Skip to main content

Data Model

This page explains the core entities and how permissions are applied.

Core Entities

Entity	Description
Tenant	Logical partition for users and roles
User	Account identity; belongs to one or more tenants
Role	Named role scoped to a tenant (or global for platform roles)
Feature	A capability domain (e.g., `USER_MGMT`)
Permission	Boolean map for a feature: `read`, `create`, `update`, `delete`, `restore`; optional `extraActions`
PermissionAssignment	Assigns a Permission to a subject (usually a Role). Unique key: `(permissionId, subjectType, subjectId)`
FeatureFlag	Toggle for features at runtime for a subject (user/role/tenant)
Consent	User consents; see DTOs under the backend
Session & LoginAttempt	Session management and auditing

Relationships

Users link to Tenants via userTenant join
Users have Roles within a Tenant via userRole join
Roles receive capability via PermissionAssignments
Permissions refer to a Feature; Features are the canonical capability keys

Uniques & Idempotency

Entity	Unique Constraint
Features	Unique on `name`
Roles	Unique on `name` (per namespace)
Permission	Unique on `(featureId)`
PermissionAssignment	Composite unique `(permissionId, subjectType, subjectId)`

Seed scripts use upserts on these uniques to remain idempotent (see libs/prisma/access-control-client/prisma/SEEDS.md).

Core Entities
Relationships
Uniques & Idempotency