coryHawkvelt/gatehouse-api
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
685df6a4cb2a88df85edf3391b21b4753a7f4df6
gatehouse-api/migrations/versions/6a4c4ed4a5c6_initial_migration.py
T

1064 lines
70 KiB
Python
Raw Normal View History

refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
"""Initial migration
Revision ID: 6a4c4ed4a5c6
Revises: None
Create Date: 2026-04-03 14:31:49.172415
"""
from alembic import op
import sqlalchemy as sa
# revision identifiers, used by Alembic.
revision = '6a4c4ed4a5c6'
down_revision = None
branch_labels = None
depends_on = None
def upgrade():
# ### commands auto generated by Alembic - please adjust! ###
op.create_table('application_provider_configs',
sa.Column('provider_type', sa.String(length=50), nullable=False),
sa.Column('client_id', sa.String(length=255), nullable=False),
sa.Column('client_secret_encrypted', sa.String(length=512), nullable=True),
sa.Column('is_enabled', sa.Boolean(), nullable=False),
sa.Column('default_redirect_url', sa.String(length=2048), nullable=True),
sa.Column('additional_config', sa.JSON(), nullable=True),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.PrimaryKeyConstraint('id')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index(op.f('ix_application_provider_configs_provider_type'), 'application_provider_configs', ['provider_type'], unique=True)
op.create_table('oidc_jwks_keys',
sa.Column('id', sa.Integer(), nullable=False),
sa.Column('expires_at', sa.DateTime(), nullable=True),
sa.Column('kid', sa.String(length=255), nullable=False),
sa.Column('key_type', sa.String(length=50), nullable=False),
sa.Column('algorithm', sa.String(length=50), nullable=False),
sa.Column('private_key', sa.Text(), nullable=False),
sa.Column('public_key', sa.Text(), nullable=False),
sa.Column('is_active', sa.Boolean(), nullable=False),
sa.Column('is_primary', sa.Boolean(), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.PrimaryKeyConstraint('id')
)
op.create_index(op.f('ix_oidc_jwks_keys_kid'), 'oidc_jwks_keys', ['kid'], unique=True)
op.create_table('organizations',
sa.Column('name', sa.String(length=255), nullable=False),
sa.Column('slug', sa.String(length=255), nullable=False),
sa.Column('description', sa.Text(), nullable=True),
sa.Column('logo_url', sa.String(length=512), nullable=True),
sa.Column('is_active', sa.Boolean(), nullable=False),
sa.Column('settings', sa.JSON(), nullable=True),
sa.Column('zt_api_token', sa.String(length=512), nullable=True),
sa.Column('zt_api_url', sa.String(length=512), nullable=True),
sa.Column('zt_api_mode', sa.String(length=32), nullable=True),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.PrimaryKeyConstraint('id')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index(op.f('ix_organizations_slug'), 'organizations', ['slug'], unique=True)
op.create_table('users',
sa.Column('email', sa.String(length=255), nullable=False),
sa.Column('email_verified', sa.Boolean(), nullable=False),
sa.Column('full_name', sa.String(length=255), nullable=True),
sa.Column('avatar_url', sa.String(length=512), nullable=True),
sa.Column('status', sa.Enum('ACTIVE', 'INACTIVE', 'SUSPENDED', 'PENDING', 'COMPLIANCE_SUSPENDED', name='userstatus'), nullable=False),
sa.Column('last_login_at', sa.DateTime(), nullable=True),
sa.Column('last_login_ip', sa.String(length=45), nullable=True),
sa.Column('activated', sa.Boolean(), nullable=False),
sa.Column('activation_key', sa.String(length=128), nullable=True),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.PrimaryKeyConstraint('id')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index(op.f('ix_users_activation_key'), 'users', ['activation_key'], unique=True)
op.create_index(op.f('ix_users_email'), 'users', ['email'], unique=True)
op.create_index(op.f('ix_users_status'), 'users', ['status'], unique=False)
op.create_table('audit_logs',
sa.Column('user_id', sa.String(length=36), nullable=True),
sa.Column('action', sa.String(length=100), nullable=False),
sa.Column('resource_type', sa.String(length=50), nullable=True),
sa.Column('resource_id', sa.String(length=36), nullable=True),
sa.Column('organization_id', sa.String(length=36), nullable=True),
sa.Column('ip_address', sa.String(length=45), nullable=True),
sa.Column('user_agent', sa.Text(), nullable=True),
sa.Column('request_id', sa.String(length=36), nullable=True),
sa.Column('extra_data', sa.JSON(), nullable=True),
sa.Column('description', sa.Text(), nullable=True),
sa.Column('success', sa.Boolean(), nullable=False),
sa.Column('error_message', sa.Text(), nullable=True),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.PrimaryKeyConstraint('id')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index('idx_audit_org', 'audit_logs', ['organization_id', 'created_at'], unique=False)
op.create_index('idx_audit_resource', 'audit_logs', ['resource_type', 'resource_id'], unique=False)
op.create_index('idx_audit_user_action', 'audit_logs', ['user_id', 'action'], unique=False)
op.create_index(op.f('ix_audit_logs_action'), 'audit_logs', ['action'], unique=False)
op.create_index(op.f('ix_audit_logs_organization_id'), 'audit_logs', ['organization_id'], unique=False)
op.create_index(op.f('ix_audit_logs_request_id'), 'audit_logs', ['request_id'], unique=False)
op.create_index(op.f('ix_audit_logs_resource_id'), 'audit_logs', ['resource_id'], unique=False)
op.create_index(op.f('ix_audit_logs_resource_type'), 'audit_logs', ['resource_type'], unique=False)
op.create_index(op.f('ix_audit_logs_user_id'), 'audit_logs', ['user_id'], unique=False)
op.create_table('authentication_methods',
sa.Column('user_id', sa.String(length=36), nullable=False),
sa.Column('method_type', sa.Enum('PASSWORD', 'TOTP', 'GOOGLE', 'GITHUB', 'MICROSOFT', 'SAML', 'OIDC', 'WEBAUTHN', name='authmethodtype'), nullable=False),
sa.Column('password_hash', sa.String(length=255), nullable=True),
sa.Column('provider_user_id', sa.String(length=255), nullable=True),
sa.Column('provider_data', sa.JSON(), nullable=True),
sa.Column('totp_secret', sa.String(length=32), nullable=True),
sa.Column('totp_backup_codes', sa.JSON(), nullable=True),
sa.Column('totp_verified_at', sa.DateTime(), nullable=True),
sa.Column('is_primary', sa.Boolean(), nullable=False),
sa.Column('verified', sa.Boolean(), nullable=False),
sa.Column('last_used_at', sa.DateTime(), nullable=True),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
sa.PrimaryKeyConstraint('id'),
sa.UniqueConstraint('user_id', 'method_type', 'provider_user_id', name='uix_user_method_provider')
)
op.create_index('idx_user_method', 'authentication_methods', ['user_id', 'method_type'], unique=False)
op.create_index(op.f('ix_authentication_methods_method_type'), 'authentication_methods', ['method_type'], unique=False)
op.create_index(op.f('ix_authentication_methods_user_id'), 'authentication_methods', ['user_id'], unique=False)
op.create_table('cas',
sa.Column('organization_id', sa.String(length=36), nullable=True),
sa.Column('name', sa.String(length=255), nullable=False),
sa.Column('description', sa.Text(), nullable=True),
sa.Column('ca_type', sa.Enum('user', 'host', name='catype'), nullable=False),
sa.Column('key_type', sa.Enum('ed25519', 'rsa', 'ecdsa', name='keytype'), nullable=False),
sa.Column('private_key', sa.Text(), nullable=False),
sa.Column('public_key', sa.Text(), nullable=False),
sa.Column('fingerprint', sa.String(length=255), nullable=False),
sa.Column('crl_enabled', sa.Boolean(), nullable=False),
sa.Column('crl_endpoint', sa.String(length=512), nullable=True),
sa.Column('default_cert_validity_hours', sa.Integer(), nullable=False),
sa.Column('max_cert_validity_hours', sa.Integer(), nullable=False),
sa.Column('is_active', sa.Boolean(), nullable=False),
sa.Column('rotated_at', sa.DateTime(), nullable=True),
