Skip to content

Commit 6ae5e75

Browse files
committed
Align database identity schema with key-based audit governance - PR_26164_092-fix-db-identity-governance
1 parent 9bc7a8d commit 6ae5e75

6 files changed

Lines changed: 508 additions & 179 deletions

File tree

docs_build/database/README.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ Database schema and setup review artifacts are owned outside runtime source.
88
- DEV setup or DML review artifacts belong in `docs_build/database/dml/`.
99
- DDL must not be placed under `src/` or `docs/`.
1010
- DML files in this folder are temporary setup/review artifacts unless promoted by a future Admin Site Setup workflow.
11+
- Identity records use `key` as the primary identifier. Shared audit ownership uses `createdBy` and `updatedBy` references to `users.key`.
1112

1213
## Execution Boundary
1314

docs_build/database/ddl/dev-app-identity-schema.sql

Lines changed: 28 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -2,32 +2,42 @@
22
-- Ownership: docs_build/database/ddl/
33
-- Target DEV database: gamefoundry_dev
44
-- Scope: app identity tables only. No custom password tables are defined here.
5-
6-
CREATE EXTENSION IF NOT EXISTS pgcrypto;
5+
-- Identity ownership follows the project key-based governance model.
76

87
CREATE TABLE IF NOT EXISTS users (
9-
id uuid PRIMARY KEY DEFAULT gen_random_uuid(),
10-
auth_provider text,
11-
auth_subject text,
8+
key text PRIMARY KEY,
9+
"displayName" text NOT NULL DEFAULT 'Creator',
1210
email text,
13-
display_name text NOT NULL DEFAULT 'Creator',
14-
created_at timestamptz NOT NULL DEFAULT now(),
15-
updated_at timestamptz NOT NULL DEFAULT now(),
16-
CONSTRAINT users_auth_identity_unique UNIQUE (auth_provider, auth_subject)
11+
"authProvider" text,
12+
"authProviderUserId" text,
13+
"isActive" boolean NOT NULL DEFAULT true,
14+
"createdAt" timestamptz NOT NULL DEFAULT now(),
15+
"updatedAt" timestamptz NOT NULL DEFAULT now(),
16+
"createdBy" text REFERENCES users(key) ON DELETE SET NULL,
17+
"updatedBy" text REFERENCES users(key) ON DELETE SET NULL,
18+
CONSTRAINT users_auth_identity_unique UNIQUE ("authProvider", "authProviderUserId")
1719
);
1820

1921
CREATE TABLE IF NOT EXISTS roles (
20-
id integer GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
21-
slug text NOT NULL UNIQUE,
22-
display_name text NOT NULL,
22+
key text PRIMARY KEY,
23+
"roleSlug" text NOT NULL UNIQUE,
24+
name text NOT NULL,
2325
description text NOT NULL DEFAULT '',
24-
created_at timestamptz NOT NULL DEFAULT now(),
25-
updated_at timestamptz NOT NULL DEFAULT now()
26+
"isSystemRole" boolean NOT NULL DEFAULT false,
27+
"isActive" boolean NOT NULL DEFAULT true,
28+
"createdAt" timestamptz NOT NULL DEFAULT now(),
29+
"updatedAt" timestamptz NOT NULL DEFAULT now(),
30+
"createdBy" text NOT NULL REFERENCES users(key),
31+
"updatedBy" text NOT NULL REFERENCES users(key)
2632
);
2733

2834
CREATE TABLE IF NOT EXISTS user_roles (
29-
user_id uuid NOT NULL REFERENCES users(id) ON DELETE CASCADE,
30-
role_id integer NOT NULL REFERENCES roles(id) ON DELETE CASCADE,
31-
created_at timestamptz NOT NULL DEFAULT now(),
32-
PRIMARY KEY (user_id, role_id)
35+
key text PRIMARY KEY,
36+
"userKey" text NOT NULL REFERENCES users(key) ON DELETE CASCADE,
37+
"roleKey" text NOT NULL REFERENCES roles(key) ON DELETE CASCADE,
38+
"createdAt" timestamptz NOT NULL DEFAULT now(),
39+
"updatedAt" timestamptz NOT NULL DEFAULT now(),
40+
"createdBy" text NOT NULL REFERENCES users(key),
41+
"updatedBy" text NOT NULL REFERENCES users(key),
42+
CONSTRAINT user_roles_user_role_unique UNIQUE ("userKey", "roleKey")
3343
);

docs_build/database/dml/dev-app-identity-temporary-setup-review.sql

Lines changed: 103 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -3,14 +3,107 @@
33
-- UAT and production SQL execution is user-controlled.
44
-- Long-term seed behavior belongs in Admin -> Site Setup, not permanent seed SQL.
55
-- Target DEV database: gamefoundry_dev
6+
-- The inactive setup user exists only to satisfy audit ownership references; it is not login behavior.
67

