erDiagram
USER {
bigint id
string email
string password_hash
string name
string locale
boolean sound_new_message
boolean sound_send_message
boolean sound_task_completed
boolean sound_task_error
int sound_master_volume
string stripe_customer_id
timestamp created_at
timestamp updated_at
}
TENANT {
bigint id
string name
string slug
bigint owner_id
timestamp created_at
timestamp updated_at
}
PROJECT {
bigint id
bigint tenant_id
bigint environment_id
string name
string description
string status
string previous_status
string url
string accent
string backend_language
string backend_framework
string frontend_language
string frontend_framework
timestamp created_at
timestamp updated_at
}
PROJECT_VERSION {
bigint id
bigint project_id
int version_number
string description
string status
timestamp created_at
timestamp applied_at
}
CONVERSATION {
bigint id
bigint project_id
bigint user_id
string title
string status
uuid session_id
timestamp created_at
timestamp updated_at
}
MESSAGE {
bigint id
bigint conversation_id
string role
text content
timestamp created_at
}
ACTIVITY {
bigint id
bigint project_id
bigint conversation_id
string agent_role
string event_type
bigint parent_activity_id
string description
string tool_name
string tool_category
string tool_summary
jsonb payload_json
timestamp created_at
}
TODO {
uuid id PK
varchar title
boolean completed
uuid tenant_id FK
timestamp created_at
timestamp updated_at
}
USER_BUDGET {
bigint id
bigint user_id
numeric ai_credit_usd
numeric ai_credit_initial_usd
numeric spending_limit_usd
timestamp updated_at
}
STRIPE_WEBHOOK_EVENTS {
bigint id
string stripe_event_id
string type
text payload_json
timestamp received_at
}
CREDIT_TOPUP {
bigint id
bigint user_id
numeric amount_usd
string stripe_payment_intent_id
string status
timestamp created_at
timestamp completed_at
}
ENVIRONMENT {
bigint id
bigint tenant_id
string kind
string name
string slug
string resource_mode
string status
boolean deletable
string namespace_ref
jsonb config
timestamp created_at
timestamp updated_at
}
USER ||--o{ TENANT : owns
TENANT ||--o{ PROJECT : has
PROJECT }o--o| ENVIRONMENT : deployed_to
TENANT ||--o{ TODO : has
TENANT ||--o{ ENVIRONMENT : has
PROJECT ||--o{ PROJECT_VERSION : has
PROJECT ||--o{ CONVERSATION : has
USER ||--o{ CONVERSATION : starts
CONVERSATION ||--o{ MESSAGE : contains
PROJECT ||--o{ ACTIVITY : has
CONVERSATION ||--o{ ACTIVITY : has
ACTIVITY ||--o{ ACTIVITY : nests
USER ||--|| USER_BUDGET : has
USER ||--o{ CREDIT_TOPUP : initiates
HOSTING_BILLING_ACCOUNT {
bigint id
bigint tenant_id
int billing_anchor_day
timestamp current_period_start
timestamp current_period_end
numeric accrued_charged_usd
string status
timestamp trial_ends_at
timestamp past_due_since
timestamp suspended_at
timestamp created_at
timestamp updated_at
}
HOSTING_CREDIT_LEDGER {
bigint id
bigint tenant_id
bigint environment_id
string type
string source
numeric raw_amount_usd
numeric charged_amount_usd
numeric markup_percent_snapshot
bigint hosting_cost_event_id
bigint billing_period_id
string ref_id
timestamp created_at
}
HOSTING_INVOICE {
bigint id
bigint tenant_id
timestamp period_start
timestamp period_end
numeric total_charged_usd
string stripe_payment_intent_id
string status
int attempt_count
timestamp next_retry_at
timestamp created_at
timestamp settled_at
}
HOSTING_INVOICE_LINE {
bigint id
bigint invoice_id
bigint environment_id
numeric charged_amount_usd
string environment_name_snapshot
}
ENVIRONMENT_CUTOVER_LOG {
bigint id
bigint environment_id
bigint tenant_id