sa.Column('rotation_reason', sa.String(length=255), nullable=True),
sa.Column('next_serial_number', sa.BigInteger(), nullable=False),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['organization_id'], ['organizations.id'], ),
sa.PrimaryKeyConstraint('id'),
sa.UniqueConstraint('fingerprint'),
sa.UniqueConstraint('organization_id', 'name', name='uix_org_ca_name')
)
op.create_index('idx_ca_org_active', 'cas', ['organization_id', 'is_active'], unique=False)
op.create_index(op.f('ix_cas_is_active'), 'cas', ['is_active'], unique=False)
op.create_index(op.f('ix_cas_organization_id'), 'cas', ['organization_id'], unique=False)
op.create_table('departments',
sa.Column('organization_id', sa.String(length=36), nullable=False),
sa.Column('name', sa.String(length=255), nullable=False),
sa.Column('description', sa.Text(), nullable=True),
sa.Column('can_sudo', sa.Boolean(), nullable=False),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['organization_id'], ['organizations.id'], ),
sa.PrimaryKeyConstraint('id'),
sa.UniqueConstraint('organization_id', 'name', name='uix_org_dept_name')
)
op.create_index(op.f('ix_departments_name'), 'departments', ['name'], unique=False)
op.create_index(op.f('ix_departments_organization_id'), 'departments', ['organization_id'], unique=False)
op.create_table('devices',
sa.Column('user_id', sa.String(length=36), nullable=False),
sa.Column('organization_id', sa.String(length=36), nullable=False),
sa.Column('node_id', sa.String(length=10), nullable=False),
sa.Column('device_nickname', sa.String(length=255), nullable=True),
sa.Column('hostname', sa.String(length=255), nullable=True),
sa.Column('asset_tag', sa.String(length=255), nullable=True),
sa.Column('serial_number', sa.String(length=255), nullable=True),
sa.Column('status', sa.Enum('active', 'inactive', name='device_status'), nullable=False),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['organization_id'], ['organizations.id'], ),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.PrimaryKeyConstraint('id')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index(op.f('ix_devices_node_id'), 'devices', ['node_id'], unique=False)
op.create_index(op.f('ix_devices_organization_id'), 'devices', ['organization_id'], unique=False)
op.create_index(op.f('ix_devices_user_id'), 'devices', ['user_id'], unique=False)
op.create_table('email_verification_tokens',
sa.Column('user_id', sa.String(length=36), nullable=False),
sa.Column('token', sa.String(length=128), nullable=False),
sa.Column('expires_at', sa.DateTime(), nullable=False),
sa.Column('used_at', sa.DateTime(), nullable=True),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ondelete='CASCADE'),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.PrimaryKeyConstraint('id')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index(op.f('ix_email_verification_tokens_token'), 'email_verification_tokens', ['token'], unique=True)
op.create_index(op.f('ix_email_verification_tokens_user_id'), 'email_verification_tokens', ['user_id'], unique=False)
op.create_table('external_provider_configs',
sa.Column('organization_id', sa.String(length=36), nullable=False),
sa.Column('provider_type', sa.String(length=50), nullable=False),
sa.Column('client_id', sa.String(length=255), nullable=False),
sa.Column('client_secret_encrypted', sa.String(length=512), nullable=True),
sa.Column('auth_url', sa.String(length=2048), nullable=False),
sa.Column('token_url', sa.String(length=2048), nullable=False),
sa.Column('userinfo_url', sa.String(length=2048), nullable=True),
sa.Column('jwks_url', sa.String(length=2048), nullable=True),
sa.Column('scopes', sa.JSON(), nullable=False),
sa.Column('redirect_uris', sa.JSON(), nullable=False),
sa.Column('settings', sa.JSON(), nullable=True),
sa.Column('is_active', sa.Boolean(), nullable=False),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['organization_id'], ['organizations.id'], ),
sa.PrimaryKeyConstraint('id'),
sa.UniqueConstraint('organization_id', 'provider_type', name='uix_org_provider_type')
)
op.create_index('idx_provider_config_org', 'external_provider_configs', ['organization_id', 'provider_type'], unique=False)
op.create_index(op.f('ix_external_provider_configs_organization_id'), 'external_provider_configs', ['organization_id'], unique=False)
op.create_index(op.f('ix_external_provider_configs_provider_type'), 'external_provider_configs', ['provider_type'], unique=False)
op.create_table('kill_switch_events',
sa.Column('organization_id', sa.String(length=36), nullable=False),
sa.Column('target_user_id', sa.String(length=36), nullable=False),
sa.Column('scope', sa.Enum('organization', 'selected_networks', name='kill_switch_scope'), nullable=False),
sa.Column('triggered_by_user_id', sa.String(length=36), nullable=False),
sa.Column('reason', sa.Text(), nullable=True),
sa.Column('network_ids', sa.JSON(), nullable=True),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['organization_id'], ['organizations.id'], ),
sa.ForeignKeyConstraint(['target_user_id'], ['users.id'], ),
sa.ForeignKeyConstraint(['triggered_by_user_id'], ['users.id'], ),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.PrimaryKeyConstraint('id')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index(op.f('ix_kill_switch_events_organization_id'), 'kill_switch_events', ['organization_id'], unique=False)
op.create_index(op.f('ix_kill_switch_events_target_user_id'), 'kill_switch_events', ['target_user_id'], unique=False)
op.create_table('mfa_policy_compliance',
sa.Column('user_id', sa.String(length=36), nullable=False),
sa.Column('organization_id', sa.String(length=36), nullable=False),
sa.Column('status', sa.Enum('NOT_APPLICABLE', 'PENDING', 'IN_GRACE', 'COMPLIANT', 'PAST_DUE', 'SUSPENDED', name='mfacompliancestatus'), nullable=False),
sa.Column('policy_version', sa.Integer(), nullable=False),
sa.Column('applied_at', sa.DateTime(), nullable=True),
sa.Column('deadline_at', sa.DateTime(), nullable=True),
sa.Column('compliant_at', sa.DateTime(), nullable=True),
sa.Column('suspended_at', sa.DateTime(), nullable=True),
sa.Column('last_notified_at', sa.DateTime(), nullable=True),
sa.Column('notification_count', sa.Integer(), nullable=False),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['organization_id'], ['organizations.id'], ),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
sa.PrimaryKeyConstraint('id'),
sa.UniqueConstraint('user_id', 'organization_id', name='uix_user_org_compliance')
)
op.create_index(op.f('ix_mfa_policy_compliance_organization_id'), 'mfa_policy_compliance', ['organization_id'], unique=False)
op.create_index(op.f('ix_mfa_policy_compliance_user_id'), 'mfa_policy_compliance', ['user_id'], unique=False)
op.create_table('oauth_states',
sa.Column('state', sa.String(length=64), nullable=False),
sa.Column('flow_type', sa.String(length=50), nullable=False),
sa.Column('provider_type', sa.String(length=50), nullable=False),
sa.Column('user_id', sa.String(length=36), nullable=True),
sa.Column('organization_id', sa.String(length=36), nullable=True),
sa.Column('nonce', sa.String(length=128), nullable=True),
sa.Column('code_verifier', sa.String(length=128), nullable=True),
sa.Column('code_challenge', sa.String(length=128), nullable=True),
sa.Column('redirect_uri', sa.String(length=2048), nullable=True),
sa.Column('return_url', sa.String(length=2048), nullable=True),
sa.Column('extra_data', sa.JSON(), nullable=True),
sa.Column('expires_at', sa.DateTime(), nullable=False),
sa.Column('used', sa.Boolean(), nullable=False),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['organization_id'], ['organizations.id'], ),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.PrimaryKeyConstraint('id')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index(op.f('ix_oauth_states_expires_at'), 'oauth_states', ['expires_at'], unique=False)
