@axova/shared 1.0.0

package/dist/schemas/store/store-audit-schema.js

@@ -0,0 +1,556 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.STORE_AUDIT_BUSINESS_RULES = exports.storeAuditRelations = exports.storeAuditTrails = exports.storeAuditAggregations = exports.storeAuditLogs = void 0;
+const cuid2_1 = require("@paralleldrive/cuid2");
+const drizzle_orm_1 = require("drizzle-orm");
+const pg_core_1 = require("drizzle-orm/pg-core");
+// =====================================================
+// STORE AUDIT LOGS - COMPREHENSIVE TRACKING SYSTEM
+// =====================================================
+/**
+ * Primary Store Audit Logs Table
+ * Immutable, append-only design for complete store operation tracking
+ * Optimized for high-volume insertions with comprehensive indexing
+ */
+exports.storeAuditLogs = (0, pg_core_1.pgTable)("store_audit_logs", {
+    // Primary Identification
+    id: (0, pg_core_1.text)("id")
+        .primaryKey()
+        .$defaultFn(() => (0, cuid2_1.createId)()),
+    // Store Context - Core Business Entity
+    storeId: (0, pg_core_1.text)("store_id").notNull(),
+    storeName: (0, pg_core_1.varchar)("store_name", { length: 255 }),
+    storeSubdomain: (0, pg_core_1.varchar)("store_subdomain", { length: 63 }),
+    storeUrl: (0, pg_core_1.varchar)("store_url", { length: 255 }),
+    // Event Classification - Enhanced Categorization
+    eventType: (0, pg_core_1.varchar)("event_type", { length: 30 })
+        .notNull()
+        .$type(),
+    eventCategory: (0, pg_core_1.varchar)("event_category", { length: 30 })
+        .notNull()
+        .$type(),
+    // Action Details - Comprehensive Operation Tracking
+    action: (0, pg_core_1.varchar)("action", { length: 100 }).notNull(),
+    actionDescription: (0, pg_core_1.text)("action_description"),
+    // Resource Information - What Was Affected
+    resource: (0, pg_core_1.varchar)("resource", { length: 100 }).notNull(),
+    resourceId: (0, pg_core_1.text)("resource_id").notNull(),
+    resourceType: (0, pg_core_1.varchar)("resource_type", { length: 30 }).$type(),
+    resourceName: (0, pg_core_1.varchar)("resource_name", { length: 255 }),
+    parentResourceId: (0, pg_core_1.text)("parent_resource_id"),
+    parentResourceType: (0, pg_core_1.varchar)("parent_resource_type", { length: 30 }),
+    // Actor Information - Who Performed the Action
+    performedBy: (0, pg_core_1.text)("performed_by").notNull(),
+    performedByType: (0, pg_core_1.varchar)("performed_by_type", { length: 20 })
+        .notNull()
+        .$type(),
+    performedByName: (0, pg_core_1.varchar)("performed_by_name", { length: 255 }),
+    performedByEmail: (0, pg_core_1.varchar)("performed_by_email", { length: 320 }),
+    // User Role and Permissions Context
+    userRole: (0, pg_core_1.varchar)("user_role", { length: 50 }).$type(),
+    userPermissions: (0, pg_core_1.jsonb)("user_permissions").$type().default([]),
+    // Session and Request Context
+    sessionId: (0, pg_core_1.text)("session_id"),
+    requestId: (0, pg_core_1.text)("request_id"),
+    correlationId: (0, pg_core_1.text)("correlation_id"),
+    traceId: (0, pg_core_1.text)("trace_id"),
+    spanId: (0, pg_core_1.text)("span_id"),
+    // Network and Client Information
+    ipAddress: (0, pg_core_1.varchar)("ip_address", { length: 45 }), // IPv6 support
+    userAgent: (0, pg_core_1.text)("user_agent"),
+    clientType: (0, pg_core_1.varchar)("client_type", { length: 30 }).$type(),
+    clientId: (0, pg_core_1.text)("client_id"),
+    clientVersion: (0, pg_core_1.varchar)("client_version", { length: 50 }),
+    clientPlatform: (0, pg_core_1.varchar)("client_platform", { length: 50 }),
+    // Device Information
+    deviceInfo: (0, pg_core_1.jsonb)("device_info").$type(),
