entityops

package
v1.27.12 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 15, 2026 License: Apache-2.0 Imports: 68 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// OpCreate identifies entity creation operations
	OpCreate = "create"
	// OpUpdate identifies entity update operations
	OpUpdate = "update"
	// OpLoad identifies entity load operations
	OpLoad = "load"
	// OpQuery identifies entity query operations
	OpQuery = "query"
	// OpLink identifies edge link operations
	OpLink = "link"
	// OpUnlink identifies edge unlink operations
	OpUnlink = "unlink"
	// OpEmit identifies event emission operations
	OpEmit = "emit"
)
View Source
const (
	// FieldSchema is the log field key for the schema name
	FieldSchema = "schema"
	// FieldOperation is the log field key for the operation being performed
	FieldOperation = "operation"
	// FieldEntityID is the log field key for the entity identifier
	FieldEntityID = "entity_id"
	// FieldEdge is the log field key for the edge name
	FieldEdge = "edge"
	// FieldOrgID is the log field key for the organization identifier
	FieldOrgID = "org_id"
	// FieldSourceOperation is the log field key for the originating mutation carried by the durable
	// operation context (CREATE, UPDATE, DELETE)
	FieldSourceOperation = "source_operation"
	// FieldSourceEntityID is the log field key for the originating entity carried by the durable
	// operation context
	FieldSourceEntityID = "source_entity_id"
	// FieldSourceEntityType is the log field key for the originating entity type carried by the
	// durable operation context
	FieldSourceEntityType = "source_entity_type"
	// FieldExpression is the log field key for a CEL filter expression applied to target selection
	FieldExpression = "expression"
)
View Source
const (
	InputKeyActionPlanExternalContents = "external_contents"
	InputKeyActionPlanExternalFileID   = "external_file_id"
	InputKeyActionPlanManagementMode   = "management_mode"
	InputKeyActionPlanName             = "name"
)

Integration mapping input keys for ActionPlan

View Source
const (
	InputKeyAssetAccessModelID               = "access_model_id"
	InputKeyAssetAccessModelName             = "access_model_name"
	InputKeyAssetAssetDataClassificationID   = "asset_data_classification_id"
	InputKeyAssetAssetDataClassificationName = "asset_data_classification_name"
	InputKeyAssetAssetSubtypeID              = "asset_subtype_id"
	InputKeyAssetAssetSubtypeName            = "asset_subtype_name"
	InputKeyAssetAssetType                   = "asset_type"
	InputKeyAssetCategories                  = "categories"
	InputKeyAssetContainsPii                 = "contains_pii"
	InputKeyAssetCostCenter                  = "cost_center"
	InputKeyAssetCriticalityID               = "criticality_id"
	InputKeyAssetCriticalityName             = "criticality_name"
	InputKeyAssetDescription                 = "description"
	InputKeyAssetDisplayName                 = "display_name"
	InputKeyAssetEncryptionStatusID          = "encryption_status_id"
	InputKeyAssetEncryptionStatusName        = "encryption_status_name"
	InputKeyAssetEnvironmentID               = "environment_id"
	InputKeyAssetEnvironmentName             = "environment_name"
	InputKeyAssetEstimatedMonthlyCost        = "estimated_monthly_cost"
	InputKeyAssetIdentifier                  = "identifier"
	InputKeyAssetIntegrationID               = "integration_id"
	InputKeyAssetInternalNotes               = "internal_notes"
	InputKeyAssetInternalOwner               = "internal_owner"
	InputKeyAssetInternalOwnerGroupID        = "internal_owner_group_id"
	InputKeyAssetInternalOwnerUserID         = "internal_owner_user_id"
	InputKeyAssetName                        = "name"
	InputKeyAssetObservedAt                  = "observed_at"
	InputKeyAssetOwnerID                     = "owner_id"
	InputKeyAssetPhysicalLocation            = "physical_location"
	InputKeyAssetPurchaseDate                = "purchase_date"
	InputKeyAssetRegion                      = "region"
	InputKeyAssetScopeID                     = "scope_id"
	InputKeyAssetScopeName                   = "scope_name"
	InputKeyAssetSecurityTierID              = "security_tier_id"
	InputKeyAssetSecurityTierName            = "security_tier_name"
	InputKeyAssetSourceIdentifier            = "source_identifier"
	InputKeyAssetSourceType                  = "source_type"
	InputKeyAssetSystemInternalID            = "system_internal_id"
	InputKeyAssetTags                        = "tags"
	InputKeyAssetWebsite                     = "website"
)

Integration mapping input keys for Asset

View Source
const (
	InputKeyCheckResultDetails          = "details"
	InputKeyCheckResultExternalURI      = "external_uri"
	InputKeyCheckResultIntegrationID    = "integration_id"
	InputKeyCheckResultLastObservedAt   = "last_observed_at"
	InputKeyCheckResultParentExternalID = "parent_external_id"
	InputKeyCheckResultSource           = "source"
	InputKeyCheckResultStatus           = "status"
	InputKeyCheckResultTags             = "tags"
)

Integration mapping input keys for CheckResult

View Source
const (
	InputKeyContactAddress       = "address"
	InputKeyContactCompany       = "company"
	InputKeyContactEmail         = "email"
	InputKeyContactExternalID    = "external_id"
	InputKeyContactFullName      = "full_name"
	InputKeyContactIntegrationID = "integration_id"
	InputKeyContactObservedAt    = "observed_at"
	InputKeyContactPhoneNumber   = "phone_number"
	InputKeyContactStatus        = "status"
	InputKeyContactTags          = "tags"
	InputKeyContactTitle         = "title"
)

Integration mapping input keys for Contact

View Source
const (
	InputKeyDirectoryAccountAccountType         = "account_type"
	InputKeyDirectoryAccountAddedAt             = "added_at"
	InputKeyDirectoryAccountAvatarRemoteURL     = "avatar_remote_url"
	InputKeyDirectoryAccountAvatarUpdatedAt     = "avatar_updated_at"
	InputKeyDirectoryAccountCanonicalEmail      = "canonical_email"
	InputKeyDirectoryAccountDepartment          = "department"
	InputKeyDirectoryAccountDirectoryInstanceID = "directory_instance_id"
	InputKeyDirectoryAccountDirectoryName       = "directory_name"
	InputKeyDirectoryAccountDirectorySyncRunID  = "directory_sync_run_id"
	InputKeyDirectoryAccountDisplayName         = "display_name"
	InputKeyDirectoryAccountEmailAliases        = "email_aliases"
	InputKeyDirectoryAccountEnvironmentID       = "environment_id"
	InputKeyDirectoryAccountEnvironmentName     = "environment_name"
	InputKeyDirectoryAccountExternalID          = "external_id"
	InputKeyDirectoryAccountFamilyName          = "family_name"
	InputKeyDirectoryAccountFirstSeenAt         = "first_seen_at"
	InputKeyDirectoryAccountGivenName           = "given_name"
	InputKeyDirectoryAccountIdentityHolderID    = "identity_holder_id"
	InputKeyDirectoryAccountIntegrationID       = "integration_id"
	InputKeyDirectoryAccountJobTitle            = "job_title"
	InputKeyDirectoryAccountLastLoginAt         = "last_login_at"
	InputKeyDirectoryAccountLastSeenAt          = "last_seen_at"
	InputKeyDirectoryAccountLastSeenIP          = "last_seen_ip"
	InputKeyDirectoryAccountMetadata            = "metadata"
	InputKeyDirectoryAccountMfaState            = "mfa_state"
	InputKeyDirectoryAccountObservedAt          = "observed_at"
	InputKeyDirectoryAccountOrganizationUnit    = "organization_unit"
	InputKeyDirectoryAccountOwnerID             = "owner_id"
	InputKeyDirectoryAccountPhoneNumber         = "phone_number"
	InputKeyDirectoryAccountPlatformID          = "platform_id"
	InputKeyDirectoryAccountPrimarySource       = "primary_source"
	InputKeyDirectoryAccountProfile             = "profile"
	InputKeyDirectoryAccountProfileHash         = "profile_hash"
	InputKeyDirectoryAccountRemovedAt           = "removed_at"
	InputKeyDirectoryAccountScopeID             = "scope_id"
	InputKeyDirectoryAccountScopeName           = "scope_name"
	InputKeyDirectoryAccountSecondaryKey        = "secondary_key"
	InputKeyDirectoryAccountSourceVersion       = "source_version"
	InputKeyDirectoryAccountStatus              = "status"
	InputKeyDirectoryAccountTags                = "tags"
)

Integration mapping input keys for DirectoryAccount

View Source
const (
	InputKeyDirectoryGroupAddedAt                = "added_at"
	InputKeyDirectoryGroupClassification         = "classification"
	InputKeyDirectoryGroupDirectoryInstanceID    = "directory_instance_id"
	InputKeyDirectoryGroupDirectoryName          = "directory_name"
	InputKeyDirectoryGroupDirectorySyncRunID     = "directory_sync_run_id"
	InputKeyDirectoryGroupDisplayName            = "display_name"
	InputKeyDirectoryGroupEmail                  = "email"
	InputKeyDirectoryGroupEnvironmentID          = "environment_id"
	InputKeyDirectoryGroupEnvironmentName        = "environment_name"
	InputKeyDirectoryGroupExternalID             = "external_id"
	InputKeyDirectoryGroupExternalSharingAllowed = "external_sharing_allowed"
	InputKeyDirectoryGroupFirstSeenAt            = "first_seen_at"
	InputKeyDirectoryGroupIntegrationID          = "integration_id"
	InputKeyDirectoryGroupLastSeenAt             = "last_seen_at"
	InputKeyDirectoryGroupMemberCount            = "member_count"
	InputKeyDirectoryGroupMetadata               = "metadata"
	InputKeyDirectoryGroupObservedAt             = "observed_at"
	InputKeyDirectoryGroupPlatformID             = "platform_id"
	InputKeyDirectoryGroupProfile                = "profile"
	InputKeyDirectoryGroupProfileHash            = "profile_hash"
	InputKeyDirectoryGroupRemovedAt              = "removed_at"
	InputKeyDirectoryGroupScopeID                = "scope_id"
	InputKeyDirectoryGroupScopeName              = "scope_name"
	InputKeyDirectoryGroupSourceVersion          = "source_version"
	InputKeyDirectoryGroupStatus                 = "status"
	InputKeyDirectoryGroupTags                   = "tags"
)

Integration mapping input keys for DirectoryGroup

View Source
const (
	InputKeyDirectoryMembershipAddedAt             = "added_at"
	InputKeyDirectoryMembershipDirectoryAccountID  = "directory_account_id"
	InputKeyDirectoryMembershipDirectoryGroupID    = "directory_group_id"
	InputKeyDirectoryMembershipDirectoryInstanceID = "directory_instance_id"
	InputKeyDirectoryMembershipDirectoryName       = "directory_name"
	InputKeyDirectoryMembershipDirectorySyncRunID  = "directory_sync_run_id"
	InputKeyDirectoryMembershipEnvironmentID       = "environment_id"
	InputKeyDirectoryMembershipEnvironmentName     = "environment_name"
	InputKeyDirectoryMembershipFirstSeenAt         = "first_seen_at"
	InputKeyDirectoryMembershipIntegrationID       = "integration_id"
	InputKeyDirectoryMembershipLastConfirmedRunID  = "last_confirmed_run_id"
	InputKeyDirectoryMembershipLastSeenAt          = "last_seen_at"
	InputKeyDirectoryMembershipMetadata            = "metadata"
	InputKeyDirectoryMembershipObservedAt          = "observed_at"
	InputKeyDirectoryMembershipPlatformID          = "platform_id"
	InputKeyDirectoryMembershipRemovedAt           = "removed_at"
	InputKeyDirectoryMembershipRole                = "role"
	InputKeyDirectoryMembershipScopeID             = "scope_id"
	InputKeyDirectoryMembershipScopeName           = "scope_name"
	InputKeyDirectoryMembershipSource              = "source"
)

Integration mapping input keys for DirectoryMembership

View Source
const (
	InputKeyEntityAnnualSpend                           = "annual_spend"
	InputKeyEntityApprovedForUse                        = "approved_for_use"
	InputKeyEntityAutoRenews                            = "auto_renews"
	InputKeyEntityBillingModel                          = "billing_model"
	InputKeyEntityContractEndDate                       = "contract_end_date"
	InputKeyEntityContractRenewalAt                     = "contract_renewal_at"
	InputKeyEntityContractStartDate                     = "contract_start_date"
	InputKeyEntityDescription                           = "description"
	InputKeyEntityDisplayName                           = "display_name"
	InputKeyEntityDomains                               = "domains"
	InputKeyEntityEntityRelationshipStateID             = "entity_relationship_state_id"
	InputKeyEntityEntityRelationshipStateName           = "entity_relationship_state_name"
	InputKeyEntityEntitySecurityQuestionnaireStatusID   = "entity_security_questionnaire_status_id"
	InputKeyEntityEntitySecurityQuestionnaireStatusName = "entity_security_questionnaire_status_name"
	InputKeyEntityEntitySourceTypeID                    = "entity_source_type_id"
	InputKeyEntityEntitySourceTypeName                  = "entity_source_type_name"
	InputKeyEntityEnvironmentID                         = "environment_id"
	InputKeyEntityEnvironmentName                       = "environment_name"
	InputKeyEntityExternalID                            = "external_id"
	InputKeyEntityHasSoc2                               = "has_soc2"
	InputKeyEntityInternalNotes                         = "internal_notes"
	InputKeyEntityInternalOwner                         = "internal_owner"
	InputKeyEntityInternalOwnerGroupID                  = "internal_owner_group_id"
	InputKeyEntityInternalOwnerUserID                   = "internal_owner_user_id"
	InputKeyEntityLastReviewedAt                        = "last_reviewed_at"
	InputKeyEntityLinks                                 = "links"
	InputKeyEntityLogoRemoteURL                         = "logo_remote_url"
	InputKeyEntityMfaEnforced                           = "mfa_enforced"
	InputKeyEntityMfaSupported                          = "mfa_supported"
	InputKeyEntityName                                  = "name"
	InputKeyEntityNextReviewAt                          = "next_review_at"
	InputKeyEntityObservedAt                            = "observed_at"
	InputKeyEntityOwnerID                               = "owner_id"
	InputKeyEntityProvidedServices                      = "provided_services"
	InputKeyEntityRenewalRisk                           = "renewal_risk"
	InputKeyEntityReviewFrequency                       = "review_frequency"
	InputKeyEntityReviewedBy                            = "reviewed_by"
	InputKeyEntityReviewedByGroupID                     = "reviewed_by_group_id"
	InputKeyEntityReviewedByUserID                      = "reviewed_by_user_id"
	InputKeyEntityRiskRating                            = "risk_rating"
	InputKeyEntityRiskScore                             = "risk_score"
	InputKeyEntityScopeID                               = "scope_id"
	InputKeyEntityScopeName                             = "scope_name"
	InputKeyEntitySoc2PeriodEnd                         = "soc2_period_end"
	InputKeyEntitySpendCurrency                         = "spend_currency"
	InputKeyEntitySsoEnforced                           = "sso_enforced"
	InputKeyEntityStatus                                = "status"
	InputKeyEntityStatusPageURL                         = "status_page_url"
	InputKeyEntitySystemInternalID                      = "system_internal_id"
	InputKeyEntityTags                                  = "tags"
	InputKeyEntityTerminationNoticeDays                 = "termination_notice_days"
	InputKeyEntityTier                                  = "tier"
	InputKeyEntityVendorMetadata                        = "vendor_metadata"
)

Integration mapping input keys for Entity

View Source
const (
	InputKeyFindingAssessmentID       = "assessment_id"
	InputKeyFindingAssignedTo         = "assigned_to"
	InputKeyFindingAssignedToGroupID  = "assigned_to_group_id"
	InputKeyFindingAssignedToUserID   = "assigned_to_user_id"
	InputKeyFindingBlocksProduction   = "blocks_production"
	InputKeyFindingCategories         = "categories"
	InputKeyFindingCategory           = "category"
	InputKeyFindingDescription        = "description"
	InputKeyFindingDisplayName        = "display_name"
	InputKeyFindingEnvironmentID      = "environment_id"
	InputKeyFindingEnvironmentName    = "environment_name"
	InputKeyFindingEventTime          = "event_time"
	InputKeyFindingExploitability     = "exploitability"
	InputKeyFindingExternalID         = "external_id"
	InputKeyFindingExternalOwnerID    = "external_owner_id"
	InputKeyFindingExternalURI        = "external_uri"
	InputKeyFindingFindingClass       = "finding_class"
	InputKeyFindingFindingStatusID    = "finding_status_id"
	InputKeyFindingFindingStatusName  = "finding_status_name"
	InputKeyFindingImpact             = "impact"
	InputKeyFindingInternalNotes      = "internal_notes"
	InputKeyFindingMetadata           = "metadata"
	InputKeyFindingNumericSeverity    = "numeric_severity"
	InputKeyFindingOpen               = "open"
	InputKeyFindingOwnerID            = "owner_id"
	InputKeyFindingPriority           = "priority"
	InputKeyFindingProduction         = "production"
	InputKeyFindingPublic             = "public"
	InputKeyFindingRawPayload         = "raw_payload"
	InputKeyFindingRecommendation     = "recommendation"
	InputKeyFindingRecommendedActions = "recommended_actions"
	InputKeyFindingReferences         = "references"
	InputKeyFindingRemediationSLA     = "remediation_sla"
	InputKeyFindingReportedAt         = "reported_at"
	InputKeyFindingResourceName       = "resource_name"
	InputKeyFindingReviewedBy         = "reviewed_by"
	InputKeyFindingReviewedByGroupID  = "reviewed_by_group_id"
	InputKeyFindingReviewedByUserID   = "reviewed_by_user_id"
	InputKeyFindingScopeID            = "scope_id"
	InputKeyFindingScopeName          = "scope_name"
	InputKeyFindingScore              = "score"
	InputKeyFindingSeverity           = "severity"
	InputKeyFindingSource             = "source"
	InputKeyFindingSourceUpdatedAt    = "source_updated_at"
	InputKeyFindingState              = "state"
	InputKeyFindingStepsToReproduce   = "steps_to_reproduce"
	InputKeyFindingSystemInternalID   = "system_internal_id"
	InputKeyFindingTags               = "tags"
	InputKeyFindingTargetDetails      = "target_details"
	InputKeyFindingTargets            = "targets"
	InputKeyFindingValidated          = "validated"
	InputKeyFindingVector             = "vector"
)

Integration mapping input keys for Finding

View Source
const (
	InputKeyInternalPolicyApprovalRequired                = "approval_required"
	InputKeyInternalPolicyApproverID                      = "approver_id"
	InputKeyInternalPolicyControlSuggestions              = "control_suggestions"
	InputKeyInternalPolicyDelegateID                      = "delegate_id"
	InputKeyInternalPolicyDetails                         = "details"
	InputKeyInternalPolicyDetailsJSON                     = "details_json"
	InputKeyInternalPolicyDismissedControlSuggestions     = "dismissed_control_suggestions"
	InputKeyInternalPolicyDismissedImprovementSuggestions = "dismissed_improvement_suggestions"
	InputKeyInternalPolicyDismissedTagSuggestions         = "dismissed_tag_suggestions"
	InputKeyInternalPolicyEnvironmentID                   = "environment_id"
	InputKeyInternalPolicyEnvironmentName                 = "environment_name"
	InputKeyInternalPolicyExternalContents                = "external_contents"
	InputKeyInternalPolicyExternalFileID                  = "external_file_id"
	InputKeyInternalPolicyExternalUUID                    = "external_uuid"
	InputKeyInternalPolicyImprovementSuggestions          = "improvement_suggestions"
	InputKeyInternalPolicyInternalNotes                   = "internal_notes"
	InputKeyInternalPolicyInternalPolicyKindID            = "internal_policy_kind_id"
	InputKeyInternalPolicyInternalPolicyKindName          = "internal_policy_kind_name"
	InputKeyInternalPolicyManagementMode                  = "management_mode"
	InputKeyInternalPolicyName                            = "name"
	InputKeyInternalPolicyReviewDue                       = "review_due"
	InputKeyInternalPolicyReviewFrequency                 = "review_frequency"
	InputKeyInternalPolicyRevision                        = "revision"
	InputKeyInternalPolicyScopeID                         = "scope_id"
	InputKeyInternalPolicyScopeName                       = "scope_name"
	InputKeyInternalPolicyStatus                          = "status"
	InputKeyInternalPolicySystemInternalID                = "system_internal_id"
	InputKeyInternalPolicyTagSuggestions                  = "tag_suggestions"
	InputKeyInternalPolicyTags                            = "tags"
	InputKeyInternalPolicyURL                             = "url"
)

Integration mapping input keys for InternalPolicy

View Source
const (
	InputKeyProcedureExternalContents = "external_contents"
	InputKeyProcedureExternalFileID   = "external_file_id"
	InputKeyProcedureManagementMode   = "management_mode"
	InputKeyProcedureName             = "name"
)

Integration mapping input keys for Procedure

View Source
const (
	InputKeyRiskBusinessCosts     = "business_costs"
	InputKeyRiskBusinessCostsJSON = "business_costs_json"
	InputKeyRiskDetails           = "details"
	InputKeyRiskDetailsJSON       = "details_json"
	InputKeyRiskDueDate           = "due_date"
	InputKeyRiskEnvironmentID     = "environment_id"
	InputKeyRiskEnvironmentName   = "environment_name"
	InputKeyRiskExternalID        = "external_id"
	InputKeyRiskExternalUUID      = "external_uuid"
	InputKeyRiskImpact            = "impact"
	InputKeyRiskIntegrationID     = "integration_id"
	InputKeyRiskLastReviewedAt    = "last_reviewed_at"
	InputKeyRiskLikelihood        = "likelihood"
	InputKeyRiskMitigatedAt       = "mitigated_at"
	InputKeyRiskMitigation        = "mitigation"
	InputKeyRiskMitigationJSON    = "mitigation_json"
	InputKeyRiskName              = "name"
	InputKeyRiskNextReviewDueAt   = "next_review_due_at"
	InputKeyRiskObservedAt        = "observed_at"
	InputKeyRiskOwnerID           = "owner_id"
	InputKeyRiskResidualScore     = "residual_score"
	InputKeyRiskReviewFrequency   = "review_frequency"
	InputKeyRiskReviewRequired    = "review_required"
	InputKeyRiskRiskCategoryID    = "risk_category_id"
	InputKeyRiskRiskCategoryName  = "risk_category_name"
	InputKeyRiskRiskDecision      = "risk_decision"
	InputKeyRiskRiskKindID        = "risk_kind_id"
	InputKeyRiskRiskKindName      = "risk_kind_name"
	InputKeyRiskScopeID           = "scope_id"
	InputKeyRiskScopeName         = "scope_name"
	InputKeyRiskScore             = "score"
	InputKeyRiskStatus            = "status"
	InputKeyRiskTags              = "tags"
)

Integration mapping input keys for Risk

View Source
const (
	InputKeyVulnerabilityAssignedTo              = "assigned_to"
	InputKeyVulnerabilityAssignedToGroupID       = "assigned_to_group_id"
	InputKeyVulnerabilityAssignedToUserID        = "assigned_to_user_id"
	InputKeyVulnerabilityAutoDismissedAt         = "auto_dismissed_at"
	InputKeyVulnerabilityBlocking                = "blocking"
	InputKeyVulnerabilityCategory                = "category"
	InputKeyVulnerabilityCveID                   = "cve_id"
	InputKeyVulnerabilityCweIds                  = "cwe_ids"
	InputKeyVulnerabilityDependencyScope         = "dependency_scope"
	InputKeyVulnerabilityDescription             = "description"
	InputKeyVulnerabilityDiscoveredAt            = "discovered_at"
	InputKeyVulnerabilityDismissedAt             = "dismissed_at"
	InputKeyVulnerabilityDismissedComment        = "dismissed_comment"
	InputKeyVulnerabilityDismissedReason         = "dismissed_reason"
	InputKeyVulnerabilityDisplayName             = "display_name"
	InputKeyVulnerabilityEnvironmentID           = "environment_id"
	InputKeyVulnerabilityEnvironmentName         = "environment_name"
	InputKeyVulnerabilityExploitability          = "exploitability"
	InputKeyVulnerabilityExternalID              = "external_id"
	InputKeyVulnerabilityExternalOwnerID         = "external_owner_id"
	InputKeyVulnerabilityExternalURI             = "external_uri"
	InputKeyVulnerabilityFirstPatchedVersion     = "first_patched_version"
	InputKeyVulnerabilityFixAvailable            = "fix_available"
	InputKeyVulnerabilityFixedAt                 = "fixed_at"
	InputKeyVulnerabilityImpact                  = "impact"
	InputKeyVulnerabilityImpacts                 = "impacts"
	InputKeyVulnerabilityInternalNotes           = "internal_notes"
	InputKeyVulnerabilityManifestPath            = "manifest_path"
	InputKeyVulnerabilityMetadata                = "metadata"
	InputKeyVulnerabilityOpen                    = "open"
	InputKeyVulnerabilityOwnerID                 = "owner_id"
	InputKeyVulnerabilityPackageEcosystem        = "package_ecosystem"
	InputKeyVulnerabilityPackageName             = "package_name"
	InputKeyVulnerabilityPriority                = "priority"
	InputKeyVulnerabilityProduction              = "production"
	InputKeyVulnerabilityPublic                  = "public"
	InputKeyVulnerabilityPublishedAt             = "published_at"
	InputKeyVulnerabilityRawPayload              = "raw_payload"
	InputKeyVulnerabilityReferences              = "references"
	InputKeyVulnerabilityRemediationSLA          = "remediation_sla"
	InputKeyVulnerabilityReviewedBy              = "reviewed_by"
	InputKeyVulnerabilityReviewedByGroupID       = "reviewed_by_group_id"
	InputKeyVulnerabilityReviewedByUserID        = "reviewed_by_user_id"
	InputKeyVulnerabilityScopeID                 = "scope_id"
	InputKeyVulnerabilityScopeName               = "scope_name"
	InputKeyVulnerabilityScore                   = "score"
	InputKeyVulnerabilitySeverity                = "severity"
	InputKeyVulnerabilitySource                  = "source"
	InputKeyVulnerabilitySourceUpdatedAt         = "source_updated_at"
	InputKeyVulnerabilitySummary                 = "summary"
	InputKeyVulnerabilitySystemInternalID        = "system_internal_id"
	InputKeyVulnerabilityTags                    = "tags"
	InputKeyVulnerabilityValidated               = "validated"
	InputKeyVulnerabilityVector                  = "vector"
	InputKeyVulnerabilityVulnerabilityStatusID   = "vulnerability_status_id"
	InputKeyVulnerabilityVulnerabilityStatusName = "vulnerability_status_name"
	InputKeyVulnerabilityVulnerableVersionRange  = "vulnerable_version_range"
)

