Switch database IDs from TEXT to native UUID

Consolidate 16 migrations into one with UUID columns for all entity IDs. TEXT is kept only for polymorphic fields (audit_logs.actor_id, resource_id) and template names. The id package now generates UUIDs via google/uuid, with Format*/Parse* helpers for the prefixed wire format (sb-{uuid}, usr-{uuid}, etc.). Auth context, services, and handlers pass pgtype.UUID internally; conversion to/from prefixed strings happens at API and RPC boundaries. Adds PlatformTeamID (all-zeros UUID) for shared resources.
2026-03-26 16:16:21 +06:00
parent cdd89a7cee
commit 4ddd494160
66 changed files with 1350 additions and 1127 deletions
--- a/internal/db/users.sql.go
+++ b/internal/db/users.sql.go
@ -16,8 +16,8 @@ DELETE FROM admin_permissions WHERE user_id = $1 AND permission = $2
 `

 type DeleteAdminPermissionParams struct {
-	UserID     string `json:"user_id"`
-	Permission string `json:"permission"`
+	UserID     pgtype.UUID `json:"user_id"`
+	Permission string      `json:"permission"`
 }

 func (q *Queries) DeleteAdminPermission(ctx context.Context, arg DeleteAdminPermissionParams) error {
@ -29,7 +29,7 @@ const getAdminPermissions = `-- name: GetAdminPermissions :many
 SELECT id, user_id, permission, created_at FROM admin_permissions WHERE user_id = $1 ORDER BY permission
 `

-func (q *Queries) GetAdminPermissions(ctx context.Context, userID string) ([]AdminPermission, error) {
+func (q *Queries) GetAdminPermissions(ctx context.Context, userID pgtype.UUID) ([]AdminPermission, error) {
 	rows, err := q.db.Query(ctx, getAdminPermissions, userID)
 	if err != nil {
 		return nil, err
@ -55,7 +55,7 @@ func (q *Queries) GetAdminPermissions(ctx context.Context, userID string) ([]Adm
 }

 const getAdminUsers = `-- name: GetAdminUsers :many
-SELECT id, email, password_hash, created_at, updated_at, is_admin, name FROM users WHERE is_admin = TRUE ORDER BY created_at
+SELECT id, email, password_hash, name, is_admin, created_at, updated_at FROM users WHERE is_admin = TRUE ORDER BY created_at
 `

 func (q *Queries) GetAdminUsers(ctx context.Context) ([]User, error) {
@ -71,10 +71,10 @@ func (q *Queries) GetAdminUsers(ctx context.Context) ([]User, error) {
 			&i.ID,
 			&i.Email,
 			&i.PasswordHash,
+			&i.Name,
+			&i.IsAdmin,
 			&i.CreatedAt,
 			&i.UpdatedAt,
-			&i.IsAdmin,
-			&i.Name,
 		); err != nil {
 			return nil, err
 		}
@ -87,7 +87,7 @@ func (q *Queries) GetAdminUsers(ctx context.Context) ([]User, error) {
 }

 const getUserByEmail = `-- name: GetUserByEmail :one
-SELECT id, email, password_hash, created_at, updated_at, is_admin, name FROM users WHERE email = $1
+SELECT id, email, password_hash, name, is_admin, created_at, updated_at FROM users WHERE email = $1
 `

 func (q *Queries) GetUserByEmail(ctx context.Context, email string) (User, error) {
@ -97,29 +97,29 @@ func (q *Queries) GetUserByEmail(ctx context.Context, email string) (User, error
 		&i.ID,
 		&i.Email,
 		&i.PasswordHash,
+		&i.Name,
+		&i.IsAdmin,
 		&i.CreatedAt,
 		&i.UpdatedAt,
-		&i.IsAdmin,
-		&i.Name,
 	)
 	return i, err
 }

 const getUserByID = `-- name: GetUserByID :one
-SELECT id, email, password_hash, created_at, updated_at, is_admin, name FROM users WHERE id = $1
+SELECT id, email, password_hash, name, is_admin, created_at, updated_at FROM users WHERE id = $1
 `