+    // Geographic Information
+    location: (0, pg_core_1.jsonb)("location").$type(),
+    // HTTP Context
+    httpMethod: (0, pg_core_1.varchar)("http_method", { length: 10 }),
+    httpPath: (0, pg_core_1.text)("http_path"),
+    httpQuery: (0, pg_core_1.text)("http_query"),
+    httpHeaders: (0, pg_core_1.jsonb)("http_headers").$type(),
+    httpStatusCode: (0, pg_core_1.integer)("http_status_code"),
+    httpResponseSize: (0, pg_core_1.integer)("http_response_size"),
+    // Data Changes and Content
+    changes: (0, pg_core_1.jsonb)("changes").$type(),
+    // Request/Response Data (Sanitized)
+    requestData: (0, pg_core_1.jsonb)("request_data").$type(),
+    responseData: (0, pg_core_1.jsonb)("response_data").$type(),
+    // Business Context and Metadata
+    businessContext: (0, pg_core_1.jsonb)("business_context").$type(),
+    // Enhanced Metadata
+    metadata: (0, pg_core_1.jsonb)("metadata").$type(),
+    // Performance Metrics
+    duration: (0, pg_core_1.integer)("duration"), // milliseconds
+    responseTime: (0, pg_core_1.integer)("response_time"), // milliseconds
+    processingTime: (0, pg_core_1.integer)("processing_time"), // milliseconds
+    databaseTime: (0, pg_core_1.integer)("database_time"), // milliseconds
+    cacheHitRate: (0, pg_core_1.real)("cache_hit_rate"), // percentage
+    memoryUsage: (0, pg_core_1.integer)("memory_usage"), // bytes
+    cpuUsage: (0, pg_core_1.real)("cpu_usage"), // percentage
+    // Operation Success and Error Information
+    success: (0, pg_core_1.boolean)("success").notNull().default(true),
+    errorCode: (0, pg_core_1.varchar)("error_code", { length: 100 }),
+    errorMessage: (0, pg_core_1.text)("error_message"),
+    errorType: (0, pg_core_1.varchar)("error_type", { length: 50 }).$type(),
+    errorDetails: (0, pg_core_1.jsonb)("error_details").$type(),
+    stackTrace: (0, pg_core_1.text)("stack_trace"),
+    // Recovery and Retry Information
+    retryCount: (0, pg_core_1.integer)("retry_count").default(0),
+    recoveryAction: (0, pg_core_1.varchar)("recovery_action", { length: 100 }),
+    fallbackUsed: (0, pg_core_1.boolean)("fallback_used").default(false),
+    // Security and Compliance
+    sensitiveData: (0, pg_core_1.boolean)("sensitive_data").notNull().default(false),
+    piiInvolved: (0, pg_core_1.boolean)("pii_involved").notNull().default(false),
+    complianceRelevant: (0, pg_core_1.boolean)("compliance_relevant").notNull().default(false),
+    dataClassification: (0, pg_core_1.varchar)("data_classification", { length: 20 })
+        .$type()
+        .default("INTERNAL"),
+    // Risk Assessment
+    riskLevel: (0, pg_core_1.varchar)("risk_level", { length: 20 })
+        .$type()
+        .default("LOW"),
+    securityImpact: (0, pg_core_1.varchar)("security_impact", { length: 20 })
+        .$type()
+        .default("NONE"),
+    privacyImpact: (0, pg_core_1.varchar)("privacy_impact", { length: 20 })
+        .$type()
+        .default("NONE"),
+    // Threat Detection
+    threatIndicators: (0, pg_core_1.jsonb)("threat_indicators")
+        .$type()
+        .default([]),
+    anomalyScore: (0, pg_core_1.real)("anomaly_score"), // 0-1 scale
+    fraudScore: (0, pg_core_1.real)("fraud_score"), // 0-1 scale
+    // Compliance Framework Tracking
+    complianceFrameworks: (0, pg_core_1.jsonb)("compliance_frameworks")
+        .$type()
+        .default([]),
+    // Data Lifecycle
+    retentionPeriod: (0, pg_core_1.integer)("retention_period"), // days
+    archiveDate: (0, pg_core_1.timestamp)("archive_date", { withTimezone: true }),
+    purgeDate: (0, pg_core_1.timestamp)("purge_date", { withTimezone: true }),
+    // Workflow and Process Tracking
+    workflowId: (0, pg_core_1.text)("workflow_id"),