Integration mapping input keys for Vulnerability

Variables

View Source
var (
	// ErrSchemaNotFound indicates the schema name could not be resolved
	ErrSchemaNotFound = errors.New("entityops: schema not found")
	// ErrCreateFailed indicates an entity creation failed
	ErrCreateFailed = errors.New("entityops: create failed")
	// ErrUpdateFailed indicates an entity update failed
	ErrUpdateFailed = errors.New("entityops: update failed")
	// ErrQueryFailed indicates an entity query failed
	ErrQueryFailed = errors.New("entityops: query failed")
	// ErrLoadFailed indicates an entity load failed
	ErrLoadFailed = errors.New("entityops: load failed")
	// ErrLinkFailed indicates an edge link operation failed
	ErrLinkFailed = errors.New("entityops: link failed")
	// ErrEdgeNotFound indicates the named edge does not exist or is not linkable on the source schema
	ErrEdgeNotFound = errors.New("entityops: edge not found")
	// ErrDecodeFailed indicates input JSON decoding failed
	ErrDecodeFailed = errors.New("entityops: decode failed")
	// ErrMarshalFailed indicates entity JSON marshaling failed
	ErrMarshalFailed = errors.New("entityops: marshal failed")
	// ErrEmitFailed indicates a gala event emission failed
	ErrEmitFailed = errors.New("entityops: emit failed")
	// ErrPersistFailed indicates a generic persistence failure
	ErrPersistFailed = errors.New("entityops: persist failed")
	// ErrValidationFailed indicates the input did not satisfy schema constraints
	ErrValidationFailed = errors.New("entityops: validation failed")
	// ErrUpsertConflict indicates an upsert matched more than one existing record
	ErrUpsertConflict = errors.New("entityops: upsert conflict")
	// ErrRoundTripFailed indicates a create-to-update JSON round-trip failed
	ErrRoundTripFailed = errors.New("entityops: round-trip failed")
	// ErrListenerRegistrationFailed indicates a gala listener could not be registered
	ErrListenerRegistrationFailed = errors.New("entityops: listener registration failed")
	// ErrClientResolveFailed indicates the ent client could not be resolved from the injector
	ErrClientResolveFailed = errors.New("entityops: client resolve failed")
	// ErrQueryUnsupported indicates the schema does not support org-scoped queries
	ErrQueryUnsupported = errors.New("entityops: query unsupported")
	// ErrEvaluationFailed indicates a CEL expression evaluation failed
	ErrEvaluationFailed = errors.New("entityops: evaluation failed")
	// ErrKeyMatchUnsupported indicates the schema does not support key-based target queries
	ErrKeyMatchUnsupported = errors.New("entityops: key match unsupported")
	// ErrInvalidKeyField indicates a key match referenced a field that is not an indexable key on the schema
	ErrInvalidKeyField = errors.New("entityops: invalid key field")
	// ErrEvaluatorBuildFailed indicates the typed CEL evaluator for a schema projection could not be built
	ErrEvaluatorBuildFailed = errors.New("entityops: evaluator build failed")
)
View Source
var (
	SchemaActionPlan = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "ActionPlan",
			Snake:  "action_plan",
			Camel:  "actionPlan",
			Lower:  "actionplan",
			Plural: "ActionPlans",
			Table:  "action_plans",
			Label:  "Action plan",
		},
		ProjectionType: reflect.TypeFor[ActionPlanProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "action_plan", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateActionPlanInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.ActionPlan.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "action_plan", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateActionPlanInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.ActionPlan.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "action_plan", Operation: OpQuery}

			entities, err := client.ActionPlan.Query().
				Where(actionplan.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "action_plan", Operation: OpLoad, EntityID: entityID}

			entity, err := client.ActionPlan.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaAssessment = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "Assessment",
			Snake:  "assessment",
			Camel:  "assessment",
			Lower:  "assessment",
			Plural: "Assessments",
			Table:  "assessments",
			Label:  "Assessment",
		},
		ProjectionType: reflect.TypeFor[AssessmentProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "assessment", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateAssessmentInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.Assessment.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "assessment", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateAssessmentInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.Assessment.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "assessment", Operation: OpQuery}

			entities, err := client.Assessment.Query().
				Where(assessment.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "assessment", Operation: OpLoad, EntityID: entityID}

			entity, err := client.Assessment.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaAssessmentResponse = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "AssessmentResponse",
			Snake:  "assessment_response",
			Camel:  "assessmentResponse",
			Lower:  "assessmentresponse",
			Plural: "AssessmentResponses",
			Table:  "assessment_responses",
			Label:  "Assessment response",
		},
		ProjectionType: reflect.TypeFor[AssessmentResponseProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "assessment_response", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateAssessmentResponseInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.AssessmentResponse.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "assessment_response", Operation: OpQuery}

			entities, err := client.AssessmentResponse.Query().
				Where(assessmentresponse.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "assessment_response", Operation: OpLoad, EntityID: entityID}

			entity, err := client.AssessmentResponse.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaAsset = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "Asset",
			Snake:  "asset",
			Camel:  "asset",
			Lower:  "asset",
			Plural: "Assets",
			Table:  "assets",
			Label:  "Asset",
		},
		ProjectionType: reflect.TypeFor[AssetProjection](),
		StockPersist:   true,
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "asset", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateAssetInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.Asset.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "asset", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateAssetInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.Asset.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "asset", Operation: OpQuery}

			entities, err := client.Asset.Query().
				Where(asset.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "asset", Operation: OpLoad, EntityID: entityID}

			entity, err := client.Asset.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaCampaign = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "Campaign",
			Snake:  "campaign",
			Camel:  "campaign",
			Lower:  "campaign",
			Plural: "Campaigns",
			Table:  "campaigns",
			Label:  "Campaign",
		},
		ProjectionType: reflect.TypeFor[CampaignProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "campaign", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateCampaignInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.Campaign.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "campaign", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateCampaignInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.Campaign.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "campaign", Operation: OpQuery}

			entities, err := client.Campaign.Query().
				Where(campaign.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "campaign", Operation: OpLoad, EntityID: entityID}

			entity, err := client.Campaign.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaCampaignTarget = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "CampaignTarget",
			Snake:  "campaign_target",
			Camel:  "campaignTarget",
			Lower:  "campaigntarget",
			Plural: "CampaignTargets",
			Table:  "campaign_targets",
			Label:  "Campaign target",
		},
		ProjectionType: reflect.TypeFor[CampaignTargetProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "campaign_target", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateCampaignTargetInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.CampaignTarget.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "campaign_target", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateCampaignTargetInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.CampaignTarget.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "campaign_target", Operation: OpQuery}

			entities, err := client.CampaignTarget.Query().
				Where(campaigntarget.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "campaign_target", Operation: OpLoad, EntityID: entityID}

			entity, err := client.CampaignTarget.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaCheckResult = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "CheckResult",
			Snake:  "check_result",
			Camel:  "checkResult",
			Lower:  "checkresult",
			Plural: "CheckResults",
			Table:  "check_results",
			Label:  "Check result",
		},
		ProjectionType: reflect.TypeFor[CheckResultProjection](),
		StockPersist:   true,
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "check_result", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateCheckResultInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.CheckResult.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "check_result", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateCheckResultInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.CheckResult.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "check_result", Operation: OpLoad, EntityID: entityID}

			entity, err := client.CheckResult.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaContact = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "Contact",
			Snake:  "contact",
			Camel:  "contact",
			Lower:  "contact",
			Plural: "Contacts",
			Table:  "contacts",
			Label:  "Contact",
		},
		ProjectionType: reflect.TypeFor[ContactProjection](),
		StockPersist:   true,
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "contact", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateContactInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.Contact.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "contact", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateContactInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.Contact.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "contact", Operation: OpQuery}

			entities, err := client.Contact.Query().
				Where(contact.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "contact", Operation: OpLoad, EntityID: entityID}

			entity, err := client.Contact.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaControl = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "Control",
			Snake:  "control",
			Camel:  "control",
			Lower:  "control",
			Plural: "Controls",
			Table:  "controls",
			Label:  "Control",
		},
		ProjectionType: reflect.TypeFor[ControlProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "control", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateControlInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.Control.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "control", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateControlInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.Control.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "control", Operation: OpQuery}

			entities, err := client.Control.Query().
				Where(control.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "control", Operation: OpLoad, EntityID: entityID}

			entity, err := client.Control.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaControlImplementation = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "ControlImplementation",
			Snake:  "control_implementation",
			Camel:  "controlImplementation",
			Lower:  "controlimplementation",
			Plural: "ControlImplementations",
			Table:  "control_implementations",
			Label:  "Control implementation",
		},
		ProjectionType: reflect.TypeFor[ControlImplementationProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "control_implementation", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateControlImplementationInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.ControlImplementation.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "control_implementation", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateControlImplementationInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.ControlImplementation.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "control_implementation", Operation: OpQuery}

			entities, err := client.ControlImplementation.Query().
				Where(controlimplementation.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "control_implementation", Operation: OpLoad, EntityID: entityID}

			entity, err := client.ControlImplementation.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaControlObjective = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "ControlObjective",
			Snake:  "control_objective",
			Camel:  "controlObjective",
			Lower:  "controlobjective",
			Plural: "ControlObjectives",
			Table:  "control_objectives",
			Label:  "Control objective",
		},
		ProjectionType: reflect.TypeFor[ControlObjectiveProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "control_objective", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateControlObjectiveInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.ControlObjective.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "control_objective", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateControlObjectiveInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.ControlObjective.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "control_objective", Operation: OpQuery}

			entities, err := client.ControlObjective.Query().
				Where(controlobjective.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "control_objective", Operation: OpLoad, EntityID: entityID}

			entity, err := client.ControlObjective.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaDirectoryAccount = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "DirectoryAccount",
			Snake:  "directory_account",
			Camel:  "directoryAccount",
			Lower:  "directoryaccount",
			Plural: "DirectoryAccounts",
			Table:  "directory_accounts",
			Label:  "Directory account",
		},
		ProjectionType: reflect.TypeFor[DirectoryAccountProjection](),
		StockPersist:   true,
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "directory_account", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateDirectoryAccountInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.DirectoryAccount.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "directory_account", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateDirectoryAccountInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.DirectoryAccount.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "directory_account", Operation: OpQuery}

			entities, err := client.DirectoryAccount.Query().
				Where(directoryaccount.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "directory_account", Operation: OpLoad, EntityID: entityID}

			entity, err := client.DirectoryAccount.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaDirectoryGroup = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "DirectoryGroup",
			Snake:  "directory_group",
			Camel:  "directoryGroup",
			Lower:  "directorygroup",
			Plural: "DirectoryGroups",
			Table:  "directory_groups",
			Label:  "Directory group",
		},
		ProjectionType: reflect.TypeFor[DirectoryGroupProjection](),
		StockPersist:   true,
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "directory_group", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateDirectoryGroupInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.DirectoryGroup.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "directory_group", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateDirectoryGroupInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.DirectoryGroup.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "directory_group", Operation: OpQuery}

			entities, err := client.DirectoryGroup.Query().
				Where(directorygroup.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "directory_group", Operation: OpLoad, EntityID: entityID}

			entity, err := client.DirectoryGroup.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaDirectoryMembership = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "DirectoryMembership",
			Snake:  "directory_membership",
			Camel:  "directoryMembership",
			Lower:  "directorymembership",
			Plural: "DirectoryMemberships",
			Table:  "directory_memberships",
			Label:  "Directory membership",
		},
		ProjectionType: reflect.TypeFor[DirectoryMembershipProjection](),
		StockPersist:   true,
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "directory_membership", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateDirectoryMembershipInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.DirectoryMembership.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "directory_membership", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateDirectoryMembershipInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.DirectoryMembership.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "directory_membership", Operation: OpQuery}

			entities, err := client.DirectoryMembership.Query().
				Where(directorymembership.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "directory_membership", Operation: OpLoad, EntityID: entityID}

			entity, err := client.DirectoryMembership.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaDiscussion = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "Discussion",
			Snake:  "discussion",
			Camel:  "discussion",
			Lower:  "discussion",
			Plural: "Discussions",
			Table:  "discussions",
			Label:  "Discussion",
		},
		ProjectionType: reflect.TypeFor[DiscussionProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "discussion", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateDiscussionInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.Discussion.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "discussion", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateDiscussionInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.Discussion.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "discussion", Operation: OpQuery}

			entities, err := client.Discussion.Query().
				Where(discussion.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "discussion", Operation: OpLoad, EntityID: entityID}

			entity, err := client.Discussion.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaDocumentData = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "DocumentData",
			Snake:  "document_data",
			Camel:  "documentData",
			Lower:  "documentdata",
			Plural: "DocumentData",
			Table:  "document_data",
			Label:  "Document data",
		},
		ProjectionType: reflect.TypeFor[DocumentDataProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "document_data", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateDocumentDataInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.DocumentData.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "document_data", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateDocumentDataInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.DocumentData.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "document_data", Operation: OpQuery}

			entities, err := client.DocumentData.Query().
				Where(documentdata.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "document_data", Operation: OpLoad, EntityID: entityID}

			entity, err := client.DocumentData.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaEmailTemplate = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "EmailTemplate",
			Snake:  "email_template",
			Camel:  "emailTemplate",
			Lower:  "emailtemplate",
			Plural: "EmailTemplates",
			Table:  "email_templates",
			Label:  "Email template",
		},
		ProjectionType: reflect.TypeFor[EmailTemplateProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "email_template", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateEmailTemplateInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.EmailTemplate.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "email_template", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateEmailTemplateInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.EmailTemplate.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "email_template", Operation: OpQuery}

			entities, err := client.EmailTemplate.Query().
				Where(emailtemplate.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "email_template", Operation: OpLoad, EntityID: entityID}

			entity, err := client.EmailTemplate.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaEntity = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "Entity",
			Snake:  "entity",
			Camel:  "entity",
			Lower:  "entity",
			Plural: "Entities",
			Table:  "entities",
			Label:  "Entity",
		},
		ProjectionType: reflect.TypeFor[EntityProjection](),
		StockPersist:   true,
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "entity", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateEntityInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.Entity.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "entity", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateEntityInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.Entity.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "entity", Operation: OpQuery}

			entities, err := client.Entity.Query().
				Where(entity.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "entity", Operation: OpLoad, EntityID: entityID}

			entity, err := client.Entity.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaEvidence = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "Evidence",
			Snake:  "evidence",
			Camel:  "evidence",
			Lower:  "evidence",
			Plural: "Evidences",
			Table:  "evidences",
			Label:  "Evidence",
		},
		ProjectionType: reflect.TypeFor[EvidenceProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "evidence", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateEvidenceInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.Evidence.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "evidence", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateEvidenceInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.Evidence.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "evidence", Operation: OpQuery}

			entities, err := client.Evidence.Query().
				Where(evidence.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "evidence", Operation: OpLoad, EntityID: entityID}

			entity, err := client.Evidence.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaFinding = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "Finding",
			Snake:  "finding",
			Camel:  "finding",
			Lower:  "finding",
			Plural: "Findings",
			Table:  "findings",
			Label:  "Finding",
		},
		ProjectionType: reflect.TypeFor[FindingProjection](),
		StockPersist:   true,
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "finding", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateFindingInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.Finding.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "finding", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateFindingInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.Finding.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "finding", Operation: OpQuery}

			entities, err := client.Finding.Query().
				Where(finding.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "finding", Operation: OpLoad, EntityID: entityID}

			entity, err := client.Finding.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaIdentityHolder = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "IdentityHolder",
			Snake:  "identity_holder",
			Camel:  "identityHolder",
			Lower:  "identityholder",
			Plural: "IdentityHolders",
			Table:  "identity_holders",
			Label:  "Identity holder",
		},
		ProjectionType: reflect.TypeFor[IdentityHolderProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "identity_holder", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateIdentityHolderInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.IdentityHolder.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "identity_holder", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateIdentityHolderInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.IdentityHolder.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "identity_holder", Operation: OpQuery}

			entities, err := client.IdentityHolder.Query().
				Where(identityholder.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "identity_holder", Operation: OpLoad, EntityID: entityID}

			entity, err := client.IdentityHolder.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaInternalPolicy = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "InternalPolicy",
			Snake:  "internal_policy",
			Camel:  "internalPolicy",
			Lower:  "internalpolicy",
			Plural: "InternalPolicies",
			Table:  "internal_policies",
			Label:  "Internal policy",
		},
		ProjectionType: reflect.TypeFor[InternalPolicyProjection](),
		StockPersist:   true,
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "internal_policy", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateInternalPolicyInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.InternalPolicy.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "internal_policy", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateInternalPolicyInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.InternalPolicy.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "internal_policy", Operation: OpQuery}

			entities, err := client.InternalPolicy.Query().
				Where(internalpolicy.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "internal_policy", Operation: OpLoad, EntityID: entityID}

			entity, err := client.InternalPolicy.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaNarrative = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "Narrative",
			Snake:  "narrative",
			Camel:  "narrative",
			Lower:  "narrative",
			Plural: "Narratives",
			Table:  "narratives",
			Label:  "Narrative",
		},
		ProjectionType: reflect.TypeFor[NarrativeProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "narrative", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateNarrativeInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.Narrative.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "narrative", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateNarrativeInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.Narrative.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "narrative", Operation: OpQuery}

			entities, err := client.Narrative.Query().
				Where(narrative.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "narrative", Operation: OpLoad, EntityID: entityID}

			entity, err := client.Narrative.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaNotificationTemplate = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "NotificationTemplate",
			Snake:  "notification_template",
			Camel:  "notificationTemplate",
			Lower:  "notificationtemplate",
			Plural: "NotificationTemplates",
			Table:  "notification_templates",
			Label:  "Notification template",
		},
		ProjectionType: reflect.TypeFor[NotificationTemplateProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "notification_template", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateNotificationTemplateInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.NotificationTemplate.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "notification_template", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateNotificationTemplateInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.NotificationTemplate.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "notification_template", Operation: OpQuery}

			entities, err := client.NotificationTemplate.Query().
				Where(notificationtemplate.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "notification_template", Operation: OpLoad, EntityID: entityID}

			entity, err := client.NotificationTemplate.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaPlatform = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "Platform",
			Snake:  "platform",
			Camel:  "platform",
			Lower:  "platform",
			Plural: "Platforms",
			Table:  "platforms",
			Label:  "Platform",
		},
		ProjectionType: reflect.TypeFor[PlatformProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "platform", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreatePlatformInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.Platform.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "platform", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdatePlatformInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.Platform.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "platform", Operation: OpQuery}

			entities, err := client.Platform.Query().
				Where(platform.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "platform", Operation: OpLoad, EntityID: entityID}

			entity, err := client.Platform.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaProcedure = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "Procedure",
			Snake:  "procedure",
			Camel:  "procedure",
			Lower:  "procedure",
			Plural: "Procedures",
			Table:  "procedures",
			Label:  "Procedure",
		},
		ProjectionType: reflect.TypeFor[ProcedureProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "procedure", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateProcedureInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.Procedure.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "procedure", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateProcedureInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.Procedure.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "procedure", Operation: OpQuery}

			entities, err := client.Procedure.Query().
				Where(procedure.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "procedure", Operation: OpLoad, EntityID: entityID}

			entity, err := client.Procedure.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaRemediation = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "Remediation",
			Snake:  "remediation",
			Camel:  "remediation",
			Lower:  "remediation",
			Plural: "Remediations",
			Table:  "remediations",
			Label:  "Remediation",
		},
		ProjectionType: reflect.TypeFor[RemediationProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "remediation", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateRemediationInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.Remediation.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "remediation", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateRemediationInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.Remediation.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "remediation", Operation: OpQuery}

			entities, err := client.Remediation.Query().
				Where(remediation.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "remediation", Operation: OpLoad, EntityID: entityID}

			entity, err := client.Remediation.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaReview = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "Review",
			Snake:  "review",
			Camel:  "review",
			Lower:  "review",
			Plural: "Reviews",
			Table:  "reviews",
			Label:  "Review",
		},
		ProjectionType: reflect.TypeFor[ReviewProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "review", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateReviewInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.Review.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "review", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateReviewInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.Review.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "review", Operation: OpQuery}

			entities, err := client.Review.Query().
				Where(review.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "review", Operation: OpLoad, EntityID: entityID}

			entity, err := client.Review.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaRisk = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "Risk",
			Snake:  "risk",
			Camel:  "risk",
			Lower:  "risk",
			Plural: "Risks",
			Table:  "risks",
			Label:  "Risk",
		},
		ProjectionType: reflect.TypeFor[RiskProjection](),
		StockPersist:   true,
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "risk", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateRiskInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.Risk.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "risk", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateRiskInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.Risk.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "risk", Operation: OpQuery}

			entities, err := client.Risk.Query().
				Where(risk.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "risk", Operation: OpLoad, EntityID: entityID}

			entity, err := client.Risk.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaScan = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "Scan",
			Snake:  "scan",
			Camel:  "scan",
			Lower:  "scan",
			Plural: "Scans",
			Table:  "scans",
			Label:  "Scan",
		},
		ProjectionType: reflect.TypeFor[ScanProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "scan", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateScanInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.Scan.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "scan", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateScanInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.Scan.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "scan", Operation: OpQuery}

			entities, err := client.Scan.Query().
				Where(scan.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "scan", Operation: OpLoad, EntityID: entityID}

			entity, err := client.Scan.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaScheduledJob = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "ScheduledJob",
			Snake:  "scheduled_job",
			Camel:  "scheduledJob",
			Lower:  "scheduledjob",
			Plural: "ScheduledJobs",
			Table:  "scheduled_jobs",
			Label:  "Scheduled job",
		},
		ProjectionType: reflect.TypeFor[ScheduledJobProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "scheduled_job", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateScheduledJobInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.ScheduledJob.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "scheduled_job", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateScheduledJobInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.ScheduledJob.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "scheduled_job", Operation: OpQuery}

			entities, err := client.ScheduledJob.Query().
				Where(scheduledjob.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "scheduled_job", Operation: OpLoad, EntityID: entityID}

			entity, err := client.ScheduledJob.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaSubcontrol = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "Subcontrol",
			Snake:  "subcontrol",
			Camel:  "subcontrol",
			Lower:  "subcontrol",
			Plural: "Subcontrols",
			Table:  "subcontrols",
			Label:  "Subcontrol",
		},
		ProjectionType: reflect.TypeFor[SubcontrolProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "subcontrol", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateSubcontrolInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.Subcontrol.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "subcontrol", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateSubcontrolInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.Subcontrol.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "subcontrol", Operation: OpQuery}

			entities, err := client.Subcontrol.Query().
				Where(subcontrol.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "subcontrol", Operation: OpLoad, EntityID: entityID}

