tables

package
v1.3.21 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 16, 2026 License: Apache-2.0 Imports: 13 Imported by: 5

Documentation

Overview

Package tables contains the database tables for the configstore.

Package tables provides tables for the configstore

Package tables provides tables for the configstore

Package tables provides tables for the configstore

Package tables provides tables for the configstore

Package tables provides tables for the configstore

Index

Constants

View Source 
const (
	ConfigAdminUsernameKey = "admin_username"
	ConfigAdminPasswordKey = "admin_password"
	ConfigIsAuthEnabledKey = "is_auth_enabled"
	ConfigProxyKey         = "proxy_config"
	// ConfigComplexityAnalyzerConfigKey stores the persisted analyzer config JSON.
	ConfigComplexityAnalyzerConfigKey = "complexity_analyzer_config"
	ConfigRestartRequiredKey          = "restart_required"
	ConfigHeaderFilterKey             = "header_filter_config"
)
View Source 
const (
	// EncryptionStatusPlainText indicates the row's sensitive fields are stored as plaintext.
	EncryptionStatusPlainText = "plain_text"
	// EncryptionStatusEncrypted indicates the row's sensitive fields have been encrypted.
	EncryptionStatusEncrypted = "encrypted"
	// EncryptionStatusVault indicates the row's sensitive fields are stored as vault references.
	EncryptionStatusVault = "vault"
)
View Source 
const (
	ModelConfigScopeGlobal     = "global"
	ModelConfigScopeVirtualKey = "virtual_key"
	ModelConfigScopeUser       = "user"
)

Model config scope values. Scope determines where a model config applies.

View Source 
const (
	SkillSourceTypeURL     = "url"
	SkillSourceTypeDataURL = "dataurl"
	SkillSourceTypeText    = "text"
	SkillSourceTypeUpload  = "upload"
)
View Source 
const (
	MetadataKeyOnboardingDismissed = "onboarding_dismissed"
)

Keys for the ClientConfig.MetadataJSON blob. These live inside the metadata JSON map on config_client, not as governance_config rows.

View Source 
const ModelConfigAllModels = "*"

ModelConfigAllModels is the model_name sentinel meaning "all models". Combined with a specific provider it expresses provider-level governance (all models on that provider); with a nil provider it means all models on all providers.

Variables

View Source 
var VaultHooks struct {
	// IsEnabled reports whether vault is active.
	IsEnabled func() bool
	// Prefix returns the configured vault path prefix (e.g. "bifrost").
	Prefix func() string
	// StoreString vaults *value at path, then replaces *value with the vault reference.
	StoreString func(ctx context.Context, path string, value *string) error
	// ResolveString resolves a vault reference, replacing *value with the secret.
	ResolveString func(ctx context.Context, value *string) error
	// Remove deletes the secret at path (best-effort; errors are ignored by callers).
	Remove func(ctx context.Context, path string) error
}

VaultHooks is populated at startup when a vault backend is configured. OSS table hooks check these function pointers before falling through to AES encryption.

Functions

func GetCalendarPeriodStart added in v1.2.34 

func GetCalendarPeriodStart(duration string, t time.Time) time.Time

GetCalendarPeriodStart returns the start of the current calendar period for the given duration and time. For calendar-scale durations (daily, weekly, monthly, yearly) it snaps to clean boundaries in UTC:

  • "Nd" → midnight UTC on the current day
  • "Nw" → midnight UTC on the most recent Monday
  • "NM" → midnight UTC on the 1st of the current month
  • "NY" → midnight UTC on Jan 1 of the current year

For all other durations (e.g. "1h", "30m") the original time t is returned unchanged, since sub-day periods don't have a natural calendar boundary.

func IsCalendarAlignableDuration added in v1.2.34 

func IsCalendarAlignableDuration(duration string) bool

IsCalendarAlignableDuration reports whether the given duration string supports calendar-aligned resets. Only day ("d"), week ("w"), month ("M"), and year ("Y") suffixes have natural calendar boundaries. Sub-day durations like "1h", "30m" are not alignable.

func IsValidModelConfigScope added in v1.3.17 

func IsValidModelConfigScope(scope string) bool

IsValidModelConfigScope reports whether scope is a recognized model config scope.

func ParseDuration 

func ParseDuration(duration string) (time.Duration, error)

ParseDuration function to parse duration strings

func RegisterModelConfigScope added in v1.3.17 

func RegisterModelConfigScope(scope string)

RegisterModelConfigScope adds scope to the allow-list consulted by IsValidModelConfigScope and TableModelConfig.BeforeSave. Intended to be called once at process startup; safe to call concurrently. Whitespace- only input is ignored.

func VaultIsEnabled added in v1.3.19 

func VaultIsEnabled() bool

func VaultPrefix added in v1.3.19 

func VaultPrefix() string

Types

type GlobalHeaderFilterConfig added in v1.1.53 

type GlobalHeaderFilterConfig struct {
	Allowlist []string `json:"allowlist,omitempty"` // If non-empty, only these headers are allowed
	Denylist  []string `json:"denylist,omitempty"`  // Headers to always block
}

GlobalHeaderFilterConfig represents global header filtering configuration for headers forwarded to LLM providers via the x-bf-eh-* prefix. Filter logic: - If allowlist is non-empty, only headers in the allowlist are forwarded - If denylist is non-empty, headers in the denylist are dropped - If both are non-empty, allowlist takes precedence first, then denylist filters the result

type GlobalProxyConfig added in v1.1.44 

type GlobalProxyConfig struct {
	Enabled       bool                    `json:"enabled"`
	Type          network.GlobalProxyType `json:"type"`                      // "http", "socks5", "tcp"
	URL           string                  `json:"url"`                       // Proxy URL (e.g., http://proxy.example.com:8080)
	Username      string                  `json:"username,omitempty"`        // Optional authentication username
	Password      string                  `json:"password,omitempty"`        // Optional authentication password
	NoProxy       string                  `json:"no_proxy,omitempty"`        // Comma-separated list of hosts to bypass proxy
	Timeout       int                     `json:"timeout"`                   // Connection timeout in seconds
	SkipTLSVerify bool                    `json:"skip_tls_verify,omitempty"` // Skip TLS certificate verification
	// Entity enablement flags
	EnableForSCIM      bool `json:"enable_for_scim"`      // Enable proxy for SCIM requests (enterprise only)
	EnableForInference bool `json:"enable_for_inference"` // Enable proxy for inference requests
	EnableForAPI       bool `json:"enable_for_api"`       // Enable proxy for API requests
}

GlobalProxyConfig represents the global proxy configuration

type ModelParams added in v1.2.27 

type ModelParams map[string]interface{}

ModelParams represents model configuration parameters as a flexible map so that any provider-specific params (response_format, seed, logprobs, etc.) are preserved.

type OauthUserSummary added in v1.3.11 

type OauthUserSummary struct {
	ID   string
	Name string
}

OauthUserSummary is the minimal user view embedded on user-keyed oauth rows for display purposes. Populated post-fetch by the enterprise configstore wrapper (it carries the SCIM user table data into OSS without OSS knowing the enterprise type).

type PromptMessage added in v1.2.27 

type PromptMessage = json.RawMessage

PromptMessage is a raw JSON message stored in the database. The frontend handles serialization/deserialization of the message format. The backend treats it as opaque JSON to remain format-agnostic and backward-compatible.

type PromptVariables added in v1.3.3 

type PromptVariables map[string]string

PromptVariables represents a map of Jinja2 variable names to their values. Sessions store full {key: value} pairs; versions store {key: ""} (keys only).

type RestartRequiredConfig added in v1.1.53 

type RestartRequiredConfig struct {
	Required bool   `json:"required"`
	Reason   string `json:"reason,omitempty"`
}

RestartRequiredConfig represents the restart required configuration This is set when a config change requires a server restart to take effect

type SessionsTable added in v1.1.20 

type SessionsTable struct {
	ID               int       `gorm:"primaryKey;autoIncrement" json:"id"`
	Token            string    `gorm:"type:text;not null;uniqueIndex" json:"token"`
	ExpiresAt        time.Time `gorm:"index;not null" json:"expires_at,omitempty"`
	CreatedAt        time.Time `gorm:"index;not null" json:"created_at"`
	UpdatedAt        time.Time `gorm:"index;not null" json:"updated_at"`
	EncryptionStatus string    `gorm:"type:varchar(20);default:'plain_text'" json:"-"`
	TokenHash        string    `gorm:"type:varchar(64);index:idx_session_token_hash,unique" json:"-"`
}

SessionsTable represents a session in the database

func (*SessionsTable) AfterFind added in v1.2.22 

func (s *SessionsTable) AfterFind(tx *gorm.DB) error

AfterFind hook to decrypt the session token

func (*SessionsTable) BeforeSave added in v1.2.22 

func (s *SessionsTable) BeforeSave(tx *gorm.DB) error

BeforeSave hook to hash and encrypt the session token

func (SessionsTable) TableName added in v1.1.20 

func (SessionsTable) TableName() string

TableName sets the table name for each model

type SkillJSONMap added in v1.3.20 

type SkillJSONMap map[string]any

SkillJSONMap is stored as JSON and represents arbitrary extra frontmatter.

func (*SkillJSONMap) Scan added in v1.3.20 

func (m *SkillJSONMap) Scan(value any) error

Scan implements sql.Scanner for SkillJSONMap.

func (SkillJSONMap) Value added in v1.3.20 

func (m SkillJSONMap) Value() (driver.Value, error)

Value implements driver.Valuer for SkillJSONMap.

type SkillStringMap added in v1.3.20 

type SkillStringMap map[string]string

SkillStringMap is stored as JSON and represents spec metadata string pairs.

func (*SkillStringMap) Scan added in v1.3.20 

func (m *SkillStringMap) Scan(value any) error

Scan implements sql.Scanner for SkillStringMap.

func (SkillStringMap) Value added in v1.3.20 

func (m SkillStringMap) Value() (driver.Value, error)

Value implements driver.Valuer for SkillStringMap.

type TableBudget 

type TableBudget struct {
	ID            string    `gorm:"primaryKey;type:varchar(255)" json:"id"`
	MaxLimit      float64   `gorm:"not null" json:"max_limit"`                       // Maximum budget in dollars
	ResetDuration string    `gorm:"type:varchar(50);not null" json:"reset_duration"` // e.g., "30s", "5m", "1h", "1d", "1w", "1M", "1Y"
	LastReset     time.Time `gorm:"index" json:"last_reset"`                         // Last time budget was reset
	CurrentUsage  float64   `gorm:"default:0" json:"current_usage"`                  // Current usage in dollars

	// Owner FKs: a budget belongs to at most one Team, VK, ProviderConfig, ModelConfig, or Customer
	TeamID           *string `gorm:"type:varchar(255);index" json:"team_id,omitempty"`
	VirtualKeyID     *string `gorm:"type:varchar(255);index" json:"virtual_key_id,omitempty"`
	ProviderConfigID *uint   `gorm:"index" json:"provider_config_id,omitempty"`
	ModelConfigID    *string `gorm:"type:varchar(255);index" json:"model_config_id,omitempty"`
	CustomerID       *string `gorm:"type:varchar(255);index" json:"customer_id,omitempty"`

	// Deprecated: set calendar_aligned on the parent access profile / VK / team
	// instead. Kept for backward compatibility with older config.json files;
	// the OSS applyV1Compat path and the enterprise access-profile reconciler
	// promote any true value here to the owner's top-level CalendarAligned at
	// load time.
	CalendarAlignedInput *bool `gorm:"-" json:"calendar_aligned,omitempty"`

	// Derived from the owning entity (VK / PC's parent VK / Team). Populated by
	// the owner's AfterFind hook on cold load and by the governance store's
	// Create/Update *InMemory methods on write. Never persisted; consumed by
	// the reset path to decide rolling vs. calendar-aligned window.
	IsCalendarAligned bool `gorm:"-" json:"-"`

	// Config hash is used to detect the changes synced from config.json file
	// Every time we sync the config.json file, we will update the config hash
	ConfigHash string `gorm:"type:varchar(255);null" json:"config_hash"`

	CreatedAt time.Time `gorm:"index;not null" json:"created_at"`
	UpdatedAt time.Time `gorm:"index;not null" json:"updated_at"`
}

TableBudget defines spending limits with configurable reset periods

func (*TableBudget) BeforeSave 

func (b *TableBudget) BeforeSave(tx *gorm.DB) error

BeforeSave hook for Budget to validate reset duration format and max limit

func (TableBudget) TableName 

func (TableBudget) TableName() string

TableName sets the table name for each model

type TableClientConfig 

type TableClientConfig struct {
	ID                                    uint   `gorm:"primaryKey;autoIncrement" json:"id"`
	DropExcessRequests                    bool   `gorm:"default:false" json:"drop_excess_requests"`
	PrometheusLabelsJSON                  string `gorm:"type:text" json:"-"` // JSON serialized []string
	AllowedOriginsJSON                    string `gorm:"type:text" json:"-"` // JSON serialized []string
	AllowedHeadersJSON                    string `gorm:"type:text" json:"-"` // JSON serialized []string
	HeaderFilterConfigJSON                string `gorm:"type:text" json:"-"` // JSON serialized GlobalHeaderFilterConfig
	MetadataJSON                          string `gorm:"type:text" json:"-"` // JSON serialized map[string]any for UI/admin preferences (e.g. onboarding_dismissed). Bypasses config.json sync.
	InitialPoolSize                       int    `gorm:"default:300" json:"initial_pool_size"`
	EnableLogging                         *bool  `gorm:"default:true" json:"enable_logging"`
	DisableContentLogging                 bool   `gorm:"default:false" json:"disable_content_logging"` // DisableContentLogging controls whether sensitive content (inputs, outputs, embeddings, etc.) is logged
	DisableDBPingsInHealth                bool   `gorm:"default:false" json:"disable_db_pings_in_health"`
	LogRetentionDays                      int    `gorm:"default:365" json:"log_retention_days" validate:"min=1"` // Number of days to retain logs (minimum 1 day)
	EnforceAuthOnInference                bool   `gorm:"default:false" json:"enforce_auth_on_inference"`
	EnforceGovernanceHeader               bool   `gorm:"" json:"enforce_governance_header"`
	EnforceSCIMAuth                       bool   `gorm:"default:false" json:"enforce_scim_auth"`
	MaxRequestBodySizeMB                  int    `gorm:"default:100" json:"max_request_body_size_mb"`
	MCPAgentDepth                         int    `gorm:"default:10" json:"mcp_agent_depth"`
	MCPToolExecutionTimeout               int    `gorm:"default:30" json:"mcp_tool_execution_timeout"`                    // Timeout for individual tool execution in seconds (default: 30)
	MCPCodeModeBindingLevel               string `gorm:"default:server" json:"mcp_code_mode_binding_level"`               // How tools are exposed in VFS: "server" or "tool"
	MCPToolSyncInterval                   int    `gorm:"default:10" json:"mcp_tool_sync_interval"`                        // Global tool sync interval in minutes (default: 10, 0 = disabled)
	MCPDisableAutoToolInject              bool   `gorm:"default:false" json:"mcp_disable_auto_tool_inject"`               // When true, MCP tools are not injected into requests by default
	MCPEnableTempTokenAuth                bool   `gorm:"default:false" json:"mcp_enable_temp_token_auth"`                 // When true, scoped temp tokens can authorize MCP per-user OAuth and per-user-headers auth pages. User-mode flows never mint regardless.
	AsyncJobResultTTL                     int    `gorm:"default:3600" json:"async_job_result_ttl"`                        // Default TTL for async job results in seconds (default: 3600 = 1 hour)
	RequiredHeadersJSON                   string `gorm:"type:text" json:"-"`                                              // JSON serialized []string
	LoggingHeadersJSON                    string `gorm:"type:text" json:"-"`                                              // JSON serialized []string
	HideDeletedVirtualKeysInFilters       bool   `gorm:"default:false" json:"hide_deleted_virtual_keys_in_filters"`       // Hide deleted virtual keys in logs filter dropdowns
	RoutingChainMaxDepth                  int    `gorm:"default:10" json:"routing_chain_max_depth"`                       // Maximum depth for routing rule chain evaluation (default: 10)
	MCPExternalClientURL                  string `gorm:"type:varchar(512)" json:"mcp_external_client_url,omitempty"`      // Public base URL used as redirect_uri when Bifrost acts as an OAuth client to upstream MCP servers
	WhitelistedRoutesJSON                 string `gorm:"type:text" json:"-"`                                              // JSON serialized []string
	AllowPerRequestContentStorageOverride bool   `gorm:"default:false" json:"allow_per_request_content_storage_override"` // Allow per-request override for content storage (e.g. long-term vs ephemeral)
	AllowPerRequestRawOverride            bool   `gorm:"default:false" json:"allow_per_request_raw_override"`             // Allow per-request override for raw request/response storage
	AllowDirectKeys                       bool   `gorm:"default:false" json:"allow_direct_keys"`                          // Allow callers to bypass the registered key pool via x-bf-direct-key header

