"""Tenant-scoped domain tables with RLS Revision ID: 0003 Revises: 0002 Create Date: 2024-01-01 00:02:00.000000 """ from typing import Sequence, Union from alembic import op import sqlalchemy as sa from sqlalchemy.dialects import postgresql revision: str = "0003" down_revision: Union[str, None] = "0002" branch_labels: Union[str, Sequence[str], None] = None depends_on: Union[str, Sequence[str], None] = None TENANT_TABLES = [] # populated at end of upgrade() def upgrade() -> None: global TENANT_TABLES # ── sections ────────────────────────────────────────────────────────────── op.create_table( "sections", sa.Column("id", postgresql.UUID(as_uuid=True), primary_key=True, server_default=sa.text("gen_random_uuid()")), sa.Column("tenant_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("accounts.id", ondelete="CASCADE"), nullable=False), sa.Column("code", sa.String(50), nullable=False), sa.Column("name", sa.String(255), nullable=False), sa.Column("description", sa.Text, nullable=True), sa.Column("is_religious", sa.Boolean, nullable=False, server_default="false"), sa.Column("religious_denomination", sa.String(100), nullable=True), sa.Column("created_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), sa.Column("updated_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), sa.UniqueConstraint("tenant_id", "code", name="uq_sections_tenant_code"), ) op.create_index("ix_sections_tenant_id", "sections", ["tenant_id"]) # ── plot_types ──────────────────────────────────────────────────────────── op.create_table( "plot_types", sa.Column("id", postgresql.UUID(as_uuid=True), primary_key=True, server_default=sa.text("gen_random_uuid()")), sa.Column("tenant_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("accounts.id", ondelete="CASCADE"), nullable=False), sa.Column("name", sa.String(100), nullable=False), sa.Column("default_width_m", sa.Numeric(6, 2), nullable=True), sa.Column("default_length_m", sa.Numeric(6, 2), nullable=True), sa.Column("default_depth_m", sa.Numeric(6, 2), nullable=True), sa.Column("capacity", sa.Integer, nullable=False, server_default="1"), sa.Column("default_price", sa.Numeric(10, 2), nullable=True), sa.Column("created_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), sa.Column("updated_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), ) op.create_index("ix_plot_types_tenant_id", "plot_types", ["tenant_id"]) # ── plots ───────────────────────────────────────────────────────────────── op.create_table( "plots", sa.Column("id", postgresql.UUID(as_uuid=True), primary_key=True, server_default=sa.text("gen_random_uuid()")), sa.Column("tenant_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("accounts.id", ondelete="CASCADE"), nullable=False), sa.Column("plot_ref", sa.String(50), nullable=False), sa.Column("section_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("sections.id", ondelete="SET NULL"), nullable=True), sa.Column("plot_type_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("plot_types.id", ondelete="SET NULL"), nullable=True), sa.Column("status", sa.String(20), nullable=False, server_default="vacant"), sa.Column("latitude", sa.Numeric(10, 7), nullable=True), sa.Column("longitude", sa.Numeric(10, 7), nullable=True), sa.Column("price_override", sa.Numeric(10, 2), nullable=True), sa.Column("notes", sa.Text, nullable=True), sa.Column("is_veteran_section", sa.Boolean, nullable=False, server_default="false"), sa.Column("created_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), sa.Column("updated_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), sa.UniqueConstraint("tenant_id", "plot_ref", name="uq_plots_tenant_ref"), ) op.create_index("ix_plots_tenant_id", "plots", ["tenant_id"]) op.create_index("ix_plots_status", "plots", ["status"]) op.create_index("ix_plots_section_id", "plots", ["section_id"]) # ── records ─────────────────────────────────────────────────────────────── op.create_table( "records", sa.Column("id", postgresql.UUID(as_uuid=True), primary_key=True, server_default=sa.text("gen_random_uuid()")), sa.Column("tenant_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("accounts.id", ondelete="CASCADE"), nullable=False), sa.Column("plot_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("plots.id", ondelete="SET