db: migration session_default_notes_field + schema regenerado

Migration 20260511000001 adiciona campo 'notes' (Observacao, textarea, sort_order=30) como campo extra default no commitment determinado 'Sessao'. Antes Sessao era a unica excecao entre os nativos — Leitura/Supervisao/ Aula/Analise ja tinham. Padroniza pra que a Observacao da sessao siga o mesmo mecanismo de extra_fields dos outros, e o frontend remova a textarea hardcoded do AgendaEventDialog (proximo commit). Backfill: insere 'notes' em TODOS os commitments Sessao ja existentes (idempotente). Forward-fix: substitui a funcao seed_determined_commitments incluindo o bloco de Sessao + 'notes' pra novos tenants. Schema regenerado via db.cjs schema-export pra refletir o estado pos- migration. agenciapsi-db-dashboard.html regenerado pelo generate-dashboard.cjs. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-11 16:56:59 -03:00
parent af8aee9188
commit dba595fd2d
33 changed files with 4037 additions and 474 deletions
@@ -0,0 +1,79 @@
+-- Tables: Segurança / Auditoria
+-- Gerado automaticamente em 2026-05-11T16:53:50.928Z
+-- Total: 6
+
+CREATE TABLE public.audit_logs (
+    id bigint NOT NULL,
+    tenant_id uuid NOT NULL,
+    user_id uuid,
+    entity_type text NOT NULL,
+    entity_id text,
+    action text NOT NULL,
+    old_values jsonb,
+    new_values jsonb,
+    changed_fields text[],
+    metadata jsonb DEFAULT '{}'::jsonb NOT NULL,
+    created_at timestamp with time zone DEFAULT now() NOT NULL,
+    CONSTRAINT audit_logs_action_check CHECK ((action = ANY (ARRAY['insert'::text, 'update'::text, 'delete'::text])))
+);
+
+CREATE TABLE public.math_challenges (
+    id uuid DEFAULT gen_random_uuid() NOT NULL,
+    question text NOT NULL,
+    answer integer NOT NULL,
+    used boolean DEFAULT false NOT NULL,
+    created_at timestamp with time zone DEFAULT now() NOT NULL,
+    expires_at timestamp with time zone DEFAULT (now() + '00:05:00'::interval) NOT NULL
+);
+
+CREATE TABLE public.patient_invite_attempts (
+    id uuid DEFAULT gen_random_uuid() NOT NULL,
+    token text NOT NULL,
+    ok boolean NOT NULL,
+    error_code text,
+    error_msg text,
+    client_info text,
+    owner_id uuid,
+    tenant_id uuid,
+    created_at timestamp with time zone DEFAULT now() NOT NULL
+);
+
+CREATE TABLE public.public_submission_attempts (
+    id uuid DEFAULT gen_random_uuid() NOT NULL,
+    endpoint text NOT NULL,
+    ip_hash text,
+    success boolean NOT NULL,
+    error_code text,
+    error_msg text,
+    blocked_by text,
+    user_agent text,
+    metadata jsonb,
+    created_at timestamp with time zone DEFAULT now() NOT NULL
+);
+
+CREATE TABLE public.saas_security_config (
+    id boolean DEFAULT true NOT NULL,
+    honeypot_enabled boolean DEFAULT true NOT NULL,
+    rate_limit_enabled boolean DEFAULT true NOT NULL,
+    rate_limit_window_min integer DEFAULT 10 NOT NULL,
+    rate_limit_max_attempts integer DEFAULT 5 NOT NULL,
+    captcha_after_failures integer DEFAULT 3 NOT NULL,
+    captcha_required_globally boolean DEFAULT false NOT NULL,
+    block_duration_min integer DEFAULT 30 NOT NULL,
+    captcha_required_window_min integer DEFAULT 60 NOT NULL,
+    updated_at timestamp with time zone DEFAULT now() NOT NULL,
+    updated_by uuid,
+    CONSTRAINT saas_security_config_singleton CHECK ((id = true))
+);
+
+CREATE TABLE public.submission_rate_limits (
+    ip_hash text NOT NULL,
+    endpoint text NOT NULL,
+    attempt_count integer DEFAULT 0 NOT NULL,
+    fail_count integer DEFAULT 0 NOT NULL,
+    window_start timestamp with time zone DEFAULT now() NOT NULL,
+    blocked_until timestamp with time zone,
+    requires_captcha_until timestamp with time zone,
+    last_attempt_at timestamp with time zone DEFAULT now() NOT NULL,
+    created_at timestamp with time zone DEFAULT now() NOT NULL
+);