			entity, err := client.Subcontrol.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaSubprocessor = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "Subprocessor",
			Snake:  "subprocessor",
			Camel:  "subprocessor",
			Lower:  "subprocessor",
			Plural: "Subprocessors",
			Table:  "subprocessors",
			Label:  "Subprocessor",
		},
		ProjectionType: reflect.TypeFor[SubprocessorProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "subprocessor", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateSubprocessorInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.Subprocessor.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "subprocessor", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateSubprocessorInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.Subprocessor.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "subprocessor", Operation: OpQuery}

			entities, err := client.Subprocessor.Query().
				Where(subprocessor.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "subprocessor", Operation: OpLoad, EntityID: entityID}

			entity, err := client.Subprocessor.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaSystemDetail = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "SystemDetail",
			Snake:  "system_detail",
			Camel:  "systemDetail",
			Lower:  "systemdetail",
			Plural: "SystemDetails",
			Table:  "system_details",
			Label:  "System detail",
		},
		ProjectionType: reflect.TypeFor[SystemDetailProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "system_detail", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateSystemDetailInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.SystemDetail.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "system_detail", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateSystemDetailInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.SystemDetail.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "system_detail", Operation: OpQuery}

			entities, err := client.SystemDetail.Query().
				Where(systemdetail.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "system_detail", Operation: OpLoad, EntityID: entityID}

			entity, err := client.SystemDetail.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaTask = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "Task",
			Snake:  "task",
			Camel:  "task",
			Lower:  "task",
			Plural: "Tasks",
			Table:  "tasks",
			Label:  "Task",
		},
		ProjectionType: reflect.TypeFor[TaskProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "task", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateTaskInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.Task.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "task", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateTaskInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.Task.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "task", Operation: OpQuery}

			entities, err := client.Task.Query().
				Where(task.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "task", Operation: OpLoad, EntityID: entityID}

			entity, err := client.Task.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaTemplate = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "Template",
			Snake:  "template",
			Camel:  "template",
			Lower:  "template",
			Plural: "Templates",
			Table:  "templates",
			Label:  "Template",
		},
		ProjectionType: reflect.TypeFor[TemplateProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "template", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateTemplateInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.Template.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "template", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateTemplateInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.Template.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "template", Operation: OpQuery}

			entities, err := client.Template.Query().
				Where(template.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "template", Operation: OpLoad, EntityID: entityID}

			entity, err := client.Template.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaTrustCenterWatermarkConfig = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "TrustCenterWatermarkConfig",
			Snake:  "trust_center_watermark_config",
			Camel:  "trustCenterWatermarkConfig",
			Lower:  "trustcenterwatermarkconfig",
			Plural: "TrustCenterWatermarkConfigs",
			Table:  "trust_center_watermark_configs",
			Label:  "Trust center watermark config",
		},
		ProjectionType: reflect.TypeFor[TrustCenterWatermarkConfigProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "trust_center_watermark_config", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateTrustCenterWatermarkConfigInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.TrustCenterWatermarkConfig.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "trust_center_watermark_config", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateTrustCenterWatermarkConfigInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.TrustCenterWatermarkConfig.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "trust_center_watermark_config", Operation: OpQuery}

			entities, err := client.TrustCenterWatermarkConfig.Query().
				Where(trustcenterwatermarkconfig.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "trust_center_watermark_config", Operation: OpLoad, EntityID: entityID}

			entity, err := client.TrustCenterWatermarkConfig.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaVendorRiskScore = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "VendorRiskScore",
			Snake:  "vendor_risk_score",
			Camel:  "vendorRiskScore",
			Lower:  "vendorriskscore",
			Plural: "VendorRiskScores",
			Table:  "vendor_risk_scores",
			Label:  "Vendor risk score",
		},
		ProjectionType: reflect.TypeFor[VendorRiskScoreProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "vendor_risk_score", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateVendorRiskScoreInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.VendorRiskScore.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "vendor_risk_score", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateVendorRiskScoreInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.VendorRiskScore.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "vendor_risk_score", Operation: OpQuery}

			entities, err := client.VendorRiskScore.Query().
				Where(vendorriskscore.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "vendor_risk_score", Operation: OpLoad, EntityID: entityID}

			entity, err := client.VendorRiskScore.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaVulnerability = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "Vulnerability",
			Snake:  "vulnerability",
			Camel:  "vulnerability",
			Lower:  "vulnerability",
			Plural: "Vulnerabilities",
			Table:  "vulnerabilities",
			Label:  "Vulnerability",
		},
		ProjectionType: reflect.TypeFor[VulnerabilityProjection](),
		StockPersist:   true,
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "vulnerability", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateVulnerabilityInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.Vulnerability.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "vulnerability", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateVulnerabilityInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.Vulnerability.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "vulnerability", Operation: OpQuery}

			entities, err := client.Vulnerability.Query().
				Where(vulnerability.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "vulnerability", Operation: OpLoad, EntityID: entityID}

			entity, err := client.Vulnerability.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaWorkflowAssignment = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "WorkflowAssignment",
			Snake:  "workflow_assignment",
			Camel:  "workflowAssignment",
			Lower:  "workflowassignment",
			Plural: "WorkflowAssignments",
			Table:  "workflow_assignments",
			Label:  "Workflow assignment",
		},
		ProjectionType: reflect.TypeFor[WorkflowAssignmentProjection](),
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "workflow_assignment", Operation: OpQuery}

			entities, err := client.WorkflowAssignment.Query().
				Where(workflowassignment.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "workflow_assignment", Operation: OpLoad, EntityID: entityID}

			entity, err := client.WorkflowAssignment.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaWorkflowAssignmentTarget = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "WorkflowAssignmentTarget",
			Snake:  "workflow_assignment_target",
			Camel:  "workflowAssignmentTarget",
			Lower:  "workflowassignmenttarget",
			Plural: "WorkflowAssignmentTargets",
			Table:  "workflow_assignment_targets",
			Label:  "Workflow assignment target",
		},
		ProjectionType: reflect.TypeFor[WorkflowAssignmentTargetProjection](),
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "workflow_assignment_target", Operation: OpQuery}

			entities, err := client.WorkflowAssignmentTarget.Query().
				Where(workflowassignmenttarget.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "workflow_assignment_target", Operation: OpLoad, EntityID: entityID}

			entity, err := client.WorkflowAssignmentTarget.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaWorkflowDefinition = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "WorkflowDefinition",
			Snake:  "workflow_definition",
			Camel:  "workflowDefinition",
			Lower:  "workflowdefinition",
			Plural: "WorkflowDefinitions",
			Table:  "workflow_definitions",
			Label:  "Workflow definition",
		},
		ProjectionType: reflect.TypeFor[WorkflowDefinitionProjection](),
		Create: func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error) {
			ref := SchemaRef{Schema: "workflow_definition", Operation: OpCreate}

			decoded, err := jsonx.Decode[generated.CreateWorkflowDefinitionInput](input)
			if err != nil {
				return "", logError(ctx, ref, ErrDecodeFailed, err)
			}

			entity, err := client.WorkflowDefinition.Create().SetInput(decoded).Save(ctx)
			if err != nil {
				return "", logPersistError(ctx, ref, ErrCreateFailed, err)
			}

			return entity.ID, nil
		},
		Update: func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error {
			ref := SchemaRef{Schema: "workflow_definition", Operation: OpUpdate, EntityID: entityID}

			decoded, err := jsonx.Decode[generated.UpdateWorkflowDefinitionInput](applyClears(input))
			if err != nil {
				return logError(ctx, ref, ErrDecodeFailed, err)
			}

			if err := client.WorkflowDefinition.UpdateOneID(entityID).SetInput(decoded).Exec(ctx); err != nil {
				return logPersistError(ctx, ref, ErrUpdateFailed, err)
			}

			return nil
		},
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "workflow_definition", Operation: OpQuery}

			entities, err := client.WorkflowDefinition.Query().
				Where(workflowdefinition.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "workflow_definition", Operation: OpLoad, EntityID: entityID}

			entity, err := client.WorkflowDefinition.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaWorkflowEvent = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "WorkflowEvent",
			Snake:  "workflow_event",
			Camel:  "workflowEvent",
			Lower:  "workflowevent",
			Plural: "WorkflowEvents",
			Table:  "workflow_events",
			Label:  "Workflow event",
		},
		ProjectionType: reflect.TypeFor[WorkflowEventProjection](),
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "workflow_event", Operation: OpQuery}

			entities, err := client.WorkflowEvent.Query().
				Where(workflowevent.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "workflow_event", Operation: OpLoad, EntityID: entityID}

			entity, err := client.WorkflowEvent.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaWorkflowInstance = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "WorkflowInstance",
			Snake:  "workflow_instance",
			Camel:  "workflowInstance",
			Lower:  "workflowinstance",
			Plural: "WorkflowInstances",
			Table:  "workflow_instances",
			Label:  "Workflow instance",
		},
		ProjectionType: reflect.TypeFor[WorkflowInstanceProjection](),
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "workflow_instance", Operation: OpQuery}

			entities, err := client.WorkflowInstance.Query().
				Where(workflowinstance.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "workflow_instance", Operation: OpLoad, EntityID: entityID}

			entity, err := client.WorkflowInstance.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
	SchemaWorkflowObjectRef = &Schema{
		SchemaDescriptor: SchemaDescriptor{
			Name:   "WorkflowObjectRef",
			Snake:  "workflow_object_ref",
			Camel:  "workflowObjectRef",
			Lower:  "workflowobjectref",
			Plural: "WorkflowObjectRefs",
			Table:  "workflow_object_refs",
			Label:  "Workflow object ref",
		},
		ProjectionType: reflect.TypeFor[WorkflowObjectRefProjection](),
		Query: func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error) {
			ref := SchemaRef{Schema: "workflow_object_ref", Operation: OpQuery}

			entities, err := client.WorkflowObjectRef.Query().
				Where(workflowobjectref.OwnerID(orgID)).
				All(ctx)
			if err != nil {
				return nil, logError(ctx, ref, ErrQueryFailed, err)
			}

			results := make([]json.RawMessage, 0, len(entities))
			for _, e := range entities {
				data, err := json.Marshal(e)
				if err != nil {
					logError(ctx, ref, ErrMarshalFailed, err)
					continue
				}

				results = append(results, data)
			}

			return results, nil
		},
		Load: func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error) {
			ref := SchemaRef{Schema: "workflow_object_ref", Operation: OpLoad, EntityID: entityID}

			entity, err := client.WorkflowObjectRef.Get(ctx, entityID)
			if err != nil {
				return nil, logError(ctx, ref, ErrLoadFailed, err)
			}

			data, err := json.Marshal(entity)
			if err != nil {
				return nil, logError(ctx, ref, ErrMarshalFailed, err)
			}

			return data, nil
		},
	}
)
View Source
var TopicActionPlan = gala.Topic[ActionPlanIngestRequested]{
	Name: "entityops.action_plan.ingest.requested",
}

TopicActionPlan is the typed gala topic for ActionPlan ingest requests

View Source
var TopicAsset = gala.Topic[AssetIngestRequested]{
	Name: "entityops.asset.ingest.requested",
}

TopicAsset is the typed gala topic for Asset ingest requests

View Source
var TopicCheckResult = gala.Topic[CheckResultIngestRequested]{
	Name: "entityops.check_result.ingest.requested",
}

TopicCheckResult is the typed gala topic for CheckResult ingest requests

View Source
var TopicContact = gala.Topic[ContactIngestRequested]{
	Name: "entityops.contact.ingest.requested",
}

TopicContact is the typed gala topic for Contact ingest requests

View Source
var TopicDirectoryAccount = gala.Topic[DirectoryAccountIngestRequested]{
	Name: "entityops.directory_account.ingest.requested",
}

TopicDirectoryAccount is the typed gala topic for DirectoryAccount ingest requests

View Source
var TopicDirectoryGroup = gala.Topic[DirectoryGroupIngestRequested]{
	Name: "entityops.directory_group.ingest.requested",
}

TopicDirectoryGroup is the typed gala topic for DirectoryGroup ingest requests

View Source
var TopicDirectoryMembership = gala.Topic[DirectoryMembershipIngestRequested]{
	Name: "entityops.directory_membership.ingest.requested",
}

TopicDirectoryMembership is the typed gala topic for DirectoryMembership ingest requests

View Source
var TopicEntity = gala.Topic[EntityIngestRequested]{
	Name: "entityops.entity.ingest.requested",
}

TopicEntity is the typed gala topic for Entity ingest requests

View Source
var TopicFinding = gala.Topic[FindingIngestRequested]{
	Name: "entityops.finding.ingest.requested",
}

TopicFinding is the typed gala topic for Finding ingest requests

View Source
var TopicInternalPolicy = gala.Topic[InternalPolicyIngestRequested]{
	Name: "entityops.internal_policy.ingest.requested",
}

TopicInternalPolicy is the typed gala topic for InternalPolicy ingest requests

View Source
var TopicProcedure = gala.Topic[ProcedureIngestRequested]{
	Name: "entityops.procedure.ingest.requested",
}

TopicProcedure is the typed gala topic for Procedure ingest requests

View Source
var TopicRisk = gala.Topic[RiskIngestRequested]{
	Name: "entityops.risk.ingest.requested",
}

TopicRisk is the typed gala topic for Risk ingest requests

View Source
var TopicVulnerability = gala.Topic[VulnerabilityIngestRequested]{
	Name: "entityops.vulnerability.ingest.requested",
}

TopicVulnerability is the typed gala topic for Vulnerability ingest requests

Functions

func InjectCreateLinks(ctx context.Context, client *generated.Client, ownerID string, schema *Schema, payload json.RawMessage, links []LinkSpec) (json.RawMessage, error)

InjectCreateLinks resolves each link's target entities via SelectTargets and writes the matched ids into the create-input payload under the edge's create-input key, so the source object is created with its edges already set in the same mutation rather than linked in a post-create step. A unique edge sets the scalar <edge>ID create field; a to-many edge sets the <edge>IDs list. Links resolving to no targets are skipped, leaving the create input unchanged for that edge. The target schema is taken authoritatively from the edge, so callers only supply the edge name and match criteria. Both the integration ingest engine and the workflow CREATE_OBJECT action use this, so a workflow definition can set edges identically to an ingest mapping

func LinkTargets

func LinkTargets(ctx context.Context, client *generated.Client, schema *Schema, entityID string, edgeName string, targetIDs ...string) error

LinkTargets adds the target entities to an edge of an existing entity through the schema's update input, so reconciliation flows can link objects created at different times. A unique edge is set to the first target

func ObjectFromWorkflowRef

func ObjectFromWorkflowRef(ctx context.Context, ref *generated.WorkflowObjectRef) (objectType string, objectID string, ok bool)

ObjectFromWorkflowRef resolves the workflow object type and ID from a WorkflowObjectRef row using the object-ref edge catalog, replacing the per-type resolver switch

func PrepareAssetInput

func PrepareAssetInput(input generated.CreateAssetInput, integration *generated.Integration) generated.CreateAssetInput

PrepareAssetInput stamps integration-scoped values onto a CreateAssetInput before persistence. Fields are only overwritten when the input value is already zero or nil

func PrepareCheckResultInput

func PrepareCheckResultInput(input generated.CreateCheckResultInput, integration *generated.Integration) generated.CreateCheckResultInput

PrepareCheckResultInput stamps integration-scoped values onto a CreateCheckResultInput before persistence. Fields are only overwritten when the input value is already zero or nil

func PrepareContactInput

func PrepareContactInput(input generated.CreateContactInput, integration *generated.Integration) generated.CreateContactInput

PrepareContactInput stamps integration-scoped values onto a CreateContactInput before persistence. Fields are only overwritten when the input value is already zero or nil

func PrepareDirectoryAccountInput

func PrepareDirectoryAccountInput(input generated.CreateDirectoryAccountInput, integration *generated.Integration) generated.CreateDirectoryAccountInput

PrepareDirectoryAccountInput stamps integration-scoped values onto a CreateDirectoryAccountInput before persistence. Fields are only overwritten when the input value is already zero or nil

func PrepareDirectoryGroupInput

func PrepareDirectoryGroupInput(input generated.CreateDirectoryGroupInput, integration *generated.Integration) generated.CreateDirectoryGroupInput

PrepareDirectoryGroupInput stamps integration-scoped values onto a CreateDirectoryGroupInput before persistence. Fields are only overwritten when the input value is already zero or nil

func PrepareDirectoryMembershipInput

PrepareDirectoryMembershipInput stamps integration-scoped values onto a CreateDirectoryMembershipInput before persistence. Fields are only overwritten when the input value is already zero or nil

func PrepareEntityInput

func PrepareEntityInput(input generated.CreateEntityInput, integration *generated.Integration) generated.CreateEntityInput

PrepareEntityInput stamps integration-scoped values onto a CreateEntityInput before persistence. Fields are only overwritten when the input value is already zero or nil

func PrepareFindingInput

func PrepareFindingInput(input generated.CreateFindingInput, integration *generated.Integration) generated.CreateFindingInput

PrepareFindingInput stamps integration-scoped values onto a CreateFindingInput before persistence. Fields are only overwritten when the input value is already zero or nil

func PrepareRiskInput

func PrepareRiskInput(input generated.CreateRiskInput, integration *generated.Integration) generated.CreateRiskInput

PrepareRiskInput stamps integration-scoped values onto a CreateRiskInput before persistence. Fields are only overwritten when the input value is already zero or nil

func PrepareVulnerabilityInput

func PrepareVulnerabilityInput(input generated.CreateVulnerabilityInput, integration *generated.Integration) generated.CreateVulnerabilityInput

PrepareVulnerabilityInput stamps integration-scoped values onto a CreateVulnerabilityInput before persistence. Fields are only overwritten when the input value is already zero or nil

func RefsByObject

func RefsByObject(query *generated.WorkflowObjectRefQuery, schema *Schema, objectID string) (*generated.WorkflowObjectRefQuery, bool)

RefsByObject narrows a WorkflowObjectRef query to rows referencing the given object, using the object-ref edge catalog in place of per-type predicate switches; ok is false when the schema has no object-ref edge

func UnlinkTargets

func UnlinkTargets(ctx context.Context, client *generated.Client, schema *Schema, entityID string, edgeName string, targetIDs ...string) error

UnlinkTargets removes the target entities from a to-many edge of an existing entity, or clears an optional unique edge regardless of the supplied targets

func WithSchema

func WithSchema(ctx context.Context, schema string) context.Context

WithSchema enriches the context logger with the schema name so that all downstream log calls via logx.FromContext automatically include it

Types

type ActionPlanIngestRequested

type ActionPlanIngestRequested struct {
	// OperationContext carries the shared operation provenance for the ingest event
	OperationContext gala.OperationContext `json:"operationContext"`
	// Input is the ent create input for the record to persist
	Input generated.CreateActionPlanInput `json:"input"`
}

ActionPlanIngestRequested is the typed ingest event payload for ActionPlan records

type ActionPlanProjection

type ActionPlanProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                              string                       `json:"id,omitempty"`
	ActionPlanKindID                string                       `json:"action_plan_kind_id,omitempty"`
	ActionPlanKindName              string                       `json:"action_plan_kind_name,omitempty"`
	ApprovalRequired                bool                         `json:"approval_required,omitempty"`
	ApproverID                      string                       `json:"approver_id,omitempty"`
	Blocked                         bool                         `json:"blocked,omitempty"`
	BlockerReason                   string                       `json:"blocker_reason,omitempty"`
	CompletedAt                     time.Time                    `json:"completed_at,omitempty"`
	ControlSuggestions              []string                     `json:"control_suggestions,omitempty"`
	CreatedAt                       time.Time                    `json:"created_at,omitempty"`
	CreatedBy                       string                       `json:"created_by,omitempty"`
	DelegateID                      string                       `json:"delegate_id,omitempty"`
	DeletedAt                       time.Time                    `json:"deleted_at,omitempty"`
	DeletedBy                       string                       `json:"deleted_by,omitempty"`
	Description                     string                       `json:"description,omitempty"`
	Details                         string                       `json:"details,omitempty"`
	DetailsJSON                     []interface{}                `json:"details_json,omitempty"`
	DismissedControlSuggestions     []string                     `json:"dismissed_control_suggestions,omitempty"`
	DismissedImprovementSuggestions []string                     `json:"dismissed_improvement_suggestions,omitempty"`
	DismissedTagSuggestions         []string                     `json:"dismissed_tag_suggestions,omitempty"`
	DueDate                         time.Time                    `json:"due_date,omitempty"`
	ExternalContents                string                       `json:"external_contents,omitempty"`
	ExternalFileID                  string                       `json:"external_file_id,omitempty"`
	FileID                          string                       `json:"file_id,omitempty"`
	ImprovementSuggestions          []string                     `json:"improvement_suggestions,omitempty"`
	InternalNotes                   string                       `json:"internal_notes,omitempty"`
	ManagementMode                  enums.DocumentManagementMode `json:"management_mode,omitempty"`
	Metadata                        map[string]interface{}       `json:"metadata,omitempty"`
	Name                            string                       `json:"name,omitempty"`
	OwnerID                         string                       `json:"owner_id,omitempty"`
	Priority                        enums.Priority               `json:"priority,omitempty"`
	RawPayload                      map[string]interface{}       `json:"raw_payload,omitempty"`
	RequiresApproval                bool                         `json:"requires_approval,omitempty"`
	ReviewDue                       time.Time                    `json:"review_due,omitempty"`
	ReviewFrequency                 enums.Frequency              `json:"review_frequency,omitempty"`
	Revision                        string                       `json:"revision,omitempty"`
	Source                          string                       `json:"source,omitempty"`
	Status                          enums.DocumentStatus         `json:"status,omitempty"`
	Summary                         string                       `json:"summary,omitempty"`
	SystemInternalID                string                       `json:"system_internal_id,omitempty"`
	SystemOwned                     bool                         `json:"system_owned,omitempty"`
	TagSuggestions                  []string                     `json:"tag_suggestions,omitempty"`
	Tags                            []string                     `json:"tags,omitempty"`
	Title                           string                       `json:"title,omitempty"`
	UpdatedAt                       time.Time                    `json:"updated_at,omitempty"`
	UpdatedBy                       string                       `json:"updated_by,omitempty"`
	UpdatedByImpersonator           string                       `json:"updated_by_impersonator,omitempty"`
	URL                             string                       `json:"url,omitempty"`
	WorkflowEligibleMarker          bool                         `json:"workflow_eligible_marker,omitempty"`
}

ActionPlanProjection is the flat, CEL- and jsonschema-facing view of a ActionPlan: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.ActionPlan whose edge graph cannot be reflected

type AssessmentProjection

type AssessmentProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                     string                 `json:"id,omitempty"`
	AssessmentType         enums.AssessmentType   `json:"assessment_type,omitempty"`
	CreatedAt              time.Time              `json:"created_at,omitempty"`
	CreatedBy              string                 `json:"created_by,omitempty"`
	DeletedAt              time.Time              `json:"deleted_at,omitempty"`
	DeletedBy              string                 `json:"deleted_by,omitempty"`
	InternalNotes          string                 `json:"internal_notes,omitempty"`
	Jsonconfig             map[string]interface{} `json:"jsonconfig,omitempty"`
	Name                   string                 `json:"name,omitempty"`
	OwnerID                string                 `json:"owner_id,omitempty"`
	ResponseDueDuration    int64                  `json:"response_due_duration,omitempty"`
	SystemInternalID       string                 `json:"system_internal_id,omitempty"`
	SystemOwned            bool                   `json:"system_owned,omitempty"`
	Tags                   []string               `json:"tags,omitempty"`
	TemplateID             string                 `json:"template_id,omitempty"`
	Uischema               map[string]interface{} `json:"uischema,omitempty"`
	UpdatedAt              time.Time              `json:"updated_at,omitempty"`
	UpdatedBy              string                 `json:"updated_by,omitempty"`
	UpdatedByImpersonator  string                 `json:"updated_by_impersonator,omitempty"`
	WorkflowEligibleMarker bool                   `json:"workflow_eligible_marker,omitempty"`
}