string old_namespace_ref
string new_namespace_ref
string status
timestamp started_at
timestamp completed_at
text error_message
}
HOSTING_COST_EVENT {
bigint id
bigint tenant_id
bigint environment_id
bigint project_id
string resource_kind
timestamp window_start
timestamp window_end
numeric raw_cost_usd
numeric charged_cost_usd
string source_ref
timestamp received_at
}
HOSTING_ENFORCEMENT_LOG {
bigint id
bigint tenant_id
string action
string reason
text details_json
timestamp created_at
}
PRICING_MARKUP_CONFIG {
bigint id
string resource_kind
numeric markup_percent
timestamp effective_from
timestamp effective_to
timestamp created_at
}
USAGE_EVENT {
bigint id
bigint user_id
bigint conversation_id
string model
bigint input_tokens
bigint output_tokens
bigint cache_read_tokens
bigint cache_write_tokens
numeric raw_cost_usd
numeric charged_cost_usd
string executor_type
timestamp created_at
}
API_USAGE_LEDGER {
bigint id
bigint user_id
bigint conversation_id
numeric raw_cost_usd
numeric charged_cost_usd
timestamp window_start
timestamp window_end
timestamp created_at
}
ISSUE {
uuid id PK
string target
bigint project_id
string tenant_slug
bigint reporter_user_id
string reporter_agent
uuid session_id
string title
text description
string kind
string severity
string status
jsonb context_jsonb
bigint resolved_by_user_id
text resolution_note
uuid parent_issue_id
timestamp reported_at
timestamp triaged_at
timestamp resolved_at
}
ISSUE_COMMENT {
uuid id PK
uuid issue_id FK
bigint author_user_id
string author_agent
text body
timestamp created_at
}
WAITLIST_ENTRY {
bigint id
string email
string name
string role
text project_idea
string referral_code
bigint referred_by_id
timestamp created_at
timestamp invited_at
bigint invite_id
}
WAITLIST_JOIN_ATTEMPT {
bigint id
string email_hash
string ip_hash
timestamp created_at
}
INVITE {
bigint id
string token
bigint issued_by_user_id
string issued_to_email
bigint claimed_by_user_id
timestamp issued_at
timestamp expires_at
timestamp claimed_at
timestamp revoked_at
text revoked_reason
string status
}
INVITE_REDEMPTION_ATTEMPT {
bigint id
string token_hash
string ip_hash
string result
timestamp created_at
}
INVITE_GRANT {
bigint id
bigint user_id
int bonus_invites
string reason
timestamp granted_at
}
USER_INVITE_QUOTA {
bigint user_id PK
int max_generation
int issued_count
int claimed_count
timestamp updated_at
}
EMAIL_LOG {
bigint id
string type
string recipient
string subject
string provider_message_id
string status
text error
timestamp created_at
}
REFRESH_TOKEN {
bigint id
bigint user_id
string token_hash
timestamp expires_at
timestamp revoked_at
timestamp created_at
}
PASSWORD_RESET_TOKEN {
bigint id
bigint user_id
string token_hash
timestamp expires_at
timestamp used_at
timestamp created_at
}
AUTH_RATE_LIMIT_ATTEMPT {
bigint id
string key
string kind
timestamp created_at
}
USER_NOTIFICATION_PREFERENCES {
bigint user_id PK
boolean email_billing_alerts
boolean email_security_alerts
boolean email_product_updates
timestamp updated_at
}
GDPR_EXPORT_REQUEST {
bigint id
bigint user_id
string status
string export_url
timestamp requested_at
timestamp completed_at
timestamp expires_at
}
PLATFORM_KILL_SWITCH {
bigint id
string key
boolean enabled
text reason
timestamp updated_at
}
BUILD {
bigint id
bigint project_id
bigint version_id
string kind
string status
text output_log
int exit_code
timestamp started_at
timestamp finished_at
}
DATAPLANE_AUTH_CREDENTIALS {
string rolname PK
string secret
}
TENANT ||--|| HOSTING_BILLING_ACCOUNT : has