	// Compat plugin feature flags
	CompatConvertTextToChat      bool `gorm:"column:compat_convert_text_to_chat;default:false" json:"-"`
	CompatConvertChatToResponses bool `gorm:"column:compat_convert_chat_to_responses;default:false" json:"-"`
	CompatShouldDropParams       bool `gorm:"column:compat_should_drop_params;default:false" json:"-"`
	CompatShouldConvertParams    bool `gorm:"column:compat_should_convert_params;default:false" json:"-"`

	// Config hash is used to detect the changes synced from config.json file
	// Every time we sync the config.json file, we will update the config hash
	ConfigHash string `gorm:"type:varchar(255);null" json:"config_hash"`

	CreatedAt time.Time `gorm:"index;not null" json:"created_at"`
	UpdatedAt time.Time `gorm:"index;not null" json:"updated_at"`

	// Virtual fields for runtime use (not stored in DB)
	PrometheusLabels   []string                  `gorm:"-" json:"prometheus_labels"`
	AllowedOrigins     []string                  `gorm:"-" json:"allowed_origins,omitempty"`
	AllowedHeaders     []string                  `gorm:"-" json:"allowed_headers,omitempty"`
	RequiredHeaders    []string                  `gorm:"-" json:"required_headers,omitempty"`
	LoggingHeaders     []string                  `gorm:"-" json:"logging_headers,omitempty"`
	WhitelistedRoutes  []string                  `gorm:"-" json:"whitelisted_routes,omitempty"`
	HeaderFilterConfig *GlobalHeaderFilterConfig `gorm:"-" json:"header_filter_config,omitempty"`
	Metadata           map[string]any            `gorm:"-" json:"metadata,omitempty"`
}

TableClientConfig represents global client configuration in the database

func (*TableClientConfig) AfterFind 

func (cc *TableClientConfig) AfterFind(tx *gorm.DB) error

AfterFind hooks for deserialization

func (*TableClientConfig) BeforeSave 

func (cc *TableClientConfig) BeforeSave(tx *gorm.DB) error

func (TableClientConfig) TableName 

func (TableClientConfig) TableName() string

TableName sets the table name for each model

type TableConfigHash 

type TableConfigHash struct {
	ID        uint      `gorm:"primaryKey;autoIncrement" json:"id"`
	Hash      string    `gorm:"type:varchar(255);uniqueIndex;not null" json:"hash"`
	CreatedAt time.Time `gorm:"index;not null" json:"created_at"`
	UpdatedAt time.Time `gorm:"index;not null" json:"updated_at"`
}

TableConfigHash represents the configuration hash in the database

func (TableConfigHash) TableName 

func (TableConfigHash) TableName() string

TableName sets the table name for each model

type TableCustomer 

type TableCustomer struct {
	ID          string  `gorm:"primaryKey;type:varchar(255)" json:"id"`
	Name        string  `gorm:"type:varchar(255);not null;uniqueIndex:idx_governance_customers_name" json:"name"`
	RateLimitID *string `gorm:"type:varchar(255);index" json:"rate_limit_id,omitempty"`

	// BudgetID is a config-file-only field referencing a pre-declared budget (from governance.budgets) to link to this customer. Not persisted; used by the config sync path to set customer_id on the referenced budget row.
	BudgetID *string `gorm:"-" json:"budget_id,omitempty"`

	// Relationships
	Budgets     []TableBudget     `gorm:"foreignKey:CustomerID;constraint:OnDelete:CASCADE" json:"budgets,omitempty"`
	RateLimit   *TableRateLimit   `gorm:"foreignKey:RateLimitID" json:"rate_limit,omitempty"`
	Teams       []TableTeam       `gorm:"foreignKey:CustomerID" json:"teams"`
	VirtualKeys []TableVirtualKey `gorm:"foreignKey:CustomerID" json:"virtual_keys"`

	CalendarAligned bool `gorm:"default:false" json:"calendar_aligned"`

	// Config hash is used to detect the changes synced from config.json file
	// Every time we sync the config.json file, we will update the config hash
	ConfigHash string `gorm:"type:varchar(255);null" json:"config_hash"`

	CreatedAt time.Time `gorm:"index;not null" json:"created_at"`
	UpdatedAt time.Time `gorm:"index;not null" json:"updated_at"`
}

TableCustomer represents a customer entity with budgets, rate limit and team/VK association

func (*TableCustomer) AfterFind added in v1.3.17 

func (c *TableCustomer) AfterFind(tx *gorm.DB) error

AfterFind stamps IsCalendarAligned on owned budgets and rate limit so the reset path (which reads the derived field off those objects) sees the correct value.

func (TableCustomer) TableName 

func (TableCustomer) TableName() string

TableName sets the table name for each model

type TableDistributedLock added in v1.2.9 

type TableDistributedLock struct {
	LockKey   string    `gorm:"primaryKey;column:lock_key;size:255" json:"lock_key"`
	HolderID  string    `gorm:"column:holder_id;size:255;not null" json:"holder_id"`
	ExpiresAt time.Time `gorm:"column:expires_at;not null;index" json:"expires_at"`
	CreatedAt time.Time `gorm:"column:created_at;autoCreateTime" json:"created_at"`
}

TableDistributedLock represents a distributed lock entry in the database. This table is used to implement distributed locking across multiple instances.

func (TableDistributedLock) TableName added in v1.2.9 

func (TableDistributedLock) TableName() string

TableName returns the table name for the distributed lock table.

type TableEnvKey 

type TableEnvKey struct {
	ID         uint      `gorm:"primaryKey;autoIncrement" json:"id"`
	EnvVar     string    `gorm:"type:varchar(255);index;not null" json:"env_var"`
	Provider   string    `gorm:"type:varchar(50);index" json:"provider"`        // Empty for MCP/client configs
	KeyType    string    `gorm:"type:varchar(50);not null" json:"key_type"`     // "api_key", "azure_config", "vertex_config", "bedrock_config", "connection_string"
	ConfigPath string    `gorm:"type:varchar(500);not null" json:"config_path"` // Descriptive path of where this env var is used
	KeyID      string    `gorm:"type:varchar(255);index" json:"key_id"`         // Key UUID (empty for non-key configs)
	CreatedAt  time.Time `gorm:"index;not null" json:"created_at"`
}

TableEnvKey represents environment variable tracking in the database

func (TableEnvKey) TableName 

func (TableEnvKey) TableName() string

TableName sets the table name for each model

type TableFeatureFlag added in v1.3.11 

type TableFeatureFlag struct {
	ID        string `gorm:"primaryKey;type:varchar(255)" json:"id"`
	Enabled   bool   `gorm:"not null" json:"enabled"`
	UpdatedAt int64  `gorm:"not null" json:"updated_at"`
}

TableFeatureFlag stores user-toggled overrides for feature flags. Rows exist only for flags that have been changed away from their code default; flags at default are absent and re-derived at boot time. ID is the flag's programmatic identifier (matches featureflags.FlagDef.ID) and is the primary key so upserts collapse to a single row per flag. There is no stored display_name or description here - those live with the code-side registration and can change without a DB migration.

func (TableFeatureFlag) TableName added in v1.3.11 

func (TableFeatureFlag) TableName() string

TableName sets the table name.

type TableFolder added in v1.2.27 

type TableFolder struct {
	ID          string    `gorm:"type:varchar(36);primaryKey" json:"id"`
	Name        string    `gorm:"type:varchar(255);not null" json:"name"`
	Description *string   `gorm:"type:text" json:"description,omitempty"`
	CreatedAt   time.Time `gorm:"not null" json:"created_at"`
	UpdatedAt   time.Time `gorm:"not null" json:"updated_at"`
	ConfigHash  string    `gorm:"type:varchar(64)" json:"-"`

	// Virtual fields (not stored in DB)
	PromptsCount int `gorm:"-" json:"prompts_count,omitempty"`
}

TableFolder represents a generic folder that can contain prompts

func (TableFolder) TableName added in v1.2.27 

func (TableFolder) TableName() string

TableName for TableFolder

type TableFrameworkConfig 

type TableFrameworkConfig struct {
	ID                  uint    `gorm:"primaryKey;autoIncrement" json:"id"`
	PricingURL          *string `gorm:"type:text" json:"pricing_url"`
	PricingSyncInterval *int64  `gorm:"" json:"pricing_sync_interval"`
	ModelParametersURL  *string `gorm:"type:text" json:"model_parameters_url"`
	// MCPLibraryURL is the endpoint the MCP server library catalog is synced
	// from. Empty/nil falls back to modelcatalog.DefaultMCPLibraryURL. Mirrors
	// PricingURL: the default ships out of the box and the user can override it.
	MCPLibraryURL          *string `gorm:"type:text" json:"mcp_library_url"`
	MCPLibrarySyncInterval *int64  `gorm:"" json:"mcp_library_sync_interval"`
	ConfigHash             string  `gorm:"type:text" json:"config_hash"`
}

TableFrameworkConfig represents the framework configurations We will keep on adding different columns here as we add new features to the framework

func (TableFrameworkConfig) TableName 

func (TableFrameworkConfig) TableName() string

TableName sets the table name for each model

type TableGovernanceConfig added in v1.1.20 

type TableGovernanceConfig struct {
	Key   string `gorm:"primaryKey;type:varchar(255)" json:"key"`
	Value string `gorm:"type:text" json:"value"`
}

TableGovernanceConfig represents generic configuration key-value pairs

func (TableGovernanceConfig) TableName added in v1.1.20 

func (TableGovernanceConfig) TableName() string

TableName sets the table name for each model

type TableKey 

type TableKey struct {
	ID                    uint           `gorm:"primaryKey;autoIncrement" json:"id"`
	Name                  string         `gorm:"type:varchar(255);uniqueIndex:idx_key_name;not null" json:"name"`
	ProviderID            uint           `gorm:"index;not null" json:"provider_id"`
	Provider              string         `gorm:"index;type:varchar(50)" json:"provider"`                          // ModelProvider as string
	KeyID                 string         `gorm:"type:varchar(255);uniqueIndex:idx_key_id;not null" json:"key_id"` // UUID from schemas.Key
	Value                 schemas.EnvVar `gorm:"type:text;not null" json:"value"`
	ModelsJSON            string         `gorm:"type:text" json:"-"` // JSON serialized []string
	BlacklistedModelsJSON string         `gorm:"type:text" json:"-"` // JSON serialized []string
	Weight                *float64       `json:"weight"`
	Enabled               *bool          `gorm:"default:true" json:"enabled,omitempty"`
	CreatedAt             time.Time      `gorm:"index;not null" json:"created_at"`
	UpdatedAt             time.Time      `gorm:"index;not null" json:"updated_at"`

	// Config hash is used to detect changes synced from config.json file
	ConfigHash string `gorm:"type:varchar(255);null" json:"config_hash"`

	// Unified aliases
	AliasesJSON *string `gorm:"type:text" json:"-"` // JSON serialized schemas.KeyAliases

	// Azure config fields (embedded instead of separate table for simplicity)
	AzureEndpoint     *schemas.EnvVar `gorm:"type:text" json:"azure_endpoint,omitempty"`
	AzureClientID     *schemas.EnvVar `gorm:"type:text" json:"azure_client_id,omitempty"`
	AzureClientSecret *schemas.EnvVar `gorm:"type:text" json:"azure_client_secret,omitempty"`
	AzureTenantID     *schemas.EnvVar `gorm:"type:text" json:"azure_tenant_id,omitempty"`
	AzureScopesJSON   *string         `gorm:"column:azure_scopes;type:text" json:"-"` // JSON serialized []string

	// Vertex config fields (embedded)
	VertexProjectID       *schemas.EnvVar `gorm:"type:text" json:"vertex_project_id,omitempty"`
	VertexProjectNumber   *schemas.EnvVar `gorm:"type:text" json:"vertex_project_number,omitempty"`
	VertexRegion          *schemas.EnvVar `gorm:"type:text" json:"vertex_region,omitempty"`
	VertexAuthCredentials *schemas.EnvVar `gorm:"type:text" json:"vertex_auth_credentials,omitempty"`

	// Bedrock config fields (embedded)
	BedrockAccessKey         *schemas.EnvVar `gorm:"type:text" json:"bedrock_access_key,omitempty"`
	BedrockSecretKey         *schemas.EnvVar `gorm:"type:text" json:"bedrock_secret_key,omitempty"`
	BedrockSessionToken      *schemas.EnvVar `gorm:"type:text" json:"bedrock_session_token,omitempty"`
	BedrockRegion            *schemas.EnvVar `gorm:"type:text" json:"bedrock_region,omitempty"`
	BedrockARN               *schemas.EnvVar `gorm:"type:text" json:"bedrock_arn,omitempty"`
	BedrockRoleARN           *schemas.EnvVar `gorm:"type:text" json:"bedrock_role_arn,omitempty"`
	BedrockExternalID        *schemas.EnvVar `gorm:"type:text" json:"bedrock_external_id,omitempty"`
	BedrockRoleSessionName   *schemas.EnvVar `gorm:"type:text" json:"bedrock_role_session_name,omitempty"`
	BedrockBatchS3ConfigJSON *string         `gorm:"type:text" json:"-"` // JSON serialized schemas.BatchS3Config

	// VLLM config fields (embedded)
	VLLMUrl       *schemas.EnvVar `gorm:"type:text" json:"vllm_url,omitempty"`
	VLLMModelName *string         `gorm:"type:varchar(255)" json:"vllm_model_name,omitempty"`

	// Replicate config fields (embedded)
	ReplicateUseDeploymentsEndpoint *bool `gorm:"column:replicate_use_deployments_endpoint" json:"replicate_use_deployments_endpoint,omitempty"`

	// Ollama config fields (embedded)
	OllamaUrl *schemas.EnvVar `gorm:"type:text" json:"ollama_url,omitempty"`

	// SGL config fields (embedded)
	SGLUrl *schemas.EnvVar `gorm:"type:text" json:"sgl_url,omitempty"`

	// Batch API configuration
	UseForBatchAPI *bool `gorm:"default:false" json:"use_for_batch_api,omitempty"` // Whether this key can be used for batch API operations

	Status      string `gorm:"type:varchar(50);default:'unknown'" json:"status"`
	Description string `gorm:"type:text" json:"description,omitempty"`

	EncryptionStatus string `gorm:"type:varchar(20);default:'plain_text'" json:"-"`

	// Virtual fields for runtime use (not stored in DB)
	Models             schemas.WhiteList           `gorm:"-" json:"models"` // ["*"] allows all models; empty denies all (deny-by-default)
	BlacklistedModels  schemas.BlackList           `gorm:"-" json:"blacklisted_models"`
	Aliases            schemas.KeyAliases          `gorm:"-" json:"aliases,omitempty"`
	AzureKeyConfig     *schemas.AzureKeyConfig     `gorm:"-" json:"azure_key_config,omitempty"`
	VertexKeyConfig    *schemas.VertexKeyConfig    `gorm:"-" json:"vertex_key_config,omitempty"`
	BedrockKeyConfig   *schemas.BedrockKeyConfig   `gorm:"-" json:"bedrock_key_config,omitempty"`
	VLLMKeyConfig      *schemas.VLLMKeyConfig      `gorm:"-" json:"vllm_key_config,omitempty"`
	ReplicateKeyConfig *schemas.ReplicateKeyConfig `gorm:"-" json:"replicate_key_config,omitempty"`
	OllamaKeyConfig    *schemas.OllamaKeyConfig    `gorm:"-" json:"ollama_key_config,omitempty"`
	SGLKeyConfig       *schemas.SGLKeyConfig       `gorm:"-" json:"sgl_key_config,omitempty"`
}