NULL"), nullable=True), sa.Column("first_name", sa.String(100), nullable=False), sa.Column("middle_name", sa.String(100), nullable=True), sa.Column("last_name", sa.String(100), nullable=False), sa.Column("maiden_name", sa.String(100), nullable=True), sa.Column("date_of_birth", sa.Date, nullable=True), sa.Column("date_of_death", sa.Date, nullable=True), sa.Column("gender", sa.String(20), nullable=True), sa.Column("nationality", sa.String(100), nullable=True), sa.Column("religion", sa.String(100), nullable=True), sa.Column("is_veteran", sa.Boolean, nullable=False, server_default="false"), sa.Column("military_branch", sa.String(100), nullable=True), sa.Column("photo_url", sa.Text, nullable=True), sa.Column("biography_draft", sa.Text, nullable=True), sa.Column("visibility_config", sa.String(20), nullable=False, server_default="public"), sa.Column("created_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), sa.Column("updated_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), sa.Column("deleted_at", sa.DateTime(timezone=True), nullable=True), ) op.create_index("ix_records_tenant_id", "records", ["tenant_id"]) op.create_index("ix_records_plot_id", "records", ["plot_id"]) op.create_index("ix_records_is_veteran", "records", ["is_veteran"]) # Full-text search index op.execute(""" CREATE INDEX ix_records_fts ON records USING gin(to_tsvector('english', first_name || ' ' || last_name)) WHERE deleted_at IS NULL; """) # ── burial_info ─────────────────────────────────────────────────────────── op.create_table( "burial_info", sa.Column("id", postgresql.UUID(as_uuid=True), primary_key=True, server_default=sa.text("gen_random_uuid()")), sa.Column("record_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("records.id", ondelete="CASCADE"), nullable=False, unique=True), sa.Column("tenant_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("accounts.id", ondelete="CASCADE"), nullable=False), sa.Column("interment_type", sa.String(50), nullable=True), sa.Column("interment_date", sa.Date, nullable=True), sa.Column("interment_time", sa.Time, nullable=True), sa.Column("casket_type", sa.String(100), nullable=True), sa.Column("depth_m", sa.Numeric(5, 2), nullable=True), sa.Column("officiant", sa.String(255), nullable=True), sa.Column("attendees", sa.Integer, nullable=True), sa.Column("service_notes", sa.Text, nullable=True), sa.Column("created_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), sa.Column("updated_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), ) op.create_index("ix_burial_info_tenant_id", "burial_info", ["tenant_id"]) # ── family_contacts ─────────────────────────────────────────────────────── op.create_table( "family_contacts", sa.Column("id", postgresql.UUID(as_uuid=True), primary_key=True, server_default=sa.text("gen_random_uuid()")), sa.Column("tenant_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("accounts.id", ondelete="CASCADE"), nullable=False), sa.Column("record_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("records.id", ondelete="CASCADE"), nullable=False), sa.Column("relationship", sa.String(100), nullable=True), sa.Column("first_name", sa.String(100), nullable=False), sa.Column("last_name", sa.String(100), nullable=False), sa.Column("email", sa.String(255), nullable=True), sa.Column("phone", sa.String(50), nullable=True), sa.Column("address", sa.Text, nullable=True), sa.Column("is_primary", sa.Boolean, nullable=False, server_default="false"), sa.Column("is_plot_owner", sa.Boolean, nullable=False, server_default="false"), sa.Column("created_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), sa.Column("updated_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), ) op.create_index("ix_family_contacts_tenant_id", "family_contacts", ["tenant_id"]) op.create_index("ix_family_contacts_record_id", "family_contacts", ["record_id"]) # ── opportunities ───────────────────────────────────────────────────────── op.create_table( "opportunities", sa.Column("id", postgresql.UUID(as_uuid=True), primary_key=True, server_default=sa.text("gen_random_uuid()")), sa.Column("tenant_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("accounts.id", ondelete="CASCADE"), nullable=False), sa.Column("assigned_to", postgresql.UUID(as_uuid=True), sa.ForeignKey("users.id", ondelete="SET NULL"), nullable=True), sa.Column("contact_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("family_contacts.id", ondelete="SET NULL"), nullable=True), sa.Column("plot_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("plots.id", ondelete="SET NULL"), nullable=True), sa.Column("stage", sa.String(50), nullable=False, server_default="inquiry"), sa.Column("type", sa.String(100), nullable=True), sa.Column("estimated_value", sa.Numeric(12, 2), nullable=True), sa.Column("notes", sa.Text, nullable=True), sa.Column("created_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), sa.Column("updated_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), ) op.create_index("ix_opportunities_tenant_id", "opportunities", ["tenant_id"]) op.create_index("ix_opportunities_stage", "opportunities", ["stage"]) # ── contracts ───────────────────────────────────────────────────────────── op.create_table( "contracts", sa.Column("id", postgresql.UUID(as_uuid=True), primary_key=True, server_default=sa.text("gen_random_uuid()")), sa.Column("tenant_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("accounts.id", ondelete="CASCADE"), nullable=False), sa.Column("opportunity_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("opportunities.id", ondelete="SET NULL"), nullable=True), sa.Column("purchaser_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("family_contacts.id", ondelete="SET NULL"), nullable=True), sa.Column("plot_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("plots.id", ondelete="SET NULL"), nullable=True), sa.Column("contract_number", sa.String(50), nullable=False), sa.Column("status", sa.String(50), nullable=False, server_default="draft"), sa.Column("purchaser_signature_b64", sa.Text, nullable=True), sa.Column("witness_name", sa.String(255), nullable=True), sa.Column("signed_at", sa.DateTime(timezone=True), nullable=True), sa.Column("pdf_s3_key", sa.Text, nullable=True), sa.Column("created_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), sa.Column("updated_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), sa.UniqueConstraint("tenant_id", "contract_number", name="uq_contracts_tenant_number"), ) op.create_index("ix_contracts_tenant_id", "contracts", ["tenant_id"]) # ── contract_line_items ─────────────────────────────────────────────────── op.create_table( "contract_line_items", sa.Column("id", postgresql.UUID(as_uuid=True), primary_key=True, server_default=sa.text("gen_random_uuid()")), sa.Column("contract_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("contracts.id", ondelete="CASCADE"), nullable=False), sa.Column("tenant_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("accounts.id", ondelete="CASCADE"), nullable=False), sa.Column("description", sa.String(500), nullable=False), sa.Column("fee_type", sa.String(100), nullable=True), sa.Column("quantity", sa.Integer, nullable=False, server_default="1"), sa.Column("unit_price", sa.Numeric(10, 2), nullable=False), sa.Column("line_total", sa.Numeric(12, 2), nullable=False), ) op.create_index("ix_contract_line_items_contract_id", "contract_line_items", ["contract_id"]) # ── invoices ────────────────────────────────────────────────────────────── op.create_table( "invoices", sa.Column("id", postgresql.UUID(as_uuid=True), primary_key=True, server_default=sa.text("gen_random_uuid()")), sa.Column("tenant_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("accounts.id", ondelete="CASCADE"), nullable=False), sa.Column("contract_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("contracts.id", ondelete="SET NULL"), nullable=True), sa.Column("invoice_number", sa.String(50), nullable=False), sa.Column("status", sa.String(50), nullable=False, server_default="outstanding"), sa.Column("total_amount", sa.Numeric(12, 2), nullable=False, server_default="0"), sa.Column("paid_amount", sa.Numeric(12, 2), nullable=False, server_default="0"), sa.Column("balance_due", sa.Numeric(12, 2), nullable=False, server_default="0"), sa.Column("due_date", sa.Date, nullable=True), sa.Column("reminder_count", sa.Integer, nullable=False, server_default="0"), sa.Column("last_reminder_at", sa.DateTime(timezone=True), nullable=True), sa.Column("created_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), sa.Column("updated_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), sa.UniqueConstraint("tenant_id", "invoice_number", name="uq_invoices_tenant_number"), ) op.create_index("ix_invoices_tenant_id", "invoices", ["tenant_id"]) op.create_index("ix_invoices_status", "invoices", ["status"]) # ── invoice_payments ────────────────────────────────────────────────────── op.create_table( "invoice_payments", sa.Column("id", postgresql.UUID(as_uuid=True), primary_key=True, server_default=sa.text("gen_random_uuid()")), sa.Column("tenant_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("accounts.id", ondelete="CASCADE"), nullable=False), sa.Column("invoice_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("invoices.id", ondelete="CASCADE"), nullable=False), sa.Column("amount", sa.Numeric(10, 2), nullable=False), sa.Column("method", sa.String(50), nullable=True), sa.Column("received_on", sa.Date, nullable=True), sa.Column("receipt_number", sa.String(100), nullable=True), sa.Column("notes", sa.Text, nullable=True), sa.Column("recorded_by", postgresql.UUID(as_uuid=True), sa.ForeignKey("users.id", ondelete="SET