TENANT ||--o{ HOSTING_CREDIT_LEDGER : has
TENANT ||--o{ HOSTING_INVOICE : billed_via
HOSTING_INVOICE ||--o{ HOSTING_INVOICE_LINE : contains
ENVIRONMENT ||--o{ HOSTING_INVOICE_LINE : has
ENVIRONMENT ||--o{ HOSTING_CREDIT_LEDGER : attributed_to
ENVIRONMENT ||--o{ ENVIRONMENT_CUTOVER_LOG : logs
ENVIRONMENT ||--o{ HOSTING_COST_EVENT : generates
TENANT ||--o{ HOSTING_ENFORCEMENT_LOG : actions
HOSTING_COST_EVENT ||--o| HOSTING_CREDIT_LEDGER : settles
USER ||--o{ USAGE_EVENT : drives
CONVERSATION ||--o{ USAGE_EVENT : tracks
USER ||--o{ API_USAGE_LEDGER : has
TENANT ||--o{ ISSUE : reports
USER ||--o{ ISSUE : reports
PROJECT }o--o{ ISSUE : about
ISSUE ||--o{ ISSUE_COMMENT : has
ISSUE ||--o{ ISSUE : parent_of
WAITLIST_ENTRY ||--o| WAITLIST_ENTRY : referred_by
WAITLIST_ENTRY ||--o| INVITE : issued
USER ||--o{ INVITE : issues
USER ||--o| INVITE : claims
USER ||--o{ INVITE_GRANT : receives
USER ||--|| USER_INVITE_QUOTA : has
USER ||--o{ REFRESH_TOKEN : has
USER ||--o{ PASSWORD_RESET_TOKEN : requests
USER ||--|| USER_NOTIFICATION_PREFERENCES : has
USER ||--o{ GDPR_EXPORT_REQUEST : requests
PROJECT ||--o{ BUILD : has
PROJECT_VERSION ||--o{ BUILD : produces
Entity Descriptions
- User — Registered TalkIDE user. Owns one or more tenants. Authenticates via email and
password.
passwordHashstores the bcrypt hash.localestores the UI language preference (endefault,cssupported); changed viaPUT /me/locale. Sound preference columns (sound_new_message,sound_send_message,sound_task_completed,sound_task_error,sound_master_volume) store per-user notification sound settings; changed viaPUT /me/sound-preferences. All preference columns have DB-level defaults matching the product defaults (see UC-01007). - Tenant — Top-level organizational unit (one per user in MVP). Scopes all projects.
slugis a URL-friendly identifier derived from the owner’s email.ownerIdreferences the User who created the tenant.updatedAtis refreshed whenever tenant settings are changed. - Project — A web application being built by the user. Belongs to a tenant.
statusis one ofDRAFT/BUILDING/LIVE/UPDATED/PAUSED/ARCHIVED.DRAFTmeans the project has never been deployed.UPDATEDmeans the project was previously LIVE but has unpublished local changes (like a git working tree with uncommitted changes vs. production).urlis the project’s deployed URL (e.g.,wildwood-bakery.talkide.app), nullable and unique across all projects.accentis a CSS color string for the project card (e.g.,oklch(0.78 0.15 70)), one of the 6 oklch presets defined in the design system. The chosen tech stack is stored in 4 structured columns:backendLanguage(defaultKotlin),backendFramework(defaultSpring Boot),frontendLanguage(defaultTypeScript),frontendFramework(defaultVue.js). All 4 columns are NOT NULL with DB-level defaults; the legacy singletechStackcolumn was dropped (see UC-03002).environmentIdis a nullable FK toenvironment(id)(added by migration0040-add-environment-id-to-projects.xml, F3).NULLmeans the project uses the tenant’s DEFAULT „TalkIDE” environment (implicit fallback).ON DELETE SET NULLensures that deleting a USER_CREATED environment resets the FK to NULL automatically (projects fall back to DEFAULT). Managed via UC-10013. - ProjectVersion — A snapshot of a project after a vibecoding session.
versionNumberis sequential within a project.statusis one ofDRAFT/APPLYING/APPLIED/ROLLED_BACK/FAILED.appliedAtis set when the version becomes active. - Conversation — A vibecoding session between a user and the AI PM, scoped to a project.