TableKey represents an API key configuration in the database

func (*TableKey) AfterDelete added in v1.3.19 

func (k *TableKey) AfterDelete(tx *gorm.DB) error

AfterDelete hook for best-effort vault cleanup on row deletion.

func (*TableKey) AfterFind 

func (k *TableKey) AfterFind(tx *gorm.DB) error

AfterFind is a GORM hook that decrypts sensitive fields and reconstructs runtime config structs after reading from the database. Decryption runs first so that value copies into AzureKeyConfig, VertexKeyConfig, etc. receive plaintext data.

func (*TableKey) BeforeSave 

func (k *TableKey) BeforeSave(tx *gorm.DB) error

BeforeSave is a GORM hook that serializes runtime config structs into JSON columns and encrypts sensitive fields (API key value, Azure endpoint/client ID/secret/tenant ID/API version, Vertex project ID/project number/region/credentials, Bedrock keys/region/ARN/deployments/ batch S3 config) before writing to the database. Encryption runs last to ensure it operates on the final serialized values.

func (TableKey) TableName 

func (TableKey) TableName() string

TableName sets the table name for each model

type TableLogStoreConfig 

type TableLogStoreConfig struct {
	ID        uint      `gorm:"primaryKey;autoIncrement" json:"id"`
	Enabled   bool      `json:"enabled"`
	Type      string    `gorm:"type:varchar(50);not null" json:"type"` // "sqlite"
	Config    *string   `gorm:"type:text" json:"config"`               // JSON serialized logstore.Config
	CreatedAt time.Time `gorm:"index;not null" json:"created_at"`
	UpdatedAt time.Time `gorm:"index;not null" json:"updated_at"`
}

TableLogStoreConfig represents the configuration for the log store in the database

func (TableLogStoreConfig) TableName 

func (TableLogStoreConfig) TableName() string

TableName sets the table name for each model

type TableMCPClient 

type TableMCPClient struct {
	ID                      uint            `gorm:"primaryKey;autoIncrement" json:"id"` // ID is used as the internal primary key and is also accessed by public methods, so it must be present.
	ClientID                string          `gorm:"type:varchar(255);uniqueIndex;not null" json:"client_id"`
	Name                    string          `gorm:"type:varchar(255);uniqueIndex;not null" json:"name"`
	IsCodeModeClient        bool            `gorm:"default:false" json:"is_code_mode_client"`         // Whether the client is a code mode client
	ConnectionType          string          `gorm:"type:varchar(20);not null" json:"connection_type"` // schemas.MCPConnectionType
	ConnectionString        *schemas.EnvVar `gorm:"type:text" json:"connection_string,omitempty"`
	StdioConfigJSON         *string         `gorm:"type:text" json:"-"`                              // JSON serialized schemas.MCPStdioConfig
	TLSConfigJSON           *string         `gorm:"type:text" json:"-"`                              // JSON serialized schemas.MCPTLSConfig
	ToolsToExecuteJSON      string          `gorm:"type:text" json:"-"`                              // JSON serialized []string
	ToolsToAutoExecuteJSON  string          `gorm:"type:text" json:"-"`                              // JSON serialized []string
	HeadersJSON             string          `gorm:"type:text" json:"-"`                              // JSON serialized map[string]string
	AllowedExtraHeadersJSON string          `gorm:"type:text" json:"-"`                              // JSON serialized []string
	IsPingAvailable         *bool           `gorm:"default:true" json:"is_ping_available,omitempty"` // Whether the MCP server supports ping for health checks
	ToolPricingJSON         string          `gorm:"type:text" json:"-"`                              // JSON serialized map[string]float64
	ToolSyncInterval        int             `gorm:"default:0" json:"tool_sync_interval"`             // Per-client tool sync interval in seconds (0 = use global, negative = disabled)

	// Per-user OAuth: discovered tools persisted so they survive restart
	DiscoveredToolsJSON string `gorm:"type:text" json:"-"` // JSON serialized map[string]schemas.ChatTool
	ToolNameMappingJSON string `gorm:"type:text" json:"-"` // JSON serialized map[string]string

	// OAuth authentication fields
	AuthType      string            `gorm:"type:varchar(20);default:'headers'" json:"auth_type"`                         // "none", "headers", "oauth", "per_user_oauth", "per_user_headers"
	OauthConfigID *string           `gorm:"type:varchar(255);index;constraint:OnDelete:CASCADE" json:"oauth_config_id"`  // Foreign key to oauth_configs.ID with CASCADE delete
	OauthConfig   *TableOauthConfig `gorm:"foreignKey:OauthConfigID;references:ID;constraint:OnDelete:CASCADE" json:"-"` // Gorm relationship

	// Per-user-headers schema: admin-declared list of header *names* that each
	// caller must supply. Empty/null for all other auth types. Used by both
	// the resolver (intersect with persisted user values) and by
	// utils.StaticConfigHeaders (strip from plugin-visible static headers).
	PerUserHeaderKeysJSON string `gorm:"type:text" json:"-"` // JSON serialized []string

	AllowOnAllVirtualKeys bool `gorm:"default:false" json:"allow_on_all_virtual_keys"` // Whether to allow the MCP client to run on all virtual keys
	Disabled              bool `gorm:"default:false" json:"disabled"`                  // Whether the client is intentionally disabled

	// Config hash is used to detect the changes synced from config.json file
	// Every time we sync the config.json file, we will update the config hash
	ConfigHash string `gorm:"type:varchar(255);null" json:"config_hash"`

	EncryptionStatus string `gorm:"type:varchar(20);default:'plain_text'" json:"-"`

	CreatedAt time.Time `gorm:"index;not null" json:"created_at"`
	UpdatedAt time.Time `gorm:"index;not null" json:"updated_at"`

	// Virtual fields for runtime use (not stored in DB)
	StdioConfig               *schemas.MCPStdioConfig     `gorm:"-" json:"stdio_config,omitempty"`
	TLSConfig                 *schemas.MCPTLSConfig       `gorm:"-" json:"tls_config,omitempty"`
	ToolsToExecute            schemas.WhiteList           `gorm:"-" json:"tools_to_execute"`
	ToolsToAutoExecute        schemas.WhiteList           `gorm:"-" json:"tools_to_auto_execute"`
	Headers                   map[string]schemas.EnvVar   `gorm:"-" json:"headers"`
	AllowedExtraHeaders       schemas.WhiteList           `gorm:"-" json:"allowed_extra_headers"`
	ToolPricing               map[string]float64          `gorm:"-" json:"tool_pricing"`
	DiscoveredTools           map[string]schemas.ChatTool `gorm:"-" json:"-"`
	DiscoveredToolNameMapping map[string]string           `gorm:"-" json:"-"`
	PerUserHeaderKeys         []string                    `gorm:"-" json:"per_user_header_keys"`
}

TableMCPClient represents an MCP client configuration in the database

func (*TableMCPClient) AfterFind 

func (c *TableMCPClient) AfterFind(tx *gorm.DB) error

AfterFind is a GORM hook that decrypts the connection string and headers (if encrypted) and deserializes JSON columns back into runtime structs after reading from the database.

func (*TableMCPClient) BeforeSave 

func (c *TableMCPClient) BeforeSave(tx *gorm.DB) error

BeforeSave is a GORM hook that serializes runtime fields (stdio config, tools, headers, pricing) into JSON columns and encrypts the connection string and headers before writing to the database. Environment-variable-backed connection strings are not encrypted.

func (TableMCPClient) TableName 

func (TableMCPClient) TableName() string

TableName sets the table name for each model

type TableMCPLibrary added in v1.3.19 

type TableMCPLibrary struct {
	ID          uint   `gorm:"primaryKey;autoIncrement" json:"id"`
	Slug        string `gorm:"type:varchar(255);not null;uniqueIndex:idx_mcp_library_slug" json:"slug"`
	Name        string `gorm:"type:varchar(255);not null" json:"name"`
	Description string `gorm:"type:text" json:"description,omitempty"`
	Category    string `gorm:"type:varchar(100);index:idx_mcp_library_category" json:"category,omitempty"`

	// ConnectionType is one of schemas.MCPConnectionType ("http" | "stdio" |
	// "sse") and selects which connection field below is populated.
	ConnectionType schemas.MCPConnectionType `gorm:"type:varchar(20);not null" json:"connection_type"`

	// ConnectionURL is the server endpoint for http/sse entries (parallel to
	// MCPClientConfig.ConnectionString). Empty for stdio entries. Stored as a
	// plain template string — the catalog publishes no secrets, so callers
	// supply auth at install time.
	ConnectionURL string `gorm:"type:text" json:"connection_url,omitempty"`

	// StdioConfig holds the command/args/env names for stdio entries (parallel
	// to MCPClientConfig.StdioConfig). Nil for http/sse entries. Envs lists the
	// environment variable *names* the user must provide locally; no values are
	// ever published in the catalog.
	StdioConfig *schemas.MCPStdioConfig `gorm:"type:text;serializer:json;default:null" json:"stdio_config,omitempty"`

	// AuthType declares what authentication the server expects (none, headers,
	// oauth, ...) so the install UI can prompt accordingly. RequiredHeaderKeys
	// lists the header names a headers/per-user-headers server needs — values
	// are supplied by the user at install time, never stored in the catalog.
	AuthType           schemas.MCPAuthType `gorm:"type:varchar(20);default:'none'" json:"auth_type,omitempty"`
	RequiredHeaderKeys []string            `gorm:"type:text;serializer:json;default:null" json:"required_header_keys,omitempty"`

	// Presentation / discovery metadata.
	IconURL   string         `gorm:"type:text" json:"icon_url,omitempty"`
	DocsURL   string         `gorm:"type:text" json:"docs_url,omitempty"`
	Publisher string         `gorm:"type:varchar(255)" json:"publisher,omitempty"`
	Tags      []string       `gorm:"type:text;serializer:json;default:null" json:"tags,omitempty"`
	Metadata  map[string]any `gorm:"type:text;serializer:json;default:null" json:"metadata,omitempty"`

	// Source distinguishes remote-synced rows ("remote") from org-internal rows
	// a user published through the API ("custom"). Custom rows are protected from
	// the remote sync: a slug clash in the remote payload is skipped, never
	// overwritten. Defaults to "remote" so existing rows and the sync upsert keep
	// their old behavior.
	Source string `gorm:"type:varchar(20);not null;default:'remote';index:idx_mcp_library_source" json:"source"`

	// DeletedAt is a soft-delete tombstone (nil = visible). A user may hide any
	// entry — including a remote-seeded one — and the tombstone must survive the
	// next sync so the row is never resurrected. This is a plain nullable
	// timestamp rather than gorm.DeletedAt on purpose: the sync upsert keys off
	// slug and must still see tombstoned rows by slug to skip them; gorm's
	// soft-delete would hide them from that lookup and let duplicates reinsert.
	DeletedAt *time.Time `gorm:"index:idx_mcp_library_deleted_at;default:null" json:"-"`

	CreatedAt time.Time `gorm:"index;not null" json:"created_at"`
	UpdatedAt time.Time `gorm:"index;not null" json:"updated_at"`
}

TableMCPLibrary represents a single discoverable MCP server in the MCP library catalog. Most rows are synced from the external MCP library datasheet (see modelcatalog.DefaultMCPLibraryURL) on a configurable interval, mirroring the governance_model_pricing / governance_model_parameters tables. Orgs may also publish their own internal servers as "custom" rows (see Source), which are protected from being overwritten or resurrected by the remote sync.

A row is a *template* for an schemas.MCPClientConfig: it carries the connection details a user needs to install the server, shaped the same way the live config is. The connection fields are mutually exclusive by ConnectionType — ConnectionURL for http/sse, StdioConfig for stdio — matching MCPClientConfig.ConnectionString / MCPClientConfig.StdioConfig.

Each row is keyed by a stable slug derived from the display name so the sync upsert is idempotent.

func (TableMCPLibrary) TableName added in v1.3.19 

func (TableMCPLibrary) TableName() string

TableName sets the table name for the MCP library catalog.

type TableMCPPerUserHeaderCredential added in v1.3.14 

type TableMCPPerUserHeaderCredential struct {
	ID               string    `gorm:"type:varchar(255);primaryKey" json:"id"`                   // UUID
	SessionID        string    `gorm:"type:varchar(255);index" json:"session_id,omitempty"`      // Session-mode identity: client-asserted x-bf-mcp-session-id. Empty for vk/user mode rows.
	VirtualKeyID     *string   `gorm:"type:varchar(255);index" json:"virtual_key_id"`            // VK identity (vk-mode rows)
	UserID           *string   `gorm:"type:varchar(255);index" json:"user_id"`                   // User identity (user-mode rows)
	MCPClientID      string    `gorm:"type:varchar(255);not null;index" json:"mcp_client_id"`    // Which MCP server
	AuthMode         string    `gorm:"type:varchar(20);not null" json:"auth_mode"`               // 'user' | 'vk' | 'session' — which identity column keys this row
	Status           string    `gorm:"type:varchar(20);not null;default:'active'" json:"status"` // 'active' | 'orphaned' | 'needs_update'
	HeadersJSON      string    `gorm:"type:text;not null" json:"-"`                              // Encrypted JSON map[string]string of user-supplied header values
	EncryptionStatus string    `gorm:"type:varchar(20);default:'plain_text'" json:"-"`
	CreatedAt        time.Time `gorm:"index;not null" json:"created_at"`
	UpdatedAt        time.Time `gorm:"index;not null" json:"updated_at"`

	// Display-only relations (no DB-level FK constraint; preloaded for sessions UI).
	MCPClient  *TableMCPClient  `gorm:"foreignKey:MCPClientID;references:ClientID" json:"-"`
	VirtualKey *TableVirtualKey `gorm:"foreignKey:VirtualKeyID;references:ID" json:"-"`

	// User mirrors TableOauthUserToken.User — populated post-fetch by enterprise
	// configstore wrapper for the sessions UI. OSS leaves it nil.
	User *OauthUserSummary `gorm:"-" json:"-"`
}

TableMCPPerUserHeaderCredential stores per-user header credentials for MCPAuthTypePerUserHeaders MCP clients. Each row holds the encrypted header values for a specific identity × MCP client pair. Exactly one identity column (UserID, VirtualKeyID, or SessionID) is populated per row; AuthMode records which one. Mirrors TableOauthUserToken structurally so cascade / orphan-sweep logic stays parallel between the two per-user auth surfaces.

