Home Explore Help
Sign In
fszontagh
/
appserver
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 55d5a745da
Branches Tags
appserver
/
database
/
init
/
01-database.sql

01-database.sql 7.3 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188 
  1. -- Initialize core database schema for SaaS platform
    2. 

  2. 

  3. -- Extensions
    4. 

  4. CREATE EXTENSION IF NOT EXISTS "uuid-ossp";
    5. 

  5. CREATE EXTENSION IF NOT EXISTS "pgcrypto";
    6. 

  6. CREATE EXTENSION IF NOT EXISTS "pg_trgm";
    7. 

  7. 

  8. -- Users table
    9. 

  9. CREATE TABLE IF NOT EXISTS users (
    10. 

  10.     id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
    11. 

  11.     email VARCHAR(255) UNIQUE NOT NULL,
    12. 

  12.     password_hash VARCHAR(255) NOT NULL,
    13. 

  13.     first_name VARCHAR(100),
    14. 

  14.     last_name VARCHAR(100),
    15. 

  15.     avatar_url TEXT,
    16. 

  16.     email_verified BOOLEAN DEFAULT FALSE,
    17. 

  17.     created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
    18. 

  18.     updated_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP
    19. 

  19. );
    20. 

  20. 

  21. -- Organizations table
    22. 

  22. CREATE TABLE IF NOT EXISTS organizations (
    23. 

  23.     id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
    24. 

  24.     name VARCHAR(255) NOT NULL,
    25. 

  25.     slug VARCHAR(100) UNIQUE NOT NULL,
    26. 

  26.     description TEXT,
    27. 

  27.     logo_url TEXT,
    28. 

  28.     created_by UUID REFERENCES users(id) ON DELETE SET NULL,
    29. 

  29.     created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
    30. 

  30.     updated_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP
    31. 

  31. );
    32. 

  32. 

  33. -- Organization members
    34. 

  34. CREATE TABLE IF NOT EXISTS organization_members (
    35. 

  35.     id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
    36. 

  36.     organization_id UUID REFERENCES organizations(id) ON DELETE CASCADE,
    37. 

  37.     user_id UUID REFERENCES users(id) ON DELETE CASCADE,
    38. 

  38.     role VARCHAR(50) DEFAULT 'member' CHECK (role IN ('owner', 'admin', 'member')),
    39. 

  39.     joined_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
    40. 

  40.     UNIQUE(organization_id, user_id)
    41. 

  41. );
    42. 

  42. 

  43. -- Applications table for hosting TypeScript apps
    44. 

  44. CREATE TABLE IF NOT EXISTS applications (
    45. 

  45.     id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
    46. 

  46.     name VARCHAR(255) NOT NULL,
    47. 

  47.     slug VARCHAR(100) NOT NULL,
    48. 

  48.     description TEXT,
    49. 

  49.     repository_url TEXT,
    50. 

  50.     branch VARCHAR(100) DEFAULT 'main',
    51. 

  51.     build_command VARCHAR(500),
    52. 

  52.     start_command VARCHAR(500),
    53. 

  53.     environment JSONB DEFAULT '{}',
    54. 

  54.     domains TEXT[],
    55. 

  55.     status VARCHAR(50) DEFAULT 'inactive' CHECK (status IN ('building', 'active', 'inactive', 'error')),
    56. 

  56.     organization_id UUID REFERENCES organizations(id) ON DELETE CASCADE,
    57. 

  57.     created_by UUID REFERENCES users(id) ON DELETE SET NULL,
    58. 

  58.     created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
    59. 

  59.     updated_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
    60. 

  60.     UNIQUE(slug)
    61. 

  61. );
    62. 

  62. 

  63. -- Deployments table
    64. 

  64. CREATE TABLE IF NOT EXISTS deployments (
    65. 

  65.     id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
    66. 

  66.     application_id UUID REFERENCES applications(id) ON DELETE CASCADE,
    67. 

  67.     version VARCHAR(100),
    68. 