op.create_index(op.f('ix_oauth_states_organization_id'), 'oauth_states', ['organization_id'], unique=False)
op.create_index(op.f('ix_oauth_states_state'), 'oauth_states', ['state'], unique=True)
op.create_table('oidc_clients',
sa.Column('organization_id', sa.String(length=36), nullable=False),
sa.Column('name', sa.String(length=255), nullable=False),
sa.Column('client_id', sa.String(length=255), nullable=False),
sa.Column('client_secret_hash', sa.String(length=255), nullable=False),
sa.Column('redirect_uris', sa.JSON(), nullable=False),
sa.Column('grant_types', sa.JSON(), nullable=False),
sa.Column('response_types', sa.JSON(), nullable=False),
sa.Column('scopes', sa.JSON(), nullable=False),
sa.Column('logo_uri', sa.String(length=512), nullable=True),
sa.Column('client_uri', sa.String(length=512), nullable=True),
sa.Column('policy_uri', sa.String(length=512), nullable=True),
sa.Column('tos_uri', sa.String(length=512), nullable=True),
sa.Column('is_active', sa.Boolean(), nullable=False),
sa.Column('is_confidential', sa.Boolean(), nullable=False),
sa.Column('require_pkce', sa.Boolean(), nullable=False),
sa.Column('access_token_lifetime', sa.Integer(), nullable=False),
sa.Column('refresh_token_lifetime', sa.Integer(), nullable=False),
sa.Column('id_token_lifetime', sa.Integer(), nullable=False),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['organization_id'], ['organizations.id'], ),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.PrimaryKeyConstraint('id')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index(op.f('ix_oidc_clients_client_id'), 'oidc_clients', ['client_id'], unique=True)
op.create_index(op.f('ix_oidc_clients_organization_id'), 'oidc_clients', ['organization_id'], unique=False)
op.create_table('org_invite_tokens',
sa.Column('organization_id', sa.String(length=36), nullable=False),
sa.Column('invited_by_id', sa.String(length=36), nullable=True),
sa.Column('email', sa.String(length=255), nullable=False),
sa.Column('role', sa.String(length=64), nullable=False),
sa.Column('token', sa.String(length=128), nullable=False),
sa.Column('expires_at', sa.DateTime(), nullable=False),
sa.Column('accepted_at', sa.DateTime(), nullable=True),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['invited_by_id'], ['users.id'], ondelete='SET NULL'),
sa.ForeignKeyConstraint(['organization_id'], ['organizations.id'], ondelete='CASCADE'),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.PrimaryKeyConstraint('id')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index(op.f('ix_org_invite_tokens_email'), 'org_invite_tokens', ['email'], unique=False)
op.create_index(op.f('ix_org_invite_tokens_organization_id'), 'org_invite_tokens', ['organization_id'], unique=False)
op.create_index(op.f('ix_org_invite_tokens_token'), 'org_invite_tokens', ['token'], unique=True)
op.create_table('organization_api_keys',
sa.Column('organization_id', sa.String(length=36), nullable=False),
sa.Column('name', sa.String(length=255), nullable=False),
sa.Column('key_hash', sa.String(length=255), nullable=False),
sa.Column('last_used_at', sa.DateTime(), nullable=True),
sa.Column('is_revoked', sa.Boolean(), nullable=False),
sa.Column('revoked_at', sa.DateTime(), nullable=True),
sa.Column('revoke_reason', sa.String(length=255), nullable=True),
sa.Column('description', sa.Text(), nullable=True),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['organization_id'], ['organizations.id'], ),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.PrimaryKeyConstraint('id')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index('idx_api_key_last_used', 'organization_api_keys', ['last_used_at'], unique=False)
op.create_index('idx_org_api_key_org_active', 'organization_api_keys', ['organization_id', 'is_revoked'], unique=False)
op.create_index(op.f('ix_organization_api_keys_is_revoked'), 'organization_api_keys', ['is_revoked'], unique=False)
op.create_index(op.f('ix_organization_api_keys_key_hash'), 'organization_api_keys', ['key_hash'], unique=True)
op.create_index(op.f('ix_organization_api_keys_organization_id'), 'organization_api_keys', ['organization_id'], unique=False)
op.create_table('organization_members',
sa.Column('user_id', sa.String(length=36), nullable=False),
sa.Column('organization_id', sa.String(length=36), nullable=False),
sa.Column('role', sa.Enum('OWNER', 'ADMIN', 'MEMBER', 'GUEST', name='organizationrole'), nullable=False),
sa.Column('invited_by_id', sa.String(length=36), nullable=True),
sa.Column('invited_at', sa.DateTime(), nullable=True),
sa.Column('joined_at', sa.DateTime(), nullable=True),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['invited_by_id'], ['users.id'], ),
sa.ForeignKeyConstraint(['organization_id'], ['organizations.id'], ),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
sa.PrimaryKeyConstraint('id'),
sa.UniqueConstraint('user_id', 'organization_id', name='uix_user_org')
)
op.create_index(op.f('ix_organization_members_organization_id'), 'organization_members', ['organization_id'], unique=False)
op.create_index(op.f('ix_organization_members_user_id'), 'organization_members', ['user_id'], unique=False)
op.create_table('organization_provider_overrides',
sa.Column('organization_id', sa.String(length=36), nullable=False),
sa.Column('provider_type', sa.String(length=50), nullable=False),
sa.Column('client_id', sa.String(length=255), nullable=True),
sa.Column('client_secret_encrypted', sa.String(length=512), nullable=True),
sa.Column('is_enabled', sa.Boolean(), nullable=False),
sa.Column('redirect_url_override', sa.String(length=2048), nullable=True),
sa.Column('additional_config', sa.JSON(), nullable=True),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['organization_id'], ['organizations.id'], ),
sa.PrimaryKeyConstraint('id'),
sa.UniqueConstraint('organization_id', 'provider_type', name='uix_org_provider_override_type')
)
op.create_index(op.f('ix_organization_provider_overrides_organization_id'), 'organization_provider_overrides', ['organization_id'], unique=False)
op.create_index(op.f('ix_organization_provider_overrides_provider_type'), 'organization_provider_overrides', ['provider_type'], unique=False)
op.create_table('organization_security_policies',
sa.Column('organization_id', sa.String(length=36), nullable=False),
sa.Column('mfa_policy_mode', sa.Enum('DISABLED', 'OPTIONAL', 'REQUIRE_TOTP', 'REQUIRE_WEBAUTHN', 'REQUIRE_TOTP_OR_WEBAUTHN', name='mfapolicymode'), nullable=False),
sa.Column('mfa_grace_period_days', sa.Integer(), nullable=False),
sa.Column('notify_days_before', sa.Integer(), nullable=False),
sa.Column('policy_version', sa.Integer(), nullable=False),
sa.Column('updated_by_user_id', sa.String(length=36), nullable=True),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['organization_id'], ['organizations.id'], ),
sa.ForeignKeyConstraint(['updated_by_user_id'], ['users.id'], ),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.PrimaryKeyConstraint('id')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index(op.f('ix_organization_security_policies_organization_id'), 'organization_security_policies', ['organization_id'], unique=True)
op.create_table('password_reset_tokens',
sa.Column('user_id', sa.String(length=36), nullable=False),
sa.Column('token', sa.String(length=128), nullable=False),
sa.Column('expires_at', sa.DateTime(), nullable=False),
sa.Column('used_at', sa.DateTime(), nullable=True),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ondelete='CASCADE'),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.PrimaryKeyConstraint('id')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index(op.f('ix_password_reset_tokens_token'), 'password_reset_tokens', ['token'], unique=True)
