole @relation(fields: [role], references: [enumValue])
|
|
|
|
name String?
|
|
|
|
users IdentityGroupToIdentityUser[]
|
|
davResources CloudDavResource[]
|
|
}
|
|
|
|
model IdentityGroupToIdentityUser {
|
|
groupId Int
|
|
group IdentityGroup @relation(fields: [groupId], references: [id])
|
|
|
|
userId Int
|
|
user IdentityUser @relation(fields: [userId], references: [id])
|
|
|
|
userIsGroupAdmin Boolean @default(false)
|
|
|
|
@@id([groupId, userId])
|
|
}
|
|
|
|
model IdentityUser {
|
|
id Int @id @default(autoincrement())
|
|
externalId String @unique @default(uuid())
|
|
username String @unique
|
|
|
|
realmId Int
|
|
realm AuthRealm @relation(fields: [realmId], references: [id])
|
|
|
|
groups IdentityGroupToIdentityUser[]
|
|
profileHashMapPairs IdentityProfileNonNormalized[]
|
|
emails IdentityUserEmails[]
|
|
authDevices IdentityAuthDevice[]
|
|
}
|
|
|
|
model IdentityProfileAttributeName {
|
|
id Int @id @default(autoincrement())
|
|
|
|
realmId Int
|
|
realm AuthRealm @relation(fields: [realmId], references: [id])
|
|
|
|
name String
|
|
|
|
attributeUses IdentityProfileNonNormalized[]
|
|
scopeMappings AuthOauth2ScopeToIdentityProfileAttributeName[]
|
|
}
|
|
|
|
model IdentityProfileNonNormalized {
|
|
userId Int
|
|
user IdentityUser @relation(fields: [userId], references: [id])
|
|
|
|
attributeNameId Int
|
|
attributeName IdentityProfileAttributeName @relation(fields: [attributeNameId], references: [id])
|
|
|
|
attributeValue String
|
|
createdAt DateTime @default(now())
|
|
|
|
@@id([userId, attributeNameId])
|
|
}
|
|
|
|
model IdentityUserEmails {
|
|
email String @id
|
|
|
|
userId Int
|
|
user IdentityUser @relation(fields: [userId], references: [id])
|
|
|
|
verified Boolean @default(false)
|
|
default Boolean @default(false)
|
|
}
|
|
|
|
model EnumIdentityAuthDeviceType {
|
|
enumValue String @id
|
|
|
|
authDevices IdentityAuthDevice[]
|
|
}
|
|
|
|
model IdentityAuthDevice {
|
|
id String @id @default(uuid())
|
|
|
|
userId Int
|
|
user IdentityUser @relation(fields: [userId], references: [id])
|
|
|
|
deviceType String
|
|
deviceTypeRelation EnumIdentityAuthDeviceType @relation(fields: [deviceType], references: [enumValue])
|
|
|
|
attributes String
|
|
preferred Boolean
|
|
createdAt DateTime @default(now())
|
|
|
|
@@index([userId])
|
|
@@index([userId, deviceType])
|
|
}
|
|
|
|
//
|
|
// Namespace: cloud-dav
|
|
//
|
|
model EnumCloudDavResourceType {
|
|
enumValue String @id
|
|
|
|
davResources CloudDavResource[]
|
|
}
|
|
|
|
model CloudDavResource {
|
|
id String @id @default(uuid())
|
|
|
|
identityGroupId Int
|
|
IdentityGroup IdentityGroup @relation(fields: [identityGroupId], references: [id])
|
|
|
|
resourceType String
|
|
resourceTypeRelation EnumCloudDavResourceType @relation(fields: [resourceType], references: [enumValue])
|
|
|
|
attributes String
|
|
|
|
@@index([identityGroupId])
|
|
}
|