statusis one ofACTIVE/CLOSED. A project has at most one ACTIVE conversation at a time.updatedAtis refreshed every time a new message is added to the conversation.sessionIdis a UUID linking the conversation to a Claude Code CLI session. It is null until the first message triggers AI processing, then set to a generated UUID. It can be regenerated if the CLI session is lost. - Message — A single message within a conversation.
roleis one ofUSER/PM/SYSTEM.contentis free text (markdown supported for PM messages). - Activity — A single event emitted by a Claude Code CLI agent during a vibecoding session.
Scoped to a project and conversation.
event_typeis one ofTASK_STARTED/TOOL_USE/AGENT_MESSAGE/TASK_COMPLETED.agent_roleis the technical key of the agent that produced the event (e.g.talkide-frontend-dev).parent_activity_idself-references theTASK_STARTEDrow that owns this event (null for top-level events).tool_namestores the raw Claude tool name (e.g.Read,Bash); set only forTOOL_USE.tool_categorystores the business-level category enum:READING | EDITING | EXECUTING | DELEGATING | BROWSING | OTHER; set only forTOOL_USE, null for non-tool event types.tool_summaryis a short human-readable summary of the tool input.payload_jsonholds the raw tool input or agent message text (internal, not exposed via API). See UC-05001 for the full parsing rules and column constraints. - Todo — A simple task item scoped to a tenant.
titleis the task description (max 255 characters, not null).completeddefaults tofalseand is toggled via a dedicated endpoint.tenantIdscopes the todo to a tenant — users can only access todos within their own tenant. - UserBudget — Tracks the user’s Anthropic API credit balance and optional monthly spending cap.
Uses a credit model (migration
0011):ai_credit_usdholds the current remaining credit,ai_credit_initial_usdholds the initial credit amount. Current spend is derived asai_credit_initial_usd - ai_credit_usd(noused_centscolumn).spending_limit_usdis the user-configured monthly cap (NUMERIC(10,2) NULL;null= unlimited); managed via UC-10005. Alert thresholds (80 % / 100 %) are evaluated by the gateway on each turn (UC-08001). Added columnspending_limit_usdvia migration0024-add-spending-limit-to-user-budget.xml. - StripeWebhookEvents — Audit log of all inbound Stripe webhook events.
stripe_event_idhas a unique constraint to enforce idempotence (duplicate deliveries from Stripe are ignored).typestores the Stripe event type string (e.g.invoice.paid).payload_jsonstores the raw Stripe event JSON for debugging and replay. Managed via UC-10006. Created by migration0025-create-stripe-webhook-events.xml. - Environment — Prostředí (first-class entita dle ADR-026). Patří tenantovi; jeden tenant má N prostředí.
kindjeDEFAULT(nesmazatelné „TalkIDE” prostředí, hostí Preview + worker) neboUSER_CREATED.resource_modejeSHARED(sdílená K8s/DB/storage infrastruktura) neboDEDICATED(dedikované resources — F5, post-alfa).statusjeACTIVE,SUSPENDEDneboDEPROVISIONING.deletable=falseje hardcoded prokind=DEFAULT.namespace_refodkazuje na K8s namespace (F1:tenant-{slug}; po F4 cut-overu:{tenant}-talkide).configje JSONB seam pro budoucí sizing/tier konfiguraci (F1: vždy null). Vzniká lazy (get-or-create) při prvním úkonu tenanta. Managed via UC-10010 (F1) a UC-10011 (F3+). Created by migration0033-create-environment.xml. - HostingBillingAccount — Postpaid billing účet stavu per tenant (1:1 s tenantem).