7-
INSERT INTO roles (slug, display_name, description)
8-
VALUES
9-
('admin', 'Admin', 'Can manage site configuration and review operational setup.'),
10-
('creator', 'Creator', 'Can create and manage games, assets, and publishing workflows.'),
11-
('user', 'User', 'Can use signed-in platform features.'),
12-
('guest', 'Guest', 'Can explore public and guest-safe areas.')
13-
ON CONFLICT (slug) DO UPDATE SET
14-
display_name = EXCLUDED.display_name,
15-
description = EXCLUDED.description,
16-
updated_at = now();
8+
WITH setup_user AS (
9+
INSERT INTO users (
10+
key,
11+
"displayName",
12+
email,
13+
"authProvider",
14+
"authProviderUserId",
15+
"isActive",
16+
"createdAt",
17+
"updatedAt",
18+
"createdBy",
19+
"updatedBy"
20+
)
21+
VALUES (
22+
'dev-setup-user',
23+
'DEV setup user',
24+
NULL,
25+
NULL,
26+
NULL,
27+
false,
28+
now(),
29+
now(),
30+
'dev-setup-user',
31+
'dev-setup-user'
32+
)
33+
ON CONFLICT (key) DO UPDATE SET
34+
"displayName" = EXCLUDED."displayName",
35+
email = EXCLUDED.email,
36+
"authProvider" = EXCLUDED."authProvider",
37+
"authProviderUserId" = EXCLUDED."authProviderUserId",
38+
"isActive" = EXCLUDED."isActive",
39+
"updatedAt" = now(),
40+
"updatedBy" = EXCLUDED."updatedBy"
41+
RETURNING key
42+
),
43+
role_seed (key, role_slug, name, description, is_system_role, is_active) AS (
44+
VALUES
45+
('role-admin', 'admin', 'Admin', 'Can manage site configuration and review operational setup.', false, true),
46+
('role-creator', 'creator', 'Creator', 'Can create and manage games, assets, and publishing workflows.', false, true),
47+
('role-user', 'user', 'User', 'Can use signed-in platform features.', false, true),
48+
('role-guest', 'guest', 'Guest', 'Can explore public and guest-safe areas.', false, true)
49+
),
50+
upsert_roles AS (
51+
INSERT INTO roles (
52+
key,
53+
"roleSlug",
54+
name,
55+
description,
56+
"isSystemRole",
57+
"isActive",
58+
"createdAt",
59+
"updatedAt",
60+
"createdBy",
61+
"updatedBy"
62+
)
63+
SELECT
64+
role_seed.key,
65+
role_seed.role_slug,
66+
role_seed.name,
67+
role_seed.description,
68+
role_seed.is_system_role,
69+
role_seed.is_active,
70+
now(),
71+
now(),
72+
setup_user.key,
73+
setup_user.key
74+
FROM role_seed
75+
CROSS JOIN setup_user
76+
ON CONFLICT (key) DO UPDATE SET
77+
"roleSlug" = EXCLUDED."roleSlug",
78+
name = EXCLUDED.name,
79+
description = EXCLUDED.description,
80+
"isSystemRole" = EXCLUDED."isSystemRole",
81+
"isActive" = EXCLUDED."isActive",
82+
"updatedAt" = now(),
83+
"updatedBy" = EXCLUDED."updatedBy"
84+
RETURNING key, "roleSlug"
85+
)
86+
INSERT INTO user_roles (
87+
key,
88+
"userKey",
89+
"roleKey",
90+
"createdAt",
91+
"updatedAt",
92+
"createdBy",
93+
"updatedBy"
94+
)
95+
SELECT
96+
'dev-setup-user-role-admin',
97+
setup_user.key,
98+
upsert_roles.key,
99+
now(),
100+
now(),
101+
setup_user.key,
102+
setup_user.key
103+
FROM setup_user
104+
JOIN upsert_roles ON upsert_roles."roleSlug" = 'admin'
105+
ON CONFLICT (key) DO UPDATE SET
106+
"userKey" = EXCLUDED."userKey",
107+
"roleKey" = EXCLUDED."roleKey",
108+
"updatedAt" = now(),
109+
"updatedBy" = EXCLUDED."updatedBy";
Lines changed: 105 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,105 @@
1+
# PR_26164_092-fix-db-identity-governance
2+
3+
## Branch Validation
4+
5+
PASS: current branch is `main`.
6+
7+
## Scope Summary
8+
9+
PASS: Scoped to fixing the DB DDL/DML governance issues from PR_26164_091 only.
10+
11+
Changed files:
12+
13+
- `docs_build/database/README.md`
14+
- `docs_build/database/ddl/dev-app-identity-schema.sql`
15+
- `docs_build/database/dml/dev-app-identity-temporary-setup-review.sql`
16+
17+
## Requirement Checklist
18+
19+
| Requirement | Status | Evidence |
20+
| --- | --- | --- |
21+
| Read `docs_build/dev/PROJECT_INSTRUCTIONS.md` before execution | PASS | Project instructions were read before implementation. |
22+
| Verify current branch is `main` before changes | PASS | `git branch --show-current` returned `main`. |
23+
| Scope to DB DDL/DML governance issues from PR_26164_091 only | PASS | Only database governance docs, DDL, DML, and reports changed. |
24+
| Use project governance model | PASS | DDL now uses key-based identity records and shared audit ownership fields. |
25+