NULL"), nullable=True), sa.Column("created_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), sa.Column("updated_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), ) op.create_index("ix_invoice_payments_invoice_id", "invoice_payments", ["invoice_id"]) # ── services (scheduling) ───────────────────────────────────────────────── op.create_table( "services", sa.Column("id", postgresql.UUID(as_uuid=True), primary_key=True, server_default=sa.text("gen_random_uuid()")), sa.Column("tenant_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("accounts.id", ondelete="CASCADE"), nullable=False), sa.Column("record_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("records.id", ondelete="SET NULL"), nullable=True), sa.Column("plot_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("plots.id", ondelete="SET NULL"), nullable=True), sa.Column("assigned_to", postgresql.UUID(as_uuid=True), sa.ForeignKey("users.id", ondelete="SET NULL"), nullable=True), sa.Column("service_type", sa.String(100), nullable=False), sa.Column("service_date", sa.Date, nullable=True), sa.Column("service_time", sa.Time, nullable=True), sa.Column("duration_minutes", sa.Integer, nullable=True), sa.Column("status", sa.String(50), nullable=False, server_default="scheduled"), sa.Column("notes", sa.Text, nullable=True), sa.Column("briefing_sheet_s3_key", sa.Text, nullable=True), sa.Column("created_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), sa.Column("updated_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), ) op.create_index("ix_services_tenant_id", "services", ["tenant_id"]) op.create_index("ix_services_service_date", "services", ["service_date"]) # ── memorials ───────────────────────────────────────────────────────────── op.create_table( "memorials", sa.Column("id", postgresql.UUID(as_uuid=True), primary_key=True, server_default=sa.text("gen_random_uuid()")), sa.Column("tenant_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("accounts.id", ondelete="CASCADE"), nullable=False), sa.Column("record_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("records.id", ondelete="CASCADE"), nullable=False, unique=True), sa.Column("slug", sa.String(255), nullable=False), sa.Column("biography_text", sa.Text, nullable=True), sa.Column("video_url", sa.Text, nullable=True), sa.Column("visibility_config", postgresql.JSONB, nullable=True), sa.Column("is_published", sa.Boolean, nullable=False, server_default="false"), sa.Column("published_at", sa.DateTime(timezone=True), nullable=True), sa.Column("created_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), sa.Column("updated_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), sa.UniqueConstraint("tenant_id", "slug", name="uq_memorials_tenant_slug"), ) op.create_index("ix_memorials_tenant_id", "memorials", ["tenant_id"]) op.create_index("ix_memorials_is_published", "memorials", ["is_published"]) # ── memorial_photos ─────────────────────────────────────────────────────── op.create_table( "memorial_photos", sa.Column("id", postgresql.UUID(as_uuid=True), primary_key=True, server_default=sa.text("gen_random_uuid()")), sa.Column("tenant_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("accounts.id", ondelete="CASCADE"), nullable=False), sa.Column("memorial_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("memorials.id", ondelete="CASCADE"), nullable=False), sa.Column("s3_key", sa.Text, nullable=False), sa.Column("caption", sa.String(500), nullable=True), sa.Column("sort_order", sa.Integer, nullable=False, server_default="0"), sa.Column("uploaded_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), ) op.create_index("ix_memorial_photos_memorial_id", "memorial_photos", ["memorial_id"]) # ── tributes ────────────────────────────────────────────────────────────── op.create_table( "tributes", sa.Column("id", postgresql.UUID(as_uuid=True), primary_key=True, server_default=sa.text("gen_random_uuid()")), sa.Column("tenant_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("accounts.id", ondelete="CASCADE"), nullable=False), sa.Column("memorial_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("memorials.id", ondelete="CASCADE"), nullable=False), sa.Column("submitter_name", sa.String(255), nullable=False), sa.Column("submitter_email", sa.String(255), nullable=True), sa.Column("relationship", sa.String(100), nullable=True), sa.Column("message", sa.Text, nullable=False), sa.Column("photo_url", sa.Text, nullable=True), sa.Column("status", sa.String(20), nullable=False, server_default="pending"), sa.Column("moderated_by", postgresql.UUID(as_uuid=True), sa.ForeignKey("users.id", ondelete="SET