49 lines
1.6 KiB
SQL
49 lines
1.6 KiB
SQL
-- Migration 002: Create profile tables
|
|
-- Profiles are the base for authentication/authorization
|
|
-- TeamProfile: role-based access (Admin > TeamLeader > TeamMember)
|
|
-- CustomerProfile: data-scoped access via customer_profile_access M2M
|
|
|
|
-- Team member profiles (internal users)
|
|
-- Note: id IS the Kratos identity UUID - no separate ory_kratos_id column
|
|
-- This allows Oathkeeper's X-User-ID header to be used directly for profile lookup
|
|
CREATE TABLE team_profiles (
|
|
id UUID PRIMARY KEY, -- = Kratos identity.id (not auto-generated)
|
|
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
|
|
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
|
|
|
|
-- Contact info
|
|
first_name VARCHAR(100) NOT NULL,
|
|
last_name VARCHAR(100) NOT NULL,
|
|
phone VARCHAR(20),
|
|
email VARCHAR(254),
|
|
|
|
-- Authorization
|
|
role team_role NOT NULL DEFAULT 'TEAM_MEMBER',
|
|
status entity_status NOT NULL DEFAULT 'ACTIVE',
|
|
|
|
notes TEXT
|
|
);
|
|
|
|
-- Customer profiles (external users)
|
|
-- Note: id IS the Kratos identity UUID - no separate ory_kratos_id column
|
|
CREATE TABLE customer_profiles (
|
|
id UUID PRIMARY KEY, -- = Kratos identity.id (not auto-generated)
|
|
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
|
|
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
|
|
|
|
-- Contact info
|
|
first_name VARCHAR(100) NOT NULL,
|
|
last_name VARCHAR(100) NOT NULL,
|
|
phone VARCHAR(20),
|
|
email VARCHAR(254),
|
|
|
|
status entity_status NOT NULL DEFAULT 'ACTIVE',
|
|
|
|
notes TEXT
|
|
);
|
|
|
|
-- Indexes for common queries
|
|
CREATE INDEX idx_team_profiles_status ON team_profiles(status);
|
|
CREATE INDEX idx_team_profiles_role ON team_profiles(role);
|
|
CREATE INDEX idx_customer_profiles_status ON customer_profiles(status);
|