HeadersJSON holds a JSON-encoded map[string]string of header_name → value, encrypted at rest via the shared encrypt package (same key as oauth_user_tokens). Schema (i.e. the set of allowed header names) lives on TableMCPClient.PerUserHeaderKeysJSON; this table holds the values only.

func (*TableMCPPerUserHeaderCredential) AfterDelete added in v1.3.19 

func (c *TableMCPPerUserHeaderCredential) AfterDelete(tx *gorm.DB) error

AfterDelete hook for best-effort vault cleanup on row deletion.

func (*TableMCPPerUserHeaderCredential) AfterFind added in v1.3.14 

func (c *TableMCPPerUserHeaderCredential) AfterFind(tx *gorm.DB) error

AfterFind decrypts HeadersJSON when the row is marked encrypted.

func (*TableMCPPerUserHeaderCredential) BeforeSave added in v1.3.14 

func (c *TableMCPPerUserHeaderCredential) BeforeSave(tx *gorm.DB) error

BeforeSave encrypts HeadersJSON when encryption is enabled. The JSON serialization is the caller's responsibility (see SetHeaders). When encryption is not configured (no BIFROST_ENCRYPTION_KEY), the field is stored as plaintext and EncryptionStatus stays "plain_text" — same convention as TableOauthUserToken.

func (TableMCPPerUserHeaderCredential) DeleteVaultSecrets added in v1.3.19 

func (TableMCPPerUserHeaderCredential) DeleteVaultSecrets(ctx context.Context, ids []string)

DeleteVaultSecrets removes vault entries for the given credential IDs. Called after a batch delete so vault cleanup runs even when AfterDelete can't fire.

func (*TableMCPPerUserHeaderCredential) GetHeaders added in v1.3.14 

func (c *TableMCPPerUserHeaderCredential) GetHeaders() (map[string]string, error)

GetHeaders deserializes HeadersJSON into a header map. Returns an empty map for the zero JSON (`{}` or empty string) so callers do not need to nil-check.

func (*TableMCPPerUserHeaderCredential) SetHeaders added in v1.3.14 

func (c *TableMCPPerUserHeaderCredential) SetHeaders(headers map[string]string) error

SetHeaders serializes the caller-supplied header map into HeadersJSON. Callers must use this rather than assigning HeadersJSON directly so the JSON shape stays consistent.

func (TableMCPPerUserHeaderCredential) TableName added in v1.3.14 

func (TableMCPPerUserHeaderCredential) TableName() string

type TableMCPPerUserHeaderFlow added in v1.3.14 

type TableMCPPerUserHeaderFlow struct {
	ID           string    `gorm:"type:varchar(255);primaryKey" json:"id"`                  // Flow UUID
	MCPClientID  string    `gorm:"type:varchar(255);not null;index" json:"mcp_client_id"`   // Which MCP server this submission is for
	SessionID    string    `gorm:"type:varchar(255);index" json:"session_id,omitempty"`     // Session-mode identity: client-asserted x-bf-mcp-session-id. Empty for vk/user mode rows.
	VirtualKeyID *string   `gorm:"type:varchar(255);index" json:"virtual_key_id"`           // VK identity (vk-mode rows)
	UserID       *string   `gorm:"type:varchar(255);index" json:"user_id"`                  // User identity (user-mode rows)
	FlowMode     string    `gorm:"type:varchar(20);not null;default:'vk'" json:"flow_mode"` // 'user' | 'vk' | 'session' — mirrors the credential row's AuthMode; immutable after creation
	Status       string    `gorm:"type:varchar(50);not null;index" json:"status"`           // "pending", "completed", "expired"
	ExpiresAt    time.Time `gorm:"index;not null" json:"expires_at"`                        // Flow expiration (15 min default)
	CreatedAt    time.Time `gorm:"index;not null" json:"created_at"`
	UpdatedAt    time.Time `gorm:"index;not null" json:"updated_at"`

	// Display-only relations (no DB-level FK constraint; preloaded for sessions UI).
	MCPClient  *TableMCPClient  `gorm:"foreignKey:MCPClientID;references:ClientID" json:"-"`
	VirtualKey *TableVirtualKey `gorm:"foreignKey:VirtualKeyID;references:ID" json:"-"`

	// User mirrors TableOauthUserSession.User — populated post-fetch by the
	// enterprise configstore wrapper for the sessions UI. OSS leaves it nil.
	User *OauthUserSummary `gorm:"-" json:"-"`
}

TableMCPPerUserHeaderFlow tracks pending per-user-headers submission flows. Mirrors TableOauthUserSession structurally so the per-user-auth surfaces (OAuth + headers) have identical lifecycles: an inline-401 from the resolver creates a flow row, the auth-page URL carries the flow's ID (with a temp-token in the URL fragment for unauthenticated callers), and the submission endpoint completes / deletes the row.

Unlike OAuth, there is no PKCE state to round-trip — the only durable state this row carries is (mcp_client_id, identity) so the submission endpoint can scope the upsert. No state column either: the row exists only while the submission is pending; submit completes by deleting it.

func (*TableMCPPerUserHeaderFlow) BeforeSave added in v1.3.14 

func (f *TableMCPPerUserHeaderFlow) BeforeSave(tx *gorm.DB) error

BeforeSave defaults Status to 'pending' when unset.

func (TableMCPPerUserHeaderFlow) TableName added in v1.3.14 

func (TableMCPPerUserHeaderFlow) TableName() string

TableName sets the table name.

type TableModel 

type TableModel struct {
	ID         string    `gorm:"primaryKey" json:"id"`
	ProviderID uint      `gorm:"index;not null;uniqueIndex:idx_provider_name" json:"provider_id"`
	Name       string    `gorm:"uniqueIndex:idx_provider_name" json:"name"`
	CreatedAt  time.Time `json:"created_at"`
	UpdatedAt  time.Time `json:"updated_at"`
}

TableModel represents a model configuration in the database

func (TableModel) TableName 

func (TableModel) TableName() string

TableName sets the table name for each model

type TableModelConfig added in v1.2.13 

type TableModelConfig struct {
	ID        string  `gorm:"primaryKey;type:varchar(255)" json:"id"`
	ModelName string  `gorm:"type:varchar(255);not null;uniqueIndex:idx_model_scope_provider,priority:3" json:"model_name"`
	Provider  *string `gorm:"type:varchar(50);uniqueIndex:idx_model_scope_provider,priority:4" json:"provider,omitempty"` // Optional provider, nullable
	// Scope determines where this config applies: "global" (default) or "virtual_key".
	Scope string `gorm:"type:varchar(50);not null;default:'global';uniqueIndex:idx_model_scope_provider,priority:1" json:"scope"`
	// ScopeID is the target of a non-global scope (e.g. the virtual key ID). NULL for global.
	ScopeID *string `gorm:"type:varchar(255);uniqueIndex:idx_model_scope_provider,priority:2" json:"scope_id,omitempty"`
	// CalendarAligned snaps this config's budget resets to calendar boundaries (e.g. a
	// monthly budget resets on the 1st) rather than rolling windows. Propagated to owned
	// budgets via AfterFind. For virtual_key-scoped configs it inherits the VK's setting.
	CalendarAligned bool    `gorm:"not null;default:false" json:"calendar_aligned"`
	BudgetID        *string `gorm:"type:varchar(255);index:idx_model_config_budget" json:"budget_id,omitempty"`
	RateLimitID     *string `gorm:"type:varchar(255);index:idx_model_config_rate_limit" json:"rate_limit_id,omitempty"`

	// ScopeName is a non-persisted, API-only field carrying the human-readable name of
	// the scope target (e.g. the virtual key's name) so the UI can render a label
	// instead of an opaque scope_id. Populated by the HTTP layer on read.
	ScopeName string `gorm:"-" json:"scope_name,omitempty"`
	// BudgetIDs is a config-file-only field listing pre-declared budget IDs (from
	// governance.budgets) to link to this model config. Not persisted; used by the
	// config sync path to set model_config_id on each referenced budget row.
	BudgetIDs []string `gorm:"-" json:"budget_ids,omitempty"`

	// Relationships
	// Budgets are owned by this model config via TableBudget.ModelConfigID (a model
	// config may carry multiple budgets with different reset windows). This is the
	// active representation. The legacy single Budget/BudgetID below is kept inert
	// for backward compatibility and is no longer read by enforcement.
	Budgets []TableBudget `gorm:"foreignKey:ModelConfigID;constraint:OnDelete:CASCADE" json:"budgets,omitempty"`
	// Legacy (inert): superseded by Budgets. Retained so existing rows/columns keep
	// parsing; not read by the governance store after the multi-budget cutover.
	Budget    *TableBudget    `gorm:"foreignKey:BudgetID;onDelete:CASCADE" json:"budget,omitempty"`
	RateLimit *TableRateLimit `gorm:"foreignKey:RateLimitID;onDelete:CASCADE" json:"rate_limit,omitempty"`

	// Config hash is used to detect the changes synced from config.json file
	// Every time we sync the config.json file, we will update the config hash
	ConfigHash string `gorm:"type:varchar(255);null" json:"config_hash"`

	CreatedAt time.Time `gorm:"index;not null" json:"created_at"`
	UpdatedAt time.Time `gorm:"index;not null" json:"updated_at"`
}

TableModelConfig represents a model configuration with rate limiting and budgeting

func (*TableModelConfig) AfterFind added in v1.3.17 

func (mc *TableModelConfig) AfterFind(tx *gorm.DB) error

AfterFind propagates calendar_aligned down to owned budgets so the reset path reads the stamped value off each budget. Mirrors TableTeam/TableVirtualKey. The governance store's Update*InMemory paths re-stamp on every model-config update.

func (*TableModelConfig) BeforeSave added in v1.2.13 

func (mc *TableModelConfig) BeforeSave(tx *gorm.DB) error

BeforeSave hook for ModelConfig to validate required fields

func (TableModelConfig) TableName added in v1.2.13 

func (TableModelConfig) TableName() string

TableName sets the table name for each model

type TableModelParameters added in v1.2.27 

type TableModelParameters struct {
	ID    uint   `gorm:"primaryKey;autoIncrement" json:"id"`
	Model string `gorm:"type:varchar(255);not null;uniqueIndex:idx_model_params_model" json:"model"`
	Data  string `gorm:"type:text;not null" json:"data"` // Raw JSON blob
}

TableModelParameters stores model parameters and capabilities data synced from the external datasheet API. Each row holds one model's full parameter/capability JSON blob.

func (TableModelParameters) TableName added in v1.2.27 

func (TableModelParameters) TableName() string

TableName sets the table name

type TableModelPricing 

type TableModelPricing struct {
	ID              uint                  `gorm:"primaryKey;autoIncrement" json:"id"`
	Model           string                `gorm:"type:varchar(255);not null;uniqueIndex:idx_model_provider_mode" json:"model"`
	BaseModel       string                `gorm:"type:varchar(255);default:null" json:"base_model,omitempty"`
	Provider        string                `gorm:"type:varchar(50);not null;uniqueIndex:idx_model_provider_mode" json:"provider"`
	Mode            string                `gorm:"type:varchar(50);not null;uniqueIndex:idx_model_provider_mode" json:"mode"`
	ContextLength   *int                  `gorm:"default:null" json:"context_length,omitempty"`
	MaxInputTokens  *int                  `gorm:"default:null" json:"max_input_tokens,omitempty"`
	MaxOutputTokens *int                  `gorm:"default:null" json:"max_output_tokens,omitempty"`
	Architecture    *schemas.Architecture `gorm:"type:text;serializer:json;default:null" json:"architecture,omitempty"`

	// Costs - Text
	InputCostPerToken          *float64 `gorm:"default:null" json:"input_cost_per_token,omitempty"`
	OutputCostPerToken         *float64 `gorm:"default:null" json:"output_cost_per_token,omitempty"`
	InputCostPerTokenBatches   *float64 `gorm:"default:null;column:input_cost_per_token_batches" json:"input_cost_per_token_batches,omitempty"`
	OutputCostPerTokenBatches  *float64 `gorm:"default:null;column:output_cost_per_token_batches" json:"output_cost_per_token_batches,omitempty"`
	InputCostPerTokenPriority  *float64 `gorm:"default:null;column:input_cost_per_token_priority" json:"input_cost_per_token_priority,omitempty"`
	OutputCostPerTokenPriority *float64 `gorm:"default:null;column:output_cost_per_token_priority" json:"output_cost_per_token_priority,omitempty"`
	InputCostPerTokenFlex      *float64 `gorm:"default:null;column:input_cost_per_token_flex" json:"input_cost_per_token_flex,omitempty"`
	OutputCostPerTokenFlex     *float64 `gorm:"default:null;column:output_cost_per_token_flex" json:"output_cost_per_token_flex,omitempty"`
	// Fast mode (Anthropic research preview, speed:"fast" on Opus 4.6/4.7/4.8).
	// Flat rate across the full context window; cache tokens bill at standard cache rates.
	InputCostPerTokenFast  *float64 `gorm:"default:null;column:input_cost_per_token_fast" json:"input_cost_per_token_fast,omitempty"`
	OutputCostPerTokenFast *float64 `gorm:"default:null;column:output_cost_per_token_fast" json:"output_cost_per_token_fast,omitempty"`
	InputCostPerCharacter  *float64 `gorm:"default:null;column:input_cost_per_character" json:"input_cost_per_character,omitempty"`
	// Costs - 128k Tier
	InputCostPerTokenAbove128kTokens          *float64 `gorm:"default:null;column:input_cost_per_token_above_128k_tokens" json:"input_cost_per_token_above_128k_tokens,omitempty"`
	InputCostPerImageAbove128kTokens          *float64 `gorm:"default:null;column:input_cost_per_image_above_128k_tokens" json:"input_cost_per_image_above_128k_tokens,omitempty"`
	InputCostPerVideoPerSecondAbove128kTokens *float64 `` /* 143-byte string literal not displayed */
	InputCostPerAudioPerSecondAbove128kTokens *float64 `` /* 143-byte string literal not displayed */
	OutputCostPerTokenAbove128kTokens         *float64 `gorm:"default:null;column:output_cost_per_token_above_128k_tokens" json:"output_cost_per_token_above_128k_tokens,omitempty"`
	// Costs - 200k Tier
	InputCostPerTokenAbove200kTokens          *float64 `gorm:"default:null;column:input_cost_per_token_above_200k_tokens" json:"input_cost_per_token_above_200k_tokens,omitempty"`
	InputCostPerTokenAbove200kTokensPriority  *float64 `` /* 139-byte string literal not displayed */
	OutputCostPerTokenAbove200kTokens         *float64 `gorm:"default:null;column:output_cost_per_token_above_200k_tokens" json:"output_cost_per_token_above_200k_tokens,omitempty"`
	OutputCostPerTokenAbove200kTokensPriority *float64 `` /* 141-byte string literal not displayed */
	// Costs - 272k Tier
	InputCostPerTokenAbove272kTokens          *float64 `gorm:"default:null;column:input_cost_per_token_above_272k_tokens" json:"input_cost_per_token_above_272k_tokens,omitempty"`
	InputCostPerTokenAbove272kTokensPriority  *float64 `` /* 139-byte string literal not displayed */
	OutputCostPerTokenAbove272kTokens         *float64 `gorm:"default:null;column:output_cost_per_token_above_272k_tokens" json:"output_cost_per_token_above_272k_tokens,omitempty"`
	OutputCostPerTokenAbove272kTokensPriority *float64 `` /* 141-byte string literal not displayed */

	// Costs - Cache
	CacheCreationInputTokenCost                        *float64 `gorm:"default:null;column:cache_creation_input_token_cost" json:"cache_creation_input_token_cost,omitempty"`
	CacheReadInputTokenCost                            *float64 `gorm:"default:null;column:cache_read_input_token_cost" json:"cache_read_input_token_cost,omitempty"`
	CacheCreationInputTokenCostAbove200kTokens         *float64 `` /* 143-byte string literal not displayed */
	CacheReadInputTokenCostAbove200kTokens             *float64 `` /* 135-byte string literal not displayed */
	CacheReadInputTokenCostAbove200kTokensPriority     *float64 `` /* 153-byte string literal not displayed */
	CacheCreationInputTokenCostAbove1hr                *float64 `` /* 127-byte string literal not displayed */
	CacheCreationInputTokenCostAbove1hrAbove200kTokens *float64 `` /* 163-byte string literal not displayed */
	CacheCreationInputAudioTokenCost                   *float64 `gorm:"default:null;column:cache_creation_input_audio_token_cost" json:"cache_creation_input_audio_token_cost,omitempty"`
	CacheReadInputTokenCostPriority                    *float64 `gorm:"default:null;column:cache_read_input_token_cost_priority" json:"cache_read_input_token_cost_priority,omitempty"`
	CacheReadInputTokenCostFlex                        *float64 `gorm:"default:null;column:cache_read_input_token_cost_flex" json:"cache_read_input_token_cost_flex,omitempty"`
	CacheReadInputImageTokenCost                       *float64 `gorm:"default:null;column:cache_read_input_image_token_cost" json:"cache_read_input_image_token_cost,omitempty"`
	CacheReadInputTokenCostAbove272kTokens             *float64 `` /* 135-byte string literal not displayed */
	CacheReadInputTokenCostAbove272kTokensPriority     *float64 `` /* 153-byte string literal not displayed */

