72 lines
2.6 KiB
Markdown
72 lines
2.6 KiB
Markdown
# Data Model — Spec 080 Workspace-Managed Tenant Administration Migration
|
|
|
|
This feature is primarily a **routing + panel registration** change. No new entities are required, but the plan relies on these existing domain objects and their relationships.
|
|
|
|
## Entities
|
|
|
|
### Workspace
|
|
- Represents the portfolio/customer context.
|
|
- Key fields (typical): `id`, `name`, `slug` or `uuid`, `archived_at`, timestamps.
|
|
|
|
### WorkspaceMembership
|
|
- Joins a `User` to a `Workspace` with a role.
|
|
- Key fields: `id`, `workspace_id`, `user_id`, `role`, timestamps.
|
|
- Rules:
|
|
- Workspace membership is an isolation boundary for `/admin/*` management.
|
|
|
|
### Tenant (Managed Tenant)
|
|
- Workspace-owned representation of an Entra/Intune tenant.
|
|
- Key fields (from usage in the codebase):
|
|
- `id`
|
|
- `workspace_id`
|
|
- `external_id` (canonical route identifier; Entra tenant GUID)
|
|
- `tenant_id` (Entra tenant ID / GUID — may be same domain meaning depending on model)
|
|
- `name`, `domain`, `environment`
|
|
- `metadata` (JSON)
|
|
- `archived_at` (if supported)
|
|
- timestamps
|
|
- Notes:
|
|
- `{tenant}` route parameter refers to `Tenant.external_id` in both `/admin/tenants/{tenant}` and `/admin/t/{tenant}`.
|
|
|
|
### TenantMembership
|
|
- Joins a `User` to a `Tenant` with a tenant role.
|
|
- Key fields: `id`, `tenant_id`, `user_id`, `role`, timestamps.
|
|
- Rules:
|
|
- Tenant membership is an isolation boundary for `/admin/t/{tenant}/*`.
|
|
- Guardrails: cannot remove/demote the last Owner (existing rule in constitution and code).
|
|
|
|
### ProviderConnection
|
|
- Stores provider integration configuration for a managed tenant.
|
|
- Key fields (from resource usage):
|
|
- `id`, `workspace_id`, `tenant_id`
|
|
- `provider`
|
|
- `display_name`
|
|
- `entra_tenant_id`
|
|
- `is_default`
|
|
- `status`, `health_status`
|
|
- timestamps
|
|
- Notes:
|
|
- Treated as workspace-managed configuration, but scoped to a specific managed tenant via FK.
|
|
|
|
### AuditLog
|
|
- Append-only record of security/management events.
|
|
- Required attributes (per spec): `workspace_id`, `tenant_id`, `actor_id`, `action_id`, redacted metadata, timestamp.
|
|
|
|
### OperationRun
|
|
- Existing observability record for long-running operations.
|
|
- This migration itself should not introduce new runs; management page renders must be DB-only.
|
|
|
|
## Relationships (high level)
|
|
|
|
- Workspace 1—* WorkspaceMembership
|
|
- Workspace 1—* Tenant
|
|
- Tenant 1—* TenantMembership
|
|
- Tenant 1—* ProviderConnection
|
|
- Workspace 1—* ProviderConnection
|
|
- Workspace/Tenant 1—* AuditLog
|
|
|
|
## State & Transitions
|
|
|
|
- This feature does not add new domain state transitions.
|
|
- Any existing onboarding/activation state changes remain workspace-managed in UI (per spec) and must continue to be audited.
|