crates/weaver-index/src/sqlite/migrations/003_permissions.sql at main · nonbinary.computer/weaver

atproto blogging

weaver / crates / weaver-index / src / sqlite / migrations / 003_permissions.sql

at main 24 lines 793 B view raw

 1-- Permissions cache
 2-- Local cache of permissions for collab-related hot paths.
 3-- ClickHouse is authoritative; this is populated on-demand for active resources.
 4CREATE TABLE permissions (
 5    -- Resource reference (decomposed)
 6    resource_did TEXT NOT NULL,
 7    resource_collection TEXT NOT NULL,
 8    resource_rkey TEXT NOT NULL,
 9
10    did TEXT NOT NULL,  -- user who has permission
11
12    scope TEXT NOT NULL,  -- 'owner' | 'direct' | 'inherited'
13
14    -- Source reference (decomposed) - resource itself for owner, invite for others
15    source_did TEXT NOT NULL,
16    source_collection TEXT NOT NULL,
17    source_rkey TEXT NOT NULL,
18
19    granted_at TEXT NOT NULL,
20
21    PRIMARY KEY (resource_did, resource_collection, resource_rkey, did)
22);
23
24CREATE INDEX idx_permissions_did ON permissions(did);