	// Costs - Image
	InputCostPerImage                             *float64 `gorm:"default:null;column:input_cost_per_image" json:"input_cost_per_image,omitempty"`
	InputCostPerPixel                             *float64 `gorm:"default:null;column:input_cost_per_pixel" json:"input_cost_per_pixel,omitempty"`
	OutputCostPerImage                            *float64 `gorm:"default:null;column:output_cost_per_image" json:"output_cost_per_image,omitempty"`
	OutputCostPerPixel                            *float64 `gorm:"default:null;column:output_cost_per_pixel" json:"output_cost_per_pixel,omitempty"`
	OutputCostPerImagePremiumImage                *float64 `gorm:"default:null;column:output_cost_per_image_premium_image" json:"output_cost_per_image_premium_image,omitempty"`
	OutputCostPerImageAbove512x512Pixels          *float64 `` /* 137-byte string literal not displayed */
	OutputCostPerImageAbove512x512PixelsPremium   *float64 `` /* 159-byte string literal not displayed */
	OutputCostPerImageAbove1024x1024Pixels        *float64 `` /* 141-byte string literal not displayed */
	OutputCostPerImageAbove1024x1024PixelsPremium *float64 `` /* 163-byte string literal not displayed */
	OutputCostPerImageAbove2048x2048Pixels        *float64 `` /* 141-byte string literal not displayed */
	OutputCostPerImageAbove4096x4096Pixels        *float64 `` /* 141-byte string literal not displayed */
	OutputCostPerImageLowQuality                  *float64 `gorm:"default:null;column:output_cost_per_image_low_quality" json:"output_cost_per_image_low_quality,omitempty"`
	OutputCostPerImageMediumQuality               *float64 `gorm:"default:null;column:output_cost_per_image_medium_quality" json:"output_cost_per_image_medium_quality,omitempty"`
	OutputCostPerImageHighQuality                 *float64 `gorm:"default:null;column:output_cost_per_image_high_quality" json:"output_cost_per_image_high_quality,omitempty"`
	OutputCostPerImageAutoQuality                 *float64 `gorm:"default:null;column:output_cost_per_image_auto_quality" json:"output_cost_per_image_auto_quality,omitempty"`
	InputCostPerImageToken                        *float64 `gorm:"default:null;column:input_cost_per_image_token" json:"input_cost_per_image_token,omitempty"`
	OutputCostPerImageToken                       *float64 `gorm:"default:null;column:output_cost_per_image_token" json:"output_cost_per_image_token,omitempty"`

	// Costs - Audio/Video
	InputCostPerAudioToken      *float64 `gorm:"default:null;column:input_cost_per_audio_token" json:"input_cost_per_audio_token,omitempty"`
	InputCostPerAudioPerSecond  *float64 `gorm:"default:null;column:input_cost_per_audio_per_second" json:"input_cost_per_audio_per_second,omitempty"`
	InputCostPerSecond          *float64 `gorm:"default:null;column:input_cost_per_second" json:"input_cost_per_second,omitempty"` // Only for transcription models
	InputCostPerVideoPerSecond  *float64 `gorm:"default:null;column:input_cost_per_video_per_second" json:"input_cost_per_video_per_second,omitempty"`
	OutputCostPerAudioToken     *float64 `gorm:"default:null;column:output_cost_per_audio_token" json:"output_cost_per_audio_token,omitempty"`
	OutputCostPerVideoPerSecond *float64 `gorm:"default:null;column:output_cost_per_video_per_second" json:"output_cost_per_video_per_second,omitempty"`
	OutputCostPerSecond         *float64 `gorm:"default:null;column:output_cost_per_second" json:"output_cost_per_second,omitempty"` // For both speech and video models

	// Costs - Other
	SearchContextCostPerQuery     *float64 `gorm:"default:null;column:search_context_cost_per_query" json:"search_context_cost_per_query,omitempty"`
	CodeInterpreterCostPerSession *float64 `gorm:"default:null;column:code_interpreter_cost_per_session" json:"code_interpreter_cost_per_session,omitempty"`

	// Costs - OCR
	OCRCostPerPage        *float64 `gorm:"default:null;column:ocr_cost_per_page" json:"ocr_cost_per_page,omitempty"`
	AnnotationCostPerPage *float64 `gorm:"default:null;column:annotation_cost_per_page" json:"annotation_cost_per_page,omitempty"`

	// AdditionalAttributes holds editorial per-model metadata (e.g. description,
	// tags). Persisted as a JSON string in the additional_attributes column and
	// surfaced as a typed map via BeforeSave/AfterFind. This column is
	// intentionally excluded from the pricing-sync upsert path so the 24-hour
	// datasheet sync never overwrites user-set values.
	AdditionalAttributesJSON string            `gorm:"type:text;column:additional_attributes" json:"-"`
	AdditionalAttributes     map[string]string `gorm:"-" json:"additional_attributes,omitempty"`
}

TableModelPricing represents pricing information for AI models

func (*TableModelPricing) AfterFind added in v1.3.14 

func (p *TableModelPricing) AfterFind(tx *gorm.DB) error

AfterFind unmarshals AdditionalAttributesJSON → AdditionalAttributes. Empty/missing JSON resolves to a nil map so callers can use len() and idiomatic nil checks.

func (*TableModelPricing) BeforeSave added in v1.3.14 

func (p *TableModelPricing) BeforeSave(tx *gorm.DB) error

BeforeSave marshals AdditionalAttributes → AdditionalAttributesJSON. A nil or empty map serializes to "{}" so the column always holds a valid JSON object; reads round-trip back to a nil map via AfterFind. Mirrors the convention used by TableMCPClient.HeadersJSON.

func (TableModelPricing) TableName 

func (TableModelPricing) TableName() string

TableName sets the table name for each model

type TableOauthConfig added in v1.2.17 

type TableOauthConfig struct {
	ID                  string          `gorm:"type:varchar(255);primaryKey" json:"id"`          // UUID
	ClientID            *schemas.EnvVar `gorm:"type:varchar(512)" json:"client_id"`              // OAuth provider's client ID (optional for public clients)
	ClientSecret        *schemas.EnvVar `gorm:"type:text" json:"-"`                              // Encrypted OAuth client secret (optional for public clients)
	AuthorizeURL        string          `gorm:"type:text" json:"authorize_url"`                  // Provider's authorization endpoint (optional, can be discovered)
	TokenURL            string          `gorm:"type:text" json:"token_url"`                      // Provider's token endpoint (optional, can be discovered)
	RegistrationURL     *string         `gorm:"type:text" json:"registration_url,omitempty"`     // Provider's dynamic registration endpoint (optional, can be discovered)
	RedirectURI         string          `gorm:"type:text;not null" json:"redirect_uri"`          // Callback URL
	Scopes              string          `gorm:"type:text" json:"scopes"`                         // JSON array of scopes (optional, can be discovered)
	State               string          `gorm:"type:varchar(255);uniqueIndex;not null" json:"-"` // CSRF state token
	CodeVerifier        string          `gorm:"type:text" json:"-"`                              // PKCE code verifier (generated, kept secret)
	CodeChallenge       string          `gorm:"type:varchar(255)" json:"code_challenge"`         // PKCE code challenge (sent to provider)
	Status              string          `gorm:"type:varchar(50);not null;index" json:"status"`   // "pending", "authorized", "failed", "expired", "revoked"
	TokenID             *string         `gorm:"type:varchar(255);index" json:"token_id"`         // Foreign key to oauth_tokens.ID (set after callback)
	ServerURL           string          `gorm:"type:text" json:"server_url"`                     // MCP server URL for OAuth discovery
	UseDiscovery        bool            `gorm:"default:false" json:"use_discovery"`              // Flag to enable OAuth discovery
	MCPClientConfigJSON *string         `gorm:"type:text" json:"-"`                              // JSON serialized MCPClientConfig for multi-instance support (pending MCP client waiting for OAuth completion)
	EncryptionStatus    string          `gorm:"type:varchar(20);default:'plain_text'" json:"-"`
	CreatedAt           time.Time       `gorm:"index;not null" json:"created_at"`
	UpdatedAt           time.Time       `gorm:"index;not null" json:"updated_at"`
	ExpiresAt           time.Time       `gorm:"index;not null" json:"expires_at"` // State expiry (15 min)
}

TableOauthConfig represents an OAuth configuration in the database This stores the OAuth client configuration and flow state

func (*TableOauthConfig) AfterDelete added in v1.3.19 

func (c *TableOauthConfig) AfterDelete(tx *gorm.DB) error

AfterDelete hook for best-effort vault cleanup on row deletion.

func (*TableOauthConfig) AfterFind added in v1.2.22 

func (c *TableOauthConfig) AfterFind(tx *gorm.DB) error

AfterFind hook to decrypt sensitive fields

func (*TableOauthConfig) BeforeSave added in v1.2.17 

func (c *TableOauthConfig) BeforeSave(tx *gorm.DB) error

BeforeSave hook

func (*TableOauthConfig) GetClientSecretAsEnvVar added in v1.3.8 

func (c *TableOauthConfig) GetClientSecretAsEnvVar() *schemas.EnvVar

GetClientSecretAsEnvVar returns ClientSecret as an EnvVar (preserves env var reference metadata).

func (*TableOauthConfig) GetResolvedClientID added in v1.3.8 

func (c *TableOauthConfig) GetResolvedClientID() string

GetResolvedClientID returns the resolved ClientID value, expanding env var references at runtime.

func (*TableOauthConfig) GetResolvedClientSecret added in v1.3.8 

func (c *TableOauthConfig) GetResolvedClientSecret() string

GetResolvedClientSecret returns the resolved ClientSecret value, expanding env var references at runtime.

func (TableOauthConfig) TableName added in v1.2.17 

func (TableOauthConfig) TableName() string

TableName sets the table name

type TableOauthToken added in v1.2.17 

type TableOauthToken struct {
	ID               string     `gorm:"type:varchar(255);primaryKey" json:"id"`      // UUID
	AccessToken      string     `gorm:"type:text;not null" json:"-"`                 // Encrypted access token
	RefreshToken     string     `gorm:"type:text" json:"-"`                          // Encrypted refresh token (optional)
	TokenType        string     `gorm:"type:varchar(50);not null" json:"token_type"` // "Bearer"
	ExpiresAt        *time.Time `gorm:"index" json:"expires_at,omitempty"`           // Token expiration (nil means unknown/non-expiring)
	Scopes           string     `gorm:"type:text" json:"scopes"`                     // JSON array of granted scopes
	LastRefreshedAt  *time.Time `gorm:"index" json:"last_refreshed_at,omitempty"`    // Track when token was last refreshed
	EncryptionStatus string     `gorm:"type:varchar(20);default:'plain_text'" json:"-"`
	CreatedAt        time.Time  `gorm:"index;not null" json:"created_at"`
	UpdatedAt        time.Time  `gorm:"index;not null" json:"updated_at"`
}

TableOauthToken represents an OAuth token in the database This stores the actual access and refresh tokens

func (*TableOauthToken) AfterFind added in v1.2.22 

func (t *TableOauthToken) AfterFind(tx *gorm.DB) error

AfterFind hook to decrypt sensitive fields

func (*TableOauthToken) BeforeSave added in v1.2.17 

func (t *TableOauthToken) BeforeSave(tx *gorm.DB) error

BeforeSave hook

func (TableOauthToken) TableName added in v1.2.17 

func (TableOauthToken) TableName() string

TableName sets the table name

type TableOauthUserSession added in v1.3.1 

type TableOauthUserSession struct {
	ID               string    `gorm:"type:varchar(255);primaryKey" json:"id"`                  // Session UUID
	MCPClientID      string    `gorm:"type:varchar(255);not null;index" json:"mcp_client_id"`   // Which MCP server this auth is for
	OauthConfigID    string    `gorm:"type:varchar(255);not null;index" json:"oauth_config_id"` // Template OAuth config (holds client_id, token_url, etc.)
	State            string    `gorm:"type:varchar(255);uniqueIndex;not null" json:"-"`         // CSRF state token sent to OAuth provider
	RedirectURI      string    `gorm:"type:text" json:"-"`                                      // Per-request redirect URI used in authorize step
	CodeVerifier     string    `gorm:"type:text" json:"-"`                                      // PKCE code verifier (kept secret)
	SessionID        string    `gorm:"type:varchar(255);index" json:"session_id,omitempty"`     // Session-mode identity: client-asserted x-bf-mcp-session-id. Empty for vk/user mode rows. Stored plaintext (not a bearer credential; same trust model as a VK value).
	VirtualKeyID     *string   `gorm:"type:varchar(255);index" json:"virtual_key_id"`           // VK identity (propagated to oauth_user_tokens)
	UserID           *string   `gorm:"type:varchar(255);index" json:"user_id"`                  // User identity (propagated to oauth_user_tokens); populated only for user-mode rows, nil for vk/session-mode
	FlowMode         string    `gorm:"type:varchar(20);not null;default:'vk'" json:"flow_mode"` // 'user' | 'vk' | 'session' — mirrors the token row's AuthMode; immutable after creation
	Status           string    `gorm:"type:varchar(50);not null;index" json:"status"`           // "pending", "authorized", "failed", "expired"
	EncryptionStatus string    `gorm:"type:varchar(20);default:'plain_text'" json:"-"`
	ExpiresAt        time.Time `gorm:"index;not null" json:"expires_at"` // Flow expiration (15 min)
	CreatedAt        time.Time `gorm:"index;not null" json:"created_at"`
	UpdatedAt        time.Time `gorm:"index;not null" json:"updated_at"`

	// Display-only relations (no DB-level FK constraint; preloaded for sessions UI).
	MCPClient  *TableMCPClient  `gorm:"foreignKey:MCPClientID;references:ClientID" json:"-"`
	VirtualKey *TableVirtualKey `gorm:"foreignKey:VirtualKeyID;references:ID" json:"-"`

	// User is a non-DB, enterprise-only annotation populated after fetch on
	// user-keyed flow rows so the sessions UI can render name/email instead
	// of a raw user_id. OSS has no users table; OSS leaves it nil.
	User *OauthUserSummary `gorm:"-" json:"-"`
}

TableOauthUserSession tracks pending per-user OAuth flows. Each record maps an OAuth state token to a specific MCP client, allowing the callback to associate the resulting tokens with the correct user session.

func (*TableOauthUserSession) AfterFind added in v1.3.1 

func (s *TableOauthUserSession) AfterFind(tx *gorm.DB) error

func (*TableOauthUserSession) BeforeSave added in v1.3.1 

func (s *TableOauthUserSession) BeforeSave(tx *gorm.DB) error

func (TableOauthUserSession) TableName added in v1.3.1 

func (TableOauthUserSession) TableName() string

type TableOauthUserToken added in v1.3.1 

type TableOauthUserToken struct {
	ID               string     `gorm:"type:varchar(255);primaryKey" json:"id"`                   // Token UUID
	SessionID        string     `gorm:"type:varchar(255);index" json:"session_id,omitempty"`      // Session-mode identity: client-asserted x-bf-mcp-session-id. Empty for vk/user mode rows.
	VirtualKeyID     *string    `gorm:"type:varchar(255);index" json:"virtual_key_id"`            // VK identity (vk-mode rows)
	UserID           *string    `gorm:"type:varchar(255);index" json:"user_id"`                   // User identity (user-mode rows; populated by enterprise middleware/governance)
	MCPClientID      string     `gorm:"type:varchar(255);not null;index" json:"mcp_client_id"`    // Which MCP server
	AuthMode         string     `gorm:"type:varchar(20);not null" json:"auth_mode"`               // 'user' | 'vk' | 'session' — which identity column keys this row
	Status           string     `gorm:"type:varchar(20);not null;default:'active'" json:"status"` // 'active' | 'orphaned' | 'needs_reauth' — only 'active' satisfies a runtime lookup; the others are surfaced in the UI with distinct copy
	OauthConfigID    string     `gorm:"type:varchar(255);not null;index" json:"oauth_config_id"`  // Template OAuth config
	AccessToken      string     `gorm:"type:text;not null" json:"-"`                              // Encrypted user's OAuth access token
	RefreshToken     string     `gorm:"type:text" json:"-"`                                       // Encrypted user's OAuth refresh token
	TokenType        string     `gorm:"type:varchar(50);not null" json:"token_type"`              // "Bearer"
	ExpiresAt        *time.Time `gorm:"index" json:"expires_at,omitempty"`                        // Token expiry (nil means unknown/non-expiring)
	Scopes           string     `gorm:"type:text" json:"scopes"`                                  // JSON array of granted scopes
	LastRefreshedAt  *time.Time `gorm:"index" json:"last_refreshed_at,omitempty"`                 // Last refresh time
	EncryptionStatus string     `gorm:"type:varchar(20);default:'plain_text'" json:"-"`
	CreatedAt        time.Time  `gorm:"index;not null" json:"created_at"`
	UpdatedAt        time.Time  `gorm:"index;not null" json:"updated_at"`

