insforge 1.2.10 → 1.3.0

package/backend/src/infra/database/migrations/004_add-reload-postgrest-func.sql

@@ -1,24 +1,24 @@
--- Migration: 004 - add reload_postgrest_schema function.
-
-DO $$
-BEGIN
-    -- Create a function to reload PostgREST schema
-    CREATE OR REPLACE FUNCTION reload_postgrest_schema()
-    RETURNS void
-    LANGUAGE plpgsql
-    AS $reload_function$
-    BEGIN
-        -- Method 1: Use NOTIFY to signal PostgREST to reload schema
-        -- PostgREST listens to 'pgrst' channel for schema changes
-        NOTIFY pgrst, 'reload schema';
-        
-        RAISE NOTICE 'PostgREST schema reload notification sent';
-    END
-    $reload_function$;
-
-    -- Grant execute permission to project_admin and authenticated users
-    GRANT EXECUTE ON FUNCTION reload_postgrest_schema() TO project_admin;
-    GRANT EXECUTE ON FUNCTION reload_postgrest_schema() TO authenticated;
-    
-    RAISE NOTICE 'PostgREST schema reload function created successfully';
+-- Migration: 004 - add reload_postgrest_schema function.
+
+DO $$
+BEGIN
+    -- Create a function to reload PostgREST schema
+    CREATE OR REPLACE FUNCTION reload_postgrest_schema()
+    RETURNS void
+    LANGUAGE plpgsql
+    AS $reload_function$
+    BEGIN
+        -- Method 1: Use NOTIFY to signal PostgREST to reload schema
+        -- PostgREST listens to 'pgrst' channel for schema changes
+        NOTIFY pgrst, 'reload schema';
+        
+        RAISE NOTICE 'PostgREST schema reload notification sent';
+    END
+    $reload_function$;
+
+    -- Grant execute permission to project_admin and authenticated users
+    GRANT EXECUTE ON FUNCTION reload_postgrest_schema() TO project_admin;
+    GRANT EXECUTE ON FUNCTION reload_postgrest_schema() TO authenticated;
+    
+    RAISE NOTICE 'PostgREST schema reload function created successfully';
 END $$;

package/backend/src/infra/database/migrations/005_enable-project-admin-modify-users.sql

@@ -1,30 +1,30 @@
--- Migration: 005 - Enable project admin modify any users.
-
-DO $$
-BEGIN
-    -- Create policy to allow project_admin to update any user
-    IF NOT EXISTS (
-        SELECT 1 FROM pg_policies 
-        WHERE tablename = 'users' 
-        AND policyname = 'Allow project_admin to update any user'
-    ) THEN
-        CREATE POLICY "Allow project_admin to update any user" ON users
-            FOR UPDATE
-            TO project_admin
-            USING (true)
-            WITH CHECK (true);  -- Ensure project_admin always can update
-    END IF;
-
-    -- Grant necessary permissions
-    GRANT SELECT, UPDATE ON users TO project_admin;
-    
-    -- Notify PostgREST to reload schema after policy changes
-    IF EXISTS (SELECT 1 FROM pg_proc WHERE proname = 'reload_postgrest_schema') THEN
-        PERFORM reload_postgrest_schema();
-        RAISE NOTICE 'PostgREST schema reload requested after migration';
-    ELSE
-        RAISE WARNING 'PostgREST reload function not found - please restart PostgREST manually';
-    END IF;
-    
-    RAISE NOTICE 'Migration project-admin-update-users completed successfully';
+-- Migration: 005 - Enable project admin modify any users.
+
+DO $$
+BEGIN
+    -- Create policy to allow project_admin to update any user
+    IF NOT EXISTS (
+        SELECT 1 FROM pg_policies 
+        WHERE tablename = 'users' 
+        AND policyname = 'Allow project_admin to update any user'
+    ) THEN
+        CREATE POLICY "Allow project_admin to update any user" ON users
+            FOR UPDATE
+            TO project_admin
+            USING (true)
+            WITH CHECK (true);  -- Ensure project_admin always can update
+    END IF;
+
+    -- Grant necessary permissions
+    GRANT SELECT, UPDATE ON users TO project_admin;
+    
+    -- Notify PostgREST to reload schema after policy changes
+    IF EXISTS (SELECT 1 FROM pg_proc WHERE proname = 'reload_postgrest_schema') THEN
+        PERFORM reload_postgrest_schema();
+        RAISE NOTICE 'PostgREST schema reload requested after migration';
+    ELSE
+        RAISE WARNING 'PostgREST reload function not found - please restart PostgREST manually';
+    END IF;
+    
+    RAISE NOTICE 'Migration project-admin-update-users completed successfully';
 END $$;