AssessmentProjection is the flat, CEL- and jsonschema-facing view of a Assessment: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.Assessment whose edge graph cannot be reflected

type AssessmentResponseProjection

type AssessmentResponseProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                     string                         `json:"id,omitempty"`
	AssessmentID           string                         `json:"assessment_id,omitempty"`
	AssignedAt             time.Time                      `json:"assigned_at,omitempty"`
	CampaignID             string                         `json:"campaign_id,omitempty"`
	CompletedAt            time.Time                      `json:"completed_at,omitempty"`
	CreatedAt              time.Time                      `json:"created_at,omitempty"`
	CreatedBy              string                         `json:"created_by,omitempty"`
	DeletedAt              time.Time                      `json:"deleted_at,omitempty"`
	DeletedBy              string                         `json:"deleted_by,omitempty"`
	DisplayName            string                         `json:"display_name,omitempty"`
	DocumentDataID         string                         `json:"document_data_id,omitempty"`
	DueDate                time.Time                      `json:"due_date,omitempty"`
	Email                  string                         `json:"email,omitempty"`
	EmailClickCount        int                            `json:"email_click_count,omitempty"`
	EmailClickedAt         time.Time                      `json:"email_clicked_at,omitempty"`
	EmailDeliveredAt       time.Time                      `json:"email_delivered_at,omitempty"`
	EmailMetadata          map[string]interface{}         `json:"email_metadata,omitempty"`
	EmailOpenCount         int                            `json:"email_open_count,omitempty"`
	EmailOpenedAt          time.Time                      `json:"email_opened_at,omitempty"`
	EntityID               string                         `json:"entity_id,omitempty"`
	IdentityHolderID       string                         `json:"identity_holder_id,omitempty"`
	IsDraft                bool                           `json:"is_draft,omitempty"`
	IsTest                 bool                           `json:"is_test,omitempty"`
	LastEmailEventAt       time.Time                      `json:"last_email_event_at,omitempty"`
	OwnerID                string                         `json:"owner_id,omitempty"`
	SendAttempts           int                            `json:"send_attempts,omitempty"`
	StartedAt              time.Time                      `json:"started_at,omitempty"`
	Status                 enums.AssessmentResponseStatus `json:"status,omitempty"`
	UpdatedAt              time.Time                      `json:"updated_at,omitempty"`
	UpdatedBy              string                         `json:"updated_by,omitempty"`
	UpdatedByImpersonator  string                         `json:"updated_by_impersonator,omitempty"`
	WorkflowEligibleMarker bool                           `json:"workflow_eligible_marker,omitempty"`
}

AssessmentResponseProjection is the flat, CEL- and jsonschema-facing view of a AssessmentResponse: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.AssessmentResponse whose edge graph cannot be reflected

type AssetIngestRequested

type AssetIngestRequested struct {
	// OperationContext carries the shared operation provenance for the ingest event
	OperationContext gala.OperationContext `json:"operationContext"`
	// Input is the ent create input for the record to persist
	Input generated.CreateAssetInput `json:"input"`
}

AssetIngestRequested is the typed ingest event payload for Asset records

type AssetProjection

type AssetProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                          string           `json:"id,omitempty"`
	AccessModelID               string           `json:"access_model_id,omitempty"`
	AccessModelName             string           `json:"access_model_name,omitempty"`
	AssetDataClassificationID   string           `json:"asset_data_classification_id,omitempty"`
	AssetDataClassificationName string           `json:"asset_data_classification_name,omitempty"`
	AssetSubtypeID              string           `json:"asset_subtype_id,omitempty"`
	AssetSubtypeName            string           `json:"asset_subtype_name,omitempty"`
	AssetType                   enums.AssetType  `json:"asset_type,omitempty"`
	Categories                  []string         `json:"categories,omitempty"`
	ContainsPii                 bool             `json:"contains_pii,omitempty"`
	CostCenter                  string           `json:"cost_center,omitempty"`
	Cpe                         string           `json:"cpe,omitempty"`
	CreatedAt                   time.Time        `json:"created_at,omitempty"`
	CreatedBy                   string           `json:"created_by,omitempty"`
	CriticalityID               string           `json:"criticality_id,omitempty"`
	CriticalityName             string           `json:"criticality_name,omitempty"`
	DeletedAt                   time.Time        `json:"deleted_at,omitempty"`
	DeletedBy                   string           `json:"deleted_by,omitempty"`
	Description                 string           `json:"description,omitempty"`
	DisplayName                 string           `json:"display_name,omitempty"`
	EncryptionStatusID          string           `json:"encryption_status_id,omitempty"`
	EncryptionStatusName        string           `json:"encryption_status_name,omitempty"`
	EnvironmentID               string           `json:"environment_id,omitempty"`
	EnvironmentName             string           `json:"environment_name,omitempty"`
	EstimatedMonthlyCost        float64          `json:"estimated_monthly_cost,omitempty"`
	Identifier                  string           `json:"identifier,omitempty"`
	IntegrationID               string           `json:"integration_id,omitempty"`
	InternalNotes               string           `json:"internal_notes,omitempty"`
	InternalOwner               string           `json:"internal_owner,omitempty"`
	InternalOwnerGroupID        string           `json:"internal_owner_group_id,omitempty"`
	InternalOwnerUserID         string           `json:"internal_owner_user_id,omitempty"`
	Name                        string           `json:"name,omitempty"`
	ObservedAt                  models.DateTime  `json:"observed_at,omitempty"`
	OwnerID                     string           `json:"owner_id,omitempty"`
	PhysicalLocation            string           `json:"physical_location,omitempty"`
	PurchaseDate                models.DateTime  `json:"purchase_date,omitempty"`
	Region                      string           `json:"region,omitempty"`
	ScopeID                     string           `json:"scope_id,omitempty"`
	ScopeName                   string           `json:"scope_name,omitempty"`
	SecurityTierID              string           `json:"security_tier_id,omitempty"`
	SecurityTierName            string           `json:"security_tier_name,omitempty"`
	SourceIdentifier            string           `json:"source_identifier,omitempty"`
	SourcePlatformID            string           `json:"source_platform_id,omitempty"`
	SourceType                  enums.SourceType `json:"source_type,omitempty"`
	SystemInternalID            string           `json:"system_internal_id,omitempty"`
	SystemOwned                 bool             `json:"system_owned,omitempty"`
	Tags                        []string         `json:"tags,omitempty"`
	UpdatedAt                   time.Time        `json:"updated_at,omitempty"`
	UpdatedBy                   string           `json:"updated_by,omitempty"`
	UpdatedByImpersonator       string           `json:"updated_by_impersonator,omitempty"`
	Website                     string           `json:"website,omitempty"`
}

AssetProjection is the flat, CEL- and jsonschema-facing view of a Asset: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.Asset whose edge graph cannot be reflected

type CampaignProjection

type CampaignProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                     string                 `json:"id,omitempty"`
	AssessmentID           string                 `json:"assessment_id,omitempty"`
	CampaignType           enums.CampaignType     `json:"campaign_type,omitempty"`
	CompletedAt            models.DateTime        `json:"completed_at,omitempty"`
	CreatedAt              time.Time              `json:"created_at,omitempty"`
	CreatedBy              string                 `json:"created_by,omitempty"`
	DeletedAt              time.Time              `json:"deleted_at,omitempty"`
	DeletedBy              string                 `json:"deleted_by,omitempty"`
	Description            string                 `json:"description,omitempty"`
	DisplayID              string                 `json:"display_id,omitempty"`
	DueDate                models.DateTime        `json:"due_date,omitempty"`
	EmailBrandingID        string                 `json:"email_branding_id,omitempty"`
	EmailTemplateID        string                 `json:"email_template_id,omitempty"`
	EntityID               string                 `json:"entity_id,omitempty"`
	IntegrationID          string                 `json:"integration_id,omitempty"`
	InternalOwner          string                 `json:"internal_owner,omitempty"`
	InternalOwnerGroupID   string                 `json:"internal_owner_group_id,omitempty"`
	InternalOwnerUserID    string                 `json:"internal_owner_user_id,omitempty"`
	IsActive               bool                   `json:"is_active,omitempty"`
	IsRecurring            bool                   `json:"is_recurring,omitempty"`
	LastResentAt           models.DateTime        `json:"last_resent_at,omitempty"`
	LastRunAt              models.DateTime        `json:"last_run_at,omitempty"`
	LaunchedAt             models.DateTime        `json:"launched_at,omitempty"`
	Metadata               map[string]interface{} `json:"metadata,omitempty"`
	Name                   string                 `json:"name,omitempty"`
	NextRunAt              models.DateTime        `json:"next_run_at,omitempty"`
	OwnerID                string                 `json:"owner_id,omitempty"`
	RecipientCount         int                    `json:"recipient_count,omitempty"`
	RecurrenceCron         models.Cron            `json:"recurrence_cron,omitempty"`
	RecurrenceEndAt        models.DateTime        `json:"recurrence_end_at,omitempty"`
	RecurrenceFrequency    enums.Frequency        `json:"recurrence_frequency,omitempty"`
	RecurrenceInterval     int                    `json:"recurrence_interval,omitempty"`
	RecurrenceTimezone     string                 `json:"recurrence_timezone,omitempty"`
	ResendCount            int                    `json:"resend_count,omitempty"`
	ScheduledAt            models.DateTime        `json:"scheduled_at,omitempty"`
	Status                 enums.CampaignStatus   `json:"status,omitempty"`
	Tags                   []string               `json:"tags,omitempty"`
	TemplateID             string                 `json:"template_id,omitempty"`
	TrustCenterID          string                 `json:"trust_center_id,omitempty"`
	UpdatedAt              time.Time              `json:"updated_at,omitempty"`
	UpdatedBy              string                 `json:"updated_by,omitempty"`
	UpdatedByImpersonator  string                 `json:"updated_by_impersonator,omitempty"`
	WorkflowEligibleMarker bool                   `json:"workflow_eligible_marker,omitempty"`
}

CampaignProjection is the flat, CEL- and jsonschema-facing view of a Campaign: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.Campaign whose edge graph cannot be reflected

type CampaignTargetProjection

type CampaignTargetProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                     string                         `json:"id,omitempty"`
	CampaignID             string                         `json:"campaign_id,omitempty"`
	CompletedAt            models.DateTime                `json:"completed_at,omitempty"`
	ContactID              string                         `json:"contact_id,omitempty"`
	CreatedAt              time.Time                      `json:"created_at,omitempty"`
	CreatedBy              string                         `json:"created_by,omitempty"`
	DeletedAt              time.Time                      `json:"deleted_at,omitempty"`
	DeletedBy              string                         `json:"deleted_by,omitempty"`
	Email                  string                         `json:"email,omitempty"`
	FullName               string                         `json:"full_name,omitempty"`
	GroupID                string                         `json:"group_id,omitempty"`
	Metadata               map[string]interface{}         `json:"metadata,omitempty"`
	OwnerID                string                         `json:"owner_id,omitempty"`
	SentAt                 models.DateTime                `json:"sent_at,omitempty"`
	Status                 enums.AssessmentResponseStatus `json:"status,omitempty"`
	SubscriberID           string                         `json:"subscriber_id,omitempty"`
	UpdatedAt              time.Time                      `json:"updated_at,omitempty"`
	UpdatedBy              string                         `json:"updated_by,omitempty"`
	UpdatedByImpersonator  string                         `json:"updated_by_impersonator,omitempty"`
	UserID                 string                         `json:"user_id,omitempty"`
	WorkflowEligibleMarker bool                           `json:"workflow_eligible_marker,omitempty"`
}

CampaignTargetProjection is the flat, CEL- and jsonschema-facing view of a CampaignTarget: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.CampaignTarget whose edge graph cannot be reflected

type CheckResultIngestRequested

type CheckResultIngestRequested struct {
	// OperationContext carries the shared operation provenance for the ingest event
	OperationContext gala.OperationContext `json:"operationContext"`
	// Input is the ent create input for the record to persist
	Input generated.CreateCheckResultInput `json:"input"`
}

CheckResultIngestRequested is the typed ingest event payload for CheckResult records

type CheckResultProjection

type CheckResultProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                    string            `json:"id,omitempty"`
	CreatedAt             time.Time         `json:"created_at,omitempty"`
	CreatedBy             string            `json:"created_by,omitempty"`
	DeletedAt             time.Time         `json:"deleted_at,omitempty"`
	DeletedBy             string            `json:"deleted_by,omitempty"`
	Details               string            `json:"details,omitempty"`
	ExternalURI           string            `json:"external_uri,omitempty"`
	IntegrationID         string            `json:"integration_id,omitempty"`
	LastObservedAt        models.DateTime   `json:"last_observed_at,omitempty"`
	ParentExternalID      string            `json:"parent_external_id,omitempty"`
	Source                string            `json:"source,omitempty"`
	Status                enums.CheckStatus `json:"status,omitempty"`
	Tags                  []string          `json:"tags,omitempty"`
	UpdatedAt             time.Time         `json:"updated_at,omitempty"`
	UpdatedBy             string            `json:"updated_by,omitempty"`
	UpdatedByImpersonator string            `json:"updated_by_impersonator,omitempty"`
}

CheckResultProjection is the flat, CEL- and jsonschema-facing view of a CheckResult: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.CheckResult whose edge graph cannot be reflected

type ContactIngestRequested

type ContactIngestRequested struct {
	// OperationContext carries the shared operation provenance for the ingest event
	OperationContext gala.OperationContext `json:"operationContext"`
	// Input is the ent create input for the record to persist
	Input generated.CreateContactInput `json:"input"`
}

ContactIngestRequested is the typed ingest event payload for Contact records

type ContactProjection

type ContactProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                    string           `json:"id,omitempty"`
	Address               string           `json:"address,omitempty"`
	Company               string           `json:"company,omitempty"`
	CreatedAt             time.Time        `json:"created_at,omitempty"`
	CreatedBy             string           `json:"created_by,omitempty"`
	DeletedAt             time.Time        `json:"deleted_at,omitempty"`
	DeletedBy             string           `json:"deleted_by,omitempty"`
	Email                 string           `json:"email,omitempty"`
	ExternalID            string           `json:"external_id,omitempty"`
	FullName              string           `json:"full_name,omitempty"`
	IntegrationID         string           `json:"integration_id,omitempty"`
	ObservedAt            models.DateTime  `json:"observed_at,omitempty"`
	OwnerID               string           `json:"owner_id,omitempty"`
	PhoneNumber           string           `json:"phone_number,omitempty"`
	Status                enums.UserStatus `json:"status,omitempty"`
	Tags                  []string         `json:"tags,omitempty"`
	Title                 string           `json:"title,omitempty"`
	UpdatedAt             time.Time        `json:"updated_at,omitempty"`
	UpdatedBy             string           `json:"updated_by,omitempty"`
	UpdatedByImpersonator string           `json:"updated_by_impersonator,omitempty"`
}

ContactProjection is the flat, CEL- and jsonschema-facing view of a Contact: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.Contact whose edge graph cannot be reflected

type ControlImplementationProjection

type ControlImplementationProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                    string               `json:"id,omitempty"`
	CreatedAt             time.Time            `json:"created_at,omitempty"`
	CreatedBy             string               `json:"created_by,omitempty"`
	DeletedAt             time.Time            `json:"deleted_at,omitempty"`
	DeletedBy             string               `json:"deleted_by,omitempty"`
	Details               string               `json:"details,omitempty"`
	DetailsJSON           []interface{}        `json:"details_json,omitempty"`
	ImplementationDate    time.Time            `json:"implementation_date,omitempty"`
	InternalNotes         string               `json:"internal_notes,omitempty"`
	OwnerID               string               `json:"owner_id,omitempty"`
	Status                enums.DocumentStatus `json:"status,omitempty"`
	SystemInternalID      string               `json:"system_internal_id,omitempty"`
	SystemOwned           bool                 `json:"system_owned,omitempty"`
	Tags                  []string             `json:"tags,omitempty"`
	UpdatedAt             time.Time            `json:"updated_at,omitempty"`
	UpdatedBy             string               `json:"updated_by,omitempty"`
	UpdatedByImpersonator string               `json:"updated_by_impersonator,omitempty"`
	VerificationDate      time.Time            `json:"verification_date,omitempty"`
	Verified              bool                 `json:"verified,omitempty"`
}

ControlImplementationProjection is the flat, CEL- and jsonschema-facing view of a ControlImplementation: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.ControlImplementation whose edge graph cannot be reflected

type ControlObjectiveProjection

type ControlObjectiveProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                    string                `json:"id,omitempty"`
	Category              string                `json:"category,omitempty"`
	ControlObjectiveType  string                `json:"control_objective_type,omitempty"`
	CreatedAt             time.Time             `json:"created_at,omitempty"`
	CreatedBy             string                `json:"created_by,omitempty"`
	DeletedAt             time.Time             `json:"deleted_at,omitempty"`
	DeletedBy             string                `json:"deleted_by,omitempty"`
	DesiredOutcome        string                `json:"desired_outcome,omitempty"`
	DesiredOutcomeJSON    []interface{}         `json:"desired_outcome_json,omitempty"`
	DisplayID             string                `json:"display_id,omitempty"`
	InternalNotes         string                `json:"internal_notes,omitempty"`
	Name                  string                `json:"name,omitempty"`
	OwnerID               string                `json:"owner_id,omitempty"`
	Revision              string                `json:"revision,omitempty"`
	Source                enums.ControlSource   `json:"source,omitempty"`
	Status                enums.ObjectiveStatus `json:"status,omitempty"`
	Subcategory           string                `json:"subcategory,omitempty"`
	SystemInternalID      string                `json:"system_internal_id,omitempty"`
	SystemOwned           bool                  `json:"system_owned,omitempty"`
	Tags                  []string              `json:"tags,omitempty"`
	UpdatedAt             time.Time             `json:"updated_at,omitempty"`
	UpdatedBy             string                `json:"updated_by,omitempty"`
	UpdatedByImpersonator string                `json:"updated_by_impersonator,omitempty"`
}

ControlObjectiveProjection is the flat, CEL- and jsonschema-facing view of a ControlObjective: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.ControlObjective whose edge graph cannot be reflected

type ControlProjection

type ControlProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                         string                             `json:"id,omitempty"`
	Aliases                    []string                           `json:"aliases,omitempty"`
	AssessmentMethods          []models.AssessmentMethod          `json:"assessment_methods,omitempty"`
	AssessmentObjectives       []models.AssessmentObjective       `json:"assessment_objectives,omitempty"`
	AuditorReferenceID         string                             `json:"auditor_reference_id,omitempty"`
	Category                   string                             `json:"category,omitempty"`
	CategoryID                 string                             `json:"category_id,omitempty"`
	ControlKindID              string                             `json:"control_kind_id,omitempty"`
	ControlKindName            string                             `json:"control_kind_name,omitempty"`
	ControlOwnerID             string                             `json:"control_owner_id,omitempty"`
	ControlQuestions           []string                           `json:"control_questions,omitempty"`
	CreatedAt                  time.Time                          `json:"created_at,omitempty"`
	CreatedBy                  string                             `json:"created_by,omitempty"`
	DelegateID                 string                             `json:"delegate_id,omitempty"`
	DeletedAt                  time.Time                          `json:"deleted_at,omitempty"`
	DeletedBy                  string                             `json:"deleted_by,omitempty"`
	Description                string                             `json:"description,omitempty"`
	DescriptionJSON            []interface{}                      `json:"description_json,omitempty"`
	DisplayID                  string                             `json:"display_id,omitempty"`
	EnvironmentID              string                             `json:"environment_id,omitempty"`
	EnvironmentName            string                             `json:"environment_name,omitempty"`
	EvidenceRequests           []models.EvidenceRequests          `json:"evidence_requests,omitempty"`
	ExampleEvidence            []models.ExampleEvidence           `json:"example_evidence,omitempty"`
	ExternalUUID               string                             `json:"external_uuid,omitempty"`
	ImplementationDescription  string                             `json:"implementation_description,omitempty"`
	ImplementationGuidance     []models.ImplementationGuidance    `json:"implementation_guidance,omitempty"`
	ImplementationStatus       enums.ControlImplementationStatus  `json:"implementation_status,omitempty"`
	InternalNotes              string                             `json:"internal_notes,omitempty"`
	IsTrustCenterControl       bool                               `json:"is_trust_center_control,omitempty"`
	MappedCategories           []string                           `json:"mapped_categories,omitempty"`
	OwnerID                    string                             `json:"owner_id,omitempty"`
	PublicRepresentation       string                             `json:"public_representation,omitempty"`
	RefCode                    string                             `json:"ref_code,omitempty"`
	ReferenceFramework         string                             `json:"reference_framework,omitempty"`
	ReferenceFrameworkRevision string                             `json:"reference_framework_revision,omitempty"`
	ReferenceID                string                             `json:"reference_id,omitempty"`
	References                 []models.Reference                 `json:"references,omitempty"`
	ResponsiblePartyID         string                             `json:"responsible_party_id,omitempty"`
	ScopeID                    string                             `json:"scope_id,omitempty"`
	ScopeName                  string                             `json:"scope_name,omitempty"`
	Source                     enums.ControlSource                `json:"source,omitempty"`
	SourceName                 string                             `json:"source_name,omitempty"`
	StandardID                 string                             `json:"standard_id,omitempty"`
	Status                     enums.ControlStatus                `json:"status,omitempty"`
	Subcategory                string                             `json:"subcategory,omitempty"`
	SystemInternalID           string                             `json:"system_internal_id,omitempty"`
	SystemOwned                bool                               `json:"system_owned,omitempty"`
	Tags                       []string                           `json:"tags,omitempty"`
	TestingProcedures          []models.TestingProcedures         `json:"testing_procedures,omitempty"`
	Title                      string                             `json:"title,omitempty"`
	TrustCenterVisibility      enums.TrustCenterControlVisibility `json:"trust_center_visibility,omitempty"`
	UpdatedAt                  time.Time                          `json:"updated_at,omitempty"`
	UpdatedBy                  string                             `json:"updated_by,omitempty"`
	UpdatedByImpersonator      string                             `json:"updated_by_impersonator,omitempty"`
	WorkflowEligibleMarker     bool                               `json:"workflow_eligible_marker,omitempty"`
}

ControlProjection is the flat, CEL- and jsonschema-facing view of a Control: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.Control whose edge graph cannot be reflected

type DirectoryAccountIngestRequested

type DirectoryAccountIngestRequested struct {
	// OperationContext carries the shared operation provenance for the ingest event
	OperationContext gala.OperationContext `json:"operationContext"`
	// Input is the ent create input for the record to persist
	Input generated.CreateDirectoryAccountInput `json:"input"`
}

DirectoryAccountIngestRequested is the typed ingest event payload for DirectoryAccount records

type DirectoryAccountProjection

type DirectoryAccountProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                    string                         `json:"id,omitempty"`
	AccountType           enums.DirectoryAccountType     `json:"account_type,omitempty"`
	AddedAt               time.Time                      `json:"added_at,omitempty"`
	AvatarLocalFileID     string                         `json:"avatar_local_file_id,omitempty"`
	AvatarRemoteURL       string                         `json:"avatar_remote_url,omitempty"`
	AvatarUpdatedAt       time.Time                      `json:"avatar_updated_at,omitempty"`
	CanonicalEmail        string                         `json:"canonical_email,omitempty"`
	CreatedAt             time.Time                      `json:"created_at,omitempty"`
	CreatedBy             string                         `json:"created_by,omitempty"`
	Department            string                         `json:"department,omitempty"`
	DirectoryInstanceID   string                         `json:"directory_instance_id,omitempty"`
	DirectoryName         string                         `json:"directory_name,omitempty"`
	DirectorySyncRunID    string                         `json:"directory_sync_run_id,omitempty"`
	DisplayID             string                         `json:"display_id,omitempty"`
	DisplayName           string                         `json:"display_name,omitempty"`
	EmailAliases          []string                       `json:"email_aliases,omitempty"`
	EnvironmentID         string                         `json:"environment_id,omitempty"`
	EnvironmentName       string                         `json:"environment_name,omitempty"`
	ExternalID            string                         `json:"external_id,omitempty"`
	FamilyName            string                         `json:"family_name,omitempty"`
	FirstSeenAt           time.Time                      `json:"first_seen_at,omitempty"`
	GivenName             string                         `json:"given_name,omitempty"`
	IdentityHolderID      string                         `json:"identity_holder_id,omitempty"`
	IntegrationID         string                         `json:"integration_id,omitempty"`
	JobTitle              string                         `json:"job_title,omitempty"`
	LastLoginAt           time.Time                      `json:"last_login_at,omitempty"`
	LastSeenAt            time.Time                      `json:"last_seen_at,omitempty"`
	LastSeenIP            string                         `json:"last_seen_ip,omitempty"`
	Metadata              map[string]interface{}         `json:"metadata,omitempty"`
	MfaState              enums.DirectoryAccountMFAState `json:"mfa_state,omitempty"`
	ObservedAt            time.Time                      `json:"observed_at,omitempty"`
	OrganizationUnit      string                         `json:"organization_unit,omitempty"`
	OwnerID               string                         `json:"owner_id,omitempty"`
	PhoneNumber           string                         `json:"phone_number,omitempty"`
	PlatformID            string                         `json:"platform_id,omitempty"`
	PrimarySource         bool                           `json:"primary_source,omitempty"`
	Profile               map[string]interface{}         `json:"profile,omitempty"`
	ProfileHash           string                         `json:"profile_hash,omitempty"`
	RawProfileFileID      string                         `json:"raw_profile_file_id,omitempty"`
	RemovedAt             time.Time                      `json:"removed_at,omitempty"`
	ScopeID               string                         `json:"scope_id,omitempty"`
	ScopeName             string                         `json:"scope_name,omitempty"`
	SecondaryKey          string                         `json:"secondary_key,omitempty"`
	SourceVersion         string                         `json:"source_version,omitempty"`
	Status                enums.DirectoryAccountStatus   `json:"status,omitempty"`
	Tags                  []string                       `json:"tags,omitempty"`
	UpdatedAt             time.Time                      `json:"updated_at,omitempty"`
	UpdatedBy             string                         `json:"updated_by,omitempty"`
	UpdatedByImpersonator string                         `json:"updated_by_impersonator,omitempty"`
}