op.create_index(op.f('ix_password_reset_tokens_user_id'), 'password_reset_tokens', ['user_id'], unique=False)
op.create_table('portal_networks',
sa.Column('organization_id', sa.String(length=36), nullable=False),
sa.Column('name', sa.String(length=255), nullable=False),
sa.Column('description', sa.Text(), nullable=True),
sa.Column('owner_user_id', sa.String(length=36), nullable=False),
sa.Column('zerotier_network_id', sa.String(length=16), nullable=False),
sa.Column('environment', sa.Enum('production', 'staging', 'development', 'lab', name='network_environment'), nullable=False),
sa.Column('request_mode', sa.Enum('open', 'approval_required', 'invite_only', name='network_request_mode'), nullable=False),
sa.Column('default_activation_lifetime_minutes', sa.Integer(), nullable=False),
sa.Column('max_activation_lifetime_minutes', sa.Integer(), nullable=True),
sa.Column('is_active', sa.Boolean(), nullable=False),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['organization_id'], ['organizations.id'], ),
sa.ForeignKeyConstraint(['owner_user_id'], ['users.id'], ),
sa.PrimaryKeyConstraint('id'),
sa.UniqueConstraint('organization_id', 'zerotier_network_id', name='uix_org_zt_network_id')
)
op.create_index(op.f('ix_portal_networks_organization_id'), 'portal_networks', ['organization_id'], unique=False)
op.create_index(op.f('ix_portal_networks_zerotier_network_id'), 'portal_networks', ['zerotier_network_id'], unique=False)
op.create_table('principals',
sa.Column('organization_id', sa.String(length=36), nullable=False),
sa.Column('name', sa.String(length=255), nullable=False),
sa.Column('description', sa.Text(), nullable=True),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['organization_id'], ['organizations.id'], ),
sa.PrimaryKeyConstraint('id'),
sa.UniqueConstraint('organization_id', 'name', name='uix_org_principal_name')
)
op.create_index(op.f('ix_principals_name'), 'principals', ['name'], unique=False)
op.create_index(op.f('ix_principals_organization_id'), 'principals', ['organization_id'], unique=False)
op.create_table('sessions',
sa.Column('user_id', sa.String(length=36), nullable=False),
sa.Column('token', sa.String(length=255), nullable=False),
sa.Column('status', sa.Enum('ACTIVE', 'EXPIRED', 'REVOKED', name='sessionstatus'), nullable=False),
sa.Column('ip_address', sa.String(length=45), nullable=True),
sa.Column('user_agent', sa.Text(), nullable=True),
sa.Column('device_info', sa.JSON(), nullable=True),
sa.Column('expires_at', sa.DateTime(), nullable=False),
sa.Column('last_activity_at', sa.DateTime(), nullable=False),
sa.Column('revoked_at', sa.DateTime(), nullable=True),
sa.Column('revoked_reason', sa.String(length=255), nullable=True),
sa.Column('is_compliance_only', sa.Boolean(), nullable=False),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.PrimaryKeyConstraint('id')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index(op.f('ix_sessions_token'), 'sessions', ['token'], unique=True)
op.create_index(op.f('ix_sessions_user_id'), 'sessions', ['user_id'], unique=False)
op.create_table('ssh_keys',
sa.Column('user_id', sa.String(length=36), nullable=False),
sa.Column('payload', sa.Text(), nullable=False),
sa.Column('fingerprint', sa.String(length=255), nullable=False),
sa.Column('description', sa.String(length=255), nullable=True),
sa.Column('verified', sa.Boolean(), nullable=False),
sa.Column('verified_at', sa.DateTime(), nullable=True),
sa.Column('verify_text', sa.String(length=255), nullable=True),
sa.Column('verify_text_created_at', sa.DateTime(), nullable=True),
sa.Column('key_type', sa.String(length=50), nullable=True),
sa.Column('key_bits', sa.Integer(), nullable=True),
sa.Column('key_comment', sa.String(length=255), nullable=True),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
sa.PrimaryKeyConstraint('id'),
sa.UniqueConstraint('payload')
)
op.create_index('idx_ssh_key_user_verified', 'ssh_keys', ['user_id', 'verified'], unique=False)
op.create_index(op.f('ix_ssh_keys_fingerprint'), 'ssh_keys', ['fingerprint'], unique=True)
op.create_index(op.f('ix_ssh_keys_user_id'), 'ssh_keys', ['user_id'], unique=False)
op.create_index(op.f('ix_ssh_keys_verified'), 'ssh_keys', ['verified'], unique=False)
op.create_table('user_security_policies',
sa.Column('user_id', sa.String(length=36), nullable=False),
sa.Column('organization_id', sa.String(length=36), nullable=False),
sa.Column('mfa_override_mode', sa.Enum('INHERIT', 'REQUIRED', 'EXEMPT', name='mfarequirementoverride'), nullable=False),
sa.Column('force_totp', sa.Boolean(), nullable=False),
sa.Column('force_webauthn', sa.Boolean(), nullable=False),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['organization_id'], ['organizations.id'], ),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
sa.PrimaryKeyConstraint('id'),
sa.UniqueConstraint('user_id', 'organization_id', name='uix_user_org_policy')
)
op.create_index(op.f('ix_user_security_policies_organization_id'), 'user_security_policies', ['organization_id'], unique=False)
op.create_index(op.f('ix_user_security_policies_user_id'), 'user_security_policies', ['user_id'], unique=False)
op.create_table('ca_permissions',
sa.Column('ca_id', sa.String(length=36), nullable=False),
sa.Column('user_id', sa.String(length=36), nullable=False),
sa.Column('permission', sa.String(length=50), nullable=False),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['ca_id'], ['cas.id'], ondelete='CASCADE'),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ondelete='CASCADE'),
sa.PrimaryKeyConstraint('id'),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.UniqueConstraint('ca_id', 'user_id', name='uix_ca_permission')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index(op.f('ix_ca_permissions_ca_id'), 'ca_permissions', ['ca_id'], unique=False)
op.create_index(op.f('ix_ca_permissions_user_id'), 'ca_permissions', ['user_id'], unique=False)
op.create_table('department_cert_policies',
sa.Column('department_id', sa.String(length=36), nullable=False),
sa.Column('allow_user_expiry', sa.Boolean(), nullable=False),
sa.Column('default_expiry_hours', sa.Integer(), nullable=False),
sa.Column('max_expiry_hours', sa.Integer(), nullable=False),
sa.Column('allowed_extensions', sa.JSON(), nullable=False),
sa.Column('custom_extensions', sa.JSON(), nullable=False),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['department_id'], ['departments.id'], ),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.PrimaryKeyConstraint('id')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index(op.f('ix_department_cert_policies_department_id'), 'department_cert_policies', ['department_id'], unique=True)
op.create_table('department_memberships',
sa.Column('user_id', sa.String(length=36), nullable=False),
sa.Column('department_id', sa.String(length=36), nullable=False),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['department_id'], ['departments.id'], ),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
sa.PrimaryKeyConstraint('id'),
sa.UniqueConstraint('user_id', 'department_id', name='uix_user_dept')
)
op.create_index(op.f('ix_department_memberships_department_id'), 'department_memberships', ['department_id'], unique=False)
op.create_index(op.f('ix_department_memberships_user_id'), 'department_memberships', ['user_id'], unique=False)
op.create_table('department_principals',
sa.Column('department_id', sa.String(length=36), nullable=False),
sa.Column('principal_id', sa.String(length=36), nullable=False),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['department_id'], ['departments.id'], ),
sa.ForeignKeyConstraint(['principal_id'], ['principals.id'], ),
sa.PrimaryKeyConstraint('id'),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.UniqueConstraint('department_id', 'principal_id', name='uix_dept_principal')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index(op.f('ix_department_principals_department_id'), 'department_principals', ['department_id'], unique=False)