+    workflowStep: (0, pg_core_1.varchar)("workflow_step", { length: 100 }),
+    workflowStatus: (0, pg_core_1.varchar)("workflow_status", { length: 30 }).$type(),
+    parentEventId: (0, pg_core_1.text)("parent_event_id"),
+    childEventIds: (0, pg_core_1.jsonb)("child_event_ids").$type().default([]),
+    // Batch and Bulk Operations
+    batchId: (0, pg_core_1.text)("batch_id"),
+    batchSize: (0, pg_core_1.integer)("batch_size"),
+    batchIndex: (0, pg_core_1.integer)("batch_index"),
+    isBulkOperation: (0, pg_core_1.boolean)("is_bulk_operation").default(false),
+    // Integration and External Systems
+    externalSystemId: (0, pg_core_1.text)("external_system_id"),
+    externalSystemName: (0, pg_core_1.varchar)("external_system_name", { length: 100 }),
+    externalEventId: (0, pg_core_1.text)("external_event_id"),
+    syncStatus: (0, pg_core_1.varchar)("sync_status", { length: 20 }).$type(),
+    // Notification and Alerting
+    alertLevel: (0, pg_core_1.varchar)("alert_level", { length: 20 })
+        .$type()
+        .default("NONE"),
+    notificationsSent: (0, pg_core_1.jsonb)("notifications_sent")
+        .$type()
+        .default([]),
+    // Data Integrity and Verification
+    checksum: (0, pg_core_1.varchar)("checksum", { length: 64 }), // SHA-256
+    signature: (0, pg_core_1.text)("signature"), // Digital signature for critical events
+    verified: (0, pg_core_1.boolean)("verified").default(false),
+    // Immutable Timestamp - Core Audit Requirement
+    timestamp: (0, pg_core_1.timestamp)("timestamp", { withTimezone: true })
+        .defaultNow()
+        .notNull(),
+    // Processing Timestamps
+    processedAt: (0, pg_core_1.timestamp)("processed_at", { withTimezone: true }),
+    indexedAt: (0, pg_core_1.timestamp)("indexed_at", { withTimezone: true }),
+    // Export and Reporting
+    exportedAt: (0, pg_core_1.timestamp)("exported_at", { withTimezone: true }),
+    reportingPeriod: (0, pg_core_1.varchar)("reporting_period", { length: 20 }),
+    // System Information
+    serviceVersion: (0, pg_core_1.varchar)("service_version", { length: 50 }),
+    nodeId: (0, pg_core_1.varchar)("node_id", { length: 100 }),
+    instanceId: (0, pg_core_1.varchar)("instance_id", { length: 100 }),
+}, (table) => ({
+    // === PRIMARY PERFORMANCE INDEXES ===
+    // Core timestamp index - most important for audit queries
+    timestampIndex: (0, pg_core_1.index)("idx_store_audit_timestamp").on(table.timestamp),
+    // Store-centric indexes for business queries
+    storeIdIndex: (0, pg_core_1.index)("idx_store_audit_store_id").on(table.storeId),
+    storeTimestampIndex: (0, pg_core_1.index)("idx_store_audit_store_timestamp").on(table.storeId, table.timestamp),
+    // Event classification indexes
+    eventTypeIndex: (0, pg_core_1.index)("idx_store_audit_event_type").on(table.eventType, table.eventCategory),
+    actionIndex: (0, pg_core_1.index)("idx_store_audit_action").on(table.action),
+    // Resource tracking indexes
+    resourceIndex: (0, pg_core_1.index)("idx_store_audit_resource").on(table.resource, table.resourceId),
+    resourceTypeIndex: (0, pg_core_1.index)("idx_store_audit_resource_type").on(table.resourceType, table.timestamp),
+    // Actor and user tracking
+    performedByIndex: (0, pg_core_1.index)("idx_store_audit_performed_by").on(table.performedBy, table.performedByType),
+    userRoleIndex: (0, pg_core_1.index)("idx_store_audit_user_role").on(table.userRole, table.timestamp),
+    // === SECURITY AND COMPLIANCE INDEXES ===
+    // Security monitoring
+    securityIndex: (0, pg_core_1.index)("idx_store_audit_security").on(table.riskLevel, table.securityImpact, table.timestamp),
+    threatIndex: (0, pg_core_1.index)("idx_store_audit_threats").on(table.anomalyScore, table.fraudScore, table.timestamp),