DirectoryAccountProjection is the flat, CEL- and jsonschema-facing view of a DirectoryAccount: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.DirectoryAccount whose edge graph cannot be reflected

type DirectoryGroupIngestRequested

type DirectoryGroupIngestRequested struct {
	// OperationContext carries the shared operation provenance for the ingest event
	OperationContext gala.OperationContext `json:"operationContext"`
	// Input is the ent create input for the record to persist
	Input generated.CreateDirectoryGroupInput `json:"input"`
}

DirectoryGroupIngestRequested is the typed ingest event payload for DirectoryGroup records

type DirectoryGroupProjection

type DirectoryGroupProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                     string                             `json:"id,omitempty"`
	AddedAt                time.Time                          `json:"added_at,omitempty"`
	Classification         enums.DirectoryGroupClassification `json:"classification,omitempty"`
	CreatedAt              time.Time                          `json:"created_at,omitempty"`
	CreatedBy              string                             `json:"created_by,omitempty"`
	Description            string                             `json:"description,omitempty"`
	DirectoryInstanceID    string                             `json:"directory_instance_id,omitempty"`
	DirectoryName          string                             `json:"directory_name,omitempty"`
	DirectorySyncRunID     string                             `json:"directory_sync_run_id,omitempty"`
	DisplayID              string                             `json:"display_id,omitempty"`
	DisplayName            string                             `json:"display_name,omitempty"`
	Email                  string                             `json:"email,omitempty"`
	EnvironmentID          string                             `json:"environment_id,omitempty"`
	EnvironmentName        string                             `json:"environment_name,omitempty"`
	ExternalID             string                             `json:"external_id,omitempty"`
	ExternalSharingAllowed bool                               `json:"external_sharing_allowed,omitempty"`
	FirstSeenAt            time.Time                          `json:"first_seen_at,omitempty"`
	IntegrationID          string                             `json:"integration_id,omitempty"`
	LastSeenAt             time.Time                          `json:"last_seen_at,omitempty"`
	MemberCount            int                                `json:"member_count,omitempty"`
	Metadata               map[string]interface{}             `json:"metadata,omitempty"`
	ObservedAt             time.Time                          `json:"observed_at,omitempty"`
	OwnerID                string                             `json:"owner_id,omitempty"`
	PlatformID             string                             `json:"platform_id,omitempty"`
	Profile                map[string]interface{}             `json:"profile,omitempty"`
	ProfileHash            string                             `json:"profile_hash,omitempty"`
	RawProfileFileID       string                             `json:"raw_profile_file_id,omitempty"`
	RemovedAt              time.Time                          `json:"removed_at,omitempty"`
	ScopeID                string                             `json:"scope_id,omitempty"`
	ScopeName              string                             `json:"scope_name,omitempty"`
	SourceVersion          string                             `json:"source_version,omitempty"`
	Status                 enums.DirectoryGroupStatus         `json:"status,omitempty"`
	Tags                   []string                           `json:"tags,omitempty"`
	UpdatedAt              time.Time                          `json:"updated_at,omitempty"`
	UpdatedBy              string                             `json:"updated_by,omitempty"`
	UpdatedByImpersonator  string                             `json:"updated_by_impersonator,omitempty"`
}

DirectoryGroupProjection is the flat, CEL- and jsonschema-facing view of a DirectoryGroup: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.DirectoryGroup whose edge graph cannot be reflected

type DirectoryMembershipIngestRequested

type DirectoryMembershipIngestRequested struct {
	// OperationContext carries the shared operation provenance for the ingest event
	OperationContext gala.OperationContext `json:"operationContext"`
	// Input is the ent create input for the record to persist
	Input generated.CreateDirectoryMembershipInput `json:"input"`
}

DirectoryMembershipIngestRequested is the typed ingest event payload for DirectoryMembership records

type DirectoryMembershipProjection

type DirectoryMembershipProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                    string                        `json:"id,omitempty"`
	AddedAt               time.Time                     `json:"added_at,omitempty"`
	CreatedAt             time.Time                     `json:"created_at,omitempty"`
	CreatedBy             string                        `json:"created_by,omitempty"`
	DirectoryAccountID    string                        `json:"directory_account_id,omitempty"`
	DirectoryGroupID      string                        `json:"directory_group_id,omitempty"`
	DirectoryInstanceID   string                        `json:"directory_instance_id,omitempty"`
	DirectoryName         string                        `json:"directory_name,omitempty"`
	DirectorySyncRunID    string                        `json:"directory_sync_run_id,omitempty"`
	DisplayID             string                        `json:"display_id,omitempty"`
	EnvironmentID         string                        `json:"environment_id,omitempty"`
	EnvironmentName       string                        `json:"environment_name,omitempty"`
	FirstSeenAt           time.Time                     `json:"first_seen_at,omitempty"`
	IntegrationID         string                        `json:"integration_id,omitempty"`
	LastConfirmedRunID    string                        `json:"last_confirmed_run_id,omitempty"`
	LastSeenAt            time.Time                     `json:"last_seen_at,omitempty"`
	Metadata              map[string]interface{}        `json:"metadata,omitempty"`
	ObservedAt            time.Time                     `json:"observed_at,omitempty"`
	OwnerID               string                        `json:"owner_id,omitempty"`
	PlatformID            string                        `json:"platform_id,omitempty"`
	RemovedAt             time.Time                     `json:"removed_at,omitempty"`
	Role                  enums.DirectoryMembershipRole `json:"role,omitempty"`
	ScopeID               string                        `json:"scope_id,omitempty"`
	ScopeName             string                        `json:"scope_name,omitempty"`
	Source                string                        `json:"source,omitempty"`
	UpdatedAt             time.Time                     `json:"updated_at,omitempty"`
	UpdatedBy             string                        `json:"updated_by,omitempty"`
	UpdatedByImpersonator string                        `json:"updated_by_impersonator,omitempty"`
}

DirectoryMembershipProjection is the flat, CEL- and jsonschema-facing view of a DirectoryMembership: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.DirectoryMembership whose edge graph cannot be reflected

type DiscussionProjection

type DiscussionProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                    string    `json:"id,omitempty"`
	CreatedAt             time.Time `json:"created_at,omitempty"`
	CreatedBy             string    `json:"created_by,omitempty"`
	DeletedAt             time.Time `json:"deleted_at,omitempty"`
	DeletedBy             string    `json:"deleted_by,omitempty"`
	ExternalID            string    `json:"external_id,omitempty"`
	IsResolved            bool      `json:"is_resolved,omitempty"`
	OwnerID               string    `json:"owner_id,omitempty"`
	UpdatedAt             time.Time `json:"updated_at,omitempty"`
	UpdatedBy             string    `json:"updated_by,omitempty"`
	UpdatedByImpersonator string    `json:"updated_by_impersonator,omitempty"`
}

DiscussionProjection is the flat, CEL- and jsonschema-facing view of a Discussion: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.Discussion whose edge graph cannot be reflected

type DocumentDataProjection

type DocumentDataProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                    string                 `json:"id,omitempty"`
	CreatedAt             time.Time              `json:"created_at,omitempty"`
	CreatedBy             string                 `json:"created_by,omitempty"`
	Data                  map[string]interface{} `json:"data,omitempty"`
	DeletedAt             time.Time              `json:"deleted_at,omitempty"`
	DeletedBy             string                 `json:"deleted_by,omitempty"`
	EnvironmentID         string                 `json:"environment_id,omitempty"`
	EnvironmentName       string                 `json:"environment_name,omitempty"`
	OwnerID               string                 `json:"owner_id,omitempty"`
	ScopeID               string                 `json:"scope_id,omitempty"`
	ScopeName             string                 `json:"scope_name,omitempty"`
	Tags                  []string               `json:"tags,omitempty"`
	TemplateID            string                 `json:"template_id,omitempty"`
	UpdatedAt             time.Time              `json:"updated_at,omitempty"`
	UpdatedBy             string                 `json:"updated_by,omitempty"`
	UpdatedByImpersonator string                 `json:"updated_by_impersonator,omitempty"`
}

DocumentDataProjection is the flat, CEL- and jsonschema-facing view of a DocumentData: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.DocumentData whose edge graph cannot be reflected

type EdgeChange

type EdgeChange struct {
	// Edge is the mutated edge name
	Edge string `json:"edge" jsonschema:"description=Mutated edge name"`
	// AddedIDs are the IDs added to the edge
	AddedIDs []string `json:"addedIds,omitempty" jsonschema:"description=IDs added to the edge"`
	// RemovedIDs are the IDs removed from the edge; an empty non-nil slice means the edge was cleared
	RemovedIDs []string `json:"removedIds,omitempty" jsonschema:"description=IDs removed from the edge"`
}

EdgeChange describes one mutated edge and the IDs added or removed

func ExtractChangedEdges

func ExtractChangedEdges(m ent.Mutation) []EdgeChange

ExtractChangedEdges returns the workflow-eligible edges mutated by m, with the IDs added or removed

type EdgeDescriptor

type EdgeDescriptor struct {
	// Name is the edge name (e.g., "controls")
	Name string `json:"name"`
	// Target is the target schema's registry entry
	Target *Schema `json:"-"`
	// TargetType is the PascalCase target schema name, surfaced for the cross-link target dropdown
	TargetType string `json:"target,omitempty"`
	// Label is the human-readable label (PascalCase of the edge name)
	Label string `json:"label,omitempty"`
	// Unique reports whether this side references a single target (sets <edge>ID rather than <edge>IDs)
	Unique bool `json:"unique,omitempty"`
	// Field is the foreign-key storage column on this schema's table for unique owning edges
	// (e.g. "control_id"); empty when the foreign key lives on the target table
	Field string `json:"field,omitempty"`
	// Immutable reports whether the edge is set only at create time; LinkTargets and UnlinkTargets
	// reject immutable edges since the update input has no setters for them
	Immutable bool `json:"immutable,omitempty"`
	// CreateField is the create-input JSON key used to set this edge at create time (e.g. "controlIDs");
	// for unique edges it doubles as the update-input key used by LinkTargets
	CreateField string `json:"createField,omitempty"`
	// AddField is the update-input key that adds targets to a to-many edge (e.g. "addControlIDs");
	// empty for unique or immutable edges
	AddField string `json:"addField,omitempty"`
	// RemoveField is the update-input key that removes targets from a to-many edge (e.g. "removeControlIDs");
	// empty for unique or immutable edges
	RemoveField string `json:"removeField,omitempty"`
	// ClearField is the update-input key that clears an optional unique edge (e.g. "clearControl");
	// empty for to-many, required, or immutable edges
	ClearField string `json:"clearField,omitempty"`
	// WorkflowEligible reports whether the edge may drive workflow conditions and triggers
	WorkflowEligible bool `json:"workflowEligible,omitempty"`
}

EdgeDescriptor describes an edge on a schema. It is the single edge-capability record shared by create-time link injection, the workflow object-ref catalog, and the integration cross-link inventory

type EmailTemplateProjection

type EmailTemplateProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                    string                           `json:"id,omitempty"`
	Active                bool                             `json:"active,omitempty"`
	BodyTemplate          string                           `json:"body_template,omitempty"`
	CreatedAt             time.Time                        `json:"created_at,omitempty"`
	CreatedBy             string                           `json:"created_by,omitempty"`
	Defaults              map[string]interface{}           `json:"defaults,omitempty"`
	DeletedAt             time.Time                        `json:"deleted_at,omitempty"`
	DeletedBy             string                           `json:"deleted_by,omitempty"`
	Description           string                           `json:"description,omitempty"`
	Format                enums.NotificationTemplateFormat `json:"format,omitempty"`
	IntegrationID         string                           `json:"integration_id,omitempty"`
	InternalNotes         string                           `json:"internal_notes,omitempty"`
	Jsonconfig            map[string]interface{}           `json:"jsonconfig,omitempty"`
	Key                   string                           `json:"key,omitempty"`
	Locale                string                           `json:"locale,omitempty"`
	Metadata              map[string]interface{}           `json:"metadata,omitempty"`
	Name                  string                           `json:"name,omitempty"`
	OwnerID               string                           `json:"owner_id,omitempty"`
	PreheaderTemplate     string                           `json:"preheader_template,omitempty"`
	Revision              string                           `json:"revision,omitempty"`
	SubjectTemplate       string                           `json:"subject_template,omitempty"`
	SystemInternalID      string                           `json:"system_internal_id,omitempty"`
	SystemOwned           bool                             `json:"system_owned,omitempty"`
	TemplateContext       enums.TemplateContext            `json:"template_context,omitempty"`
	TextTemplate          string                           `json:"text_template,omitempty"`
	TrustCenterID         string                           `json:"trust_center_id,omitempty"`
	Uischema              map[string]interface{}           `json:"uischema,omitempty"`
	UpdatedAt             time.Time                        `json:"updated_at,omitempty"`
	UpdatedBy             string                           `json:"updated_by,omitempty"`
	UpdatedByImpersonator string                           `json:"updated_by_impersonator,omitempty"`
	Version               int                              `json:"version,omitempty"`
	WorkflowDefinitionID  string                           `json:"workflow_definition_id,omitempty"`
	WorkflowInstanceID    string                           `json:"workflow_instance_id,omitempty"`
}

EmailTemplateProjection is the flat, CEL- and jsonschema-facing view of a EmailTemplate: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.EmailTemplate whose edge graph cannot be reflected

type EntityIngestRequested

type EntityIngestRequested struct {
	// OperationContext carries the shared operation provenance for the ingest event
	OperationContext gala.OperationContext `json:"operationContext"`
	// Input is the ent create input for the record to persist
	Input generated.CreateEntityInput `json:"input"`
}

EntityIngestRequested is the typed ingest event payload for Entity records

type EntityProjection

type EntityProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                                    string                 `json:"id,omitempty"`
	AnnualSpend                           float64                `json:"annual_spend,omitempty"`
	ApprovedForUse                        bool                   `json:"approved_for_use,omitempty"`
	AutoRenews                            bool                   `json:"auto_renews,omitempty"`
	BillingModel                          string                 `json:"billing_model,omitempty"`
	ContractEndDate                       models.DateTime        `json:"contract_end_date,omitempty"`
	ContractRenewalAt                     models.DateTime        `json:"contract_renewal_at,omitempty"`
	ContractStartDate                     models.DateTime        `json:"contract_start_date,omitempty"`
	CreatedAt                             time.Time              `json:"created_at,omitempty"`
	CreatedBy                             string                 `json:"created_by,omitempty"`
	DeletedAt                             time.Time              `json:"deleted_at,omitempty"`
	DeletedBy                             string                 `json:"deleted_by,omitempty"`
	Description                           string                 `json:"description,omitempty"`
	DisplayName                           string                 `json:"display_name,omitempty"`
	Domains                               []string               `json:"domains,omitempty"`
	EntityRelationshipStateID             string                 `json:"entity_relationship_state_id,omitempty"`
	EntityRelationshipStateName           string                 `json:"entity_relationship_state_name,omitempty"`
	EntitySecurityQuestionnaireStatusID   string                 `json:"entity_security_questionnaire_status_id,omitempty"`
	EntitySecurityQuestionnaireStatusName string                 `json:"entity_security_questionnaire_status_name,omitempty"`
	EntitySourceTypeID                    string                 `json:"entity_source_type_id,omitempty"`
	EntitySourceTypeName                  string                 `json:"entity_source_type_name,omitempty"`
	EntityTypeID                          string                 `json:"entity_type_id,omitempty"`
	EnvironmentID                         string                 `json:"environment_id,omitempty"`
	EnvironmentName                       string                 `json:"environment_name,omitempty"`
	ExternalID                            string                 `json:"external_id,omitempty"`
	HasSoc2                               bool                   `json:"has_soc2,omitempty"`
	InternalNotes                         string                 `json:"internal_notes,omitempty"`
	InternalOwner                         string                 `json:"internal_owner,omitempty"`
	InternalOwnerGroupID                  string                 `json:"internal_owner_group_id,omitempty"`
	InternalOwnerUserID                   string                 `json:"internal_owner_user_id,omitempty"`
	LastReviewedAt                        models.DateTime        `json:"last_reviewed_at,omitempty"`
	LinkedAssetIds                        []string               `json:"linked_asset_ids,omitempty"`
	Links                                 []string               `json:"links,omitempty"`
	LogoFileID                            string                 `json:"logo_file_id,omitempty"`
	LogoRemoteURL                         string                 `json:"logo_remote_url,omitempty"`
	MfaEnforced                           bool                   `json:"mfa_enforced,omitempty"`
	MfaSupported                          bool                   `json:"mfa_supported,omitempty"`
	Name                                  string                 `json:"name,omitempty"`
	NextReviewAt                          models.DateTime        `json:"next_review_at,omitempty"`
	ObservedAt                            models.DateTime        `json:"observed_at,omitempty"`
	OwnerID                               string                 `json:"owner_id,omitempty"`
	ProvidedServices                      []string               `json:"provided_services,omitempty"`
	RenewalRisk                           string                 `json:"renewal_risk,omitempty"`
	ReviewFrequency                       enums.Frequency        `json:"review_frequency,omitempty"`
	ReviewedBy                            string                 `json:"reviewed_by,omitempty"`
	ReviewedByGroupID                     string                 `json:"reviewed_by_group_id,omitempty"`
	ReviewedByUserID                      string                 `json:"reviewed_by_user_id,omitempty"`
	RiskRating                            string                 `json:"risk_rating,omitempty"`
	RiskScore                             int                    `json:"risk_score,omitempty"`
	RiskScoreCoverage                     int                    `json:"risk_score_coverage,omitempty"`
	ScopeID                               string                 `json:"scope_id,omitempty"`
	ScopeName                             string                 `json:"scope_name,omitempty"`
	Soc2PeriodEnd                         models.DateTime        `json:"soc2_period_end,omitempty"`
	SpendCurrency                         string                 `json:"spend_currency,omitempty"`
	SSOEnforced                           bool                   `json:"sso_enforced,omitempty"`
	Status                                enums.EntityStatus     `json:"status,omitempty"`
	StatusPageURL                         string                 `json:"status_page_url,omitempty"`
	SystemInternalID                      string                 `json:"system_internal_id,omitempty"`
	SystemOwned                           bool                   `json:"system_owned,omitempty"`
	Tags                                  []string               `json:"tags,omitempty"`
	TerminationNoticeDays                 int                    `json:"termination_notice_days,omitempty"`
	Tier                                  enums.VendorTier       `json:"tier,omitempty"`
	UpdatedAt                             time.Time              `json:"updated_at,omitempty"`
	UpdatedBy                             string                 `json:"updated_by,omitempty"`
	UpdatedByImpersonator                 string                 `json:"updated_by_impersonator,omitempty"`
	VendorMetadata                        map[string]interface{} `json:"vendor_metadata,omitempty"`
}

EntityProjection is the flat, CEL- and jsonschema-facing view of a Entity: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.Entity whose edge graph cannot be reflected

type EntityRef

type EntityRef struct {
	// ID is the entity identifier
	ID string
	// Schema is the entity's schema descriptor
	Schema SchemaDescriptor
}

EntityRef is a lightweight reference to an entity

func SelectTargets

func SelectTargets(ctx context.Context, client *generated.Client, orgID string, selector TargetSelector) ([]EntityRef, error)

SelectTargets queries entities matching a target selector and filters them with a typed CEL evaluator bound to the target schema's native projection — and, when the selector carries SourceContext with a SourceSchema, the source schema's projection as "source" — so selector expressions resolve typed fields rather than evaluating against a map[string]any

type EvidenceProjection

type EvidenceProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                     string               `json:"id,omitempty"`
	CollectionProcedure    string               `json:"collection_procedure,omitempty"`
	CreatedAt              time.Time            `json:"created_at,omitempty"`
	CreatedBy              string               `json:"created_by,omitempty"`
	CreationDate           models.DateTime      `json:"creation_date,omitempty"`
	DeletedAt              time.Time            `json:"deleted_at,omitempty"`
	DeletedBy              string               `json:"deleted_by,omitempty"`
	Description            string               `json:"description,omitempty"`
	DisplayID              string               `json:"display_id,omitempty"`
	EnvironmentID          string               `json:"environment_id,omitempty"`
	EnvironmentName        string               `json:"environment_name,omitempty"`
	ExternalUUID           string               `json:"external_uuid,omitempty"`
	IsAutomated            bool                 `json:"is_automated,omitempty"`
	Name                   string               `json:"name,omitempty"`
	OwnerID                string               `json:"owner_id,omitempty"`
	RenewalDate            models.DateTime      `json:"renewal_date,omitempty"`
	ReviewFrequency        enums.Frequency      `json:"review_frequency,omitempty"`
	ScopeID                string               `json:"scope_id,omitempty"`
	ScopeName              string               `json:"scope_name,omitempty"`
	Source                 string               `json:"source,omitempty"`
	Status                 enums.EvidenceStatus `json:"status,omitempty"`
	Tags                   []string             `json:"tags,omitempty"`
	UpdatedAt              time.Time            `json:"updated_at,omitempty"`
	UpdatedBy              string               `json:"updated_by,omitempty"`
	UpdatedByImpersonator  string               `json:"updated_by_impersonator,omitempty"`
	URL                    string               `json:"url,omitempty"`
	WorkflowEligibleMarker bool                 `json:"workflow_eligible_marker,omitempty"`
}

EvidenceProjection is the flat, CEL- and jsonschema-facing view of a Evidence: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.Evidence whose edge graph cannot be reflected

type FieldDescriptor

type FieldDescriptor struct {
	// Name is the schema field name (snake_case)
	Name string `json:"name"`
	// Label is the human-readable label (PascalCase of the field name)
	Label string `json:"label"`
	// Type is the ent field type string (e.g. "string", "bool", "time.Time")
	Type string `json:"type"`
	// WorkflowEligible reports whether the field may drive workflow conditions and triggers
	WorkflowEligible bool `json:"workflowEligible,omitempty"`
	// MatchKey reports whether the field is a plain-string indexed column usable as a cross-link match key
	MatchKey bool `json:"matchKey,omitempty"`
	// InputKey is the integration mapping create-input key (lowerCamel); empty for non-mapped fields
	InputKey string `json:"inputKey,omitempty"`
}

FieldDescriptor describes one field on a schema. It is the single field-capability record shared by the workflow builder (condition/trigger fields) and the integration cross-link config (match fields), replacing the separate workflow-field and key-field lists

type FindingIngestRequested

type FindingIngestRequested struct {
	// OperationContext carries the shared operation provenance for the ingest event
	OperationContext gala.OperationContext `json:"operationContext"`
	// Input is the ent create input for the record to persist
	Input generated.CreateFindingInput `json:"input"`
}