op.create_index(op.f('ix_department_principals_principal_id'), 'department_principals', ['principal_id'], unique=False)
op.create_table('oidc_audit_logs',
sa.Column('event_type', sa.String(length=100), nullable=False),
sa.Column('client_id', sa.String(length=255), nullable=True),
sa.Column('user_id', sa.String(length=36), nullable=True),
sa.Column('success', sa.Boolean(), nullable=False),
sa.Column('error_code', sa.String(length=100), nullable=True),
sa.Column('error_description', sa.Text(), nullable=True),
sa.Column('ip_address', sa.String(length=45), nullable=True),
sa.Column('user_agent', sa.Text(), nullable=True),
sa.Column('request_id', sa.String(length=36), nullable=True),
sa.Column('event_metadata', sa.JSON(), nullable=True),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['client_id'], ['oidc_clients.id'], ),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.PrimaryKeyConstraint('id')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index(op.f('ix_oidc_audit_logs_client_id'), 'oidc_audit_logs', ['client_id'], unique=False)
op.create_index(op.f('ix_oidc_audit_logs_event_type'), 'oidc_audit_logs', ['event_type'], unique=False)
op.create_index(op.f('ix_oidc_audit_logs_ip_address'), 'oidc_audit_logs', ['ip_address'], unique=False)
op.create_index(op.f('ix_oidc_audit_logs_request_id'), 'oidc_audit_logs', ['request_id'], unique=False)
op.create_index(op.f('ix_oidc_audit_logs_success'), 'oidc_audit_logs', ['success'], unique=False)
op.create_index(op.f('ix_oidc_audit_logs_user_id'), 'oidc_audit_logs', ['user_id'], unique=False)
op.create_table('oidc_authorization_codes',
sa.Column('client_id', sa.String(length=255), nullable=False),
sa.Column('user_id', sa.String(length=36), nullable=False),
sa.Column('code_hash', sa.String(length=255), nullable=False),
sa.Column('redirect_uri', sa.String(length=512), nullable=False),
sa.Column('scope', sa.JSON(), nullable=True),
sa.Column('nonce', sa.String(length=255), nullable=True),
sa.Column('code_verifier', sa.String(length=255), nullable=True),
sa.Column('expires_at', sa.DateTime(), nullable=False),
sa.Column('used_at', sa.DateTime(), nullable=True),
sa.Column('is_used', sa.Boolean(), nullable=False),
sa.Column('ip_address', sa.String(length=45), nullable=True),
sa.Column('user_agent', sa.Text(), nullable=True),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['client_id'], ['oidc_clients.id'], ),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.PrimaryKeyConstraint('id')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index(op.f('ix_oidc_authorization_codes_client_id'), 'oidc_authorization_codes', ['client_id'], unique=False)
op.create_index(op.f('ix_oidc_authorization_codes_expires_at'), 'oidc_authorization_codes', ['expires_at'], unique=False)
op.create_index(op.f('ix_oidc_authorization_codes_user_id'), 'oidc_authorization_codes', ['user_id'], unique=False)
op.create_table('oidc_refresh_tokens',
sa.Column('client_id', sa.String(length=255), nullable=False),
sa.Column('user_id', sa.String(length=36), nullable=False),
sa.Column('token_hash', sa.String(length=255), nullable=False),
sa.Column('access_token_id', sa.String(length=255), nullable=True),
sa.Column('scope', sa.JSON(), nullable=True),
sa.Column('expires_at', sa.DateTime(), nullable=False),
sa.Column('revoked_at', sa.DateTime(), nullable=True),
sa.Column('revoked_reason', sa.String(length=255), nullable=True),
sa.Column('previous_token_hash', sa.String(length=255), nullable=True),
sa.Column('rotation_count', sa.Integer(), nullable=False),
sa.Column('ip_address', sa.String(length=45), nullable=True),
sa.Column('user_agent', sa.Text(), nullable=True),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['client_id'], ['oidc_clients.id'], ),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.PrimaryKeyConstraint('id')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index(op.f('ix_oidc_refresh_tokens_access_token_id'), 'oidc_refresh_tokens', ['access_token_id'], unique=False)
op.create_index(op.f('ix_oidc_refresh_tokens_client_id'), 'oidc_refresh_tokens', ['client_id'], unique=False)
op.create_index(op.f('ix_oidc_refresh_tokens_expires_at'), 'oidc_refresh_tokens', ['expires_at'], unique=False)
op.create_index(op.f('ix_oidc_refresh_tokens_token_hash'), 'oidc_refresh_tokens', ['token_hash'], unique=True)
op.create_index(op.f('ix_oidc_refresh_tokens_user_id'), 'oidc_refresh_tokens', ['user_id'], unique=False)
op.create_table('oidc_sessions',
sa.Column('user_id', sa.String(length=36), nullable=False),
sa.Column('client_id', sa.String(length=255), nullable=False),
sa.Column('state', sa.String(length=255), nullable=False),
sa.Column('nonce', sa.String(length=255), nullable=True),
sa.Column('redirect_uri', sa.String(length=512), nullable=False),
sa.Column('scope', sa.JSON(), nullable=True),
sa.Column('code_challenge', sa.String(length=255), nullable=True),
sa.Column('code_challenge_method', sa.String(length=10), nullable=True),
sa.Column('expires_at', sa.DateTime(), nullable=False),
sa.Column('authenticated_at', sa.DateTime(), nullable=True),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['client_id'], ['oidc_clients.id'], ),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.PrimaryKeyConstraint('id')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index(op.f('ix_oidc_sessions_client_id'), 'oidc_sessions', ['client_id'], unique=False)
op.create_index(op.f('ix_oidc_sessions_expires_at'), 'oidc_sessions', ['expires_at'], unique=False)
op.create_index(op.f('ix_oidc_sessions_state'), 'oidc_sessions', ['state'], unique=False)
op.create_index(op.f('ix_oidc_sessions_user_id'), 'oidc_sessions', ['user_id'], unique=False)
op.create_table('oidc_token_metadata',
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('client_id', sa.String(length=255), nullable=False),
sa.Column('user_id', sa.String(length=36), nullable=False),
sa.Column('token_type', sa.String(length=50), nullable=False),
sa.Column('token_jti', sa.String(length=255), nullable=False),
sa.Column('expires_at', sa.DateTime(), nullable=False),
sa.Column('revoked_at', sa.DateTime(), nullable=True),
sa.Column('revoked_reason', sa.String(length=255), nullable=True),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['client_id'], ['oidc_clients.id'], ),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
sa.PrimaryKeyConstraint('id')
)
op.create_index(op.f('ix_oidc_token_metadata_client_id'), 'oidc_token_metadata', ['client_id'], unique=False)
op.create_index(op.f('ix_oidc_token_metadata_expires_at'), 'oidc_token_metadata', ['expires_at'], unique=False)
op.create_index(op.f('ix_oidc_token_metadata_token_jti'), 'oidc_token_metadata', ['token_jti'], unique=False)
op.create_index(op.f('ix_oidc_token_metadata_user_id'), 'oidc_token_metadata', ['user_id'], unique=False)
op.create_table('principal_memberships',
sa.Column('user_id', sa.String(length=36), nullable=False),
sa.Column('principal_id', sa.String(length=36), nullable=False),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['principal_id'], ['principals.id'], ),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
sa.PrimaryKeyConstraint('id'),
sa.UniqueConstraint('user_id', 'principal_id', name='uix_user_principal')
)
op.create_index(op.f('ix_principal_memberships_principal_id'), 'principal_memberships', ['principal_id'], unique=False)
op.create_index(op.f('ix_principal_memberships_user_id'), 'principal_memberships', ['user_id'], unique=False)
op.create_table('ssh_certificates',
sa.Column('ca_id', sa.String(length=36), nullable=False),
sa.Column('user_id', sa.String(length=36), nullable=False),
sa.Column('ssh_key_id', sa.String(length=36), nullable=True),