	// Display-only relations (no DB-level FK constraint; preloaded for sessions UI).
	MCPClient  *TableMCPClient  `gorm:"foreignKey:MCPClientID;references:ClientID" json:"-"`
	VirtualKey *TableVirtualKey `gorm:"foreignKey:VirtualKeyID;references:ID" json:"-"`

	// User mirrors TableOauthUserSession.User — see OauthUserSummary above.
	User *OauthUserSummary `gorm:"-" json:"-"`
}

TableOauthUserToken stores per-user OAuth credentials. Each record holds the access/refresh tokens for a specific identity × MCP client pair. Exactly one identity column (UserID, VirtualKeyID, or SessionID) is populated per row; AuthMode records which one.

func (*TableOauthUserToken) AfterFind added in v1.3.1 

func (t *TableOauthUserToken) AfterFind(tx *gorm.DB) error

func (*TableOauthUserToken) BeforeSave added in v1.3.1 

func (t *TableOauthUserToken) BeforeSave(tx *gorm.DB) error

func (TableOauthUserToken) TableName added in v1.3.1 

func (TableOauthUserToken) TableName() string

type TablePlugin 

type TablePlugin struct {
	ID         uint      `gorm:"primaryKey;autoIncrement" json:"id"`
	Name       string    `gorm:"type:varchar(255);uniqueIndex;not null" json:"name"`
	Enabled    bool      `json:"enabled"`
	Path       *string   `json:"path,omitempty"`
	ConfigJSON string    `gorm:"type:text" json:"-"` // JSON serialized plugin.Config
	CreatedAt  time.Time `gorm:"index;not null" json:"created_at"`
	Version    int16     `gorm:"not null;default:1" json:"version"`
	UpdatedAt  time.Time `gorm:"index;not null" json:"updated_at"`
	IsCustom   bool      `gorm:"not null;default:false" json:"isCustom"`

	Placement *schemas.PluginPlacement `gorm:"column:placement;type:varchar(20);null" json:"placement,omitempty"`
	Order     *int                     `gorm:"column:exec_order;type:int;null" json:"order,omitempty"`

	// Config hash is used to detect the changes synced from config.json file
	// Every time we sync the config.json file, we will update the config hash
	ConfigHash string `gorm:"type:varchar(255);null" json:"config_hash"`

	EncryptionStatus string `gorm:"type:varchar(20);default:'plain_text'" json:"-"`

	// Virtual fields for runtime use (not stored in DB)
	Config any `gorm:"-" json:"config,omitempty"`
}

func (*TablePlugin) AfterDelete added in v1.3.19 

func (p *TablePlugin) AfterDelete(tx *gorm.DB) error

AfterDelete hook for best-effort vault cleanup on row deletion.

func (*TablePlugin) AfterFind 

func (p *TablePlugin) AfterFind(tx *gorm.DB) error

AfterFind is a GORM hook that decrypts the plugin config JSON (if encrypted) and deserializes it back into the runtime Config field after reading from the database.

func (*TablePlugin) BeforeSave 

func (p *TablePlugin) BeforeSave(tx *gorm.DB) error

BeforeSave is a GORM hook that serializes the plugin Config into a JSON column and encrypts it before writing to the database. Empty configs ("{}") are not encrypted.

func (TablePlugin) TableName 

func (TablePlugin) TableName() string

TableName sets the table name for each model

type TablePricingOverride added in v1.3.0 

type TablePricingOverride struct {
	ID               string    `gorm:"primaryKey;type:varchar(255)" json:"id"`
	Name             string    `gorm:"type:varchar(255);not null" json:"name"`
	ScopeKind        string    `gorm:"type:varchar(50);index:idx_pricing_override_scope;not null" json:"scope_kind"`
	VirtualKeyID     *string   `gorm:"type:varchar(255);index:idx_pricing_override_scope" json:"virtual_key_id,omitempty"`
	ProviderID       *string   `gorm:"type:varchar(255);index:idx_pricing_override_scope" json:"provider_id,omitempty"`
	ProviderKeyID    *string   `gorm:"type:varchar(255);index:idx_pricing_override_scope" json:"provider_key_id,omitempty"`
	ProviderKeyName  *string   `gorm:"-" json:"provider_key_name,omitempty"` // config-only alias; resolved to provider_key_id during load
	MatchType        string    `gorm:"type:varchar(20);index:idx_pricing_override_match;not null" json:"match_type"`
	Pattern          string    `gorm:"type:varchar(255);not null" json:"pattern"`
	RequestTypesJSON string    `gorm:"type:text" json:"-"`
	PricingPatchJSON string    `gorm:"type:text" json:"pricing_patch,omitempty"`
	ConfigHash       string    `gorm:"type:varchar(255);null" json:"config_hash,omitempty"`
	CreatedAt        time.Time `gorm:"index;not null" json:"created_at"`
	UpdatedAt        time.Time `gorm:"index;not null" json:"updated_at"`

	RequestTypes []schemas.RequestType `gorm:"-" json:"request_types,omitempty"`
}

TablePricingOverride is the persistence model for governance pricing overrides.

func (*TablePricingOverride) AfterFind added in v1.3.0 

func (p *TablePricingOverride) AfterFind(tx *gorm.DB) error

AfterFind restores virtual fields from their persisted JSON columns.

func (*TablePricingOverride) BeforeSave added in v1.3.0 

func (p *TablePricingOverride) BeforeSave(tx *gorm.DB) error

BeforeSave serializes virtual fields into their JSON columns before persistence.

func (TablePricingOverride) TableName added in v1.3.0 

func (TablePricingOverride) TableName() string

TableName returns the backing table name for governance pricing overrides.

type TablePrompt added in v1.2.27 

type TablePrompt struct {
	ID         string       `gorm:"type:varchar(36);primaryKey" json:"id"`
	Name       string       `gorm:"type:varchar(255);not null" json:"name"`
	FolderID   *string      `gorm:"type:varchar(36);index" json:"folder_id,omitempty"`
	Folder     *TableFolder `gorm:"foreignKey:FolderID;constraint:OnDelete:CASCADE" json:"folder,omitempty"`
	CreatedAt  time.Time    `gorm:"not null" json:"created_at"`
	UpdatedAt  time.Time    `gorm:"not null" json:"updated_at"`
	ConfigHash string       `gorm:"type:varchar(64)" json:"-"`

	// Relationships
	Versions []TablePromptVersion `gorm:"foreignKey:PromptID;constraint:OnDelete:CASCADE" json:"versions,omitempty"`
	Sessions []TablePromptSession `gorm:"foreignKey:PromptID;constraint:OnDelete:CASCADE" json:"sessions,omitempty"`

	// Virtual fields (not stored in DB)
	LatestVersion *TablePromptVersion `gorm:"-" json:"latest_version,omitempty"`
}

TablePrompt represents a prompt entity that can have multiple versions and sessions

func (TablePrompt) TableName added in v1.2.27 

func (TablePrompt) TableName() string

TableName for TablePrompt

type TablePromptSession added in v1.2.27 

type TablePromptSession struct {
	ID              uint                `gorm:"primaryKey;autoIncrement" json:"id"`
	PromptID        string              `gorm:"type:varchar(36);not null;index" json:"prompt_id"`
	Prompt          *TablePrompt        `gorm:"foreignKey:PromptID" json:"prompt,omitempty"`
	VersionID       *uint               `gorm:"index" json:"version_id,omitempty"` // Optional - session may or may not be based on a version
	Version         *TablePromptVersion `gorm:"foreignKey:VersionID;constraint:OnDelete:SET NULL" json:"version,omitempty"`
	Name            string              `gorm:"type:varchar(255)" json:"name"`
	ModelParamsJSON *string             `gorm:"type:text;column:model_params_json" json:"-"`
	ModelParams     ModelParams         `gorm:"-" json:"model_params"`
	Provider        string              `gorm:"type:varchar(100)" json:"provider"`
	Model           string              `gorm:"type:varchar(100)" json:"model"`
	VariablesJSON   *string             `gorm:"type:text;column:variables_json" json:"-"`
	Variables       PromptVariables     `gorm:"-" json:"variables,omitempty"` // {key: value} map for Jinja2 variables
	CreatedAt       time.Time           `gorm:"not null" json:"created_at"`
	UpdatedAt       time.Time           `gorm:"not null" json:"updated_at"`

	// Relationships
	Messages []TablePromptSessionMessage `gorm:"foreignKey:SessionID;constraint:OnDelete:CASCADE" json:"messages,omitempty"`
}

TablePromptSession represents a mutable working draft/session for a prompt Sessions belong to a prompt and can optionally be based on a specific version

func (*TablePromptSession) AfterFind added in v1.2.27 

func (s *TablePromptSession) AfterFind(tx *gorm.DB) error

AfterFind GORM hook to deserialize JSON fields

func (*TablePromptSession) BeforeSave added in v1.2.27 

func (s *TablePromptSession) BeforeSave(tx *gorm.DB) error

BeforeSave GORM hook to serialize JSON fields

func (TablePromptSession) TableName added in v1.2.27 

func (TablePromptSession) TableName() string

TableName for TablePromptSession

type TablePromptSessionMessage added in v1.2.27 

type TablePromptSessionMessage struct {
	ID          uint                `gorm:"primaryKey;autoIncrement" json:"id"`
	PromptID    string              `gorm:"type:varchar(36);not null;index" json:"prompt_id"`
	SessionID   uint                `gorm:"not null;index;uniqueIndex:idx_session_order" json:"session_id"`
	Session     *TablePromptSession `gorm:"foreignKey:SessionID" json:"-"`
	OrderIndex  int                 `gorm:"not null;uniqueIndex:idx_session_order" json:"order_index"`
	MessageJSON string              `gorm:"type:text;not null;column:message_json" json:"-"`
	Message     PromptMessage       `gorm:"-" json:"message"`
}

TablePromptSessionMessage represents a message in a mutable prompt session

func (*TablePromptSessionMessage) AfterFind added in v1.2.27 

func (m *TablePromptSessionMessage) AfterFind(tx *gorm.DB) error

AfterFind GORM hook to deserialize JSON fields

func (*TablePromptSessionMessage) BeforeSave added in v1.2.27 

func (m *TablePromptSessionMessage) BeforeSave(tx *gorm.DB) error

BeforeSave GORM hook to serialize JSON fields

func (TablePromptSessionMessage) TableName added in v1.2.27 

func (TablePromptSessionMessage) TableName() string

TableName for TablePromptSessionMessage

type TablePromptVersion added in v1.2.27 

type TablePromptVersion struct {
	ID              uint            `gorm:"primaryKey;autoIncrement" json:"id"`
	PromptID        string          `gorm:"type:varchar(36);not null;index;uniqueIndex:idx_prompt_version" json:"prompt_id"`
	Prompt          *TablePrompt    `gorm:"foreignKey:PromptID" json:"prompt,omitempty"`
	VersionNumber   int             `gorm:"not null;uniqueIndex:idx_prompt_version" json:"version_number"`
	CommitMessage   string          `gorm:"type:text" json:"commit_message"`
	ModelParamsJSON *string         `gorm:"type:text;column:model_params_json" json:"-"`
	ModelParams     ModelParams     `gorm:"-" json:"model_params"`
	Provider        string          `gorm:"type:varchar(100)" json:"provider"`
	Model           string          `gorm:"type:varchar(100)" json:"model"`
	VariablesJSON   *string         `gorm:"type:text;column:variables_json" json:"-"`
	Variables       PromptVariables `gorm:"-" json:"variables,omitempty"` // {key: value} map for Jinja2 variables
	IsLatest        bool            `gorm:"not null;default:false" json:"is_latest"`
	CreatedAt       time.Time       `gorm:"not null" json:"created_at"`

	// Relationships
	Messages []TablePromptVersionMessage `gorm:"foreignKey:VersionID;constraint:OnDelete:CASCADE" json:"messages,omitempty"`
}

TablePromptVersion represents an immutable version of a prompt Once created, a version cannot be modified - to make changes, create a new version

func (*TablePromptVersion) AfterFind added in v1.2.27 

func (v *TablePromptVersion) AfterFind(tx *gorm.DB) error

AfterFind GORM hook to deserialize JSON fields

func (*TablePromptVersion) BeforeSave added in v1.2.27 

func (v *TablePromptVersion) BeforeSave(tx *gorm.DB) error

BeforeSave GORM hook to serialize JSON fields

func (TablePromptVersion) TableName added in v1.2.27 

func (TablePromptVersion) TableName() string

TableName for TablePromptVersion

type TablePromptVersionMessage added in v1.2.27 

type TablePromptVersionMessage struct {
	ID          uint                `gorm:"primaryKey;autoIncrement" json:"id"`
	PromptID    string              `gorm:"type:varchar(36);not null;index" json:"prompt_id"`
	VersionID   uint                `gorm:"not null;index;uniqueIndex:idx_version_order" json:"version_id"`
	Version     *TablePromptVersion `gorm:"foreignKey:VersionID" json:"-"`
	OrderIndex  int                 `gorm:"not null;uniqueIndex:idx_version_order" json:"order_index"`
	MessageJSON string              `gorm:"type:text;not null;column:message_json" json:"-"`
	Message     PromptMessage       `gorm:"-" json:"message"`
}

TablePromptVersionMessage represents a message in an immutable prompt version

func (*TablePromptVersionMessage) AfterFind added in v1.2.27 

func (m *TablePromptVersionMessage) AfterFind(tx *gorm.DB) error

AfterFind GORM hook to deserialize JSON fields

func (*TablePromptVersionMessage) BeforeSave added in v1.2.27 

func (m *TablePromptVersionMessage) BeforeSave(tx *gorm.DB) error

BeforeSave GORM hook to serialize JSON fields

func (TablePromptVersionMessage) TableName added in v1.2.27 

func (TablePromptVersionMessage) TableName() string

TableName for TablePromptVersionMessage

type TableProvider 

type TableProvider struct {
	ID                       uint      `gorm:"primaryKey;autoIncrement" json:"id"`
	Name                     string    `gorm:"type:varchar(50);uniqueIndex;not null" json:"name"` // ModelProvider as string
	NetworkConfigJSON        string    `gorm:"type:text" json:"-"`                                // JSON serialized schemas.NetworkConfig
	ConcurrencyBufferJSON    string    `gorm:"type:text" json:"-"`                                // JSON serialized schemas.ConcurrencyAndBufferSize
	ProxyConfigJSON          string    `gorm:"type:text" json:"-"`                                // JSON serialized schemas.ProxyConfig
	CustomProviderConfigJSON string    `gorm:"type:text" json:"-"`                                // JSON serialized schemas.CustomProviderConfig
	OpenAIConfigJSON         string    `gorm:"type:text" json:"-"`                                // JSON serialized schemas.OpenAIConfig
	SendBackRawRequest       bool      `json:"send_back_raw_request"`
	SendBackRawResponse      bool      `json:"send_back_raw_response"`
	StoreRawRequestResponse  bool      `json:"store_raw_request_response"`
	CreatedAt                time.Time `gorm:"index;not null" json:"created_at"`
	UpdatedAt                time.Time `gorm:"index;not null" json:"updated_at"`

	// Relationships
	Keys []TableKey `gorm:"foreignKey:ProviderID;constraint:OnDelete:CASCADE" json:"keys"`

	// Virtual fields for runtime use (not stored in DB)
	NetworkConfig            *schemas.NetworkConfig            `gorm:"-" json:"network_config,omitempty"`
	ConcurrencyAndBufferSize *schemas.ConcurrencyAndBufferSize `gorm:"-" json:"concurrency_and_buffer_size,omitempty"`
	ProxyConfig              *schemas.ProxyConfig              `gorm:"-" json:"proxy_config,omitempty"`