+    // Compliance tracking
+    complianceIndex: (0, pg_core_1.index)("idx_store_audit_compliance").on(table.complianceRelevant, table.piiInvolved, table.sensitiveData),
+    dataClassificationIndex: (0, pg_core_1.index)("idx_store_audit_data_classification").on(table.dataClassification, table.timestamp),
+    // === OPERATIONAL INDEXES ===
+    // Error and success tracking
+    errorIndex: (0, pg_core_1.index)("idx_store_audit_errors").on(table.success, table.errorCode, table.timestamp),
+    errorTypeIndex: (0, pg_core_1.index)("idx_store_audit_error_type").on(table.errorType, table.timestamp),
+    // Performance monitoring
+    performanceIndex: (0, pg_core_1.index)("idx_store_audit_performance").on(table.duration, table.responseTime, table.timestamp),
+    // Session and correlation tracking
+    sessionIndex: (0, pg_core_1.index)("idx_store_audit_session").on(table.sessionId, table.timestamp),
+    correlationIndex: (0, pg_core_1.index)("idx_store_audit_correlation").on(table.correlationId),
+    requestIndex: (0, pg_core_1.index)("idx_store_audit_request").on(table.requestId),
+    // === BUSINESS INTELLIGENCE INDEXES ===
+    // Client and device analytics
+    clientTypeIndex: (0, pg_core_1.index)("idx_store_audit_client_type").on(table.clientType, table.timestamp),
+    userAgentIndex: (0, pg_core_1.index)("idx_store_audit_user_agent").on(table.userAgent),
+    // Geographic analytics
+    locationIndex: (0, pg_core_1.index)("idx_store_audit_location").on(table.ipAddress, table.timestamp),
+    // HTTP tracking
+    httpMethodIndex: (0, pg_core_1.index)("idx_store_audit_http_method").on(table.httpMethod, table.httpStatusCode),
+    // === WORKFLOW AND PROCESS INDEXES ===
+    // Workflow tracking
+    workflowIndex: (0, pg_core_1.index)("idx_store_audit_workflow").on(table.workflowId, table.workflowStep, table.timestamp),
+    parentEventIndex: (0, pg_core_1.index)("idx_store_audit_parent_event").on(table.parentEventId),
+    // Batch operations
+    batchIndex: (0, pg_core_1.index)("idx_store_audit_batch").on(table.batchId, table.batchIndex),
+    bulkOperationIndex: (0, pg_core_1.index)("idx_store_audit_bulk").on(table.isBulkOperation, table.timestamp),
+    // === INTEGRATION INDEXES ===
+    // External system tracking
+    externalSystemIndex: (0, pg_core_1.index)("idx_store_audit_external_system").on(table.externalSystemId, table.syncStatus),
+    // Notification tracking
+    alertLevelIndex: (0, pg_core_1.index)("idx_store_audit_alert_level").on(table.alertLevel, table.timestamp),
+    // === COMPOSITE BUSINESS INDEXES ===
+    // Store activity analysis
+    storeActivityIndex: (0, pg_core_1.index)("idx_store_audit_store_activity").on(table.storeId, table.eventType, table.success, table.timestamp),
+    // User activity patterns
+    userActivityIndex: (0, pg_core_1.index)("idx_store_audit_user_activity").on(table.performedBy, table.storeId, table.timestamp),
+    // Security events by store
+    storeSecurityIndex: (0, pg_core_1.index)("idx_store_audit_store_security").on(table.storeId, table.riskLevel, table.securityImpact, table.timestamp),
+    // Resource changes by store
+    storeResourceIndex: (0, pg_core_1.index)("idx_store_audit_store_resource").on(table.storeId, table.resourceType, table.eventType, table.timestamp),
+    // Error patterns by store
+    storeErrorIndex: (0, pg_core_1.index)("idx_store_audit_store_errors").on(table.storeId, table.success, table.errorType, table.timestamp),
+    // === DATA LIFECYCLE INDEXES ===
+    // Retention and archival
+    retentionIndex: (0, pg_core_1.index)("idx_store_audit_retention").on(table.retentionPeriod, table.timestamp),
+    archiveIndex: (0, pg_core_1.index)("idx_store_audit_archive").on(table.archiveDate),