package/backend/src/infra/database/migrations/006_modify-ai-usage-table.sql

@@ -1,25 +1,25 @@
--- Migration: 006 - Modify AI usage table
--- This migration modifies the _ai_usage table to:
--- 1. Change foreign key constraint on config_id to SET NULL
--- 2. Make config_id nullable
--- 3. Add model_id column
-
--- Drop existing foreign key constraint
-ALTER TABLE _ai_usage 
-DROP CONSTRAINT IF EXISTS _ai_usage_config_id_fkey;
-
--- Make config_id nullable
-ALTER TABLE _ai_usage 
-ALTER COLUMN config_id DROP NOT NULL;
-
--- Add new foreign key constraint with SET NULL on delete
-ALTER TABLE _ai_usage 
-ADD CONSTRAINT _ai_usage_config_id_fkey 
-FOREIGN KEY (config_id) REFERENCES _ai_configs(id) ON DELETE SET NULL;
-
--- Add new columns for model identification
-ALTER TABLE _ai_usage 
-ADD COLUMN IF NOT EXISTS model_id VARCHAR(255);
-
--- Create indexes for the new columns
+-- Migration: 006 - Modify AI usage table
+-- This migration modifies the _ai_usage table to:
+-- 1. Change foreign key constraint on config_id to SET NULL
+-- 2. Make config_id nullable
+-- 3. Add model_id column
+
+-- Drop existing foreign key constraint
+ALTER TABLE _ai_usage 
+DROP CONSTRAINT IF EXISTS _ai_usage_config_id_fkey;
+
+-- Make config_id nullable
+ALTER TABLE _ai_usage 
+ALTER COLUMN config_id DROP NOT NULL;
+
+-- Add new foreign key constraint with SET NULL on delete
+ALTER TABLE _ai_usage 
+ADD CONSTRAINT _ai_usage_config_id_fkey 
+FOREIGN KEY (config_id) REFERENCES _ai_configs(id) ON DELETE SET NULL;
+
+-- Add new columns for model identification
+ALTER TABLE _ai_usage 
+ADD COLUMN IF NOT EXISTS model_id VARCHAR(255);
+
+-- Create indexes for the new columns
 CREATE INDEX IF NOT EXISTS idx_ai_usage_model_id ON _ai_usage(model_id);

package/backend/src/infra/database/migrations/007_drop-metadata-table.sql

@@ -1,2 +1,2 @@
--- Drop the _metadata table if it exists
+-- Drop the _metadata table if it exists
 DROP TABLE IF EXISTS _metadata CASCADE;