	// Custom provider fields
	CustomProviderConfig *schemas.CustomProviderConfig `gorm:"-" json:"custom_provider_config,omitempty"`
	OpenAIConfig         *schemas.OpenAIConfig         `gorm:"-" json:"openai_config,omitempty"`

	// Foreign keys
	Models []TableModel `gorm:"foreignKey:ProviderID;constraint:OnDelete:CASCADE" json:"models"`

	// Governance fields - Budget and Rate Limit for provider-level governance
	BudgetID    *string `gorm:"type:varchar(255);index:idx_provider_budget" json:"budget_id,omitempty"`
	RateLimitID *string `gorm:"type:varchar(255);index:idx_provider_rate_limit" json:"rate_limit_id,omitempty"`

	// Governance relationships
	Budget    *TableBudget    `gorm:"foreignKey:BudgetID;onDelete:CASCADE" json:"budget,omitempty"`
	RateLimit *TableRateLimit `gorm:"foreignKey:RateLimitID;onDelete:CASCADE" json:"rate_limit,omitempty"`

	// Config hash is used to detect the changes synced from config.json file
	// Every time we sync the config.json file, we will update the config hash
	ConfigHash string `gorm:"type:varchar(255);null" json:"config_hash"`

	// Model discovery status tracking for keyless providers
	Status      string `gorm:"type:varchar(50);default:'unknown'" json:"status"`
	Description string `gorm:"type:text" json:"description,omitempty"`

	EncryptionStatus string `gorm:"type:varchar(20);default:'plain_text'" json:"-"`
}

TableProvider represents a provider configuration in the database NOTE: Any changes to the provider configuration should be reflected in the GenerateConfigHash function That helps us detect changes between config file and database config

func (*TableProvider) AfterDelete added in v1.3.19 

func (p *TableProvider) AfterDelete(tx *gorm.DB) error

AfterDelete hook for best-effort vault cleanup on row deletion.

func (*TableProvider) AfterFind 

func (p *TableProvider) AfterFind(tx *gorm.DB) error

AfterFind is a GORM hook that decrypts the proxy configuration (if encrypted) and deserializes JSON columns back into runtime config structs after reading from the database.

func (*TableProvider) BeforeSave 

func (p *TableProvider) BeforeSave(tx *gorm.DB) error

BeforeSave is a GORM hook that serializes runtime config structs into JSON columns, validates governance fields, and encrypts the proxy configuration before writing to the database.

func (TableProvider) TableName 

func (TableProvider) TableName() string

TableName represents a provider configuration in the database

type TableRateLimit 

type TableRateLimit struct {
	ID string `gorm:"primaryKey;type:varchar(255)" json:"id"`

	// Token limits with flexible duration
	TokenMaxLimit      *int64    `gorm:"default:null" json:"token_max_limit,omitempty"`          // Maximum tokens allowed
	TokenResetDuration *string   `gorm:"type:varchar(50)" json:"token_reset_duration,omitempty"` // e.g., "30s", "5m", "1h", "1d", "1w", "1M", "1Y"
	TokenCurrentUsage  int64     `gorm:"default:0" json:"token_current_usage"`                   // Current token usage
	TokenLastReset     time.Time `gorm:"index" json:"token_last_reset"`                          // Last time token counter was reset

	// Request limits with flexible duration
	RequestMaxLimit      *int64    `gorm:"default:null" json:"request_max_limit,omitempty"`          // Maximum requests allowed
	RequestResetDuration *string   `gorm:"type:varchar(50)" json:"request_reset_duration,omitempty"` // e.g., "30s", "5m", "1h", "1d", "1w", "1M", "1Y"
	RequestCurrentUsage  int64     `gorm:"default:0" json:"request_current_usage"`                   // Current request usage
	RequestLastReset     time.Time `gorm:"index" json:"request_last_reset"`                          // Last time request counter was reset

	// Deprecated: set calendar_aligned on the parent access profile / VK / team
	// instead. Kept for backward compatibility with older config.json files;
	// the OSS applyV1Compat path and the enterprise access-profile reconciler
	// promote any true value here to the owner's top-level CalendarAligned at
	// load time.
	CalendarAlignedInput *bool `gorm:"-" json:"calendar_aligned,omitempty"`

	// Derived from the owning entity. See TableBudget.IsCalendarAligned.
	IsCalendarAligned bool `gorm:"-" json:"-"`

	// Config hash is used to detect the changes synced from config.json file
	// Every time we sync the config.json file, we will update the config hash
	ConfigHash string `gorm:"type:varchar(255);null" json:"config_hash"`

	CreatedAt time.Time `gorm:"index;not null" json:"created_at"`
	UpdatedAt time.Time `gorm:"index;not null" json:"updated_at"`
}

TableRateLimit defines rate limiting rules for virtual keys using flexible max+reset approach

func (*TableRateLimit) BeforeSave 

func (rl *TableRateLimit) BeforeSave(tx *gorm.DB) error

BeforeSave hook for RateLimit to validate reset duration formats

func (TableRateLimit) TableName 

func (TableRateLimit) TableName() string

TableName sets the table name for each model

type TableRoutingRule added in v1.2.17 

type TableRoutingRule struct {
	ID            string `gorm:"primaryKey;type:varchar(255)" json:"id"`
	ConfigHash    string `gorm:"type:varchar(255)" json:"config_hash"` // Hash of config.json version, used for change detection
	Name          string `gorm:"type:varchar(255);not null;uniqueIndex:idx_routing_rule_scope_name" json:"name"`
	Description   string `gorm:"type:text" json:"description"`
	Enabled       *bool  `gorm:"not null;default:true" json:"enabled,omitempty"` // nil = DB default (true); use EnabledValue() to read
	CelExpression string `gorm:"type:text;not null" json:"cel_expression"`

	// Routing Targets (output) — 1:many relationship; weights must sum to 1
	Targets []TableRoutingTarget `gorm:"foreignKey:RuleID;constraint:OnDelete:CASCADE" json:"targets"`

	Fallbacks       *string  `gorm:"type:text" json:"-"`           // JSON array of fallback chains
	ParsedFallbacks []string `gorm:"-" json:"fallbacks,omitempty"` // Parsed fallbacks from JSON

	Query       *string        `gorm:"type:text" json:"-"`
	ParsedQuery map[string]any `gorm:"-" json:"query,omitempty"`

	// Scope: where this rule applies
	Scope   string  `gorm:"type:varchar(50);not null;uniqueIndex:idx_routing_rule_scope_name" json:"scope"` // "global" | "team" | "customer" | "virtual_key"
	ScopeID *string `gorm:"type:varchar(255);uniqueIndex:idx_routing_rule_scope_name" json:"scope_id"`      // nil for global, otherwise entity ID

	// Chaining
	ChainRule bool `gorm:"not null;default:false" json:"chain_rule"` // If true, re-evaluates routing chain after this rule matches

	// Execution
	Priority int `gorm:"type:int;not null;default:0;index" json:"priority"` // Lower = evaluated first within scope

	// Timestamps
	CreatedAt time.Time `gorm:"index;not null" json:"created_at"`
	UpdatedAt time.Time `gorm:"index;not null" json:"updated_at"`
}

TableRoutingRule represents a routing rule in the database

func (*TableRoutingRule) AfterFind added in v1.2.17 

func (r *TableRoutingRule) AfterFind(tx *gorm.DB) error

AfterFind hook for TableRoutingRule to deserialize JSON fields

func (*TableRoutingRule) BeforeSave added in v1.2.17 

func (r *TableRoutingRule) BeforeSave(tx *gorm.DB) error

BeforeSave hook for TableRoutingRule to serialize JSON fields

func (*TableRoutingRule) EnabledValue added in v1.3.8 

func (r *TableRoutingRule) EnabledValue() bool

EnabledValue returns the effective Enabled bool, treating nil as true (DB default).

func (TableRoutingRule) TableName added in v1.2.17 

func (TableRoutingRule) TableName() string

TableName for TableRoutingRule

type TableRoutingTarget added in v1.2.27 

type TableRoutingTarget struct {
	RuleID          string  `gorm:"type:varchar(255);not null;index;uniqueIndex:idx_routing_target_config" json:"-"`
	Provider        *string `gorm:"type:varchar(255);uniqueIndex:idx_routing_target_config" json:"provider,omitempty"` // nil = use incoming provider
	Model           *string `gorm:"type:varchar(255);uniqueIndex:idx_routing_target_config" json:"model,omitempty"`    // nil = use incoming model
	KeyID           *string `gorm:"type:varchar(255);uniqueIndex:idx_routing_target_config" json:"key_id,omitempty"`   // persisted key pin
	ProviderKeyName *string `gorm:"-" json:"provider_key_name,omitempty"`                                              // config-only alias; resolved to key_id during load
	Weight          float64 `gorm:"not null;default:1" json:"weight"`                                                  // must sum to 1 across all targets in a rule
}

TableRoutingTarget represents a weighted routing target for probabilistic routing. Multiple targets can be associated with a single routing rule; weights determine the probability of each target being selected and must sum to 1 across all targets in a rule. The composite (RuleID, Provider, Model, KeyID) is unique to prevent duplicate target configs.

func (TableRoutingTarget) TableName added in v1.2.27 

func (TableRoutingTarget) TableName() string

TableName for TableRoutingTarget

type TableSkill added in v1.3.20 

type TableSkill struct {
	ID               string         `gorm:"type:varchar(36);primaryKey" json:"id"`
	Name             string         `gorm:"type:varchar(64);not null;uniqueIndex" json:"name"`
	Description      string         `gorm:"type:varchar(1024);not null" json:"description"`
	License          *string        `gorm:"type:text" json:"license,omitempty"`
	Compatibility    *string        `gorm:"type:varchar(500)" json:"compatibility,omitempty"`
	Metadata         SkillStringMap `gorm:"type:json" json:"metadata,omitempty"`
	ExtraFrontmatter SkillJSONMap   `gorm:"type:json;column:extra_frontmatter" json:"extra_frontmatter,omitempty"`
	AllowedTools     *string        `gorm:"type:text;column:allowed_tools" json:"allowed_tools,omitempty"`
	SkillMDBody      string         `gorm:"type:text;not null;column:skill_md_body" json:"skill_md_body"`
	LatestVersion    string         `gorm:"type:varchar(100);not null;column:latest_version" json:"latest_version"`
	CreatedBy        *string        `gorm:"type:varchar(255);column:created_by" json:"created_by,omitempty"`
	ConfigHash       string         `gorm:"type:varchar(64)" json:"-"`
	CreatedAt        time.Time      `gorm:"not null" json:"created_at"`
	UpdatedAt        time.Time      `gorm:"not null" json:"updated_at"`

	Versions []TableSkillVersion `gorm:"foreignKey:SkillID;constraint:OnDelete:CASCADE" json:"versions,omitempty"`

	// Transient: populated from the serving version's files for API convenience.
	// Not stored in the skills table; filled by the store layer on read.
	Files []TableSkillFile `gorm:"-" json:"files,omitempty"`

	// Transient: serving version file count for list responses.
	// Not stored in the skills table; filled by the store layer on list reads.
	FileCount int64 `gorm:"-" json:"file_count"`

	// Transient: most recently created version string across all versions of this skill.
	// Filled by the store layer; used by the frontend for version bump validation.
	HighestVersion string `gorm:"-" json:"highest_version,omitempty"`
}

TableSkill represents a skill in the repository. Every save creates a version snapshot.

func (*TableSkill) BeforeCreate added in v1.3.20 

func (s *TableSkill) BeforeCreate(tx *gorm.DB) error

BeforeCreate ensures map fields are initialized before insertion.

func (*TableSkill) BeforeSave added in v1.3.20 

func (s *TableSkill) BeforeSave(tx *gorm.DB) error

BeforeSave ensures map fields are initialized before update.

func (TableSkill) TableName added in v1.3.20 

func (TableSkill) TableName() string

TableName for TableSkill.

type TableSkillFile added in v1.3.20 

type TableSkillFile struct {
	ID             string    `gorm:"type:varchar(36);primaryKey" json:"id"`
	SkillVersionID string    `gorm:"type:varchar(36);not null;index;uniqueIndex:idx_skill_file_path;column:skill_version_id" json:"skill_version_id"`
	Path           string    `gorm:"type:varchar(1024);not null;uniqueIndex:idx_skill_file_path" json:"path"`
	SourceType     string    `gorm:"type:varchar(32);not null;column:source_type" json:"source_type"`
	SourceURL      *string   `gorm:"type:text;column:source_url" json:"source_url,omitempty"`
	StorageKey     *string   `gorm:"type:text;column:storage_key" json:"storage_key,omitempty"`
	BlobID         *string   `gorm:"type:varchar(36);index;column:blob_id" json:"blob_id,omitempty"`
	MimeType       string    `gorm:"type:varchar(255);column:mime_type" json:"mime_type"`
	FileSizeBytes  int64     `gorm:"not null;default:0;column:file_size_bytes" json:"file_size_bytes"`
	CreatedAt      time.Time `gorm:"not null" json:"created_at"`
	UpdatedAt      time.Time `gorm:"not null" json:"updated_at"`

	SkillVersion *TableSkillVersion  `gorm:"foreignKey:SkillVersionID" json:"skill_version,omitempty"`
	Blob         *TableSkillFileBlob `gorm:"foreignKey:BlobID;constraint:OnDelete:SET NULL" json:"blob,omitempty"`

	InlineContent *string `gorm:"-" json:"content,omitempty"`
	DataURL       *string `gorm:"-" json:"dataurl,omitempty"`
	UploadID      *string `gorm:"-" json:"upload_id,omitempty"`
}

TableSkillFile represents a file associated with a skill version. The file row is a pointer to the underlying blob/storage; blobs are reused across versions when the file content hasn't changed.

func (*TableSkillFile) BeforeSave added in v1.3.20 

func (f *TableSkillFile) BeforeSave(tx *gorm.DB) error

BeforeSave normalizes the path before persisting so the unique index enforces the canonical form.

func (TableSkillFile) NormalizedPath added in v1.3.20 

func (f TableSkillFile) NormalizedPath() string

NormalizedPath returns a trimmed relative path so uniqueness logic is stable.

func (TableSkillFile) TableName added in v1.3.20 

func (TableSkillFile) TableName() string

TableName for TableSkillFile.

type TableSkillFileBlob added in v1.3.20 

type TableSkillFileBlob struct {
	ID        string    `gorm:"type:varchar(36);primaryKey" json:"id"`
	Data      []byte    `gorm:"not null" json:"-"`
	CreatedAt time.Time `gorm:"not null" json:"created_at"`
}

TableSkillFileBlob stores fallback file bytes when object storage is unavailable.

func (TableSkillFileBlob) TableName added in v1.3.20 

func (TableSkillFileBlob) TableName() string

TableName for TableSkillFileBlob.

type TableSkillVersion added in v1.3.20 

type TableSkillVersion struct {
	ID                  string       `gorm:"type:varchar(36);primaryKey" json:"id"`
	SkillID             string       `gorm:"type:varchar(36);not null;index;uniqueIndex:idx_skill_version" json:"skill_id"`
	Version             string       `gorm:"type:varchar(100);not null;uniqueIndex:idx_skill_version" json:"version"`
	SkillMDBody         string       `gorm:"type:text;not null;column:skill_md_body" json:"skill_md_body,omitempty"`
	FrontmatterSnapshot SkillJSONMap `gorm:"type:json;column:frontmatter_snapshot" json:"frontmatter_snapshot,omitempty"`
	CreatedBy           *string      `gorm:"type:varchar(255);column:created_by" json:"created_by,omitempty"`
	CreatedAt           time.Time    `gorm:"not null" json:"created_at"`

	Skill *TableSkill `gorm:"foreignKey:SkillID" json:"skill,omitempty"`

	Files []TableSkillFile `gorm:"foreignKey:SkillVersionID;constraint:OnDelete:CASCADE" json:"files,omitempty"`
}

TableSkillVersion represents an immutable snapshot of a skill save. Files belong to versions, not directly to skills.