sa.Column('certificate', sa.Text(), nullable=False),
sa.Column('serial', sa.String(length=255), nullable=False),
sa.Column('key_id', sa.String(length=255), nullable=False),
sa.Column('cert_type', sa.Enum('user', 'host', name='certtype'), nullable=False),
sa.Column('principals', sa.JSON(), nullable=False),
sa.Column('valid_after', sa.DateTime(), nullable=False),
sa.Column('valid_before', sa.DateTime(), nullable=False),
sa.Column('revoked', sa.Boolean(), nullable=False),
sa.Column('revoked_at', sa.DateTime(), nullable=True),
sa.Column('revoke_reason', sa.String(length=255), nullable=True),
sa.Column('status', sa.Enum('requested', 'issued', 'revoked', 'expired', 'superseded', name='certificatestatus'), nullable=False),
sa.Column('request_ip', sa.String(length=45), nullable=True),
sa.Column('request_user_agent', sa.String(length=512), nullable=True),
sa.Column('critical_options', sa.JSON(), nullable=True),
sa.Column('extensions', sa.JSON(), nullable=True),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['ca_id'], ['cas.id'], ),
sa.ForeignKeyConstraint(['ssh_key_id'], ['ssh_keys.id'], ),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
sa.PrimaryKeyConstraint('id'),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.UniqueConstraint('ca_id', 'serial', name='uq_ssh_certificates_ca_serial')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index('idx_cert_revoked', 'ssh_certificates', ['revoked', 'revoked_at'], unique=False)
op.create_index('idx_cert_user_status', 'ssh_certificates', ['user_id', 'status'], unique=False)
op.create_index('idx_cert_validity', 'ssh_certificates', ['valid_after', 'valid_before'], unique=False)
op.create_index(op.f('ix_ssh_certificates_ca_id'), 'ssh_certificates', ['ca_id'], unique=False)
op.create_index(op.f('ix_ssh_certificates_revoked'), 'ssh_certificates', ['revoked'], unique=False)
op.create_index('ix_ssh_certificates_serial', 'ssh_certificates', ['serial'], unique=False)
op.create_index(op.f('ix_ssh_certificates_ssh_key_id'), 'ssh_certificates', ['ssh_key_id'], unique=False)
op.create_index(op.f('ix_ssh_certificates_status'), 'ssh_certificates', ['status'], unique=False)
op.create_index(op.f('ix_ssh_certificates_user_id'), 'ssh_certificates', ['user_id'], unique=False)
op.create_table('user_network_approvals',
sa.Column('organization_id', sa.String(length=36), nullable=False),
sa.Column('user_id', sa.String(length=36), nullable=False),
sa.Column('portal_network_id', sa.String(length=36), nullable=False),
sa.Column('granted_by_user_id', sa.String(length=36), nullable=True),
sa.Column('grant_type', sa.Enum('requested', 'assigned', name='approval_grant_type'), nullable=False),
sa.Column('state', sa.Enum('pending', 'approved', 'rejected', 'revoked', 'suspended', name='approval_state'), nullable=False),
sa.Column('justification', sa.Text(), nullable=True),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['granted_by_user_id'], ['users.id'], ),
sa.ForeignKeyConstraint(['organization_id'], ['organizations.id'], ),
sa.ForeignKeyConstraint(['portal_network_id'], ['portal_networks.id'], ),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
sa.PrimaryKeyConstraint('id'),
sa.UniqueConstraint('user_id', 'portal_network_id', 'deleted_at', name='uix_user_network_approval')
)
op.create_index(op.f('ix_user_network_approvals_organization_id'), 'user_network_approvals', ['organization_id'], unique=False)
op.create_index(op.f('ix_user_network_approvals_portal_network_id'), 'user_network_approvals', ['portal_network_id'], unique=False)
op.create_index(op.f('ix_user_network_approvals_state'), 'user_network_approvals', ['state'], unique=False)
op.create_index(op.f('ix_user_network_approvals_user_id'), 'user_network_approvals', ['user_id'], unique=False)
op.create_table('certificate_audit_logs',
sa.Column('certificate_id', sa.String(length=36), nullable=False),
sa.Column('user_id', sa.String(length=36), nullable=True),
sa.Column('action', sa.String(length=50), nullable=False),
sa.Column('ip_address', sa.String(length=45), nullable=True),
sa.Column('user_agent', sa.String(length=512), nullable=True),
sa.Column('request_id', sa.String(length=36), nullable=True),
sa.Column('message', sa.Text(), nullable=True),
sa.Column('extra_data', sa.JSON(), nullable=True),
sa.Column('success', sa.Boolean(), nullable=False),
sa.Column('error_message', sa.Text(), nullable=True),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['certificate_id'], ['ssh_certificates.id'], ),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.PrimaryKeyConstraint('id')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index('idx_cert_audit_cert_action', 'certificate_audit_logs', ['certificate_id', 'action'], unique=False)
op.create_index('idx_cert_audit_user', 'certificate_audit_logs', ['user_id', 'created_at'], unique=False)
op.create_index(op.f('ix_certificate_audit_logs_action'), 'certificate_audit_logs', ['action'], unique=False)
op.create_index(op.f('ix_certificate_audit_logs_certificate_id'), 'certificate_audit_logs', ['certificate_id'], unique=False)
op.create_index(op.f('ix_certificate_audit_logs_user_id'), 'certificate_audit_logs', ['user_id'], unique=False)
op.create_table('device_network_memberships',
sa.Column('organization_id', sa.String(length=36), nullable=False),
sa.Column('user_id', sa.String(length=36), nullable=False),
sa.Column('device_id', sa.String(length=36), nullable=False),
sa.Column('portal_network_id', sa.String(length=36), nullable=False),
sa.Column('user_network_approval_id', sa.String(length=36), nullable=True),
sa.Column('state', sa.Enum('pending_device_registration', 'pending_request', 'pending_manager_approval', 'approved_inactive', 'joined_deauthorized', 'active_authorized', 'activation_expired', 'suspended', 'revoked', 'rejected', name='membership_state'), nullable=False),
sa.Column('join_seen', sa.Boolean(), nullable=False),
sa.Column('currently_authorized', sa.Boolean(), nullable=False),
sa.Column('approved_for_activation', sa.Boolean(), nullable=False),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['device_id'], ['devices.id'], ),
sa.ForeignKeyConstraint(['organization_id'], ['organizations.id'], ),
sa.ForeignKeyConstraint(['portal_network_id'], ['portal_networks.id'], ),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
sa.ForeignKeyConstraint(['user_network_approval_id'], ['user_network_approvals.id'], ),
sa.PrimaryKeyConstraint('id'),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.UniqueConstraint('device_id', 'portal_network_id', 'deleted_at', name='uix_device_network')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index(op.f('ix_device_network_memberships_device_id'), 'device_network_memberships', ['device_id'], unique=False)
op.create_index(op.f('ix_device_network_memberships_organization_id'), 'device_network_memberships', ['organization_id'], unique=False)
op.create_index(op.f('ix_device_network_memberships_portal_network_id'), 'device_network_memberships', ['portal_network_id'], unique=False)
op.create_index(op.f('ix_device_network_memberships_state'), 'device_network_memberships', ['state'], unique=False)
op.create_index(op.f('ix_device_network_memberships_user_id'), 'device_network_memberships', ['user_id'], unique=False)
op.create_index(op.f('ix_device_network_memberships_user_network_approval_id'), 'device_network_memberships', ['user_network_approval_id'], unique=False)
op.create_table('activation_sessions',
sa.Column('organization_id', sa.String(length=36), nullable=False),
sa.Column('user_id', sa.String(length=36), nullable=False),
sa.Column('device_network_membership_id', sa.String(length=36), nullable=False),
sa.Column('authenticated_at', sa.DateTime(), nullable=False),
sa.Column('expires_at', sa.DateTime(), nullable=False),