billing_anchor_day(default 1) je seam pro billing anchor den dle DP-5.accrued_charged_usdje denormalizovaný běžící součet charged hodnot za aktuální periodu (rychlý read/enforcement).statusnabýváACTIVE,CAP_REACHED,PAST_DUEneboSUSPENDED— v F2 je SUSPENDED čistě záznamový (žádná infra akce); od F4 SUSPENDED triggeruje hard scale-to-zero enforcement přesHostingEnforcementService(OD-2 LOCKED).trial_ends_atje čas konce trialu (NULL = bez trialu); nastaveno při 1. Publish (DP-1).past_due_sincezaznamenává začátek PAST_DUE periody pro dunning 7d grace countdown.suspended_atzaznamenává okamžik přechodu do SUSPENDED stavu (F4, nullable; NULL = nikdy suspendován nebo již obnoven). Vzniká lazy při 1. Publish (vzor jako F1 EnvironmentService). Created by migration0036-create-hosting-billing-account.xml;suspended_atpřidán v0041-add-suspended-at-to-hosting-billing-account.xml(F4). - EnvironmentCutoverLog — Auditní log operací zero-downtime namespace cut-over (F4, ADR-026). Jeden řádek per pokus o cut-over prostředí.
statusjeIN_PROGRESS,COMPLETED,FAILEDneboROLLED_BACK.old_namespace_refanew_namespace_refzachovávají původní a cílový namespace (umožňují rollback).error_messagepopisuje důvod selhání přiFAILED/ROLLED_BACK. Umožňuje bezpečný operační rollback (starý namespace_ref je vždy znám). Created by migration0042-create-environment-cutover-log.xml(F4). - HostingCreditLedger — Append-only účetní ledger hosting nákladů per tenant.
typejeCREDITneboDEBIT.sourcejeHOSTING_USAGE(z OpenCost),INVOICE_SETTLEMENT(úhrada faktury),ADJUSTMENT(⚠️TRIAL_INCLUDED/TOPUP/AUTOPAYodstraněny v be#142 — prepaid back-door zrušen 2026-05-23, DP-7).settlement_modesloupec odstraněn v be#142 (hosting je výhradně postpaid, žádné future prepaid doors).raw_amount_usdacharged_amount_usd(= raw × markup) jsou NUMERIC(20,6);markup_percent_snapshotzachycuje marži v okamžiku debitu (UC-10008 kontrakt).hosting_cost_event_idFK zajišťuje idempotenci (UNIQUE WHEREsource='HOSTING_USAGE').billing_period_idFK nahosting_invoicepropojí DEBIT řádky s fakturou při uzávěrce. Nikdy se nemutuje (append-only invariant). Created by migration0035-create-hosting-credit-ledger.xml. - HostingInvoice — Měsíční postpaid hosting faktura per tenant.
period_start/period_enddefinují fakturační periodu; UNIQUE constraint(tenant_id, period_start, period_end)zabraňuje duplicitě.total_charged_usd= součet per-envhosting_invoice_lineřádků.statusjeDRAFT,OPEN,PAID,FAILEDneboVOID.attempt_count/next_retry_atjsou seam pro dunning pipeline (DP-3: 3 retry +0/+2/+5 dní). StripePaymentIntentje trackován přesstripe_payment_intent_id. Settled via UC-10006payment_intent.succeededwebhook. Created by migration0037-create-hosting-invoice.xml. - HostingInvoiceLine — Řádek faktury per prostředí (OD-6: jedna faktura per tenant, per-env řádky).
environment_idFK propojuje řádek s prostředím;environment_name_snapshotzachovává název prostředí v okamžiku fakturace (pro historické zobrazení i po přejmenování). Created by migration0038-create-hosting-invoice-line.xml. - CreditTopup — Záznam o jednorázovém dobití AI kreditu.
amount_usdje dobíjená částka (min $5, max $500).stripe_payment_intent_idje Stripepi_...identifikátor s UNIQUE constraintem pro idempotenci na DB úrovni — nastaveno po úspěšném volání Stripe API.statusnabývá hodnotPENDING(po vytvoření PaymentIntent),SUCCEEDED(po doručenípayment_intent.succeededwebhookem), neboFAILED(po doručenípayment_intent.payment_failedwebhookem).created_atje čas odeslání požadavku na Stripe,completed_atje čas zpracování webhookem. Managed via UC-10007. Created by migration0027-create-credit-topup.xml. - HostingCostEvent — Append-only záznam raw hosting cost čísla z OpenCost / billing exporteru per tenant + environment (+ project, pokud lze atribuovat).