func (*TableSkillVersion) BeforeCreate added in v1.3.20 

func (v *TableSkillVersion) BeforeCreate(tx *gorm.DB) error

BeforeCreate ensures snapshot fields are initialized before insertion.

func (TableSkillVersion) TableName added in v1.3.20 

func (TableSkillVersion) TableName() string

TableName for TableSkillVersion.

type TableTeam 

type TableTeam struct {
	ID          string  `gorm:"primaryKey;type:varchar(255)" json:"id"`
	Name        string  `gorm:"type:varchar(255);not null;uniqueIndex" json:"name"`
	CustomerID  *string `gorm:"type:varchar(255);index" json:"customer_id,omitempty"` // A team can belong to a customer
	RateLimitID *string `gorm:"type:varchar(255);index" json:"rate_limit_id,omitempty"`
	SourceID    *string `gorm:"type:varchar(255);uniqueIndex" json:"source_id,omitempty"`

	// Relationships
	Customer    *TableCustomer    `gorm:"foreignKey:CustomerID" json:"customer,omitempty"`
	Budgets     []TableBudget     `gorm:"foreignKey:TeamID;constraint:OnDelete:CASCADE" json:"budgets,omitempty"` // Multiple budgets with different reset intervals
	RateLimit   *TableRateLimit   `gorm:"foreignKey:RateLimitID" json:"rate_limit,omitempty"`
	VirtualKeys []TableVirtualKey `gorm:"foreignKey:TeamID" json:"virtual_keys,omitempty"`

	// Computed (not a DB column) — populated via correlated subquery in query layer, hence no migration
	VirtualKeyCount int64 `gorm:"->;-:migration" json:"virtual_key_count"`

	Profile       *string        `gorm:"type:text" json:"-"`
	ParsedProfile map[string]any `gorm:"-" json:"profile"`

	Config       *string        `gorm:"type:text" json:"-"`
	ParsedConfig map[string]any `gorm:"-" json:"config"`

	Claims       *string        `gorm:"type:text" json:"-"`
	ParsedClaims map[string]any `gorm:"-" json:"claims"`

	CalendarAligned bool `gorm:"default:false" json:"calendar_aligned"`

	// Config hash is used to detect the changes synced from config.json file
	// Every time we sync the config.json file, we will update the config hash
	ConfigHash string `gorm:"type:varchar(255);null" json:"config_hash"`

	CreatedAt time.Time `gorm:"index;not null" json:"created_at"`
	UpdatedAt time.Time `gorm:"index;not null" json:"updated_at"`
}

TableTeam represents a team entity with budget, rate limit and customer association

func (*TableTeam) AfterFind 

func (t *TableTeam) AfterFind(tx *gorm.DB) error

AfterFind hook for TableTeam to deserialize JSON fields and propagate calendar_aligned down to owned budgets / rate_limit. The reset path reads the stamped value off the budget / rate_limit; the governance store's Update*InMemory paths re-stamp on every team update.

func (*TableTeam) BeforeSave 

func (t *TableTeam) BeforeSave(tx *gorm.DB) error

BeforeSave hook for TableTeam to serialize JSON fields

func (TableTeam) TableName 

func (TableTeam) TableName() string

TableName sets the table name for each model

type TableVectorStoreConfig 

type TableVectorStoreConfig struct {
	ID               uint      `gorm:"primaryKey;autoIncrement" json:"id"`
	Enabled          bool      `json:"enabled"`                               // Enable vector store
	Type             string    `gorm:"type:varchar(50);not null" json:"type"` // "weaviate, redis, qdrant."
	TTLSeconds       int       `gorm:"default:300" json:"ttl_seconds"`        // TTL in seconds (default: 5 minutes)
	CacheByModel     bool      `gorm:"" json:"cache_by_model"`                // Include model in cache key
	CacheByProvider  bool      `gorm:"" json:"cache_by_provider"`             // Include provider in cache key
	Config           *string   `gorm:"type:text" json:"config"`               // JSON serialized schemas.RedisVectorStoreConfig
	EncryptionStatus string    `gorm:"type:varchar(20);default:'plain_text'" json:"-"`
	CreatedAt        time.Time `gorm:"index;not null" json:"created_at"`
	UpdatedAt        time.Time `gorm:"index;not null" json:"updated_at"`
}

TableVectorStoreConfig represents Cache plugin configuration in the database

func (*TableVectorStoreConfig) AfterFind added in v1.2.22 

func (vs *TableVectorStoreConfig) AfterFind(tx *gorm.DB) error

AfterFind hook to decrypt sensitive config

func (*TableVectorStoreConfig) BeforeSave added in v1.2.22 

func (vs *TableVectorStoreConfig) BeforeSave(tx *gorm.DB) error

BeforeSave hook to encrypt sensitive config

func (TableVectorStoreConfig) TableName 

func (TableVectorStoreConfig) TableName() string

TableName sets the table name for each model

type TableVirtualKey 

type TableVirtualKey struct {
	ID              string                          `gorm:"primaryKey;type:varchar(255)" json:"id"`
	Name            string                          `gorm:"uniqueIndex:idx_virtual_key_name;type:varchar(255);not null" json:"name"`
	Description     string                          `gorm:"type:text" json:"description,omitempty"`
	Value           string                          `gorm:"uniqueIndex:idx_virtual_key_value;type:text;not null" json:"value"`           // The virtual key value
	IsActive        *bool                           `gorm:"default:true" json:"is_active,omitempty"`                                     // Nil means true (DB default); false means inactive
	ProviderConfigs []TableVirtualKeyProviderConfig `gorm:"foreignKey:VirtualKeyID;constraint:OnDelete:CASCADE" json:"provider_configs"` // Empty means no providers allowed (deny-by-default)
	MCPConfigs      []TableVirtualKeyMCPConfig      `gorm:"foreignKey:VirtualKeyID;constraint:OnDelete:CASCADE" json:"mcp_configs"`

	// Foreign key relationships (mutually exclusive: either TeamID or CustomerID, not both)
	TeamID      *string `gorm:"type:varchar(255);index" json:"team_id,omitempty"`
	CustomerID  *string `gorm:"type:varchar(255);index" json:"customer_id,omitempty"`
	RateLimitID *string `gorm:"type:varchar(255);index" json:"rate_limit_id,omitempty"`

	CalendarAligned bool `gorm:"default:false" json:"calendar_aligned"`

	// Relationships
	Team      *TableTeam      `gorm:"foreignKey:TeamID" json:"team,omitempty"`
	Customer  *TableCustomer  `gorm:"foreignKey:CustomerID" json:"customer,omitempty"`
	RateLimit *TableRateLimit `gorm:"foreignKey:RateLimitID;onDelete:CASCADE" json:"rate_limit,omitempty"`
	Budgets   []TableBudget   `gorm:"foreignKey:VirtualKeyID;constraint:OnDelete:CASCADE" json:"budgets,omitempty"` // Multiple budgets with different reset intervals

	// Config hash is used to detect the changes synced from config.json file
	// Every time we sync the config.json file, we will update the config hash
	ConfigHash string `gorm:"type:varchar(255);null" json:"config_hash"`

	EncryptionStatus string `gorm:"type:varchar(20);default:'plain_text'" json:"-"`
	ValueHash        string `gorm:"type:varchar(64);index:idx_virtual_key_value_hash,unique" json:"-"`

	CreatedByUserID *string `gorm:"type:varchar(255);index:idx_virtual_key_created_by" json:"created_by_user_id,omitempty"`

	CreatedAt time.Time `gorm:"index;not null" json:"created_at"`
	UpdatedAt time.Time `gorm:"index;not null" json:"updated_at"`
}

TableVirtualKey represents a virtual key with budget, rate limits, and team/customer association

func (*TableVirtualKey) AfterDelete added in v1.3.19 

func (vk *TableVirtualKey) AfterDelete(tx *gorm.DB) error

AfterDelete hook for best-effort vault cleanup on row deletion.

func (*TableVirtualKey) AfterFind 

func (vk *TableVirtualKey) AfterFind(tx *gorm.DB) error

AfterFind is a GORM hook that decrypts the virtual key value after reading from the database and propagates VK-level calendar_aligned down to owned budgets / rate_limit and to each provider config's budgets / rate_limit. The reset path reads the stamped value; Update*InMemory paths re-stamp on every VK update.

func (*TableVirtualKey) BeforeSave 

func (vk *TableVirtualKey) BeforeSave(tx *gorm.DB) error

BeforeSave is a GORM hook that enforces mutual exclusion (team vs customer), computes a SHA-256 hash of the plaintext value for indexed lookups, and encrypts the virtual key value before writing to the database.

func (*TableVirtualKey) IsActiveValue added in v1.3.8 

func (vk *TableVirtualKey) IsActiveValue() bool

IsActiveValue returns the effective IsActive bool, treating nil as true (DB default).

func (TableVirtualKey) TableName 

func (TableVirtualKey) TableName() string

TableName sets the table name for each model

type TableVirtualKeyMCPConfig added in v1.1.10 

type TableVirtualKeyMCPConfig struct {
	ID             uint              `gorm:"primaryKey;autoIncrement" json:"id"`
	VirtualKeyID   string            `gorm:"type:varchar(255);not null;uniqueIndex:idx_vk_mcpclient" json:"virtual_key_id"`
	MCPClientID    uint              `gorm:"not null;uniqueIndex:idx_vk_mcpclient" json:"mcp_client_id"`
	MCPClient      TableMCPClient    `gorm:"foreignKey:MCPClientID" json:"mcp_client"`
	ToolsToExecute schemas.WhiteList `gorm:"type:text;serializer:json" json:"tools_to_execute"`

	// MCPClientName is used during config file parsing to resolve the MCP client by name.
	// This field is not persisted to the database - it's only used to capture
	// "mcp_client_name" from config.json and then resolve it to MCPClientID.
	MCPClientName string `gorm:"-" json:"-"`
}

func (*TableVirtualKeyMCPConfig) BeforeSave added in v1.3.0 

func (mc *TableVirtualKeyMCPConfig) BeforeSave(tx *gorm.DB) error

BeforeSave validates WhiteList fields before GORM persists the record.

func (TableVirtualKeyMCPConfig) TableName added in v1.1.10 

func (TableVirtualKeyMCPConfig) TableName() string

TableName sets the table name for each model

func (*TableVirtualKeyMCPConfig) UnmarshalJSON added in v1.2.17 

func (mc *TableVirtualKeyMCPConfig) UnmarshalJSON(data []byte) error

UnmarshalJSON custom unmarshaller to handle both "mcp_client_id" (database format) and "mcp_client_name" (config file format) for MCP client references.

type TableVirtualKeyProviderConfig 

type TableVirtualKeyProviderConfig struct {
	ID                uint              `gorm:"primaryKey;autoIncrement" json:"id"`
	VirtualKeyID      string            `gorm:"type:varchar(255);not null" json:"virtual_key_id"`
	Provider          string            `gorm:"type:varchar(50);not null" json:"provider"`
	Weight            *float64          `json:"weight"`
	AllowedModels     schemas.WhiteList `gorm:"type:text;serializer:json" json:"allowed_models"`     // ["*"] allows all models; empty denies all (deny-by-default)
	BlacklistedModels schemas.BlackList `gorm:"type:text;serializer:json" json:"blacklisted_models"` // ["*"] blocks all models; empty blocks none
	AllowAllKeys      bool              `gorm:"default:false" json:"allow_all_keys"`                 // True means all keys allowed; false with empty Keys means no keys allowed (deny-by-default)
	RateLimitID       *string           `gorm:"type:varchar(255);index" json:"rate_limit_id,omitempty"`

	// Relationships
	RateLimit *TableRateLimit `gorm:"foreignKey:RateLimitID;onDelete:CASCADE" json:"rate_limit,omitempty"`
	Budgets   []TableBudget   `gorm:"foreignKey:ProviderConfigID;constraint:OnDelete:CASCADE" json:"budgets,omitempty"`              // Multiple budgets with different reset intervals
	Keys      []TableKey      `gorm:"many2many:governance_virtual_key_provider_config_keys;constraint:OnDelete:CASCADE" json:"keys"` // Empty means all keys allowed for this provider
}

TableVirtualKeyProviderConfig represents a provider configuration for a virtual key

func (*TableVirtualKeyProviderConfig) AfterFind added in v1.1.40 

func (pc *TableVirtualKeyProviderConfig) AfterFind(tx *gorm.DB) error

AfterFind hook for TableVirtualKeyProviderConfig to clear sensitive data from associated keys

func (*TableVirtualKeyProviderConfig) BeforeSave added in v1.3.0 

func (pc *TableVirtualKeyProviderConfig) BeforeSave(tx *gorm.DB) error

BeforeSave validates WhiteList and BlackList fields before GORM persists the record.

func (TableVirtualKeyProviderConfig) MarshalJSON added in v1.1.61 

func (pc TableVirtualKeyProviderConfig) MarshalJSON() ([]byte, error)

MarshalJSON custom marshaller to ensure AllowedModels and BlacklistedModels are always arrays (never null)

func (TableVirtualKeyProviderConfig) TableName 

func (TableVirtualKeyProviderConfig) TableName() string

TableName sets the table name for each model

func (*TableVirtualKeyProviderConfig) UnmarshalJSON added in v1.1.56 

func (pc *TableVirtualKeyProviderConfig) UnmarshalJSON(data []byte) error

UnmarshalJSON custom unmarshaller to handle "key_ids" ([]string) config-file format

type TableVirtualKeyProviderConfigKey added in v1.1.40 

type TableVirtualKeyProviderConfigKey struct {
	TableVirtualKeyProviderConfigID uint `gorm:"primaryKey;uniqueIndex:idx_vk_provider_config_key"`
	TableKeyID                      uint `gorm:"primaryKey;uniqueIndex:idx_vk_provider_config_key"`
}

TableVirtualKeyProviderConfigKey is the join table for the many2many relationship between TableVirtualKeyProviderConfig and TableKey

func (TableVirtualKeyProviderConfigKey) TableName added in v1.1.40 

func (TableVirtualKeyProviderConfigKey) TableName() string

TableName sets the table name for the join table

type TempToken added in v1.3.11 

type TempToken struct {
	ID               string    `gorm:"type:varchar(255);primaryKey" json:"id"`                    // UUID
	Token            string    `gorm:"type:text;not null" json:"-"`                               // encrypted at rest when encryption is enabled
	TokenHash        string    `gorm:"type:varchar(64);uniqueIndex:idx_temp_token_hash" json:"-"` // SHA-256 of plaintext for lookup
	Scope            string    `gorm:"type:varchar(64);index;not null" json:"scope"`              // e.g. "mcp_auth" — keys into the scope registry
	ResourceID       string    `gorm:"type:text;index" json:"resource_id,omitempty"`              // resource the scope binds to (semantics per scope); indexed for lifecycle-driven deletes
	ExpiresAt        time.Time `gorm:"index;not null" json:"expires_at"`
	CreatedAt        time.Time `gorm:"index;not null" json:"created_at"`
	UpdatedAt        time.Time `gorm:"index;not null" json:"updated_at"`
	EncryptionStatus string    `gorm:"type:varchar(20);default:'plain_text'" json:"-"`
}

TempToken is a short-lived, narrow-scope credential that authorizes access to a specific set of endpoints without requiring dashboard login.

Each row is bound to a (scope, resource_id) pair: the scope names a set of allowed routes (registered in framework/temptoken), and the resource_id ties the token to the specific resource those routes act on (e.g. the OAuth flow ID for the mcp_auth scope). The plaintext token is hashed for lookup and encrypted at rest, matching the SessionsTable pattern.

func (*TempToken) AfterFind added in v1.3.11 

func (t *TempToken) AfterFind(tx *gorm.DB) error

AfterFind decrypts the stored plaintext when encryption is in effect.

func (*TempToken) BeforeSave added in v1.3.11 

func (t *TempToken) BeforeSave(tx *gorm.DB) error

BeforeSave hashes the plaintext for lookup and encrypts it for storage. Hash must be computed before encryption so it always covers the plaintext.

func (TempToken) TableName added in v1.3.11 

func (TempToken) TableName() string

TableName sets the table name for the model.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.