FindingIngestRequested is the typed ingest event payload for Finding records

type FindingProjection

type FindingProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                     string                 `json:"id,omitempty"`
	AssessmentID           string                 `json:"assessment_id,omitempty"`
	AssignedTo             string                 `json:"assigned_to,omitempty"`
	AssignedToGroupID      string                 `json:"assigned_to_group_id,omitempty"`
	AssignedToUserID       string                 `json:"assigned_to_user_id,omitempty"`
	BlocksProduction       bool                   `json:"blocks_production,omitempty"`
	Categories             []string               `json:"categories,omitempty"`
	Category               string                 `json:"category,omitempty"`
	CreatedAt              time.Time              `json:"created_at,omitempty"`
	CreatedBy              string                 `json:"created_by,omitempty"`
	DeletedAt              time.Time              `json:"deleted_at,omitempty"`
	DeletedBy              string                 `json:"deleted_by,omitempty"`
	Description            string                 `json:"description,omitempty"`
	DisplayID              string                 `json:"display_id,omitempty"`
	DisplayName            string                 `json:"display_name,omitempty"`
	EnvironmentID          string                 `json:"environment_id,omitempty"`
	EnvironmentName        string                 `json:"environment_name,omitempty"`
	EventTime              models.DateTime        `json:"event_time,omitempty"`
	Exploitability         float64                `json:"exploitability,omitempty"`
	ExternalID             string                 `json:"external_id,omitempty"`
	ExternalOwnerID        string                 `json:"external_owner_id,omitempty"`
	ExternalURI            string                 `json:"external_uri,omitempty"`
	FindingClass           string                 `json:"finding_class,omitempty"`
	FindingStatusID        string                 `json:"finding_status_id,omitempty"`
	FindingStatusName      string                 `json:"finding_status_name,omitempty"`
	Impact                 float64                `json:"impact,omitempty"`
	InternalNotes          string                 `json:"internal_notes,omitempty"`
	Metadata               map[string]interface{} `json:"metadata,omitempty"`
	NumericSeverity        float64                `json:"numeric_severity,omitempty"`
	Open                   bool                   `json:"open,omitempty"`
	OwnerID                string                 `json:"owner_id,omitempty"`
	Priority               string                 `json:"priority,omitempty"`
	Production             bool                   `json:"production,omitempty"`
	Public                 bool                   `json:"public,omitempty"`
	RawPayload             map[string]interface{} `json:"raw_payload,omitempty"`
	Recommendation         string                 `json:"recommendation,omitempty"`
	RecommendedActions     string                 `json:"recommended_actions,omitempty"`
	References             []string               `json:"references,omitempty"`
	RemediationSLA         int                    `json:"remediation_sla,omitempty"`
	ReportedAt             models.DateTime        `json:"reported_at,omitempty"`
	ResourceName           string                 `json:"resource_name,omitempty"`
	ReviewedBy             string                 `json:"reviewed_by,omitempty"`
	ReviewedByGroupID      string                 `json:"reviewed_by_group_id,omitempty"`
	ReviewedByUserID       string                 `json:"reviewed_by_user_id,omitempty"`
	ScopeID                string                 `json:"scope_id,omitempty"`
	ScopeName              string                 `json:"scope_name,omitempty"`
	Score                  float64                `json:"score,omitempty"`
	SecurityLevel          enums.SecurityLevel    `json:"security_level,omitempty"`
	Severity               string                 `json:"severity,omitempty"`
	Source                 string                 `json:"source,omitempty"`
	SourceUpdatedAt        models.DateTime        `json:"source_updated_at,omitempty"`
	State                  string                 `json:"state,omitempty"`
	StepsToReproduce       []string               `json:"steps_to_reproduce,omitempty"`
	SystemInternalID       string                 `json:"system_internal_id,omitempty"`
	SystemOwned            bool                   `json:"system_owned,omitempty"`
	Tags                   []string               `json:"tags,omitempty"`
	TargetDetails          map[string]interface{} `json:"target_details,omitempty"`
	Targets                []string               `json:"targets,omitempty"`
	UpdatedAt              time.Time              `json:"updated_at,omitempty"`
	UpdatedBy              string                 `json:"updated_by,omitempty"`
	UpdatedByImpersonator  string                 `json:"updated_by_impersonator,omitempty"`
	Validated              bool                   `json:"validated,omitempty"`
	Vector                 string                 `json:"vector,omitempty"`
	WorkflowEligibleMarker bool                   `json:"workflow_eligible_marker,omitempty"`
}

FindingProjection is the flat, CEL- and jsonschema-facing view of a Finding: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.Finding whose edge graph cannot be reflected

type IdentityHolderProjection

type IdentityHolderProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                     string                   `json:"id,omitempty"`
	AlternateEmail         string                   `json:"alternate_email,omitempty"`
	AvatarRemoteURL        string                   `json:"avatar_remote_url,omitempty"`
	CreatedAt              time.Time                `json:"created_at,omitempty"`
	CreatedBy              string                   `json:"created_by,omitempty"`
	DeletedAt              time.Time                `json:"deleted_at,omitempty"`
	DeletedBy              string                   `json:"deleted_by,omitempty"`
	Department             string                   `json:"department,omitempty"`
	DisplayID              string                   `json:"display_id,omitempty"`
	Email                  string                   `json:"email,omitempty"`
	EmailAliases           []string                 `json:"email_aliases,omitempty"`
	EmployerEntityID       string                   `json:"employer_entity_id,omitempty"`
	EndDate                models.DateTime          `json:"end_date,omitempty"`
	EnvironmentID          string                   `json:"environment_id,omitempty"`
	EnvironmentName        string                   `json:"environment_name,omitempty"`
	ExternalReferenceID    string                   `json:"external_reference_id,omitempty"`
	ExternalUserID         string                   `json:"external_user_id,omitempty"`
	FullName               string                   `json:"full_name,omitempty"`
	IdentityHolderType     enums.IdentityHolderType `json:"identity_holder_type,omitempty"`
	InternalOwner          string                   `json:"internal_owner,omitempty"`
	InternalOwnerGroupID   string                   `json:"internal_owner_group_id,omitempty"`
	InternalOwnerUserID    string                   `json:"internal_owner_user_id,omitempty"`
	IsActive               bool                     `json:"is_active,omitempty"`
	IsOpenlaneUser         bool                     `json:"is_openlane_user,omitempty"`
	Location               string                   `json:"location,omitempty"`
	Metadata               map[string]interface{}   `json:"metadata,omitempty"`
	OwnerID                string                   `json:"owner_id,omitempty"`
	PhoneNumber            string                   `json:"phone_number,omitempty"`
	ScopeID                string                   `json:"scope_id,omitempty"`
	ScopeName              string                   `json:"scope_name,omitempty"`
	StartDate              models.DateTime          `json:"start_date,omitempty"`
	Status                 enums.UserStatus         `json:"status,omitempty"`
	Tags                   []string                 `json:"tags,omitempty"`
	Team                   string                   `json:"team,omitempty"`
	Title                  string                   `json:"title,omitempty"`
	UpdatedAt              time.Time                `json:"updated_at,omitempty"`
	UpdatedBy              string                   `json:"updated_by,omitempty"`
	UpdatedByImpersonator  string                   `json:"updated_by_impersonator,omitempty"`
	UserID                 string                   `json:"user_id,omitempty"`
	WorkflowEligibleMarker bool                     `json:"workflow_eligible_marker,omitempty"`
}

IdentityHolderProjection is the flat, CEL- and jsonschema-facing view of a IdentityHolder: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.IdentityHolder whose edge graph cannot be reflected

type InternalPolicyIngestRequested

type InternalPolicyIngestRequested struct {
	// OperationContext carries the shared operation provenance for the ingest event
	OperationContext gala.OperationContext `json:"operationContext"`
	// Input is the ent create input for the record to persist
	Input generated.CreateInternalPolicyInput `json:"input"`
}

InternalPolicyIngestRequested is the typed ingest event payload for InternalPolicy records

type InternalPolicyProjection

type InternalPolicyProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                              string                       `json:"id,omitempty"`
	ApprovalRequired                bool                         `json:"approval_required,omitempty"`
	ApproverID                      string                       `json:"approver_id,omitempty"`
	ControlSuggestions              []string                     `json:"control_suggestions,omitempty"`
	CreatedAt                       time.Time                    `json:"created_at,omitempty"`
	CreatedBy                       string                       `json:"created_by,omitempty"`
	DelegateID                      string                       `json:"delegate_id,omitempty"`
	DeletedAt                       time.Time                    `json:"deleted_at,omitempty"`
	DeletedBy                       string                       `json:"deleted_by,omitempty"`
	Details                         string                       `json:"details,omitempty"`
	DetailsJSON                     []interface{}                `json:"details_json,omitempty"`
	DismissedControlSuggestions     []string                     `json:"dismissed_control_suggestions,omitempty"`
	DismissedImprovementSuggestions []string                     `json:"dismissed_improvement_suggestions,omitempty"`
	DismissedTagSuggestions         []string                     `json:"dismissed_tag_suggestions,omitempty"`
	DisplayID                       string                       `json:"display_id,omitempty"`
	EnvironmentID                   string                       `json:"environment_id,omitempty"`
	EnvironmentName                 string                       `json:"environment_name,omitempty"`
	ExternalContents                string                       `json:"external_contents,omitempty"`
	ExternalFileID                  string                       `json:"external_file_id,omitempty"`
	ExternalUUID                    string                       `json:"external_uuid,omitempty"`
	FileID                          string                       `json:"file_id,omitempty"`
	ImprovementSuggestions          []string                     `json:"improvement_suggestions,omitempty"`
	InternalNotes                   string                       `json:"internal_notes,omitempty"`
	InternalPolicyKindID            string                       `json:"internal_policy_kind_id,omitempty"`
	InternalPolicyKindName          string                       `json:"internal_policy_kind_name,omitempty"`
	ManagementMode                  enums.DocumentManagementMode `json:"management_mode,omitempty"`
	Name                            string                       `json:"name,omitempty"`
	OwnerID                         string                       `json:"owner_id,omitempty"`
	ReviewDue                       time.Time                    `json:"review_due,omitempty"`
	ReviewFrequency                 enums.Frequency              `json:"review_frequency,omitempty"`
	Revision                        string                       `json:"revision,omitempty"`
	ScopeID                         string                       `json:"scope_id,omitempty"`
	ScopeName                       string                       `json:"scope_name,omitempty"`
	Status                          enums.DocumentStatus         `json:"status,omitempty"`
	Summary                         string                       `json:"summary,omitempty"`
	SystemInternalID                string                       `json:"system_internal_id,omitempty"`
	SystemOwned                     bool                         `json:"system_owned,omitempty"`
	TagSuggestions                  []string                     `json:"tag_suggestions,omitempty"`
	Tags                            []string                     `json:"tags,omitempty"`
	UpdatedAt                       time.Time                    `json:"updated_at,omitempty"`
	UpdatedBy                       string                       `json:"updated_by,omitempty"`
	UpdatedByImpersonator           string                       `json:"updated_by_impersonator,omitempty"`
	URL                             string                       `json:"url,omitempty"`
	WorkflowEligibleMarker          bool                         `json:"workflow_eligible_marker,omitempty"`
}

InternalPolicyProjection is the flat, CEL- and jsonschema-facing view of a InternalPolicy: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.InternalPolicy whose edge graph cannot be reflected

type KeyMatch

type KeyMatch struct {
	// TargetField is the snake_case field on the target schema to match against
	TargetField string `json:"target_field"`
	// SourceField is the snake_case scalar field on the source entity whose value must match the target field
	SourceField string `json:"source_field,omitempty"`
	// SourceList is the snake_case list field on the source entity holding additional candidate values
	SourceList string `json:"source_list,omitempty"`
}

KeyMatch describes a structured key-equality match between a target schema field and values taken from the source entity. When set on a TargetSelector it is compiled into an indexed query predicate (target_field IN source values) instead of a row-by-row expression evaluation

type LinkSpec

type LinkSpec struct {
	// Edge is the edge name on the source schema to link over
	Edge string `json:"edge"`
	// Target specifies which entities to link via schema, key match, or expression
	Target TargetSelector `json:"target"`
}

LinkSpec describes one edge-linking operation: the named edge to link over and a target selector resolving which entities to link. Resolved through SelectTargets and applied by InjectCreateLinks, which sets the edge in the create mutation itself; shared by the integration ingest engine and the workflow CREATE_OBJECT action so both set edges identically at create time

type NarrativeProjection

type NarrativeProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                    string    `json:"id,omitempty"`
	CreatedAt             time.Time `json:"created_at,omitempty"`
	CreatedBy             string    `json:"created_by,omitempty"`
	DeletedAt             time.Time `json:"deleted_at,omitempty"`
	DeletedBy             string    `json:"deleted_by,omitempty"`
	Description           string    `json:"description,omitempty"`
	Details               string    `json:"details,omitempty"`
	DisplayID             string    `json:"display_id,omitempty"`
	InternalNotes         string    `json:"internal_notes,omitempty"`
	Name                  string    `json:"name,omitempty"`
	OwnerID               string    `json:"owner_id,omitempty"`
	SystemInternalID      string    `json:"system_internal_id,omitempty"`
	SystemOwned           bool      `json:"system_owned,omitempty"`
	Tags                  []string  `json:"tags,omitempty"`
	UpdatedAt             time.Time `json:"updated_at,omitempty"`
	UpdatedBy             string    `json:"updated_by,omitempty"`
	UpdatedByImpersonator string    `json:"updated_by_impersonator,omitempty"`
}

NarrativeProjection is the flat, CEL- and jsonschema-facing view of a Narrative: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.Narrative whose edge graph cannot be reflected

type NotificationTemplateProjection

type NotificationTemplateProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                    string                           `json:"id,omitempty"`
	Active                bool                             `json:"active,omitempty"`
	Blocks                map[string]interface{}           `json:"blocks,omitempty"`
	BodyTemplate          string                           `json:"body_template,omitempty"`
	Channel               enums.Channel                    `json:"channel,omitempty"`
	CreatedAt             time.Time                        `json:"created_at,omitempty"`
	CreatedBy             string                           `json:"created_by,omitempty"`
	Defaults              map[string]interface{}           `json:"defaults,omitempty"`
	DeletedAt             time.Time                        `json:"deleted_at,omitempty"`
	DeletedBy             string                           `json:"deleted_by,omitempty"`
	Description           string                           `json:"description,omitempty"`
	Destinations          []string                         `json:"destinations,omitempty"`
	EmailTemplateID       string                           `json:"email_template_id,omitempty"`
	Format                enums.NotificationTemplateFormat `json:"format,omitempty"`
	IntegrationID         string                           `json:"integration_id,omitempty"`
	InternalNotes         string                           `json:"internal_notes,omitempty"`
	Jsonconfig            map[string]interface{}           `json:"jsonconfig,omitempty"`
	Key                   string                           `json:"key,omitempty"`
	Locale                string                           `json:"locale,omitempty"`
	Metadata              map[string]interface{}           `json:"metadata,omitempty"`
	Name                  string                           `json:"name,omitempty"`
	OwnerID               string                           `json:"owner_id,omitempty"`
	Revision              string                           `json:"revision,omitempty"`
	SubjectTemplate       string                           `json:"subject_template,omitempty"`
	SystemInternalID      string                           `json:"system_internal_id,omitempty"`
	SystemOwned           bool                             `json:"system_owned,omitempty"`
	TemplateContext       enums.TemplateContext            `json:"template_context,omitempty"`
	TitleTemplate         string                           `json:"title_template,omitempty"`
	TopicPattern          string                           `json:"topic_pattern,omitempty"`
	Uischema              map[string]interface{}           `json:"uischema,omitempty"`
	UpdatedAt             time.Time                        `json:"updated_at,omitempty"`
	UpdatedBy             string                           `json:"updated_by,omitempty"`
	UpdatedByImpersonator string                           `json:"updated_by_impersonator,omitempty"`
	Version               int                              `json:"version,omitempty"`
	WorkflowDefinitionID  string                           `json:"workflow_definition_id,omitempty"`
}

NotificationTemplateProjection is the flat, CEL- and jsonschema-facing view of a NotificationTemplate: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.NotificationTemplate whose edge graph cannot be reflected

type PlatformProjection

type PlatformProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                             string                 `json:"id,omitempty"`
	AccessModelID                  string                 `json:"access_model_id,omitempty"`
	AccessModelName                string                 `json:"access_model_name,omitempty"`
	BusinessOwner                  string                 `json:"business_owner,omitempty"`
	BusinessOwnerGroupID           string                 `json:"business_owner_group_id,omitempty"`
	BusinessOwnerUserID            string                 `json:"business_owner_user_id,omitempty"`
	BusinessPurpose                string                 `json:"business_purpose,omitempty"`
	ContainsPii                    bool                   `json:"contains_pii,omitempty"`
	CostCenter                     string                 `json:"cost_center,omitempty"`
	CreatedAt                      time.Time              `json:"created_at,omitempty"`
	CreatedBy                      string                 `json:"created_by,omitempty"`
	CriticalityID                  string                 `json:"criticality_id,omitempty"`
	CriticalityName                string                 `json:"criticality_name,omitempty"`
	DataFlowSummary                string                 `json:"data_flow_summary,omitempty"`
	DeletedAt                      time.Time              `json:"deleted_at,omitempty"`
	DeletedBy                      string                 `json:"deleted_by,omitempty"`
	Description                    string                 `json:"description,omitempty"`
	DisplayID                      string                 `json:"display_id,omitempty"`
	EncryptionStatusID             string                 `json:"encryption_status_id,omitempty"`
	EncryptionStatusName           string                 `json:"encryption_status_name,omitempty"`
	EnvironmentID                  string                 `json:"environment_id,omitempty"`
	EnvironmentName                string                 `json:"environment_name,omitempty"`
	EstimatedMonthlyCost           float64                `json:"estimated_monthly_cost,omitempty"`
	ExternalReferenceID            string                 `json:"external_reference_id,omitempty"`
	ExternalUUID                   string                 `json:"external_uuid,omitempty"`
	InternalOwner                  string                 `json:"internal_owner,omitempty"`
	InternalOwnerGroupID           string                 `json:"internal_owner_group_id,omitempty"`
	InternalOwnerUserID            string                 `json:"internal_owner_user_id,omitempty"`
	Metadata                       map[string]interface{} `json:"metadata,omitempty"`
	Name                           string                 `json:"name,omitempty"`
	OwnerID                        string                 `json:"owner_id,omitempty"`
	PhysicalLocation               string                 `json:"physical_location,omitempty"`
	PlatformDataClassificationID   string                 `json:"platform_data_classification_id,omitempty"`
	PlatformDataClassificationName string                 `json:"platform_data_classification_name,omitempty"`
	PlatformKindID                 string                 `json:"platform_kind_id,omitempty"`
	PlatformKindName               string                 `json:"platform_kind_name,omitempty"`
	PlatformOwnerID                string                 `json:"platform_owner_id,omitempty"`
	PurchaseDate                   models.DateTime        `json:"purchase_date,omitempty"`
	Region                         string                 `json:"region,omitempty"`
	ScopeID                        string                 `json:"scope_id,omitempty"`
	ScopeName                      string                 `json:"scope_name,omitempty"`
	ScopeStatement                 string                 `json:"scope_statement,omitempty"`
	SecurityOwner                  string                 `json:"security_owner,omitempty"`
	SecurityOwnerGroupID           string                 `json:"security_owner_group_id,omitempty"`
	SecurityOwnerUserID            string                 `json:"security_owner_user_id,omitempty"`
	SecurityTierID                 string                 `json:"security_tier_id,omitempty"`
	SecurityTierName               string                 `json:"security_tier_name,omitempty"`
	SourceIdentifier               string                 `json:"source_identifier,omitempty"`
	SourceType                     enums.SourceType       `json:"source_type,omitempty"`
	Status                         enums.PlatformStatus   `json:"status,omitempty"`
	Tags                           []string               `json:"tags,omitempty"`
	TechnicalOwner                 string                 `json:"technical_owner,omitempty"`
	TechnicalOwnerGroupID          string                 `json:"technical_owner_group_id,omitempty"`
	TechnicalOwnerUserID           string                 `json:"technical_owner_user_id,omitempty"`
	TrustBoundaryDescription       string                 `json:"trust_boundary_description,omitempty"`
	UpdatedAt                      time.Time              `json:"updated_at,omitempty"`
	UpdatedBy                      string                 `json:"updated_by,omitempty"`
	UpdatedByImpersonator          string                 `json:"updated_by_impersonator,omitempty"`
	WorkflowEligibleMarker         bool                   `json:"workflow_eligible_marker,omitempty"`
}

PlatformProjection is the flat, CEL- and jsonschema-facing view of a Platform: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.Platform whose edge graph cannot be reflected

type ProcedureIngestRequested

type ProcedureIngestRequested struct {
	// OperationContext carries the shared operation provenance for the ingest event
	OperationContext gala.OperationContext `json:"operationContext"`
	// Input is the ent create input for the record to persist
	Input generated.CreateProcedureInput `json:"input"`
}

ProcedureIngestRequested is the typed ingest event payload for Procedure records

type ProcedureProjection

type ProcedureProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                              string                       `json:"id,omitempty"`
	ApprovalRequired                bool                         `json:"approval_required,omitempty"`
	ApproverID                      string                       `json:"approver_id,omitempty"`
	ControlSuggestions              []string                     `json:"control_suggestions,omitempty"`
	CreatedAt                       time.Time                    `json:"created_at,omitempty"`
	CreatedBy                       string                       `json:"created_by,omitempty"`
	DelegateID                      string                       `json:"delegate_id,omitempty"`
	DeletedAt                       time.Time                    `json:"deleted_at,omitempty"`
	DeletedBy                       string                       `json:"deleted_by,omitempty"`
	Details                         string                       `json:"details,omitempty"`
	DetailsJSON                     []interface{}                `json:"details_json,omitempty"`
	DismissedControlSuggestions     []string                     `json:"dismissed_control_suggestions,omitempty"`
	DismissedImprovementSuggestions []string                     `json:"dismissed_improvement_suggestions,omitempty"`
	DismissedTagSuggestions         []string                     `json:"dismissed_tag_suggestions,omitempty"`
	DisplayID                       string                       `json:"display_id,omitempty"`
	EnvironmentID                   string                       `json:"environment_id,omitempty"`
	EnvironmentName                 string                       `json:"environment_name,omitempty"`
	ExternalContents                string                       `json:"external_contents,omitempty"`
	ExternalFileID                  string                       `json:"external_file_id,omitempty"`
	FileID                          string                       `json:"file_id,omitempty"`
	ImprovementSuggestions          []string                     `json:"improvement_suggestions,omitempty"`
	InternalNotes                   string                       `json:"internal_notes,omitempty"`
	ManagementMode                  enums.DocumentManagementMode `json:"management_mode,omitempty"`
	Name                            string                       `json:"name,omitempty"`
	OwnerID                         string                       `json:"owner_id,omitempty"`
	ProcedureKindID                 string                       `json:"procedure_kind_id,omitempty"`
	ProcedureKindName               string                       `json:"procedure_kind_name,omitempty"`
	ReviewDue                       time.Time                    `json:"review_due,omitempty"`
	ReviewFrequency                 enums.Frequency              `json:"review_frequency,omitempty"`
	Revision                        string                       `json:"revision,omitempty"`
	ScopeID                         string                       `json:"scope_id,omitempty"`
	ScopeName                       string                       `json:"scope_name,omitempty"`
	Status                          enums.DocumentStatus         `json:"status,omitempty"`
	Summary                         string                       `json:"summary,omitempty"`
	SystemInternalID                string                       `json:"system_internal_id,omitempty"`
	SystemOwned                     bool                         `json:"system_owned,omitempty"`
	TagSuggestions                  []string                     `json:"tag_suggestions,omitempty"`
	Tags                            []string                     `json:"tags,omitempty"`
	UpdatedAt                       time.Time                    `json:"updated_at,omitempty"`
	UpdatedBy                       string                       `json:"updated_by,omitempty"`
	UpdatedByImpersonator           string                       `json:"updated_by_impersonator,omitempty"`
	URL                             string                       `json:"url,omitempty"`
	WorkflowEligibleMarker          bool                         `json:"workflow_eligible_marker,omitempty"`
}

ProcedureProjection is the flat, CEL- and jsonschema-facing view of a Procedure: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.Procedure whose edge graph cannot be reflected

type RemediationProjection

type RemediationProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                     string                  `json:"id,omitempty"`
	CompletedAt            models.DateTime         `json:"completed_at,omitempty"`
	CreatedAt              time.Time               `json:"created_at,omitempty"`
	CreatedBy              string                  `json:"created_by,omitempty"`
	DeletedAt              time.Time               `json:"deleted_at,omitempty"`
	DeletedBy              string                  `json:"deleted_by,omitempty"`
	DisplayID              string                  `json:"display_id,omitempty"`
	DueAt                  models.DateTime         `json:"due_at,omitempty"`
	EnvironmentID          string                  `json:"environment_id,omitempty"`
	EnvironmentName        string                  `json:"environment_name,omitempty"`
	Error                  string                  `json:"error,omitempty"`
	Explanation            string                  `json:"explanation,omitempty"`
	ExternalID             string                  `json:"external_id,omitempty"`
	ExternalOwnerID        string                  `json:"external_owner_id,omitempty"`
	ExternalURI            string                  `json:"external_uri,omitempty"`
	Instructions           string                  `json:"instructions,omitempty"`
	Intent                 string                  `json:"intent,omitempty"`
	InternalNotes          string                  `json:"internal_notes,omitempty"`
	Metadata               map[string]interface{}  `json:"metadata,omitempty"`
	OwnerID                string                  `json:"owner_id,omitempty"`
	OwnerReference         string                  `json:"owner_reference,omitempty"`
	PrGeneratedAt          models.DateTime         `json:"pr_generated_at,omitempty"`
	PullRequestURI         string                  `json:"pull_request_uri,omitempty"`
	RepositoryURI          string                  `json:"repository_uri,omitempty"`
	ScopeID                string                  `json:"scope_id,omitempty"`
	ScopeName              string                  `json:"scope_name,omitempty"`
	Source                 string                  `json:"source,omitempty"`
	State                  string                  `json:"state,omitempty"`
	Status                 enums.RemediationStatus `json:"status,omitempty"`
	Summary                string                  `json:"summary,omitempty"`
	SystemInternalID       string                  `json:"system_internal_id,omitempty"`
	SystemOwned            bool                    `json:"system_owned,omitempty"`
	Tags                   []string                `json:"tags,omitempty"`
	TicketReference        string                  `json:"ticket_reference,omitempty"`
	Title                  string                  `json:"title,omitempty"`
	UpdatedAt              time.Time               `json:"updated_at,omitempty"`
	UpdatedBy              string                  `json:"updated_by,omitempty"`
	UpdatedByImpersonator  string                  `json:"updated_by_impersonator,omitempty"`
	WorkflowEligibleMarker bool                    `json:"workflow_eligible_marker,omitempty"`
}

