TenantAtlas/specs/083-required-permissions-hardening/data-model.md

Data Model — Spec 083

This feature is primarily read-only UX + authorization hardening. No new tables are required.

Existing entities (relevant)

Workspace

• Purpose: Isolation boundary for tenant management surfaces.
• Key fields: id.

WorkspaceMembership

• Purpose: Establishes user membership in a workspace.
• Key fields: workspace_id, user_id, role.

Tenant

• Purpose: Managed Entra tenant (scoped to a workspace).
• Key fields: id, external_id (Entra tenant GUID), workspace_id, status, name.

TenantMembership

• Purpose: Tenant entitlement (read-only access at minimum).
• Key fields: tenant_id, user_id, role, source, source_ref.

TenantPermission

• Purpose: Stored permission inventory used by Required Permissions page.
• Key fields: tenant_id, permission_key, status (granted|missing|error), details (JSON), last_checked_at.

Derived / computed values

"Last refreshed"

• Definition: max(tenant_permissions.last_checked_at) for the tenant.
• Stale rule (Spec 083): stale if missing OR older than 30 days.

Summary overall status

Derived from stored permission rows (and freshness):

• Blocked: any missing application permission.
• Needs attention: any warning exists (missing delegated OR error rows folded into warning OR stale freshness).
• Ready: no blockers, no warnings.

State transitions

• None introduced here (page remains read-only). Mutations happen on other surfaces (verification start, provider connection management) and must enforce capability checks there.