diff --git a/service/policy/db/migrations/20250407000000_add_registered_resources.md b/service/policy/db/migrations/20250407000000_add_registered_resources.md new file mode 100644 index 0000000000..23664722da --- /dev/null +++ b/service/policy/db/migrations/20250407000000_add_registered_resources.md @@ -0,0 +1,24 @@ +# Add Registered Resources Table +[ADR for Registered Resources (formerly known as Non Data Resources)](https://github.com/opentdf/platform/issues/1915) +```mermaid +erDiagram + registered_resources ||--o{ registered_resource_values : "has" + + registered_resources { + UUID id PK + VARCHAR name "NOT NULL, UNIQUE" + JSONB metadata + TIMESTAMP_WITH_TZ created_at "NOT NULL, DEFAULT CURRENT_TIMESTAMP" + TIMESTAMP_WITH_TZ updated_at "NOT NULL, DEFAULT CURRENT_TIMESTAMP" + } + + registered_resource_values { + UUID id PK + UUID registered_resource_id FK "NOT NULL, REFERENCES registered_resources(id)" + VARCHAR value + JSONB metadata + TIMESTAMP_WITH_TZ created_at "NOT NULL, DEFAULT CURRENT_TIMESTAMP" + TIMESTAMP_WITH_TZ updated_at "NOT NULL, DEFAULT CURRENT_TIMESTAMP" + CONSTRAINT unique_resource_value "UNIQUE(registered_resource_id, value)" + } +``` \ No newline at end of file diff --git a/service/policy/db/migrations/20250407000000_add_registered_resources.sql b/service/policy/db/migrations/20250407000000_add_registered_resources.sql new file mode 100644 index 0000000000..bd3def3526 --- /dev/null +++ b/service/policy/db/migrations/20250407000000_add_registered_resources.sql @@ -0,0 +1,56 @@ +-- +goose Up +-- +goose StatementBegin + +CREATE TABLE IF NOT EXISTS registered_resources ( + id UUID PRIMARY KEY DEFAULT gen_random_uuid(), + name VARCHAR NOT NULL UNIQUE, + metadata JSONB, + created_at TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT CURRENT_TIMESTAMP, + updated_at TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT CURRENT_TIMESTAMP +); +COMMENT ON TABLE registered_resources IS 'Table to store registered resources'; +COMMENT ON COLUMN registered_resources.id IS 'Primary key for the table'; +COMMENT ON COLUMN registered_resources.name IS 'Name for the registered resource'; +COMMENT ON COLUMN registered_resources.metadata IS 'Metadata for the registered resource (see protos for structure)'; +COMMENT ON COLUMN registered_resources.created_at IS 'Timestamp when the record was created'; +COMMENT ON COLUMN registered_resources.updated_at IS 'Timestamp when the record was last updated'; + +CREATE TABLE IF NOT EXISTS registered_resource_values ( + id UUID PRIMARY KEY DEFAULT gen_random_uuid(), + registered_resource_id UUID NOT NULL REFERENCES registered_resources(id) ON DELETE CASCADE, + value VARCHAR NOT NULL, + metadata JSONB, + created_at TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT CURRENT_TIMESTAMP, + updated_at TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT CURRENT_TIMESTAMP, + UNIQUE(registered_resource_id, value) +); +COMMENT ON TABLE registered_resource_values IS 'Table to store registered resource values'; +COMMENT ON COLUMN registered_resource_values.id IS 'Primary key for the table'; +COMMENT ON COLUMN registered_resource_values.registered_resource_id IS 'Foreign key to the registered_resources table'; +COMMENT ON COLUMN registered_resource_values.value IS 'Value for the registered resource value'; +COMMENT ON COLUMN registered_resource_values.metadata IS 'Metadata for the registered resource value (see protos for structure)'; +COMMENT ON COLUMN registered_resource_values.created_at IS 'Timestamp when the record was created'; +COMMENT ON COLUMN registered_resource_values.updated_at IS 'Timestamp when the record was last updated'; + +CREATE TRIGGER registered_resources_updated_at + BEFORE UPDATE ON registered_resources + FOR EACH ROW + EXECUTE FUNCTION update_updated_at(); + +CREATE TRIGGER registered_resource_values_updated_at + BEFORE UPDATE ON registered_resource_values + FOR EACH ROW + EXECUTE FUNCTION update_updated_at(); + +-- +goose StatementEnd + +-- +goose Down +-- +goose StatementBegin + +DROP TRIGGER IF EXISTS registered_resource_values_updated_at ON registered_resource_values; +DROP TRIGGER IF EXISTS registered_resources_updated_at ON registered_resources; + +DROP TABLE IF EXISTS registered_resource_values; +DROP TABLE IF EXISTS registered_resources; + +-- +goose StatementEnd diff --git a/service/policy/db/schema_erd.md b/service/policy/db/schema_erd.md index 5cd666dbc9..5ef97913cd 100644 --- a/service/policy/db/schema_erd.md +++ b/service/policy/db/schema_erd.md @@ -99,6 +99,23 @@ erDiagram boolean was_mapped "Flag to indicate if the key has been used. Triggered when its mapped to a namespace, definition, or value" } + registered_resource_values { + timestamp_with_time_zone created_at "Timestamp when the record was created" + uuid id PK "Primary key for the table" + jsonb metadata "Metadata for the registered resource value (see protos for structure)" + uuid registered_resource_id FK,UK "Foreign key to the registered_resources table" + timestamp_with_time_zone updated_at "Timestamp when the record was last updated" + character_varying value UK "Value for the registered resource value" + } + + registered_resources { + timestamp_with_time_zone created_at "Timestamp when the record was created" + uuid id PK "Primary key for the table" + jsonb metadata "Metadata for the registered resource (see protos for structure)" + character_varying name UK "Name for the registered resource" + timestamp_with_time_zone updated_at "Timestamp when the record was last updated" + } + resource_mapping_groups { timestamp_with_time_zone created_at uuid id PK "Primary key for the table" @@ -157,6 +174,7 @@ erDiagram resource_mappings }o--|| attribute_values : "attribute_value_id" subject_mappings }o--|| attribute_values : "attribute_value_id" public_keys }o--|| key_access_servers : "key_access_server_id" + registered_resource_values }o--|| registered_resources : "registered_resource_id" resource_mappings }o--|| resource_mapping_groups : "group_id" subject_mappings }o--|| subject_condition_set : "subject_condition_set_id" ``` \ No newline at end of file