+    purgeIndex: (0, pg_core_1.index)("idx_store_audit_purge").on(table.purgeDate),
+    // Data integrity
+    checksumIndex: (0, pg_core_1.index)("idx_store_audit_checksum").on(table.checksum),
+    verificationIndex: (0, pg_core_1.index)("idx_store_audit_verified").on(table.verified, table.timestamp),
+    // === REPORTING INDEXES ===
+    // Note: Time-based reporting indexes with date_trunc functions
+    // can be added manually after table creation if needed for advanced analytics
+}));
+// =====================================================
+// STORE AUDIT AGGREGATIONS - PERFORMANCE OPTIMIZATION
+// =====================================================
+/**
+ * Pre-computed Store Audit Aggregations
+ * For high-performance analytics and reporting
+ */
+exports.storeAuditAggregations = (0, pg_core_1.pgTable)("store_audit_aggregations", {
+    id: (0, pg_core_1.text)("id")
+        .primaryKey()
+        .$defaultFn(() => (0, cuid2_1.createId)()),
+    // Aggregation Dimensions
+    storeId: (0, pg_core_1.text)("store_id").notNull(),
+    aggregationType: (0, pg_core_1.varchar)("aggregation_type", { length: 20 })
+        .notNull()
+        .$type(),
+    aggregationDate: (0, pg_core_1.timestamp)("aggregation_date", {
+        withTimezone: true,
+    }).notNull(),
+    periodStart: (0, pg_core_1.timestamp)("period_start", { withTimezone: true }).notNull(),
+    periodEnd: (0, pg_core_1.timestamp)("period_end", { withTimezone: true }).notNull(),
+    // Dimensional Breakdowns
+    eventType: (0, pg_core_1.varchar)("event_type", { length: 30 }),
+    eventCategory: (0, pg_core_1.varchar)("event_category", { length: 30 }),
+    resourceType: (0, pg_core_1.varchar)("resource_type", { length: 30 }),
+    performedByType: (0, pg_core_1.varchar)("performed_by_type", { length: 20 }),
+    clientType: (0, pg_core_1.varchar)("client_type", { length: 30 }),
+    userRole: (0, pg_core_1.varchar)("user_role", { length: 50 }),
+    // Core Activity Metrics
+    totalEvents: (0, pg_core_1.integer)("total_events").notNull().default(0),
+    successfulEvents: (0, pg_core_1.integer)("successful_events").notNull().default(0),
+    failedEvents: (0, pg_core_1.integer)("failed_events").notNull().default(0),
+    uniqueUsers: (0, pg_core_1.integer)("unique_users").notNull().default(0),
+    uniqueResources: (0, pg_core_1.integer)("unique_resources").notNull().default(0),
+    uniqueIPs: (0, pg_core_1.integer)("unique_ips").notNull().default(0),
+    uniqueSessions: (0, pg_core_1.integer)("unique_sessions").notNull().default(0),
+    // Performance Metrics
+    avgDuration: (0, pg_core_1.real)("avg_duration"),
+    maxDuration: (0, pg_core_1.integer)("max_duration"),
+    minDuration: (0, pg_core_1.integer)("min_duration"),
+    p95Duration: (0, pg_core_1.integer)("p95_duration"),
+    p99Duration: (0, pg_core_1.integer)("p99_duration"),
+    avgResponseTime: (0, pg_core_1.real)("avg_response_time"),
+    maxResponseTime: (0, pg_core_1.integer)("max_response_time"),
+    p95ResponseTime: (0, pg_core_1.integer)("p95_response_time"),
+    totalDataTransferred: (0, pg_core_1.integer)("total_data_transferred"),
+    avgMemoryUsage: (0, pg_core_1.real)("avg_memory_usage"),
+    maxMemoryUsage: (0, pg_core_1.integer)("max_memory_usage"),
+    avgCpuUsage: (0, pg_core_1.real)("avg_cpu_usage"),
+    // Security and Risk Metrics
+    securityEvents: (0, pg_core_1.integer)("security_events").notNull().default(0),
+    highRiskEvents: (0, pg_core_1.integer)("high_risk_events").notNull().default(0),
+    criticalEvents: (0, pg_core_1.integer)("critical_events").notNull().default(0),
+    anomalousEvents: (0, pg_core_1.integer)("anomalous_events").notNull().default(0),
+    fraudulentEvents: (0, pg_core_1.integer)("fraudulent_events").notNull().default(0),