resource_kindjeCPU/MEMORY/STORAGE/EGRESS/OTHER.window_start/window_enddefinují observační okno (hourly nebo daily granularita).raw_cost_usd= neat markupovaná infra cena,charged_cost_usd= po aplikaci markup config (UC-10008).source_refpropojuje na externí source (OpenCost ID nebo cron run id). FK target prohosting_credit_ledger.hosting_cost_event_id(idempotence DEBIT). Created by migration0030-create-hosting-cost-events-table.xml;environment_idpřidán v0034-add-environment-id-to-hosting-cost-events.xml. Managed via UC-10008, UC-10016. - HostingEnforcementLog — Audit hard enforcement akcí podle UC-10015.
actionjeSCALE_TO_ZERO,RESUME,SUSPEND_TENANT,WARN.reasonukazuje na trigger (PAST_DUE_GRACE_EXPIRED,CAP_REACHED,MANUAL_ADMIN, …).details_jsondrží konkrétní namespaces, podů a původní replicas pro idempotentní rollback. Created by migration0045-create-hosting-enforcement-log.xml. - PricingMarkupConfig — Konfigurace markup procenta per resource kind v čase. Verzovaný —
effective_from+effective_todefinují validity window. UC-10008 použije při výpočtucharged_cost_usdmarkup snapshot platný v okamžikuhosting_cost_event.received_at. Created by migration0031-create-pricing-markup-config.xml. - UsageEvent — Per-turn Anthropic API call accounting. Vzniká v gateway-proxy (UC-08001) po dokončení každého Anthropic callu (CLI i NETWORK_WORKER cesta).
modelje název Anthropic modelu (např.claude-sonnet-4-5). Token countery rozlišujíinput/output/cache_read/cache_write— cena se počítá z těchto čísel × per-model rate.charged_cost_usd=raw_cost_usd× markup (UC-10008).executor_typerozlišuje pro analytics (CLI= 0 cost v Max plánu,SIDECAR= historická hodnota pro pre-ADR-024 záznamy,NETWORK_WORKER= current production).charged_cost_usdpřidán v0032-add-charged-cost-to-usage-events.xml. - ApiUsageLedger — Aggregated AI usage per user × time window. Drift-free zdroj pro UC-10016 (usage breakdown). Aggregátor čte
usage_eventsa roluje do per-conversation / per-window řádků. Used byUserBudgetServicepro pre-call budget check + post-call debit. - Issue — UC-09 issue záznam reportovaný Marou nebo uživatelem (
reporter_agent=MARA/USER). Protarget=PLATFORMjeproject_idNULL, protarget=PROJECTje nutné (Phase 3).tenant_slugdenormalizovaný kvůli cross-tenant search bez JOINu.context_jsonbdrží server-side enriched context (conversation snippet, k8s events, pod log snippet, project state).statusjeOPEN/TRIAGED/RESOLVED/DUPLICATE.kindjeBUG/FEATURE/QUESTION/OTHER.severityjeLOW/MEDIUM/HIGH/CRITICAL. Append-only ze strany reportera — všechny update operace přes admin triage (UC-09004). UUID id (security: public URL nepředvídatelnost). Created by migration0019-create-issues-tables.xml. Mara reportuje přes workertalkide-issue-trackingMCP server (be#139). - IssueComment — Append-only komentář k issue.
author_agent=USER/MARA(auto-komentáře, např. dedup hit).bodyje markdown. Kaskádově smazáno při delete issue (FK ON DELETE CASCADE, migrace 0019). Created by migration0019-create-issues-tables.xml. - WaitlistEntry — Záznam uživatele na pre-launch waitlistu (UC-11001).