RemediationProjection is the flat, CEL- and jsonschema-facing view of a Remediation: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.Remediation whose edge graph cannot be reflected

type ReviewProjection

type ReviewProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                    string                 `json:"id,omitempty"`
	Approved              bool                   `json:"approved,omitempty"`
	ApprovedAt            models.DateTime        `json:"approved_at,omitempty"`
	Category              string                 `json:"category,omitempty"`
	Classification        string                 `json:"classification,omitempty"`
	CreatedAt             time.Time              `json:"created_at,omitempty"`
	CreatedBy             string                 `json:"created_by,omitempty"`
	DeletedAt             time.Time              `json:"deleted_at,omitempty"`
	DeletedBy             string                 `json:"deleted_by,omitempty"`
	Details               string                 `json:"details,omitempty"`
	EnvironmentID         string                 `json:"environment_id,omitempty"`
	EnvironmentName       string                 `json:"environment_name,omitempty"`
	ExternalID            string                 `json:"external_id,omitempty"`
	ExternalOwnerID       string                 `json:"external_owner_id,omitempty"`
	ExternalURI           string                 `json:"external_uri,omitempty"`
	InternalNotes         string                 `json:"internal_notes,omitempty"`
	Metadata              map[string]interface{} `json:"metadata,omitempty"`
	OwnerID               string                 `json:"owner_id,omitempty"`
	RawPayload            map[string]interface{} `json:"raw_payload,omitempty"`
	ReportedAt            models.DateTime        `json:"reported_at,omitempty"`
	Reporter              string                 `json:"reporter,omitempty"`
	ReviewedAt            models.DateTime        `json:"reviewed_at,omitempty"`
	ReviewerID            string                 `json:"reviewer_id,omitempty"`
	ScopeID               string                 `json:"scope_id,omitempty"`
	ScopeName             string                 `json:"scope_name,omitempty"`
	Source                string                 `json:"source,omitempty"`
	State                 string                 `json:"state,omitempty"`
	Status                enums.ReviewStatus     `json:"status,omitempty"`
	Summary               string                 `json:"summary,omitempty"`
	SystemInternalID      string                 `json:"system_internal_id,omitempty"`
	SystemOwned           bool                   `json:"system_owned,omitempty"`
	Tags                  []string               `json:"tags,omitempty"`
	Title                 string                 `json:"title,omitempty"`
	UpdatedAt             time.Time              `json:"updated_at,omitempty"`
	UpdatedBy             string                 `json:"updated_by,omitempty"`
	UpdatedByImpersonator string                 `json:"updated_by_impersonator,omitempty"`
}

ReviewProjection is the flat, CEL- and jsonschema-facing view of a Review: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.Review whose edge graph cannot be reflected

type RiskIngestRequested

type RiskIngestRequested struct {
	// OperationContext carries the shared operation provenance for the ingest event
	OperationContext gala.OperationContext `json:"operationContext"`
	// Input is the ent create input for the record to persist
	Input generated.CreateRiskInput `json:"input"`
}

RiskIngestRequested is the typed ingest event payload for Risk records

type RiskProjection

type RiskProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                     string               `json:"id,omitempty"`
	BusinessCosts          string               `json:"business_costs,omitempty"`
	BusinessCostsJSON      []interface{}        `json:"business_costs_json,omitempty"`
	CreatedAt              time.Time            `json:"created_at,omitempty"`
	CreatedBy              string               `json:"created_by,omitempty"`
	DelegateID             string               `json:"delegate_id,omitempty"`
	DeletedAt              time.Time            `json:"deleted_at,omitempty"`
	DeletedBy              string               `json:"deleted_by,omitempty"`
	Details                string               `json:"details,omitempty"`
	DetailsJSON            []interface{}        `json:"details_json,omitempty"`
	DisplayID              string               `json:"display_id,omitempty"`
	DueDate                models.DateTime      `json:"due_date,omitempty"`
	EnvironmentID          string               `json:"environment_id,omitempty"`
	EnvironmentName        string               `json:"environment_name,omitempty"`
	ExternalID             string               `json:"external_id,omitempty"`
	ExternalUUID           string               `json:"external_uuid,omitempty"`
	Impact                 enums.RiskImpact     `json:"impact,omitempty"`
	IntegrationID          string               `json:"integration_id,omitempty"`
	LastReviewedAt         models.DateTime      `json:"last_reviewed_at,omitempty"`
	Likelihood             enums.RiskLikelihood `json:"likelihood,omitempty"`
	MitigatedAt            models.DateTime      `json:"mitigated_at,omitempty"`
	Mitigation             string               `json:"mitigation,omitempty"`
	MitigationJSON         []interface{}        `json:"mitigation_json,omitempty"`
	Name                   string               `json:"name,omitempty"`
	NextReviewDueAt        models.DateTime      `json:"next_review_due_at,omitempty"`
	ObservedAt             models.DateTime      `json:"observed_at,omitempty"`
	OwnerID                string               `json:"owner_id,omitempty"`
	ResidualScore          int                  `json:"residual_score,omitempty"`
	ReviewFrequency        enums.Frequency      `json:"review_frequency,omitempty"`
	ReviewRequired         bool                 `json:"review_required,omitempty"`
	RiskCategoryID         string               `json:"risk_category_id,omitempty"`
	RiskCategoryName       string               `json:"risk_category_name,omitempty"`
	RiskDecision           enums.RiskDecision   `json:"risk_decision,omitempty"`
	RiskKindID             string               `json:"risk_kind_id,omitempty"`
	RiskKindName           string               `json:"risk_kind_name,omitempty"`
	ScopeID                string               `json:"scope_id,omitempty"`
	ScopeName              string               `json:"scope_name,omitempty"`
	Score                  int                  `json:"score,omitempty"`
	StakeholderID          string               `json:"stakeholder_id,omitempty"`
	Status                 enums.RiskStatus     `json:"status,omitempty"`
	Tags                   []string             `json:"tags,omitempty"`
	UpdatedAt              time.Time            `json:"updated_at,omitempty"`
	UpdatedBy              string               `json:"updated_by,omitempty"`
	UpdatedByImpersonator  string               `json:"updated_by_impersonator,omitempty"`
	WorkflowEligibleMarker bool                 `json:"workflow_eligible_marker,omitempty"`
}

RiskProjection is the flat, CEL- and jsonschema-facing view of a Risk: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.Risk whose edge graph cannot be reflected

type ScanProjection

type ScanProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                         string                 `json:"id,omitempty"`
	AssignedTo                 string                 `json:"assigned_to,omitempty"`
	AssignedToGroupID          string                 `json:"assigned_to_group_id,omitempty"`
	AssignedToUserID           string                 `json:"assigned_to_user_id,omitempty"`
	CreatedAt                  time.Time              `json:"created_at,omitempty"`
	CreatedBy                  string                 `json:"created_by,omitempty"`
	DeletedAt                  time.Time              `json:"deleted_at,omitempty"`
	DeletedBy                  string                 `json:"deleted_by,omitempty"`
	DiscoveredVulnerabilityIds []string               `json:"discovered_vulnerability_ids,omitempty"`
	EnvironmentID              string                 `json:"environment_id,omitempty"`
	EnvironmentName            string                 `json:"environment_name,omitempty"`
	GeneratedByPlatformID      string                 `json:"generated_by_platform_id,omitempty"`
	Metadata                   map[string]interface{} `json:"metadata,omitempty"`
	NextScanRunAt              models.DateTime        `json:"next_scan_run_at,omitempty"`
	OwnerID                    string                 `json:"owner_id,omitempty"`
	PerformedBy                string                 `json:"performed_by,omitempty"`
	PerformedByGroupID         string                 `json:"performed_by_group_id,omitempty"`
	PerformedByUserID          string                 `json:"performed_by_user_id,omitempty"`
	ReviewedBy                 string                 `json:"reviewed_by,omitempty"`
	ReviewedByGroupID          string                 `json:"reviewed_by_group_id,omitempty"`
	ReviewedByUserID           string                 `json:"reviewed_by_user_id,omitempty"`
	ScanDate                   models.DateTime        `json:"scan_date,omitempty"`
	ScanSchedule               models.Cron            `json:"scan_schedule,omitempty"`
	ScanType                   enums.ScanType         `json:"scan_type,omitempty"`
	ScopeID                    string                 `json:"scope_id,omitempty"`
	ScopeName                  string                 `json:"scope_name,omitempty"`
	Status                     enums.ScanStatus       `json:"status,omitempty"`
	Tags                       []string               `json:"tags,omitempty"`
	Target                     string                 `json:"target,omitempty"`
	UpdatedAt                  time.Time              `json:"updated_at,omitempty"`
	UpdatedBy                  string                 `json:"updated_by,omitempty"`
	UpdatedByImpersonator      string                 `json:"updated_by_impersonator,omitempty"`
}

ScanProjection is the flat, CEL- and jsonschema-facing view of a Scan: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.Scan whose edge graph cannot be reflected

type ScheduledJobProjection

type ScheduledJobProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                    string                  `json:"id,omitempty"`
	Active                bool                    `json:"active,omitempty"`
	Configuration         models.JobConfiguration `json:"configuration,omitempty"`
	CreatedAt             time.Time               `json:"created_at,omitempty"`
	CreatedBy             string                  `json:"created_by,omitempty"`
	Cron                  models.Cron             `json:"cron,omitempty"`
	DeletedAt             time.Time               `json:"deleted_at,omitempty"`
	DeletedBy             string                  `json:"deleted_by,omitempty"`
	DisplayID             string                  `json:"display_id,omitempty"`
	JobID                 string                  `json:"job_id,omitempty"`
	JobRunnerID           string                  `json:"job_runner_id,omitempty"`
	OwnerID               string                  `json:"owner_id,omitempty"`
	UpdatedAt             time.Time               `json:"updated_at,omitempty"`
	UpdatedBy             string                  `json:"updated_by,omitempty"`
	UpdatedByImpersonator string                  `json:"updated_by_impersonator,omitempty"`
}

ScheduledJobProjection is the flat, CEL- and jsonschema-facing view of a ScheduledJob: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.ScheduledJob whose edge graph cannot be reflected

type Schema

type Schema struct {
	SchemaDescriptor
	// Create creates a new entity from a JSON input and returns the entity ID
	Create func(ctx context.Context, client *generated.Client, input json.RawMessage) (string, error)
	// Update applies a typed update input to an entity by ID
	Update func(ctx context.Context, client *generated.Client, entityID string, input json.RawMessage) error
	// Query returns all entities of this schema within an organization as JSON
	Query func(ctx context.Context, client *generated.Client, orgID string) ([]json.RawMessage, error)
	// QueryByKey returns entities of this schema within an organization whose given snake_case
	// field matches any of the provided values, pushing the predicate into the database
	QueryByKey func(ctx context.Context, client *generated.Client, orgID string, field string, values []string) ([]json.RawMessage, error)
	// Load loads a single entity by ID and returns its JSON representation
	Load func(ctx context.Context, client *generated.Client, entityID string) (json.RawMessage, error)
	// Fields is the unified field catalog for this schema, consumed by the workflow builder and the
	// integration cross-link config; workflow-eligible and match-key views are filtered from it
	Fields []FieldDescriptor
	// Edges lists every edge to an entityops schema (and workflow group edges) for this schema
	Edges []EdgeDescriptor
	// SourceContext re-keys an ingest create-input payload into the snake_case source context that a
	// cross-link rule's key-match and CEL expression read; set for every schema with a create input
	SourceContext func(payload json.RawMessage) json.RawMessage
	// AllowedKeys is the set of integration mapping input keys accepted for this schema, derived at
	// init from the unified field catalog; empty for schemas that do not participate in ingest mapping
	AllowedKeys map[string]struct{}
	// StockPersist reports whether the schema opts into the generated stock ingest persistence path
	StockPersist bool
	// ProjectionType is the reflect.Type of this schema's flat CEL/jsonschema projection struct
	// ({Name}Projection); the registerable native-type view of the entity used for typed expressions
	ProjectionType reflect.Type
}

Schema is the runtime representation of a registered entity schema. It carries the schema identity and all supported operation closures.

func AllSchemas

func AllSchemas() []*Schema

AllSchemas returns a copy of all registered schemas

func LookupSchema

func LookupSchema(name string) (*Schema, bool)

LookupSchema resolves a schema by any known name variation (PascalCase, snake_case, camelCase, or lowercase). Returns the schema and whether a match was found.

func (*Schema) MatchKeyField

func (s *Schema) MatchKeyField(field string) bool

MatchKeyField reports whether field is a declared match-key column for this schema

func (*Schema) WorkflowEdgeNames

func (s *Schema) WorkflowEdgeNames() []string

WorkflowEdgeNames returns the names of this schema's workflow-eligible edges

func (*Schema) WorkflowEligible

func (s *Schema) WorkflowEligible() bool

WorkflowEligible reports whether the schema participates in workflows via an object-ref edge or eligible fields or edges

func (*Schema) WorkflowFieldNames

func (s *Schema) WorkflowFieldNames() []string

WorkflowFieldNames returns the snake_case names of this schema's workflow-eligible fields

func (*Schema) WorkflowFields

func (s *Schema) WorkflowFields() []FieldDescriptor

WorkflowFields returns this schema's workflow-eligible field descriptors (name, label, type), the descriptor analog of WorkflowFieldNames consumed by the workflow builder and proposal preview UI

type SchemaDescriptor

type SchemaDescriptor struct {
	// Name is the PascalCase canonical form
	Name string `json:"-"`
	// Snake is the snake_case form
	Snake string `json:"-"`
	// Camel is the camelCase form
	Camel string `json:"-"`
	// Lower is the lowercase no-separator form used for fuzzy lookup
	Lower string `json:"-"`
	// Plural is the PascalCase plural form
	Plural string `json:"-"`
	// Table is the database table name
	Table string `json:"-"`
	// Label is the human-readable display label
	Label string `json:"-"`
}

SchemaDescriptor is the canonical identity for an entity schema

func (SchemaDescriptor) IsZero

func (d SchemaDescriptor) IsZero() bool

IsZero reports whether the descriptor is unset

func (SchemaDescriptor) MarshalJSON

func (d SchemaDescriptor) MarshalJSON() ([]byte, error)

MarshalJSON serializes the descriptor as its snake_case form

func (SchemaDescriptor) String

func (d SchemaDescriptor) String() string

String returns the PascalCase canonical name

func (*SchemaDescriptor) UnmarshalJSON

func (d *SchemaDescriptor) UnmarshalJSON(data []byte) error

UnmarshalJSON deserializes a descriptor from any known name variation. An empty string deserializes to the zero descriptor so optional/omitted descriptor fields round-trip cleanly

type SchemaHandler

type SchemaHandler struct {
	// Register wires Gala listeners for this schema's topics
	Register func(runtime *gala.Gala) error
	// Emit dispatches a typed event with operation context and headers
	Emit func(ctx context.Context, runtime *gala.Gala, oc gala.OperationContext, headers gala.Headers, payload json.RawMessage) error
	// Persist synchronously persists an entity from a raw JSON payload
	Persist func(ctx context.Context, client *generated.Client, payload json.RawMessage) (string, error)
}

SchemaHandler holds typed closures for registering, emitting, and persisting events for a single schema

func BuildSchemaHandler

func BuildSchemaHandler[TInput any, TEvent any](cfg SchemaHandlerConfig[TInput, TEvent]) SchemaHandler

BuildSchemaHandler constructs a SchemaHandler from a typed config

type SchemaHandlerConfig

type SchemaHandlerConfig[TInput any, TEvent any] struct {
	// Topic is the Gala topic for this schema's events
	Topic gala.Topic[TEvent]
	// Prepare transforms the input before persistence or emission
	Prepare func(context.Context, TInput) TInput
	// Wrap constructs a typed event from operation context and input
	Wrap func(gala.OperationContext, TInput) TEvent
	// Unwrap extracts operation context and input from a typed event
	Unwrap func(TEvent) (gala.OperationContext, TInput)
	// Persist saves the entity and returns its ID
	Persist func(context.Context, *generated.Client, TInput) (string, error)
}

SchemaHandlerConfig holds the typed closures for constructing a SchemaHandler. This generalizes the integrations buildSchemaRegistration pattern for both packages.

type SchemaRef

type SchemaRef struct {
	// Schema is the schema name
	Schema string
	// Operation is the operation being performed
	Operation string
	// EntityID is the entity identifier when available
	EntityID string
	// Edge is the edge name when available
	Edge string
}

SchemaRef carries schema and operation identity for structured log embedding

func (SchemaRef) MarshalZerologObject

func (r SchemaRef) MarshalZerologObject(e *zerolog.Event)

MarshalZerologObject implements zerolog.LogObjectMarshaler

type SubcontrolProjection

type SubcontrolProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                         string                            `json:"id,omitempty"`
	Aliases                    []string                          `json:"aliases,omitempty"`
	AssessmentMethods          []models.AssessmentMethod         `json:"assessment_methods,omitempty"`
	AssessmentObjectives       []models.AssessmentObjective      `json:"assessment_objectives,omitempty"`
	AuditorReferenceID         string                            `json:"auditor_reference_id,omitempty"`
	Category                   string                            `json:"category,omitempty"`
	CategoryID                 string                            `json:"category_id,omitempty"`
	ControlID                  string                            `json:"control_id,omitempty"`
	ControlOwnerID             string                            `json:"control_owner_id,omitempty"`
	ControlQuestions           []string                          `json:"control_questions,omitempty"`
	CreatedAt                  time.Time                         `json:"created_at,omitempty"`
	CreatedBy                  string                            `json:"created_by,omitempty"`
	DelegateID                 string                            `json:"delegate_id,omitempty"`
	DeletedAt                  time.Time                         `json:"deleted_at,omitempty"`
	DeletedBy                  string                            `json:"deleted_by,omitempty"`
	Description                string                            `json:"description,omitempty"`
	DescriptionJSON            []interface{}                     `json:"description_json,omitempty"`
	DisplayID                  string                            `json:"display_id,omitempty"`
	EvidenceRequests           []models.EvidenceRequests         `json:"evidence_requests,omitempty"`
	ExampleEvidence            []models.ExampleEvidence          `json:"example_evidence,omitempty"`
	ExternalUUID               string                            `json:"external_uuid,omitempty"`
	ImplementationDescription  string                            `json:"implementation_description,omitempty"`
	ImplementationGuidance     []models.ImplementationGuidance   `json:"implementation_guidance,omitempty"`
	ImplementationStatus       enums.ControlImplementationStatus `json:"implementation_status,omitempty"`
	InternalNotes              string                            `json:"internal_notes,omitempty"`
	MappedCategories           []string                          `json:"mapped_categories,omitempty"`
	OwnerID                    string                            `json:"owner_id,omitempty"`
	PublicRepresentation       string                            `json:"public_representation,omitempty"`
	RefCode                    string                            `json:"ref_code,omitempty"`
	ReferenceFramework         string                            `json:"reference_framework,omitempty"`
	ReferenceFrameworkRevision string                            `json:"reference_framework_revision,omitempty"`
	ReferenceID                string                            `json:"reference_id,omitempty"`
	References                 []models.Reference                `json:"references,omitempty"`
	ResponsiblePartyID         string                            `json:"responsible_party_id,omitempty"`
	Source                     enums.ControlSource               `json:"source,omitempty"`
	SourceName                 string                            `json:"source_name,omitempty"`
	Status                     enums.ControlStatus               `json:"status,omitempty"`
	Subcategory                string                            `json:"subcategory,omitempty"`
	SubcontrolKindID           string                            `json:"subcontrol_kind_id,omitempty"`
	SubcontrolKindName         string                            `json:"subcontrol_kind_name,omitempty"`
	SystemInternalID           string                            `json:"system_internal_id,omitempty"`
	SystemOwned                bool                              `json:"system_owned,omitempty"`
	Tags                       []string                          `json:"tags,omitempty"`
	TestingProcedures          []models.TestingProcedures        `json:"testing_procedures,omitempty"`
	Title                      string                            `json:"title,omitempty"`
	UpdatedAt                  time.Time                         `json:"updated_at,omitempty"`
	UpdatedBy                  string                            `json:"updated_by,omitempty"`
	UpdatedByImpersonator      string                            `json:"updated_by_impersonator,omitempty"`
	WorkflowEligibleMarker     bool                              `json:"workflow_eligible_marker,omitempty"`
}

SubcontrolProjection is the flat, CEL- and jsonschema-facing view of a Subcontrol: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.Subcontrol whose edge graph cannot be reflected

type SubprocessorProjection

type SubprocessorProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                    string    `json:"id,omitempty"`
	CreatedAt             time.Time `json:"created_at,omitempty"`
	CreatedBy             string    `json:"created_by,omitempty"`
	DeletedAt             time.Time `json:"deleted_at,omitempty"`
	DeletedBy             string    `json:"deleted_by,omitempty"`
	Description           string    `json:"description,omitempty"`
	InternalNotes         string    `json:"internal_notes,omitempty"`
	LogoFileID            string    `json:"logo_file_id,omitempty"`
	LogoRemoteURL         string    `json:"logo_remote_url,omitempty"`
	Name                  string    `json:"name,omitempty"`
	OwnerID               string    `json:"owner_id,omitempty"`
	SystemInternalID      string    `json:"system_internal_id,omitempty"`
	SystemOwned           bool      `json:"system_owned,omitempty"`
	Tags                  []string  `json:"tags,omitempty"`
	UpdatedAt             time.Time `json:"updated_at,omitempty"`
	UpdatedBy             string    `json:"updated_by,omitempty"`
	UpdatedByImpersonator string    `json:"updated_by_impersonator,omitempty"`
}

SubprocessorProjection is the flat, CEL- and jsonschema-facing view of a Subprocessor: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.Subprocessor whose edge graph cannot be reflected

type SystemDetailProjection

type SystemDetailProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                    string                       `json:"id,omitempty"`
	AuthorizationBoundary string                       `json:"authorization_boundary,omitempty"`
	CreatedAt             time.Time                    `json:"created_at,omitempty"`
	CreatedBy             string                       `json:"created_by,omitempty"`
	DeletedAt             time.Time                    `json:"deleted_at,omitempty"`
	DeletedBy             string                       `json:"deleted_by,omitempty"`
	Description           string                       `json:"description,omitempty"`
	DisplayID             string                       `json:"display_id,omitempty"`
	LastReviewed          models.DateTime              `json:"last_reviewed,omitempty"`
	OscalMetadataJSON     map[string]interface{}       `json:"oscal_metadata_json,omitempty"`
	OwnerID               string                       `json:"owner_id,omitempty"`
	RevisionHistory       []interface{}                `json:"revision_history,omitempty"`
	SensitivityLevel      enums.SystemSensitivityLevel `json:"sensitivity_level,omitempty"`
	SystemName            string                       `json:"system_name,omitempty"`
	Tags                  []string                     `json:"tags,omitempty"`
	UpdatedAt             time.Time                    `json:"updated_at,omitempty"`
	UpdatedBy             string                       `json:"updated_by,omitempty"`
	UpdatedByImpersonator string                       `json:"updated_by_impersonator,omitempty"`
	Version               string                       `json:"version,omitempty"`
}

SystemDetailProjection is the flat, CEL- and jsonschema-facing view of a SystemDetail: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.SystemDetail whose edge graph cannot be reflected

type TargetSelector

type TargetSelector struct {
	// Schema is the target entity schema
	Schema SchemaDescriptor `json:"schema"`
	// SourceSchema is the schema of the source entity in SourceContext; when set, SelectTargets binds
	// "source" as that schema's native projection type so source-aware expressions resolve typed fields
	SourceSchema SchemaDescriptor `json:"source_schema,omitempty"`
	// KeyMatch, when set, resolves candidates with an indexed key query before any Expression filtering
	KeyMatch *KeyMatch `json:"key_match,omitempty"`
	// Expression is a CEL expression evaluated against each candidate entity
	Expression string `json:"expression"`
	// ExcludeIDs is a list of entity IDs to exclude from the result set
	ExcludeIDs []string `json:"exclude_ids,omitempty"`
	// SourceContext is optional JSON data for the source entity, exposed as "source" in CEL expressions
	SourceContext json.RawMessage `json:"source_context,omitempty"`
}