+    avgAnomalyScore: (0, pg_core_1.real)("avg_anomaly_score"),
+    maxAnomalyScore: (0, pg_core_1.real)("max_anomaly_score"),
+    avgFraudScore: (0, pg_core_1.real)("avg_fraud_score"),
+    maxFraudScore: (0, pg_core_1.real)("max_fraud_score"),
+    // Compliance Metrics
+    complianceEvents: (0, pg_core_1.integer)("compliance_events").notNull().default(0),
+    piiEvents: (0, pg_core_1.integer)("pii_events").notNull().default(0),
+    sensitiveDataEvents: (0, pg_core_1.integer)("sensitive_data_events").notNull().default(0),
+    complianceViolations: (0, pg_core_1.integer)("compliance_violations").notNull().default(0),
+    // Business Metrics
+    businessCriticalEvents: (0, pg_core_1.integer)("business_critical_events")
+        .notNull()
+        .default(0),
+    revenueImpactEvents: (0, pg_core_1.integer)("revenue_impact_events").notNull().default(0),
+    customerImpactEvents: (0, pg_core_1.integer)("customer_impact_events")
+        .notNull()
+        .default(0),
+    // Error Analysis
+    errorBreakdown: (0, pg_core_1.jsonb)("error_breakdown")
+        .$type()
+        .default({}),
+    topErrors: (0, pg_core_1.jsonb)("top_errors")
+        .$type()
+        .default([]),
+    // User Behavior Analytics
+    topUsers: (0, pg_core_1.jsonb)("top_users")
+        .$type()
+        .default([]),
+    // Resource Activity
+    topResources: (0, pg_core_1.jsonb)("top_resources")
+        .$type()
+        .default([]),
+    // Geographic Distribution
+    topCountries: (0, pg_core_1.jsonb)("top_countries")
+        .$type()
+        .default([]),
+    topCities: (0, pg_core_1.jsonb)("top_cities")
+        .$type()
+        .default([]),
+    // Technology Analytics
+    deviceBreakdown: (0, pg_core_1.jsonb)("device_breakdown")
+        .$type()
+        .default({}),
+    browserBreakdown: (0, pg_core_1.jsonb)("browser_breakdown")
+        .$type()
+        .default({}),
+    osBreakdown: (0, pg_core_1.jsonb)("os_breakdown")
+        .$type()
+        .default({}),
+    // Traffic Patterns
+    hourlyDistribution: (0, pg_core_1.jsonb)("hourly_distribution")
+        .$type()
+        .default({}),
+    peakHour: (0, pg_core_1.integer)("peak_hour"),
+    peakHourEvents: (0, pg_core_1.integer)("peak_hour_events"),
+    // Growth and Trends
+    periodOverPeriodGrowth: (0, pg_core_1.real)("period_over_period_growth"),
+    trendDirection: (0, pg_core_1.varchar)("trend_direction", { length: 10 }).$type(),
+    createdAt: (0, pg_core_1.timestamp)("created_at", { withTimezone: true })
+        .defaultNow()
+        .notNull(),
+    updatedAt: (0, pg_core_1.timestamp)("updated_at", { withTimezone: true })
+        .defaultNow()
+        .notNull(),
+}, (table) => ({
+    // Primary aggregation indexes
+    storeAggregationIndex: (0, pg_core_1.index)("idx_store_audit_agg_store").on(table.storeId, table.aggregationType, table.aggregationDate),
+    aggregationDateIndex: (0, pg_core_1.index)("idx_store_audit_agg_date").on(table.aggregationDate, table.aggregationType),
+    // Dimensional analysis indexes
+    eventTypeAggIndex: (0, pg_core_1.index)("idx_store_audit_agg_event_type").on(table.eventType, table.aggregationDate),
+    // Performance monitoring
+    performanceAggIndex: (0, pg_core_1.index)("idx_store_audit_agg_performance").on(table.avgDuration, table.p95Duration, table.aggregationDate),
+    // Security analytics
+    securityAggIndex: (0, pg_core_1.index)("idx_store_audit_agg_security").on(table.securityEvents, table.highRiskEvents, table.aggregationDate),
+}));
+// =====================================================
+// STORE AUDIT TRAILS - BUSINESS PROCESS TRACKING
+// =====================================================
+/**
+ * Store-Specific Audit Trails
+ * For tracking complex business processes and workflows
+ */
+exports.storeAuditTrails = (0, pg_core_1.pgTable)("store_audit_trails", {
+    id: (0, pg_core_1.text)("id")
+        .primaryKey()
+        .$defaultFn(() => (0, cuid2_1.createId)()),
+    // Store Context
+    storeId: (0, pg_core_1.text)("store_id").notNull(),
+    // Trail Information
+    trailName: (0, pg_core_1.varchar)("trail_name", { length: 100 }).notNull(),
+    trailType: (0, pg_core_1.varchar)("trail_type", { length: 30 })
+        .notNull()
+        .$type(),
+    trailDescription: (0, pg_core_1.text)("trail_description"),
+    // Subject/Target Information
+    subjectType: (0, pg_core_1.varchar)("subject_type", { length: 30 }).$type(),
+    subjectId: (0, pg_core_1.text)("subject_id").notNull(),
+    subjectName: (0, pg_core_1.varchar)("subject_name", { length: 255 }),
+    // Trail Status and Lifecycle
+    status: (0, pg_core_1.varchar)("status", { length: 20 })
+        .notNull()
+        .default("ACTIVE")
+        .$type(),
+    // Timeline
+    startedAt: (0, pg_core_1.timestamp)("started_at", { withTimezone: true }).notNull(),
+    completedAt: (0, pg_core_1.timestamp)("completed_at", { withTimezone: true }),
+    estimatedCompletionAt: (0, pg_core_1.timestamp)("estimated_completion_at", {
+        withTimezone: true,
+    }),
+    // Ownership and Responsibility
+    ownerId: (0, pg_core_1.text)("owner_id"),
+    ownerName: (0, pg_core_1.varchar)("owner_name", { length: 255 }),
+    ownerType: (0, pg_core_1.varchar)("owner_type", { length: 20 }).$type(),
+    assignedTo: (0, pg_core_1.text)("assigned_to"),
+    department: (0, pg_core_1.varchar)("department", { length: 100 }),
+    // Configuration and Settings
+    configuration: (0, pg_core_1.jsonb)("configuration").$type(),
+    // Purpose and Business Context
+    purpose: (0, pg_core_1.varchar)("purpose", { length: 200 }),
+    businessJustification: (0, pg_core_1.text)("business_justification"),
+    expectedOutcome: (0, pg_core_1.text)("expected_outcome"),
+    actualOutcome: (0, pg_core_1.text)("actual_outcome"),
+    // Compliance and Governance
+    complianceRequirements: (0, pg_core_1.jsonb)("compliance_requirements")
+        .$type()
+        .default([]),
+    approvalRequired: (0, pg_core_1.boolean)("approval_required").default(false),
+    approvedBy: (0, pg_core_1.text)("approved_by"),
+    approvedAt: (0, pg_core_1.timestamp)("approved_at", { withTimezone: true }),
+    // Risk Assessment
+    riskLevel: (0, pg_core_1.varchar)("risk_level", { length: 20 })
+        .$type()
+        .default("LOW"),
+    riskFactors: (0, pg_core_1.jsonb)("risk_factors")
+        .$type()
+        .default([]),
+    // Metrics and KPIs
+    kpis: (0, pg_core_1.jsonb)("kpis")
+        .$type()
+        .default({}),
+    // Progress Tracking
+    progress: (0, pg_core_1.integer)("progress").default(0), // 0-100 percentage
+    milestones: (0, pg_core_1.jsonb)("milestones")
+        .$type()
+        .default([]),
+    // Event Statistics
+    totalEvents: (0, pg_core_1.integer)("total_events").notNull().default(0),
+    successfulEvents: (0, pg_core_1.integer)("successful_events").notNull().default(0),
+    failedEvents: (0, pg_core_1.integer)("failed_events").notNull().default(0),
+    // Activity Tracking
+    lastActivityAt: (0, pg_core_1.timestamp)("last_activity_at", { withTimezone: true }),
+    lastEventId: (0, pg_core_1.text)("last_event_id"),
+    // Alerting and Monitoring
+    alertingEnabled: (0, pg_core_1.boolean)("alerting_enabled").notNull().default(true),
+    alertThresholds: (0, pg_core_1.jsonb)("alert_thresholds")
+        .$type()
+        .default({}),
+    // Data Retention
+    retentionPeriod: (0, pg_core_1.integer)("retention_period").default(2555), // days