NULL"), nullable=True), sa.Column("moderated_at", sa.DateTime(timezone=True), nullable=True), sa.Column("submitted_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), ) op.create_index("ix_tributes_memorial_id", "tributes", ["memorial_id"]) op.create_index("ix_tributes_status", "tributes", ["status"]) # ── news ────────────────────────────────────────────────────────────────── op.create_table( "news", sa.Column("id", postgresql.UUID(as_uuid=True), primary_key=True, server_default=sa.text("gen_random_uuid()")), sa.Column("tenant_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("accounts.id", ondelete="CASCADE"), nullable=False), sa.Column("author_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("users.id", ondelete="SET NULL"), nullable=True), sa.Column("title", sa.String(500), nullable=False), sa.Column("content", sa.Text, nullable=True), sa.Column("cover_image_s3_key", sa.Text, nullable=True), sa.Column("status", sa.String(20), nullable=False, server_default="draft"), sa.Column("published_at", sa.DateTime(timezone=True), nullable=True), sa.Column("created_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), sa.Column("updated_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), ) op.create_index("ix_news_tenant_id", "news", ["tenant_id"]) # ── fee_items ───────────────────────────────────────────────────────────── op.create_table( "fee_items", sa.Column("id", postgresql.UUID(as_uuid=True), primary_key=True, server_default=sa.text("gen_random_uuid()")), sa.Column("tenant_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("accounts.id", ondelete="CASCADE"), nullable=False), sa.Column("name", sa.String(200), nullable=False), sa.Column("category", sa.String(100), nullable=False), sa.Column("description", sa.Text, nullable=True), sa.Column("unit_price", sa.Numeric(10, 2), nullable=False, server_default="0"), sa.Column("is_taxable", sa.Boolean, nullable=False, server_default="false"), sa.Column("is_active", sa.Boolean, nullable=False, server_default="true"), sa.Column("sort_order", sa.Integer, nullable=False, server_default="0"), sa.Column("created_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), sa.Column("updated_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), ) op.create_index("ix_fee_items_tenant_id", "fee_items", ["tenant_id"]) op.create_index("ix_fee_items_category", "fee_items", ["tenant_id", "category"]) # ── audit_logs ──────────────────────────────────────────────────────────── op.create_table( "audit_logs", sa.Column("id", postgresql.UUID(as_uuid=True), primary_key=True, server_default=sa.text("gen_random_uuid()")), sa.Column("tenant_id", postgresql.UUID(as_uuid=True), nullable=True), sa.Column("user_id", postgresql.UUID(as_uuid=True), sa.ForeignKey("users.id", ondelete="SET NULL"), nullable=True), sa.Column("entity_type", sa.String(100), nullable=False), sa.Column("entity_id", postgresql.UUID(as_uuid=True), nullable=True), sa.Column("action", sa.String(100), nullable=False), sa.Column("old_value", postgresql.JSONB, nullable=True), sa.Column("new_value", postgresql.JSONB, nullable=True), sa.Column("ip_address", postgresql.INET, nullable=True), sa.Column("user_agent", sa.Text, nullable=True), sa.Column("created_at", sa.DateTime(timezone=True), nullable=False, server_default=sa.text("NOW()")), ) op.create_index("ix_audit_logs_tenant_id", "audit_logs", ["tenant_id"]) op.create_index("ix_audit_logs_entity", "audit_logs", ["entity_type", "entity_id"]) # ── Row Level Security ───────────────────────────────────────────────────── tenant_tables = [ "sections", "plot_types", "plots", "records", "burial_info", "family_contacts", "opportunities", "contracts", "contract_line_items", "invoices", "invoice_payments", "services", "memorials", "memorial_photos", "tributes", "news", "fee_items", ] for table in tenant_tables: op.execute(f"ALTER TABLE {table} ENABLE ROW LEVEL SECURITY") op.execute(f"ALTER TABLE {table} FORCE ROW LEVEL SECURITY") op.execute(f""" CREATE POLICY tenant_isolation ON {table} USING (tenant_id = NULLIF(current_setting('app.tenant', TRUE), '')::uuid) """) op.execute(f"GRANT SELECT, INSERT, UPDATE, DELETE ON {table} TO indelis_app") def downgrade() -> None: tables = [ "audit_logs", "fee_items", "news", "tributes", "memorial_photos", "memorials", "services", "invoice_payments", "invoices", "contract_line_items", "contracts", "opportunities", "family_contacts", "burial_info", "records", "plots", "plot_types", "sections", ] for t in tables: op.drop_table(t)