TargetSelector specifies a set of entities to target via schema and expression

type TaskProjection

type TaskProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                     string           `json:"id,omitempty"`
	AssigneeID             string           `json:"assignee_id,omitempty"`
	AssignerID             string           `json:"assigner_id,omitempty"`
	Completed              models.DateTime  `json:"completed,omitempty"`
	CreatedAt              time.Time        `json:"created_at,omitempty"`
	CreatedBy              string           `json:"created_by,omitempty"`
	DeletedAt              time.Time        `json:"deleted_at,omitempty"`
	DeletedBy              string           `json:"deleted_by,omitempty"`
	Details                string           `json:"details,omitempty"`
	DetailsJSON            []interface{}    `json:"details_json,omitempty"`
	DisplayID              string           `json:"display_id,omitempty"`
	Due                    models.DateTime  `json:"due,omitempty"`
	EnvironmentID          string           `json:"environment_id,omitempty"`
	EnvironmentName        string           `json:"environment_name,omitempty"`
	ExternalReferenceURL   []string         `json:"external_reference_url,omitempty"`
	ExternalUUID           string           `json:"external_uuid,omitempty"`
	IdempotencyKey         string           `json:"idempotency_key,omitempty"`
	IsTemplate             bool             `json:"is_template,omitempty"`
	OwnerID                string           `json:"owner_id,omitempty"`
	ParentTaskID           string           `json:"parent_task_id,omitempty"`
	ScopeID                string           `json:"scope_id,omitempty"`
	ScopeName              string           `json:"scope_name,omitempty"`
	Status                 enums.TaskStatus `json:"status,omitempty"`
	SystemGenerated        bool             `json:"system_generated,omitempty"`
	Tags                   []string         `json:"tags,omitempty"`
	TaskKindID             string           `json:"task_kind_id,omitempty"`
	TaskKindName           string           `json:"task_kind_name,omitempty"`
	Title                  string           `json:"title,omitempty"`
	UpdatedAt              time.Time        `json:"updated_at,omitempty"`
	UpdatedBy              string           `json:"updated_by,omitempty"`
	UpdatedByImpersonator  string           `json:"updated_by_impersonator,omitempty"`
	WorkflowEligibleMarker bool             `json:"workflow_eligible_marker,omitempty"`
}

TaskProjection is the flat, CEL- and jsonschema-facing view of a Task: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.Task whose edge graph cannot be reflected

type TemplateProjection

type TemplateProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                     string                          `json:"id,omitempty"`
	CreatedAt              time.Time                       `json:"created_at,omitempty"`
	CreatedBy              string                          `json:"created_by,omitempty"`
	DeletedAt              time.Time                       `json:"deleted_at,omitempty"`
	DeletedBy              string                          `json:"deleted_by,omitempty"`
	Description            string                          `json:"description,omitempty"`
	EnvironmentID          string                          `json:"environment_id,omitempty"`
	EnvironmentName        string                          `json:"environment_name,omitempty"`
	InternalNotes          string                          `json:"internal_notes,omitempty"`
	Jsonconfig             map[string]interface{}          `json:"jsonconfig,omitempty"`
	Kind                   enums.TemplateKind              `json:"kind,omitempty"`
	Name                   string                          `json:"name,omitempty"`
	OwnerID                string                          `json:"owner_id,omitempty"`
	ScopeID                string                          `json:"scope_id,omitempty"`
	ScopeName              string                          `json:"scope_name,omitempty"`
	SystemInternalID       string                          `json:"system_internal_id,omitempty"`
	SystemOwned            bool                            `json:"system_owned,omitempty"`
	Tags                   []string                        `json:"tags,omitempty"`
	TemplateType           enums.DocumentType              `json:"template_type,omitempty"`
	TransformConfiguration models.TemplateProjectionConfig `json:"transform_configuration,omitempty"`
	TrustCenterID          string                          `json:"trust_center_id,omitempty"`
	Uischema               map[string]interface{}          `json:"uischema,omitempty"`
	UpdatedAt              time.Time                       `json:"updated_at,omitempty"`
	UpdatedBy              string                          `json:"updated_by,omitempty"`
	UpdatedByImpersonator  string                          `json:"updated_by_impersonator,omitempty"`
}

TemplateProjection is the flat, CEL- and jsonschema-facing view of a Template: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.Template whose edge graph cannot be reflected

type TrustCenterWatermarkConfigProjection

type TrustCenterWatermarkConfigProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                    string     `json:"id,omitempty"`
	Color                 string     `json:"color,omitempty"`
	CreatedAt             time.Time  `json:"created_at,omitempty"`
	CreatedBy             string     `json:"created_by,omitempty"`
	DeletedAt             time.Time  `json:"deleted_at,omitempty"`
	DeletedBy             string     `json:"deleted_by,omitempty"`
	Font                  enums.Font `json:"font,omitempty"`
	FontSize              float64    `json:"font_size,omitempty"`
	IsEnabled             bool       `json:"is_enabled,omitempty"`
	LogoID                string     `json:"logo_id,omitempty"`
	Opacity               float64    `json:"opacity,omitempty"`
	OwnerID               string     `json:"owner_id,omitempty"`
	Rotation              float64    `json:"rotation,omitempty"`
	Text                  string     `json:"text,omitempty"`
	TrustCenterID         string     `json:"trust_center_id,omitempty"`
	UpdatedAt             time.Time  `json:"updated_at,omitempty"`
	UpdatedBy             string     `json:"updated_by,omitempty"`
	UpdatedByImpersonator string     `json:"updated_by_impersonator,omitempty"`
}

TrustCenterWatermarkConfigProjection is the flat, CEL- and jsonschema-facing view of a TrustCenterWatermarkConfig: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.TrustCenterWatermarkConfig whose edge graph cannot be reflected

type VendorRiskScoreProjection

type VendorRiskScoreProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                    string                        `json:"id,omitempty"`
	Answer                string                        `json:"answer,omitempty"`
	AnswerType            enums.VendorScoringAnswerType `json:"answer_type,omitempty"`
	AssessmentResponseID  string                        `json:"assessment_response_id,omitempty"`
	CreatedAt             time.Time                     `json:"created_at,omitempty"`
	CreatedBy             string                        `json:"created_by,omitempty"`
	DeletedAt             time.Time                     `json:"deleted_at,omitempty"`
	DeletedBy             string                        `json:"deleted_by,omitempty"`
	EntityID              string                        `json:"entity_id,omitempty"`
	Impact                enums.VendorRiskImpact        `json:"impact,omitempty"`
	Likelihood            enums.VendorRiskLikelihood    `json:"likelihood,omitempty"`
	Notes                 string                        `json:"notes,omitempty"`
	OwnerID               string                        `json:"owner_id,omitempty"`
	QuestionCategory      enums.VendorScoringCategory   `json:"question_category,omitempty"`
	QuestionDescription   string                        `json:"question_description,omitempty"`
	QuestionKey           string                        `json:"question_key,omitempty"`
	QuestionName          string                        `json:"question_name,omitempty"`
	Score                 float64                       `json:"score,omitempty"`
	Tags                  []string                      `json:"tags,omitempty"`
	UpdatedAt             time.Time                     `json:"updated_at,omitempty"`
	UpdatedBy             string                        `json:"updated_by,omitempty"`
	UpdatedByImpersonator string                        `json:"updated_by_impersonator,omitempty"`
	VendorScoringConfigID string                        `json:"vendor_scoring_config_id,omitempty"`
}

VendorRiskScoreProjection is the flat, CEL- and jsonschema-facing view of a VendorRiskScore: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.VendorRiskScore whose edge graph cannot be reflected

type VulnerabilityIngestRequested

type VulnerabilityIngestRequested struct {
	// OperationContext carries the shared operation provenance for the ingest event
	OperationContext gala.OperationContext `json:"operationContext"`
	// Input is the ent create input for the record to persist
	Input generated.CreateVulnerabilityInput `json:"input"`
}

VulnerabilityIngestRequested is the typed ingest event payload for Vulnerability records

type VulnerabilityProjection

type VulnerabilityProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                      string                 `json:"id,omitempty"`
	AssignedTo              string                 `json:"assigned_to,omitempty"`
	AssignedToGroupID       string                 `json:"assigned_to_group_id,omitempty"`
	AssignedToUserID        string                 `json:"assigned_to_user_id,omitempty"`
	AutoDismissedAt         models.DateTime        `json:"auto_dismissed_at,omitempty"`
	Blocking                bool                   `json:"blocking,omitempty"`
	Category                string                 `json:"category,omitempty"`
	CreatedAt               time.Time              `json:"created_at,omitempty"`
	CreatedBy               string                 `json:"created_by,omitempty"`
	CveID                   string                 `json:"cve_id,omitempty"`
	CweIds                  []string               `json:"cwe_ids,omitempty"`
	DeletedAt               time.Time              `json:"deleted_at,omitempty"`
	DeletedBy               string                 `json:"deleted_by,omitempty"`
	DependencyScope         string                 `json:"dependency_scope,omitempty"`
	Description             string                 `json:"description,omitempty"`
	DiscoveredAt            models.DateTime        `json:"discovered_at,omitempty"`
	DismissedAt             models.DateTime        `json:"dismissed_at,omitempty"`
	DismissedComment        string                 `json:"dismissed_comment,omitempty"`
	DismissedReason         string                 `json:"dismissed_reason,omitempty"`
	DisplayID               string                 `json:"display_id,omitempty"`
	DisplayName             string                 `json:"display_name,omitempty"`
	EnvironmentID           string                 `json:"environment_id,omitempty"`
	EnvironmentName         string                 `json:"environment_name,omitempty"`
	Exploitability          float64                `json:"exploitability,omitempty"`
	ExternalID              string                 `json:"external_id,omitempty"`
	ExternalOwnerID         string                 `json:"external_owner_id,omitempty"`
	ExternalURI             string                 `json:"external_uri,omitempty"`
	FirstPatchedVersion     string                 `json:"first_patched_version,omitempty"`
	FixAvailable            bool                   `json:"fix_available,omitempty"`
	FixedAt                 models.DateTime        `json:"fixed_at,omitempty"`
	Impact                  float64                `json:"impact,omitempty"`
	Impacts                 []string               `json:"impacts,omitempty"`
	InternalNotes           string                 `json:"internal_notes,omitempty"`
	ManifestPath            string                 `json:"manifest_path,omitempty"`
	Metadata                map[string]interface{} `json:"metadata,omitempty"`
	Open                    bool                   `json:"open,omitempty"`
	OwnerID                 string                 `json:"owner_id,omitempty"`
	PackageEcosystem        string                 `json:"package_ecosystem,omitempty"`
	PackageName             string                 `json:"package_name,omitempty"`
	Priority                string                 `json:"priority,omitempty"`
	Production              bool                   `json:"production,omitempty"`
	Public                  bool                   `json:"public,omitempty"`
	PublishedAt             models.DateTime        `json:"published_at,omitempty"`
	RawPayload              map[string]interface{} `json:"raw_payload,omitempty"`
	References              []string               `json:"references,omitempty"`
	RemediationSLA          int                    `json:"remediation_sla,omitempty"`
	ReviewedBy              string                 `json:"reviewed_by,omitempty"`
	ReviewedByGroupID       string                 `json:"reviewed_by_group_id,omitempty"`
	ReviewedByUserID        string                 `json:"reviewed_by_user_id,omitempty"`
	ScopeID                 string                 `json:"scope_id,omitempty"`
	ScopeName               string                 `json:"scope_name,omitempty"`
	Score                   float64                `json:"score,omitempty"`
	SecurityLevel           enums.SecurityLevel    `json:"security_level,omitempty"`
	Severity                string                 `json:"severity,omitempty"`
	Source                  string                 `json:"source,omitempty"`
	SourceUpdatedAt         models.DateTime        `json:"source_updated_at,omitempty"`
	Summary                 string                 `json:"summary,omitempty"`
	SystemInternalID        string                 `json:"system_internal_id,omitempty"`
	SystemOwned             bool                   `json:"system_owned,omitempty"`
	Tags                    []string               `json:"tags,omitempty"`
	UpdatedAt               time.Time              `json:"updated_at,omitempty"`
	UpdatedBy               string                 `json:"updated_by,omitempty"`
	UpdatedByImpersonator   string                 `json:"updated_by_impersonator,omitempty"`
	Validated               bool                   `json:"validated,omitempty"`
	Vector                  string                 `json:"vector,omitempty"`
	VulnerabilityStatusID   string                 `json:"vulnerability_status_id,omitempty"`
	VulnerabilityStatusName string                 `json:"vulnerability_status_name,omitempty"`
	VulnerableVersionRange  string                 `json:"vulnerable_version_range,omitempty"`
	WorkflowEligibleMarker  bool                   `json:"workflow_eligible_marker,omitempty"`
}

VulnerabilityProjection is the flat, CEL- and jsonschema-facing view of a Vulnerability: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.Vulnerability whose edge graph cannot be reflected

type WorkflowAssignmentProjection

type WorkflowAssignmentProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                    string                                `json:"id,omitempty"`
	ActorGroupID          string                                `json:"actor_group_id,omitempty"`
	ActorUserID           string                                `json:"actor_user_id,omitempty"`
	ApprovalMetadata      models.WorkflowAssignmentApproval     `json:"approval_metadata,omitempty"`
	AssignmentKey         string                                `json:"assignment_key,omitempty"`
	CreatedAt             time.Time                             `json:"created_at,omitempty"`
	CreatedBy             string                                `json:"created_by,omitempty"`
	DecidedAt             time.Time                             `json:"decided_at,omitempty"`
	DeletedAt             time.Time                             `json:"deleted_at,omitempty"`
	DeletedBy             string                                `json:"deleted_by,omitempty"`
	DisplayID             string                                `json:"display_id,omitempty"`
	DueAt                 time.Time                             `json:"due_at,omitempty"`
	InvalidationMetadata  models.WorkflowAssignmentInvalidation `json:"invalidation_metadata,omitempty"`
	Label                 string                                `json:"label,omitempty"`
	Metadata              map[string]interface{}                `json:"metadata,omitempty"`
	Notes                 string                                `json:"notes,omitempty"`
	OutcomeMetadata       models.AssignmentOutcome              `json:"outcome_metadata,omitempty"`
	OwnerID               string                                `json:"owner_id,omitempty"`
	RejectionMetadata     models.WorkflowAssignmentRejection    `json:"rejection_metadata,omitempty"`
	Required              bool                                  `json:"required,omitempty"`
	Role                  string                                `json:"role,omitempty"`
	Status                enums.WorkflowAssignmentStatus        `json:"status,omitempty"`
	Tags                  []string                              `json:"tags,omitempty"`
	UpdatedAt             time.Time                             `json:"updated_at,omitempty"`
	UpdatedBy             string                                `json:"updated_by,omitempty"`
	UpdatedByImpersonator string                                `json:"updated_by_impersonator,omitempty"`
	WorkflowInstanceID    string                                `json:"workflow_instance_id,omitempty"`
}

WorkflowAssignmentProjection is the flat, CEL- and jsonschema-facing view of a WorkflowAssignment: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.WorkflowAssignment whose edge graph cannot be reflected

type WorkflowAssignmentTargetProjection

type WorkflowAssignmentTargetProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                    string                   `json:"id,omitempty"`
	CreatedAt             time.Time                `json:"created_at,omitempty"`
	CreatedBy             string                   `json:"created_by,omitempty"`
	DeletedAt             time.Time                `json:"deleted_at,omitempty"`
	DeletedBy             string                   `json:"deleted_by,omitempty"`
	DisplayID             string                   `json:"display_id,omitempty"`
	OwnerID               string                   `json:"owner_id,omitempty"`
	ResolverKey           string                   `json:"resolver_key,omitempty"`
	Tags                  []string                 `json:"tags,omitempty"`
	TargetGroupID         string                   `json:"target_group_id,omitempty"`
	TargetType            enums.WorkflowTargetType `json:"target_type,omitempty"`
	TargetUserID          string                   `json:"target_user_id,omitempty"`
	UpdatedAt             time.Time                `json:"updated_at,omitempty"`
	UpdatedBy             string                   `json:"updated_by,omitempty"`
	UpdatedByImpersonator string                   `json:"updated_by_impersonator,omitempty"`
	WorkflowAssignmentID  string                   `json:"workflow_assignment_id,omitempty"`
}

WorkflowAssignmentTargetProjection is the flat, CEL- and jsonschema-facing view of a WorkflowAssignmentTarget: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.WorkflowAssignmentTarget whose edge graph cannot be reflected

type WorkflowDefinitionProjection

type WorkflowDefinitionProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                     string                               `json:"id,omitempty"`
	Active                 bool                                 `json:"active,omitempty"`
	ApprovalEdges          []string                             `json:"approval_edges,omitempty"`
	ApprovalFields         []string                             `json:"approval_fields,omitempty"`
	ApprovalSubmissionMode enums.WorkflowApprovalSubmissionMode `json:"approval_submission_mode,omitempty"`
	CooldownSeconds        int                                  `json:"cooldown_seconds,omitempty"`
	CreatedAt              time.Time                            `json:"created_at,omitempty"`
	CreatedBy              string                               `json:"created_by,omitempty"`
	DefinitionJSON         models.WorkflowDefinitionDocument    `json:"definition_json,omitempty"`
	DeletedAt              time.Time                            `json:"deleted_at,omitempty"`
	DeletedBy              string                               `json:"deleted_by,omitempty"`
	Description            string                               `json:"description,omitempty"`
	DisplayID              string                               `json:"display_id,omitempty"`
	Draft                  bool                                 `json:"draft,omitempty"`
	InternalNotes          string                               `json:"internal_notes,omitempty"`
	IsDefault              bool                                 `json:"is_default,omitempty"`
	Name                   string                               `json:"name,omitempty"`
	OwnerID                string                               `json:"owner_id,omitempty"`
	PublishedAt            time.Time                            `json:"published_at,omitempty"`
	Revision               int                                  `json:"revision,omitempty"`
	SchemaType             string                               `json:"schema_type,omitempty"`
	SystemInternalID       string                               `json:"system_internal_id,omitempty"`
	SystemOwned            bool                                 `json:"system_owned,omitempty"`
	Tags                   []string                             `json:"tags,omitempty"`
	TrackedFields          []string                             `json:"tracked_fields,omitempty"`
	TriggerFields          []string                             `json:"trigger_fields,omitempty"`
	TriggerOperations      []string                             `json:"trigger_operations,omitempty"`
	UpdatedAt              time.Time                            `json:"updated_at,omitempty"`
	UpdatedBy              string                               `json:"updated_by,omitempty"`
	UpdatedByImpersonator  string                               `json:"updated_by_impersonator,omitempty"`
	WorkflowKind           enums.WorkflowKind                   `json:"workflow_kind,omitempty"`
}

WorkflowDefinitionProjection is the flat, CEL- and jsonschema-facing view of a WorkflowDefinition: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.WorkflowDefinition whose edge graph cannot be reflected

type WorkflowEventProjection

type WorkflowEventProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                    string                      `json:"id,omitempty"`
	CreatedAt             time.Time                   `json:"created_at,omitempty"`
	CreatedBy             string                      `json:"created_by,omitempty"`
	DeletedAt             time.Time                   `json:"deleted_at,omitempty"`
	DeletedBy             string                      `json:"deleted_by,omitempty"`
	DisplayID             string                      `json:"display_id,omitempty"`
	EventType             enums.WorkflowEventType     `json:"event_type,omitempty"`
	OwnerID               string                      `json:"owner_id,omitempty"`
	Payload               models.WorkflowEventPayload `json:"payload,omitempty"`
	Tags                  []string                    `json:"tags,omitempty"`
	UpdatedAt             time.Time                   `json:"updated_at,omitempty"`
	UpdatedBy             string                      `json:"updated_by,omitempty"`
	UpdatedByImpersonator string                      `json:"updated_by_impersonator,omitempty"`
	WorkflowInstanceID    string                      `json:"workflow_instance_id,omitempty"`
}

WorkflowEventProjection is the flat, CEL- and jsonschema-facing view of a WorkflowEvent: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.WorkflowEvent whose edge graph cannot be reflected

type WorkflowInstanceProjection

type WorkflowInstanceProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                    string                            `json:"id,omitempty"`
	ActionPlanID          string                            `json:"action_plan_id,omitempty"`
	AssessmentID          string                            `json:"assessment_id,omitempty"`
	AssessmentResponseID  string                            `json:"assessment_response_id,omitempty"`
	CampaignID            string                            `json:"campaign_id,omitempty"`
	CampaignTargetID      string                            `json:"campaign_target_id,omitempty"`
	Context               models.WorkflowInstanceContext    `json:"context,omitempty"`
	ControlID             string                            `json:"control_id,omitempty"`
	CreatedAt             time.Time                         `json:"created_at,omitempty"`
	CreatedBy             string                            `json:"created_by,omitempty"`
	CurrentActionIndex    int                               `json:"current_action_index,omitempty"`
	DefinitionSnapshot    models.WorkflowDefinitionDocument `json:"definition_snapshot,omitempty"`
	DeletedAt             time.Time                         `json:"deleted_at,omitempty"`
	DeletedBy             string                            `json:"deleted_by,omitempty"`
	DisplayID             string                            `json:"display_id,omitempty"`
	EvidenceID            string                            `json:"evidence_id,omitempty"`
	FindingID             string                            `json:"finding_id,omitempty"`
	IdentityHolderID      string                            `json:"identity_holder_id,omitempty"`
	IntegrationID         string                            `json:"integration_id,omitempty"`
	InternalPolicyID      string                            `json:"internal_policy_id,omitempty"`
	LastEvaluatedAt       time.Time                         `json:"last_evaluated_at,omitempty"`
	OwnerID               string                            `json:"owner_id,omitempty"`
	PlatformID            string                            `json:"platform_id,omitempty"`
	ProcedureID           string                            `json:"procedure_id,omitempty"`
	RemediationID         string                            `json:"remediation_id,omitempty"`
	RiskID                string                            `json:"risk_id,omitempty"`
	State                 enums.WorkflowInstanceState       `json:"state,omitempty"`
	SubcontrolID          string                            `json:"subcontrol_id,omitempty"`
	Tags                  []string                          `json:"tags,omitempty"`
	TaskID                string                            `json:"task_id,omitempty"`
	UpdatedAt             time.Time                         `json:"updated_at,omitempty"`
	UpdatedBy             string                            `json:"updated_by,omitempty"`
	UpdatedByImpersonator string                            `json:"updated_by_impersonator,omitempty"`
	VulnerabilityID       string                            `json:"vulnerability_id,omitempty"`
	WorkflowDefinitionID  string                            `json:"workflow_definition_id,omitempty"`
	WorkflowProposalID    string                            `json:"workflow_proposal_id,omitempty"`
}

WorkflowInstanceProjection is the flat, CEL- and jsonschema-facing view of a WorkflowInstance: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.WorkflowInstance whose edge graph cannot be reflected

type WorkflowObjectRefProjection

type WorkflowObjectRefProjection struct {
	// ID is the entity identifier, exposed to expressions as "id"
	ID                    string    `json:"id,omitempty"`
	ActionPlanID          string    `json:"action_plan_id,omitempty"`
	AssessmentID          string    `json:"assessment_id,omitempty"`
	AssessmentResponseID  string    `json:"assessment_response_id,omitempty"`
	CampaignID            string    `json:"campaign_id,omitempty"`
	CampaignTargetID      string    `json:"campaign_target_id,omitempty"`
	ControlID             string    `json:"control_id,omitempty"`
	CreatedAt             time.Time `json:"created_at,omitempty"`
	CreatedBy             string    `json:"created_by,omitempty"`
	DirectoryAccountID    string    `json:"directory_account_id,omitempty"`
	DirectoryGroupID      string    `json:"directory_group_id,omitempty"`
	DirectoryMembershipID string    `json:"directory_membership_id,omitempty"`
	DisplayID             string    `json:"display_id,omitempty"`
	EvidenceID            string    `json:"evidence_id,omitempty"`
	FindingID             string    `json:"finding_id,omitempty"`
	IdentityHolderID      string    `json:"identity_holder_id,omitempty"`
	InternalPolicyID      string    `json:"internal_policy_id,omitempty"`
	OwnerID               string    `json:"owner_id,omitempty"`
	PlatformID            string    `json:"platform_id,omitempty"`
	ProcedureID           string    `json:"procedure_id,omitempty"`
	RemediationID         string    `json:"remediation_id,omitempty"`
	RiskID                string    `json:"risk_id,omitempty"`
	SubcontrolID          string    `json:"subcontrol_id,omitempty"`
	TaskID                string    `json:"task_id,omitempty"`
	UpdatedAt             time.Time `json:"updated_at,omitempty"`
	UpdatedBy             string    `json:"updated_by,omitempty"`
	UpdatedByImpersonator string    `json:"updated_by_impersonator,omitempty"`
	VulnerabilityID       string    `json:"vulnerability_id,omitempty"`
	WorkflowInstanceID    string    `json:"workflow_instance_id,omitempty"`
}

WorkflowObjectRefProjection is the flat, CEL- and jsonschema-facing view of a WorkflowObjectRef: its readable scalar fields (id, columns, foreign-key ids) with snake_case json tags matching the field names used in expressions. It deliberately omits edges so it registers as a CEL native type, unlike the full generated.WorkflowObjectRef whose edge graph cannot be reflected

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL