ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
5421aa06ae
TenantAtlas/specs/077-workspace-nav-monitoring-hub/data-model.md

67 lines
2.1 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Data Model — Workspace-first Navigation & Monitoring Hub (077)
**Date**: 2026-02-06
**Spec**: [specs/077-workspace-nav-monitoring-hub/spec.md](spec.md)
This feature is primarily information architecture + context enforcement. No new tables are required; the design depends on existing entities and their relationships.
## Entities
### Workspace
Represents a portfolio / customer container (primary context).
- Key fields (existing, relevant):
- `id`
- `name`
- `slug` (optional)
- `archived_at` (nullable)
### WorkspaceMembership
Entitlement relationship between a user and a workspace.
- Key fields (existing, relevant):
- `workspace_id`
- `user_id`
- `role` (e.g. owner/operator/etc; actual role semantics are managed by the capability resolver)
### Tenant (Managed Tenant)
Represents a Microsoft/Intune tenant belonging to a workspace (secondary context via Filament tenancy).
- Key fields (existing, relevant):
- `id`
- `workspace_id` (foreign key to Workspace)
- `external_id` (used in Filament tenancy route `/admin/t/{tenant}`)
- `status` (e.g., active)
### OperationRun
Canonical monitoring record (workspace-level entity; may optionally be linked to a tenant).
- Key fields (existing, relevant):
- `id`
- `workspace_id` (required for access control)
- `tenant_id` (nullable; used for default filtering and “recent operations”)
- `type`, `status`, `outcome`
- timestamps (created/started/completed)
- `context` (JSON)
## Relationships
- Workspace has many WorkspaceMemberships.
- Workspace has many Tenants.
- Workspace has many OperationRuns.
- Tenant belongs to Workspace.
- OperationRun belongs to Workspace.
- OperationRun optionally belongs to Tenant.
## Invariants / Rules enforced by this feature
- Workspace context (`current_workspace_id`) is required for workspace-scoped navigation and access control.
- Tenant context must be consistent with workspace context:
- If tenant is not in current workspace, tenant context is cleared (continue tenantless).
- OperationRun access is controlled by membership in the runs `workspace_id`.
Reference in New Issue View Git Blame Copy Permalink