| Do not use legacy id ownership model | PASS | SQL audit found no legacy id-based identity ownership patterns in DDL/DML. |
26+
| Use key-based records | PASS | `users`, `roles`, and `user_roles` each define `key text PRIMARY KEY`. |
27+
| Audit fields exist on shared records | PASS | `createdAt`, `updatedAt`, `createdBy`, and `updatedBy` exist on all three identity tables. |
28+
| Ownership fields reference `users.key` | PASS | `createdBy` and `updatedBy` reference `users(key)`; `user_roles.userKey` references `users(key)`. |
29+
| Keep DDL under `docs_build/database/ddl/` | PASS | Identity DDL remains in `docs_build/database/ddl/dev-app-identity-schema.sql`. |
30+
| Keep temporary DML/setup under `docs_build/database/dml/` | PASS | Temporary setup SQL remains in `docs_build/database/dml/dev-app-identity-temporary-setup-review.sql`. |
31+
| Do not place DDL under `src/` or `docs/` | PASS | Validation found no `.sql` or `.ddl` files under `src/` or `docs/`. |
32+
| Do not reintroduce MEM DB | PASS | Database governance files contain no MEM DB references. |
33+
| Do not introduce Supabase runtime wiring | PASS | No runtime files changed; database governance files contain no Supabase references. |
34+
| Do not add custom password storage tables | PASS | No password storage tables or password hash/salt fields were added. |
35+
| Do not add fake login behavior | PASS | No runtime/auth files changed; the temporary DML setup user is inactive and has no auth provider. |
36+
| Seed roles by role key | PASS | Temporary DML uses role keys such as `role-admin`, `role-creator`, `role-user`, and `role-guest`. |
37+
| Seed user_roles by userKey and roleKey | PASS | Temporary DML inserts `user_roles` with `userKey` and `roleKey`. |
38+
| Mark temporary DML as review/dev setup only | PASS | DML header states it is a temporary setup/review artifact and DEV review only until Admin -> Site Setup owns setup behavior. |
39+
40+
## Identity Schema Governance Audit
41+
42+
PASS: `users` uses:
43+
44+
- `key text PRIMARY KEY`
45+
- `createdAt`
46+
- `updatedAt`
47+
- `createdBy` referencing `users(key)`
48+
- `updatedBy` referencing `users(key)`
49+
50+
PASS: `roles` uses:
51+
52+
- `key text PRIMARY KEY`
53+
- `createdAt`
54+
- `updatedAt`
55+
- `createdBy` referencing `users(key)`
56+
- `updatedBy` referencing `users(key)`
57+
58+
PASS: `user_roles` uses:
59+
60+
- `key text PRIMARY KEY`
61+
- `userKey` referencing `users(key)`
62+
- `roleKey` referencing `roles(key)`
63+
- `createdAt`
64+
- `updatedAt`
65+
- `createdBy` referencing `users(key)`
66+
- `updatedBy` referencing `users(key)`
67+
68+
PASS: Legacy identity ownership patterns are absent from the DDL/DML files.
69+
70+
## DDL/DML Location Audit
71+
72+
PASS: DDL is only under `docs_build/database/ddl/`.
73+
74+
PASS: Temporary DML/setup SQL is only under `docs_build/database/dml/`.
75+
76+
PASS: No `.sql` or `.ddl` files exist under `src/` or `docs/`.
77+
78+
## MEM DB Reintroduction Audit
79+
80+
PASS: Scoped database governance files were scanned and do not contain MEM DB, Local Mem, or MockDbAdapter references.
81+
82+
## Validation Lane Report
83+
84+
Playwright impacted: No.
85+
86+
No Playwright impact. This PR is a DDL/DML governance fix only.
87+
88+
Validation commands:
89+
90+
- PASS: `git diff --check`
91+
- PASS: no DDL files under `src/` or `docs/`
92+
- PASS: identity DDL key-primary audit
93+
- PASS: identity DDL audit-field audit
94+
- PASS: ownership fields reference `users.key`
95+
- PASS: no legacy id-based identity ownership patterns remain in DDL/DML
96+
- PASS: no MEM DB references in database governance files
97+
- PASS: no Supabase runtime wiring or password storage table references
98+
- PASS: temporary DML review/dev setup marker and key-reference audit
99+
100+
## Manual Validation Notes
101+
102+
- Confirmed the DDL no longer defines generated numeric or UUID identity ownership columns.
103+
- Confirmed the temporary setup SQL uses role keys and joins by `userKey` / `roleKey`.
104+
- Confirmed no runtime JavaScript, auth client, account page, fake login behavior, or Playwright test changes were made.
105+
- Full samples smoke test was not run because this PR is DDL/DML governance only.

docs_build/dev/reports/codex_changed_files.txt

Lines changed: 11 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -2,25 +2,23 @@
22

33
## git status --short
44
```
5-
M admin/site-settings.html
6-
A docs_build/database/README.md
7-
A docs_build/database/ddl/dev-app-identity-schema.sql
8-
A docs_build/database/dml/dev-app-identity-temporary-setup-review.sql
9-
A docs_build/dev/reports/PR_26164_091-db-ddl-site-setup-governance.md
5+
M docs_build/database/README.md
6+
M docs_build/database/ddl/dev-app-identity-schema.sql
7+
M docs_build/database/dml/dev-app-identity-temporary-setup-review.sql
8+
A docs_build/dev/reports/PR_26164_092-fix-db-identity-governance.md
109
M docs_build/dev/reports/codex_changed_files.txt
1110
M docs_build/dev/reports/codex_review.diff
1211
```
1312

1413
## git diff --cached --stat
1514
```
16-
admin/site-settings.html | 2 +-
17-
docs_build/database/README.md | 18 +
18-
.../database/ddl/dev-app-identity-schema.sql | 33 +
19-
.../dev-app-identity-temporary-setup-review.sql | 16 +
20-
.../PR_26164_091-db-ddl-site-setup-governance.md | 84 +
21-
docs_build/dev/reports/codex_changed_files.txt | 89 +-
22-
docs_build/dev/reports/codex_review.diff | 2018 ++------------------
23-
7 files changed, 331 insertions(+), 1929 deletions(-)
15+
docs_build/database/README.md | 1 +
16+
.../database/ddl/dev-app-identity-schema.sql | 46 ++-
17+
.../dev-app-identity-temporary-setup-review.sql | 113 +++++-
18+
.../PR_26164_092-fix-db-identity-governance.md | 105 ++++++
19+
docs_build/dev/reports/codex_changed_files.txt | 24 +-
20+
docs_build/dev/reports/codex_review.diff | 398 ++++++++++++++-------
21+
6 files changed, 507 insertions(+), 180 deletions(-)
2422
```
2523

2624
## git diff --stat

0 commit comments

Comments
 (0)