sa.Column('ended_at', sa.DateTime(), nullable=True),
sa.Column('end_reason', sa.Enum('expired', 'logout', 'kill_switch', 'manual_revoke', 'approval_revoked', 'admin_action', name='activation_end_reason'), nullable=True),
sa.Column('created_by', sa.String(length=36), nullable=False),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['created_by'], ['users.id'], ),
sa.ForeignKeyConstraint(['device_network_membership_id'], ['device_network_memberships.id'], ),
sa.ForeignKeyConstraint(['organization_id'], ['organizations.id'], ),
sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
fix: remove redundant unique constraints on id columns from all migrations
2026-04-26 06:41:33 +00:00
sa.PrimaryKeyConstraint('id')
refactor(db): consolidate migrations into single initial migration
2026-04-04 16:50:48 +10:30
)
op.create_index(op.f('ix_activation_sessions_device_network_membership_id'), 'activation_sessions', ['device_network_membership_id'], unique=False)
op.create_index(op.f('ix_activation_sessions_organization_id'), 'activation_sessions', ['organization_id'], unique=False)
op.create_index(op.f('ix_activation_sessions_user_id'), 'activation_sessions', ['user_id'], unique=False)
op.create_table('zerotier_memberships',
sa.Column('organization_id', sa.String(length=36), nullable=False),
sa.Column('device_network_membership_id', sa.String(length=36), nullable=True),
sa.Column('zerotier_network_id', sa.String(length=16), nullable=False),
sa.Column('node_id', sa.String(length=10), nullable=False),
sa.Column('member_seen', sa.Boolean(), nullable=False),
sa.Column('authorized', sa.Boolean(), nullable=False),
sa.Column('join_seen_at', sa.DateTime(), nullable=True),
sa.Column('last_synced_at', sa.DateTime(), nullable=True),
sa.Column('raw_controller_payload', sa.JSON(), nullable=True),
sa.Column('id', sa.String(length=36), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('updated_at', sa.DateTime(), nullable=False),
sa.Column('deleted_at', sa.DateTime(), nullable=True),
sa.ForeignKeyConstraint(['device_network_membership_id'], ['device_network_memberships.id'], ),
sa.ForeignKeyConstraint(['organization_id'], ['organizations.id'], ),
sa.PrimaryKeyConstraint('id'),
sa.UniqueConstraint('zerotier_network_id', 'node_id', name='uix_zt_network_node')
)
op.create_index(op.f('ix_zerotier_memberships_device_network_membership_id'), 'zerotier_memberships', ['device_network_membership_id'], unique=False)
op.create_index(op.f('ix_zerotier_memberships_node_id'), 'zerotier_memberships', ['node_id'], unique=False)
op.create_index(op.f('ix_zerotier_memberships_organization_id'), 'zerotier_memberships', ['organization_id'], unique=False)
op.create_index(op.f('ix_zerotier_memberships_zerotier_network_id'), 'zerotier_memberships', ['zerotier_network_id'], unique=False)
# ### end Alembic commands ###
def downgrade():
# ### commands auto generated by Alembic - please adjust! ###
op.drop_index(op.f('ix_zerotier_memberships_zerotier_network_id'), table_name='zerotier_memberships')
op.drop_index(op.f('ix_zerotier_memberships_organization_id'), table_name='zerotier_memberships')
op.drop_index(op.f('ix_zerotier_memberships_node_id'), table_name='zerotier_memberships')
op.drop_index(op.f('ix_zerotier_memberships_device_network_membership_id'), table_name='zerotier_memberships')
op.drop_table('zerotier_memberships')
op.drop_index(op.f('ix_activation_sessions_user_id'), table_name='activation_sessions')
op.drop_index(op.f('ix_activation_sessions_organization_id'), table_name='activation_sessions')
op.drop_index(op.f('ix_activation_sessions_device_network_membership_id'), table_name='activation_sessions')
op.drop_table('activation_sessions')
op.drop_index(op.f('ix_device_network_memberships_user_network_approval_id'), table_name='device_network_memberships')
op.drop_index(op.f('ix_device_network_memberships_user_id'), table_name='device_network_memberships')
op.drop_index(op.f('ix_device_network_memberships_state'), table_name='device_network_memberships')
op.drop_index(op.f('ix_device_network_memberships_portal_network_id'), table_name='device_network_memberships')
op.drop_index(op.f('ix_device_network_memberships_organization_id'), table_name='device_network_memberships')
op.drop_index(op.f('ix_device_network_memberships_device_id'), table_name='device_network_memberships')
op.drop_table('device_network_memberships')
op.drop_index(op.f('ix_certificate_audit_logs_user_id'), table_name='certificate_audit_logs')
op.drop_index(op.f('ix_certificate_audit_logs_certificate_id'), table_name='certificate_audit_logs')
op.drop_index(op.f('ix_certificate_audit_logs_action'), table_name='certificate_audit_logs')
op.drop_index('idx_cert_audit_user', table_name='certificate_audit_logs')
op.drop_index('idx_cert_audit_cert_action', table_name='certificate_audit_logs')
op.drop_table('certificate_audit_logs')
op.drop_index(op.f('ix_user_network_approvals_user_id'), table_name='user_network_approvals')
op.drop_index(op.f('ix_user_network_approvals_state'), table_name='user_network_approvals')
op.drop_index(op.f('ix_user_network_approvals_portal_network_id'), table_name='user_network_approvals')
op.drop_index(op.f('ix_user_network_approvals_organization_id'), table_name='user_network_approvals')
op.drop_table('user_network_approvals')
op.drop_index(op.f('ix_ssh_certificates_user_id'), table_name='ssh_certificates')
op.drop_index(op.f('ix_ssh_certificates_status'), table_name='ssh_certificates')
op.drop_index(op.f('ix_ssh_certificates_ssh_key_id'), table_name='ssh_certificates')
op.drop_index('ix_ssh_certificates_serial', table_name='ssh_certificates')
op.drop_index(op.f('ix_ssh_certificates_revoked'), table_name='ssh_certificates')
op.drop_index(op.f('ix_ssh_certificates_ca_id'), table_name='ssh_certificates')
op.drop_index('idx_cert_validity', table_name='ssh_certificates')
op.drop_index('idx_cert_user_status', table_name='ssh_certificates')
op.drop_index('idx_cert_revoked', table_name='ssh_certificates')
op.drop_table('ssh_certificates')
op.drop_index(op.f('ix_principal_memberships_user_id'), table_name='principal_memberships')
op.drop_index(op.f('ix_principal_memberships_principal_id'), table_name='principal_memberships')
op.drop_table('principal_memberships')
op.drop_index(op.f('ix_oidc_token_metadata_user_id'), table_name='oidc_token_metadata')
op.drop_index(op.f('ix_oidc_token_metadata_token_jti'), table_name='oidc_token_metadata')
op.drop_index(op.f('ix_oidc_token_metadata_expires_at'), table_name='oidc_token_metadata')
op.drop_index(op.f('ix_oidc_token_metadata_client_id'), table_name='oidc_token_metadata')
op.drop_table('oidc_token_metadata')
op.drop_index(op.f('ix_oidc_sessions_user_id'), table_name='oidc_sessions')
op.drop_index(op.f('ix_oidc_sessions_state'), table_name='oidc_sessions')
op.drop_index(op.f('ix_oidc_sessions_expires_at'), table_name='oidc_sessions')
op.drop_index(op.f('ix_oidc_sessions_client_id'), table_name='oidc_sessions')
op.drop_table('oidc_sessions')
op.drop_index(op.f('ix_oidc_refresh_tokens_user_id'), table_name='oidc_refresh_tokens')
op.drop_index(op.f('ix_oidc_refresh_tokens_token_hash'), table_name='oidc_refresh_tokens')
op.drop_index(op.f('ix_oidc_refresh_tokens_expires_at'), table_name='oidc_refresh_tokens')
op.drop_index(op.f('ix_oidc_refresh_tokens_client_id'), table_name='oidc_refresh_tokens')
op.drop_index(op.f('ix_oidc_refresh_tokens_access_token_id'), table_name='oidc_refresh_tokens')
op.drop_table('oidc_refresh_tokens')
op.drop_index(op.f('ix_oidc_authorization_codes_user_id'), table_name='oidc_authorization_codes')
op.drop_index(op.f('ix_oidc_authorization_codes_expires_at'), table_name='oidc_authorization_codes')
op.drop_index(op.f('ix_oidc_authorization_codes_client_id'), table_name='oidc_authorization_codes')
op.drop_table('oidc_authorization_codes')
op.drop_index(op.f('ix_oidc_audit_logs_user_id'), table_name='oidc_audit_logs')
op.drop_index(op.f('ix_oidc_audit_logs_success'), table_name='oidc_audit_logs')
op.drop_index(op.f('ix_oidc_audit_logs_request_id'), table_name='oidc_audit_logs')
op.drop_index(op.f('ix_oidc_audit_logs_ip_address'), table_name='oidc_audit_logs')
op.drop_index(op.f('ix_oidc_audit_logs_event_type'), table_name='oidc_audit_logs')
op.drop_index(op.f('ix_oidc_audit_logs_client_id'), table_name='oidc_audit_logs')
op.drop_table('oidc_audit_logs')
op.drop_index(op.f('ix_department_principals_principal_id'), table_name='department_principals')
op.drop_index(op.f('ix_department_principals_department_id'), table_name='department_principals')
op.drop_table('department_principals')
op.drop_index(op.f('ix_department_memberships_user_id'), table_name='department_memberships')
op.drop_index(op.f('ix_department_memberships_department_id'), table_name='department_memberships')
op.drop_table('department_memberships')
op.drop_index(op.f('ix_department_cert_policies_department_id'), table_name='department_cert_policies')
op.drop_table('department_cert_policies')
op.drop_index(op.f('ix_ca_permissions_user_id'), table_name='ca_permissions')
op.drop_index(op.f('ix_ca_permissions_ca_id'), table_name='ca_permissions')
op.drop_table('ca_permissions')
op.drop_index(op.f('ix_user_security_policies_user_id'), table_name='user_security_policies')
op.drop_index(op.f('ix_user_security_policies_organization_id'), table_name='user_security_policies')
op.drop_table('user_security_policies')
op.drop_index(op.f('ix_ssh_keys_verified'), table_name='ssh_keys')
op.drop_index(op.f('ix_ssh_keys_user_id'), table_name='ssh_keys')
op.drop_index(op.f('ix_ssh_keys_fingerprint'), table_name='ssh_keys')
op.drop_index('idx_ssh_key_user_verified', table_name='ssh_keys')
op.drop_table('ssh_keys')
op.drop_index(op.f('ix_sessions_user_id'), table_name='sessions')
op.drop_index(op.f('ix_sessions_token'), table_name='sessions')
op.drop_table('sessions')
op.drop_index(op.f('ix_principals_organization_id'), table_name='principals')
op.drop_index(op.f('ix_principals_name'), table_name='principals')
op.drop_table('principals')
op.drop_index(op.f('ix_portal_networks_zerotier_network_id'), table_name='portal_networks')
op.drop_index(op.f('ix_portal_networks_organization_id'), table_name='portal_networks')
op.drop_table('portal_networks')
op.drop_index(op.f('ix_password_reset_tokens_user_id'), table_name='password_reset_tokens')
op.drop_index(op.f('ix_password_reset_tokens_token'), table_name='password_reset_tokens')
op.drop_table('password_reset_tokens')
op.drop_index(op.f('ix_organization_security_policies_organization_id'), table_name='organization_security_policies')
op.drop_table('organization_security_policies')
op.drop_index(op.f('ix_organization_provider_overrides_provider_type'), table_name='organization_provider_overrides')
op.drop_index(op.f('ix_organization_provider_overrides_organization_id'), table_name='organization_provider_overrides')
op.drop_table('organization_provider_overrides')
op.drop_index(op.f('ix_organization_members_user_id'), table_name='organization_members')
op.drop_index(op.f('ix_organization_members_organization_id'), table_name='organization_members')
op.drop_table('organization_members')
op.drop_index(op.f('ix_organization_api_keys_organization_id'), table_name='organization_api_keys')
op.drop_index(op.f('ix_organization_api_keys_key_hash'), table_name='organization_api_keys')
op.drop_index(op.f('ix_organization_api_keys_is_revoked'), table_name='organization_api_keys')
op.drop_index('idx_org_api_key_org_active', table_name='organization_api_keys')
op.drop_index('idx_api_key_last_used', table_name='organization_api_keys')
op.drop_table('organization_api_keys')
op.drop_index(op.f('ix_org_invite_tokens_token'), table_name='org_invite_tokens')
op.drop_index(op.f('ix_org_invite_tokens_organization_id'), table_name='org_invite_tokens')
op.drop_index(op.f('ix_org_invite_tokens_email'), table_name='org_invite_tokens')
op.drop_table('org_invite_tokens')
op.drop_index(op.f('ix_oidc_clients_organization_id'), table_name='oidc_clients')
op.drop_index(op.f('ix_oidc_clients_client_id'), table_name='oidc_clients')
op.drop_table('oidc_clients')
op.drop_index(op.f('ix_oauth_states_state'), table_name='oauth_states')
op.drop_index(op.f('ix_oauth_states_organization_id'), table_name='oauth_states')
op.drop_index(op.f('ix_oauth_states_expires_at'), table_name='oauth_states')
op.drop_table('oauth_states')
op.drop_index(op.f('ix_mfa_policy_compliance_user_id'), table_name='mfa_policy_compliance')
op.drop_index(op.f('ix_mfa_policy_compliance_organization_id'), table_name='mfa_policy_compliance')
op.drop_table('mfa_policy_compliance')
op.drop_index(op.f('ix_kill_switch_events_target_user_id'), table_name='kill_switch_events')
op.drop_index(op.f('ix_kill_switch_events_organization_id'), table_name='kill_switch_events')
op.drop_table('kill_switch_events')
op.drop_index(op.f('ix_external_provider_configs_provider_type'), table_name='external_provider_configs')
op.drop_index(op.f('ix_external_provider_configs_organization_id'), table_name='external_provider_configs')
op.drop_index('idx_provider_config_org', table_name='external_provider_configs')
op.drop_table('external_provider_configs')
op.drop_index(op.f('ix_email_verification_tokens_user_id'), table_name='email_verification_tokens')
op.drop_index(op.f('ix_email_verification_tokens_token'), table_name='email_verification_tokens')
op.drop_table('email_verification_tokens')
op.drop_index(op.f('ix_devices_user_id'), table_name='devices')
op.drop_index(op.f('ix_devices_organization_id'), table_name='devices')
op.drop_index(op.f('ix_devices_node_id'), table_name='devices')
op.drop_table('devices')
op.drop_index(op.f('ix_departments_organization_id'), table_name='departments')
op.drop_index(op.f('ix_departments_name'), table_name='departments')
op.drop_table('departments')
op.drop_index(op.f('ix_cas_organization_id'), table_name='cas')
op.drop_index(op.f('ix_cas_is_active'), table_name='cas')
op.drop_index('idx_ca_org_active', table_name='cas')
op.drop_table('cas')
op.drop_index(op.f('ix_authentication_methods_user_id'), table_name='authentication_methods')
op.drop_index(op.f('ix_authentication_methods_method_type'), table_name='authentication_methods')
op.drop_index('idx_user_method', table_name='authentication_methods')
op.drop_table('authentication_methods')
op.drop_index(op.f('ix_audit_logs_user_id'), table_name='audit_logs')
op.drop_index(op.f('ix_audit_logs_resource_type'), table_name='audit_logs')
op.drop_index(op.f('ix_audit_logs_resource_id'), table_name='audit_logs')
op.drop_index(op.f('ix_audit_logs_request_id'), table_name='audit_logs')
op.drop_index(op.f('ix_audit_logs_organization_id'), table_name='audit_logs')
op.drop_index(op.f('ix_audit_logs_action'), table_name='audit_logs')
op.drop_index('idx_audit_user_action', table_name='audit_logs')
op.drop_index('idx_audit_resource', table_name='audit_logs')
op.drop_index('idx_audit_org', table_name='audit_logs')
op.drop_table('audit_logs')
op.drop_index(op.f('ix_users_status'), table_name='users')
op.drop_index(op.f('ix_users_email'), table_name='users')
op.drop_index(op.f('ix_users_activation_key'), table_name='users')
op.drop_table('users')
op.drop_index(op.f('ix_organizations_slug'), table_name='organizations')
op.drop_table('organizations')
op.drop_index(op.f('ix_oidc_jwks_keys_kid'), table_name='oidc_jwks_keys')
op.drop_table('oidc_jwks_keys')
op.drop_index(op.f('ix_application_provider_configs_provider_type'), table_name='application_provider_configs')
op.drop_table('application_provider_configs')
# ### end Alembic commands ###
Reference in New Issue Copy Permalink