-func (q *Queries) GetUserByID(ctx context.Context, id string) (User, error) {
+func (q *Queries) GetUserByID(ctx context.Context, id pgtype.UUID) (User, error) {
 	row := q.db.QueryRow(ctx, getUserByID, id)
 	var i User
 	err := row.Scan(
 		&i.ID,
 		&i.Email,
 		&i.PasswordHash,
+		&i.Name,
+		&i.IsAdmin,
 		&i.CreatedAt,
 		&i.UpdatedAt,
-		&i.IsAdmin,
-		&i.Name,
 	)
 	return i, err
 }
@ -131,8 +131,8 @@ SELECT EXISTS(
 `

 type HasAdminPermissionParams struct {
-	UserID     string `json:"user_id"`
-	Permission string `json:"permission"`
+	UserID     pgtype.UUID `json:"user_id"`
+	Permission string      `json:"permission"`
 }

 func (q *Queries) HasAdminPermission(ctx context.Context, arg HasAdminPermissionParams) (bool, error) {
@ -148,9 +148,9 @@ VALUES ($1, $2, $3)
 `

 type InsertAdminPermissionParams struct {
-	ID         string `json:"id"`
-	UserID     string `json:"user_id"`
-	Permission string `json:"permission"`
+	ID         pgtype.UUID `json:"id"`
+	UserID     pgtype.UUID `json:"user_id"`
+	Permission string      `json:"permission"`
 }

 func (q *Queries) InsertAdminPermission(ctx context.Context, arg InsertAdminPermissionParams) error {
@ -161,11 +161,11 @@ func (q *Queries) InsertAdminPermission(ctx context.Context, arg InsertAdminPerm
 const insertUser = `-- name: InsertUser :one
 INSERT INTO users (id, email, password_hash, name)
 VALUES ($1, $2, $3, $4)
-RETURNING id, email, password_hash, created_at, updated_at, is_admin, name
+RETURNING id, email, password_hash, name, is_admin, created_at, updated_at
 `

 type InsertUserParams struct {
-	ID           string      `json:"id"`
+	ID           pgtype.UUID `json:"id"`
 	Email        string      `json:"email"`
 	PasswordHash pgtype.Text `json:"password_hash"`
 	Name         string      `json:"name"`
@ -183,10 +183,10 @@ func (q *Queries) InsertUser(ctx context.Context, arg InsertUserParams) (User, e
 		&i.ID,
 		&i.Email,
 		&i.PasswordHash,
+		&i.Name,
+		&i.IsAdmin,
 		&i.CreatedAt,
 		&i.UpdatedAt,
-		&i.IsAdmin,
-		&i.Name,
 	)
 	return i, err
 }
@ -194,13 +194,13 @@ func (q *Queries) InsertUser(ctx context.Context, arg InsertUserParams) (User, e
 const insertUserOAuth = `-- name: InsertUserOAuth :one
 INSERT INTO users (id, email, name)
 VALUES ($1, $2, $3)
-RETURNING id, email, password_hash, created_at, updated_at, is_admin, name
+RETURNING id, email, password_hash, name, is_admin, created_at, updated_at
 `

 type InsertUserOAuthParams struct {
-	ID    string `json:"id"`
-	Email string `json:"email"`
-	Name  string `json:"name"`
+	ID    pgtype.UUID `json:"id"`
+	Email string      `json:"email"`
+	Name  string      `json:"name"`
 }

 func (q *Queries) InsertUserOAuth(ctx context.Context, arg InsertUserOAuthParams) (User, error) {
@ -210,10 +210,10 @@ func (q *Queries) InsertUserOAuth(ctx context.Context, arg InsertUserOAuthParams
 		&i.ID,
 		&i.Email,
 		&i.PasswordHash,
+		&i.Name,
+		&i.IsAdmin,
 		&i.CreatedAt,
 		&i.UpdatedAt,
-		&i.IsAdmin,
-		&i.Name,
 	)
 	return i, err
 }
@ -223,8 +223,8 @@ SELECT id, email FROM users WHERE email LIKE $1 || '%' ORDER BY email LIMIT 10
 `

 type SearchUsersByEmailPrefixRow struct {
-	ID    string `json:"id"`
-	Email string `json:"email"`
+	ID    pgtype.UUID `json:"id"`
+	Email string      `json:"email"`
 }

 func (q *Queries) SearchUsersByEmailPrefix(ctx context.Context, dollar_1 pgtype.Text) ([]SearchUsersByEmailPrefixRow, error) {
@ -252,8 +252,8 @@ UPDATE users SET is_admin = $2, updated_at = NOW() WHERE id = $1
 `

 type SetUserAdminParams struct {
-	ID      string `json:"id"`
-	IsAdmin bool   `json:"is_admin"`
+	ID      pgtype.UUID `json:"id"`
+	IsAdmin bool        `json:"is_admin"`
 }

 func (q *Queries) SetUserAdmin(ctx context.Context, arg SetUserAdminParams) error {
@ -266,8 +266,8 @@ UPDATE users SET name = $2, updated_at = NOW() WHERE id = $1
 `

 type UpdateUserNameParams struct {
-	ID   string `json:"id"`
-	Name string `json:"name"`
+	ID   pgtype.UUID `json:"id"`
+	Name string      `json:"name"`
 }

 func (q *Queries) UpdateUserName(ctx context.Context, arg UpdateUserNameParams) error {