  68.     commit_hash VARCHAR(40),
    69. 

  69.     build_log TEXT,
    70. 

  70.     status VARCHAR(50) DEFAULT 'pending' CHECK (status IN ('pending', 'building', 'deployed', 'failed', 'rolling_back')),
    71. 

  71.     deployed_at TIMESTAMP WITH TIME ZONE,
    72. 

  72.     created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP
    73. 

  73. );
    74. 

  74. 

  75. -- API Keys table
    76. 

  76. CREATE TABLE IF NOT EXISTS api_keys (
    77. 

  77.     id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
    78. 

  78.     name VARCHAR(255) NOT NULL,
    79. 

  79.     key_hash VARCHAR(255) NOT NULL UNIQUE,
    80. 

  80.     permissions JSONB DEFAULT '[]',
    81. 

  81.     organization_id UUID REFERENCES organizations(id) ON DELETE CASCADE,
    82. 

  82.     created_by UUID REFERENCES users(id) ON DELETE SET NULL,
    83. 

  83.     last_used_at TIMESTAMP WITH TIME ZONE,
    84. 

  84.     expires_at TIMESTAMP WITH TIME ZONE,
    85. 

  85.     created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP
    86. 

  86. );
    87. 

  87. 

  88. -- Sessions table for authentication
    89. 

  89. CREATE TABLE IF NOT EXISTS sessions (
    90. 

  90.     id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
    91. 

  91.     user_id UUID REFERENCES users(id) ON DELETE CASCADE,
    92. 

  92.     token_hash VARCHAR(255) NOT NULL UNIQUE,
    93. 

  93.     refresh_token_hash VARCHAR(255),
    94. 

  94.     expires_at TIMESTAMP WITH TIME ZONE NOT NULL,
    95. 

  95.     created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP
    96. 

  96. );
    97. 

  97. 

  98. -- Audit log
    99. 

  99. CREATE TABLE IF NOT EXISTS audit_logs (
    100. 

  100.     id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
    101. 

  101.     user_id UUID REFERENCES users(id) ON DELETE SET NULL,
    102. 

  102.     organization_id UUID REFERENCES organizations(id) ON DELETE SET NULL,
    103. 

  103.     action VARCHAR(100) NOT NULL,
    104. 

  104.     resource_type VARCHAR(100) NOT NULL,
    105. 

  105.     resource_id UUID,
    106. 

  106.     details JSONB DEFAULT '{}',
    107. 

  107.     ip_address INET,
    108. 

  108.     user_agent TEXT,
    109. 

  109.     created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP
    110. 

  110. );
    111. 

  111. 

  112. -- Indexes for performance
    113. 

  113. CREATE INDEX IF NOT EXISTS idx_users_email ON users(email);
    114. 

  114. CREATE INDEX IF NOT EXISTS idx_users_email_verified ON users(email_verified);
    115. 

  115. CREATE INDEX IF NOT EXISTS idx_organizations_slug ON organizations(slug);
    116. 

  116. CREATE INDEX IF NOT EXISTS idx_organization_members_org_id ON organization_members(organization_id);
    117. 

  117. CREATE INDEX IF NOT EXISTS idx_organization_members_user_id ON organization_members(user_id);
    118. 

  118. CREATE INDEX IF NOT EXISTS idx_applications_org_id ON applications(organization_id);
    119. 

  119. CREATE INDEX IF NOT EXISTS idx_applications_status ON applications(status);
    120. 

  120. CREATE INDEX IF NOT EXISTS idx_deployments_app_id ON deployments(application_id);
    121. 

  121. CREATE INDEX IF NOT EXISTS idx_api_keys_org_id ON api_keys(organization_id);
    122. 

  122. CREATE INDEX IF NOT EXISTS idx_sessions_user_id ON sessions(user_id);
    123. 

  123. CREATE INDEX IF NOT EXISTS idx_sessions_token_hash ON sessions(token_hash);
    124. 

  124. CREATE INDEX IF NOT EXISTS idx_audit_logs_user_id ON audit_logs(user_id);
    125. 

  125. CREATE INDEX IF NOT EXISTS idx_audit_logs_org_id ON audit_logs(organization_id);
    126. 

  126. CREATE INDEX IF NOT EXISTS idx_audit_logs_created_at ON audit_logs(created_at);
    127. 

  127. 

  128. -- Function to update updated_at timestamp
    129. 

  129. CREATE OR REPLACE FUNCTION update_updated_at_column()
    130. 

  130. RETURNS TRIGGER AS $$
    131. 

  131. BEGIN
    132. 

  132.     NEW.updated_at = CURRENT_TIMESTAMP;
    133. 

  133.     RETURN NEW;
    134. 

  134. END;
    135. 

  135. $$ language 'plpgsql';
    136. 

  136. 

  137. -- Triggers for updated_at
    138. 

  138. CREATE TRIGGER update_users_updated_at BEFORE UPDATE ON users
    139. 

  139.     FOR EACH ROW EXECUTE FUNCTION update_updated_at_column();
    140. 

  140. 

  141. CREATE TRIGGER update_organizations_updated_at BEFORE UPDATE ON organizations
    142. 

  142.     FOR EACH ROW EXECUTE FUNCTION update_updated_at_column();
    143. 

  143. 

  144. CREATE TRIGGER update_applications_updated_at BEFORE UPDATE ON applications
    145. 

  145.     FOR EACH ROW EXECUTE FUNCTION update_updated_at_column();
    146. 

  146. 

  147. -- Row Level Security (RLS) for multi-tenancy
    148. 

  148. ALTER TABLE applications ENABLE ROW LEVEL SECURITY;
    149. 

  149. ALTER TABLE deployments ENABLE ROW LEVEL SECURITY;
    150. 

  150. ALTER TABLE api_keys ENABLE ROW LEVEL SECURITY;
    151. 

  151. 

  152. -- RLS Policies
    153. 

  153. CREATE POLICY "Users can view applications in their orgs" ON applications
    154. 

  154.     FOR SELECT USING (
    155. 

  155.         organization_id IN (
    156. 

  156.             SELECT organization_id FROM organization_members WHERE user_id = auth.uid()
    157. 

  157.         )
    158. 

  158.     );
    159. 

  159. 

  160. CREATE POLICY "Users can insert applications in their orgs" ON applications
    161. 

  161.     FOR INSERT WITH CHECK (
    162. 

  162.         organization_id IN (
    163. 

  163.             SELECT organization_id FROM organization_members WHERE user_id = auth.uid()
    164. 

  164.         )
    165. 

  165.     );
    166. 

  166. 

  167. CREATE POLICY "Users can update applications in their orgs" ON applications
    168. 

  168.     FOR UPDATE USING (
    169. 

  169.         organization_id IN (
    170. 

  170.             SELECT organization_id FROM organization_members WHERE user_id = auth.uid()
    171. 

  171.         )
    172. 

  172.     );
    173. 

  173. 

  174. -- Create default admin user (password: admin123 - change immediately)
    175. 

  175. INSERT INTO users (email, password_hash, first_name, last_name, email_verified)
    176. 

  176. VALUES (
    177. 

  177.     'admin@saas.local',
    178. 

  178.     '$2b$10$rQO8vV8x8t5QX7O9HJ5Y/uKQ8vV8x8t5QX7O9HJ5Y/uKQ8vV8x8t5Q',
    179. 

  179.     'Admin',
    180. 

  180.     'User',
    181. 

  181.     true
    182. 

  182. ) ON CONFLICT (email) DO NOTHING;
    183. 

  183. 

  184. -- Create default organization
    185. 

  185. INSERT INTO organizations (name, slug, description, created_by)
    186. 

  186. SELECT 'Default Organization', 'default-org', 'Default organization for getting started', id
    187. 

  187. FROM users WHERE email = 'admin@saas.local'
    188. 

  188. ON CONFLICT (slug) DO NOTHING;
    189.