emailUNIQUE → idempotentní join.referral_codeUNIQUE ({slug(name)}-{4 alfanum}) → unikátní referral link.referred_by_idself-reference FK na referrera.positionna waitlistu se NEukládá — počítá se live.invited_at+invite_idpropojí na vystavený invite token (UC-11004 resend STEJNÉHO PENDING tokenu tyto hodnoty NEMĚNÍ). Created by migration0026-create-waitlist-tables.xml,invite_id/invited_atpřidány v0029-add-invite-to-waitlist-entry.xml. - WaitlistJoinAttempt — Rate limit audit pro join attempts (IP + email hash). Created by migration
0026-create-waitlist-tables.xml. - Invite — Founder-gated invite token (UC-08003 / UC-08004, ADR-020).
issued_by_user_id == NULL→ founder-direct token (Gen 0 root).statuspřechody:PENDING→CLAIMED/EXPIRED/REVOKED.expires_atdefault+30 dníodissued_at.claimed_by_user_idFK na uživatele, který sign-up provedl s tímto tokenem. - InviteRedemptionAttempt — Rate limit + brute-force audit invite redemption (
token_hash+ip_hash,result=OK/INVALID_TOKEN/EXPIRED/RATE_LIMITED). - InviteGrant — Bonus invite grants (UC-10017 BOGO, be#102 referral bonus).
bonus_invitesje počet přidaných pozvánek,reasonje trigger string. - UserInviteQuota — Per-user quota state pro generování invites (max_generation cap z ADR-020 — generace cascade limit, sloupec přidán v
0047-add-bogo-max-generation.xml).issued_count+claimed_countagregáty pro UI a enforcement. - EmailLog — Audit log transactional emailů (ADR-025).
type=EmailType.name()(např.PASSWORD_RESET,WAITLIST_CONFIRMATION,WAITLIST_INVITE).status=SENT/FAILED.provider_message_id= Mailgun message-id (pouze pro SENT přesMailgunEmailSender). Persistuje se VŽDY (SENT i FAILED). Žádný DB enum — status je prostý string. Created by migration0028-create-email-log.xml. Spec: transactional-email.md. - RefreshToken — JWT refresh token (14-day validity).
token_hashje SHA-256 hash (raw token žije jen v klientovi).revoked_atse nastaví při logout / token rotation. - PasswordResetToken — Short-lived (1h) token vystavený UC-01005.
token_hashSHA-256 hash.used_atse nastaví po úspěšném reset → token je single-use. - AuthRateLimitAttempt — Audit row per neúspěšný auth pokus (login, password reset, signup). Key = IP nebo email hash, kind = typ akce. Used by
AuthRateLimitFilterpro per-IP / per-email rate limiting. Created by migration0046-create-auth-rate-limit-attempt.xml. - UserNotificationPreferences — Per-user toggles for transactional email categories (
email_billing_alerts,email_security_alerts,email_product_updates). EmailService check before send. Created by migration0050-add-user-notification-preferences.xml. - GdprExportRequest — UC-01-GDPR export flow.
status=PENDING/PROCESSING/READY/EXPIRED.export_urlukazuje na DO Spaces signed URL (expiruje za 24h).expires_atdefinuje TTL pro download link. Created by migration0048-add-gdpr-export-request.xml. - PlatformKillSwitch — Operational killswitch entries (např. disable signup, disable Mara turns globally) — read by various filters / use cases.
keyUNIQUE. - Build — Per-projekt build job audit (Kaniko Job / gradle Job).
kind=IMAGE/GRADLE_BUILD/GRADLE_TEST.status=PENDING/RUNNING/SUCCESS/FAILED.output_logje krátký tail logu pro UI; full log žije v K8s.kind/output/exit_codepřidány v0043-add-build-kind-output-exit-code-to-builds.xml. - DataplaneAuthCredentials (cluster B
talkide_dataplane, schemadataplane_auth) — credential store pro self-host PgBouncer auth_query (ADR-023 § 2.1). NIKDY plaintext / MD5 — vždy SCRAM-SHA-256 verifier string. Read přes SECURITY DEFINER funkcidataplane_auth.dataplane_get_auth(rolname). Write přes provisioner (PostgresDatabaseProvisioner.replaceCredential, DELETE-then-INSERT invariant, #208). Není v platform DB cluster A — žije na cluster B mimo control-plane schema.
Was this page helpful?
Thanks for the feedback.