+    // Integration and External Systems
+    externalTrailId: (0, pg_core_1.text)("external_trail_id"),
+    externalSystemName: (0, pg_core_1.varchar)("external_system_name", { length: 100 }),
+    // Audit Information
+    createdAt: (0, pg_core_1.timestamp)("created_at", { withTimezone: true })
+        .defaultNow()
+        .notNull(),
+    updatedAt: (0, pg_core_1.timestamp)("updated_at", { withTimezone: true })
+        .defaultNow()
+        .notNull(),
+    createdBy: (0, pg_core_1.text)("created_by"),
+    lastModifiedBy: (0, pg_core_1.text)("last_modified_by"),
+}, (table) => ({
+    // Primary business indexes
+    storeTrailsIndex: (0, pg_core_1.index)("idx_store_audit_trails_store").on(table.storeId, table.status),
+    trailTypeIndex: (0, pg_core_1.index)("idx_store_audit_trails_type").on(table.trailType, table.status),
+    subjectIndex: (0, pg_core_1.index)("idx_store_audit_trails_subject").on(table.subjectType, table.subjectId),
+    // Status and timeline tracking
+    statusIndex: (0, pg_core_1.index)("idx_store_audit_trails_status").on(table.status, table.startedAt),
+    timelineIndex: (0, pg_core_1.index)("idx_store_audit_trails_timeline").on(table.startedAt, table.completedAt),
+    // Ownership and responsibility
+    ownerIndex: (0, pg_core_1.index)("idx_store_audit_trails_owner").on(table.ownerId, table.status),
+    // Activity monitoring
+    activityIndex: (0, pg_core_1.index)("idx_store_audit_trails_activity").on(table.lastActivityAt, table.status),
+    // Risk and compliance
+    riskIndex: (0, pg_core_1.index)("idx_store_audit_trails_risk").on(table.riskLevel, table.storeId),
+}));
+// =====================================================
+// STORE AUDIT RELATIONSHIPS
+// =====================================================
+/**
+ * Define relationships between audit tables and core store entities
+ */
+exports.storeAuditRelations = (0, drizzle_orm_1.relations)(exports.storeAuditLogs, ({ one, many }) => ({
+    // Link to trails (when workflowId is present)
+    trail: one(exports.storeAuditTrails, {
+        fields: [exports.storeAuditLogs.workflowId],
+        references: [exports.storeAuditTrails.id],
+    }),
+    // Parent-child event relationships
+    parentEvent: one(exports.storeAuditLogs, {
+        fields: [exports.storeAuditLogs.parentEventId],
+        references: [exports.storeAuditLogs.id],
+        relationName: "childEvents",
+    }),
+    childEvents: many(exports.storeAuditLogs, {
+        relationName: "childEvents",
+    }),
+}));
+// =====================================================
+// SCHEMA VALIDATION AND BUSINESS RULES
+// =====================================================
+/**
+ * Business rules and constraints for store audit logging
+ */
+exports.STORE_AUDIT_BUSINESS_RULES = {
+    // Retention periods by event type (in days)
+    RETENTION_PERIODS: {
+        SECURITY_EVENT: 2555, // 7 years
+        COMPLIANCE_ACTION: 2555,
+        DELETE: 2555,
+        FINANCIAL: 2555,
+        STANDARD: 1095, // 3 years
+        SYSTEM_ACTION: 365, // 1 year
+    },
+    // Risk level escalation rules
+    RISK_ESCALATION: {
+        CRITICAL: {
+            immediateFlush: true,
+            alertRequired: true,
+            approvalRequired: true,
+        },
+        HIGH: {
+            immediateFlush: true,
+            alertRequired: true,
+        },
+        MEDIUM: {
+            batchFlush: true,
+        },
+        LOW: {
+            batchFlush: true,
+        },
+    },
+    // Compliance framework mappings
+    COMPLIANCE_MAPPINGS: {
+        PII_ACCESS: ["GDPR", "CCPA"],
+        FINANCIAL_DATA: ["PCI_DSS", "SOX"],
+        HEALTH_DATA: ["HIPAA"],
+        ALL_DATA: ["ISO27001"],
+    },
+};