package/backend/src/infra/database/migrations/008_add-system-tables.sql

@@ -1,77 +1,77 @@
--- Migration: 008 - Create new system tables and rename OAuth connections table
-
--- 1. Create _secrets table for storing application secrets
-CREATE TABLE IF NOT EXISTS _secrets (
-  id UUID DEFAULT gen_random_uuid() PRIMARY KEY,
-  name TEXT UNIQUE NOT NULL,
-  value_ciphertext TEXT NOT NULL,
-  is_active BOOLEAN DEFAULT TRUE,
-  last_used_at TIMESTAMPTZ,
-  expires_at TIMESTAMPTZ,
-  created_at TIMESTAMPTZ DEFAULT NOW(),
-  updated_at TIMESTAMPTZ DEFAULT NOW()
-);
-
--- 2. Create _oauth_configs table for OAuth provider configurations
-CREATE TABLE IF NOT EXISTS _oauth_configs (
-  id UUID DEFAULT gen_random_uuid() PRIMARY KEY,
-  provider TEXT UNIQUE NOT NULL,
-  client_id TEXT,
-  secret_id UUID REFERENCES _secrets(id) ON DELETE RESTRICT,
-  scopes TEXT[],
-  redirect_uri TEXT,
-  use_shared_key BOOLEAN DEFAULT FALSE,
-  created_at TIMESTAMPTZ DEFAULT NOW(),
-  updated_at TIMESTAMPTZ DEFAULT NOW()
-);
-
--- 3. Create _audit_logs table for storing admin operation logs
-CREATE TABLE IF NOT EXISTS _audit_logs (
-  id UUID DEFAULT gen_random_uuid() PRIMARY KEY,
-  actor TEXT NOT NULL,
-  action TEXT NOT NULL,
-  module TEXT NOT NULL,
-  details JSONB,
-  ip_address INET,
-  created_at TIMESTAMPTZ DEFAULT NOW(),
-  updated_at TIMESTAMPTZ DEFAULT NOW()
-);
-
--- 4. Rename _oauth_connections to _account_providers
-DO $$
-BEGIN
-    IF EXISTS (SELECT FROM information_schema.tables
-              WHERE table_name = '_oauth_connections' AND table_schema = 'public') THEN
-        IF EXISTS (SELECT FROM information_schema.tables
-                  WHERE table_name = '_account_providers' AND table_schema = 'public') THEN
-            -- _account_providers already exists, just drop _oauth_connections
-            DROP TABLE _oauth_connections CASCADE;
-        ELSE
-            -- _account_providers doesn't exist, rename _oauth_connections to _account_providers
-            ALTER TABLE _oauth_connections RENAME TO _account_providers;
-        END IF;
-    END IF;
-END $$;
-
--- 5. Drop the old _config system table
-DROP TABLE IF EXISTS _config CASCADE;
-
--- Create indexes for better query performance
-CREATE INDEX IF NOT EXISTS idx_secrets_name ON _secrets(name);
-CREATE INDEX IF NOT EXISTS idx_oauth_configs_provider ON _oauth_configs(provider);
-CREATE INDEX IF NOT EXISTS idx_audit_logs_actor ON _audit_logs(actor);
-CREATE INDEX IF NOT EXISTS idx_audit_logs_module ON _audit_logs(module);
-CREATE INDEX IF NOT EXISTS idx_audit_logs_created_at ON _audit_logs(created_at DESC);
-
--- Add triggers for updated_at
-DROP TRIGGER IF EXISTS update__secrets_updated_at ON _secrets;
-CREATE TRIGGER update__secrets_updated_at BEFORE UPDATE ON _secrets
-FOR EACH ROW EXECUTE FUNCTION update_updated_at_column();
-
-DROP TRIGGER IF EXISTS update__oauth_configs_updated_at ON _oauth_configs;
-CREATE TRIGGER update__oauth_configs_updated_at BEFORE UPDATE ON _oauth_configs
-FOR EACH ROW EXECUTE FUNCTION update_updated_at_column();
-
-DROP TRIGGER IF EXISTS update__audit_logs_updated_at ON _audit_logs;
-CREATE TRIGGER update__audit_logs_updated_at BEFORE UPDATE ON _audit_logs
+-- Migration: 008 - Create new system tables and rename OAuth connections table
+
+-- 1. Create _secrets table for storing application secrets
+CREATE TABLE IF NOT EXISTS _secrets (
+  id UUID DEFAULT gen_random_uuid() PRIMARY KEY,
+  name TEXT UNIQUE NOT NULL,
+  value_ciphertext TEXT NOT NULL,
+  is_active BOOLEAN DEFAULT TRUE,
+  last_used_at TIMESTAMPTZ,
+  expires_at TIMESTAMPTZ,
+  created_at TIMESTAMPTZ DEFAULT NOW(),
+  updated_at TIMESTAMPTZ DEFAULT NOW()
+);
+
+-- 2. Create _oauth_configs table for OAuth provider configurations
+CREATE TABLE IF NOT EXISTS _oauth_configs (
+  id UUID DEFAULT gen_random_uuid() PRIMARY KEY,
+  provider TEXT UNIQUE NOT NULL,
+  client_id TEXT,
+  secret_id UUID REFERENCES _secrets(id) ON DELETE RESTRICT,
+  scopes TEXT[],
+  redirect_uri TEXT,
+  use_shared_key BOOLEAN DEFAULT FALSE,
+  created_at TIMESTAMPTZ DEFAULT NOW(),
+  updated_at TIMESTAMPTZ DEFAULT NOW()
+);
+
+-- 3. Create _audit_logs table for storing admin operation logs
+CREATE TABLE IF NOT EXISTS _audit_logs (
+  id UUID DEFAULT gen_random_uuid() PRIMARY KEY,
+  actor TEXT NOT NULL,
+  action TEXT NOT NULL,
+  module TEXT NOT NULL,
+  details JSONB,
+  ip_address INET,
+  created_at TIMESTAMPTZ DEFAULT NOW(),
+  updated_at TIMESTAMPTZ DEFAULT NOW()
+);
+
+-- 4. Rename _oauth_connections to _account_providers
+DO $$
+BEGIN
+    IF EXISTS (SELECT FROM information_schema.tables
+              WHERE table_name = '_oauth_connections' AND table_schema = 'public') THEN
+        IF EXISTS (SELECT FROM information_schema.tables
+                  WHERE table_name = '_account_providers' AND table_schema = 'public') THEN
+            -- _account_providers already exists, just drop _oauth_connections
+            DROP TABLE _oauth_connections CASCADE;
+        ELSE
+            -- _account_providers doesn't exist, rename _oauth_connections to _account_providers
+            ALTER TABLE _oauth_connections RENAME TO _account_providers;
+        END IF;
+    END IF;
+END $$;
+
+-- 5. Drop the old _config system table
+DROP TABLE IF EXISTS _config CASCADE;
+
+-- Create indexes for better query performance
+CREATE INDEX IF NOT EXISTS idx_secrets_name ON _secrets(name);
+CREATE INDEX IF NOT EXISTS idx_oauth_configs_provider ON _oauth_configs(provider);
+CREATE INDEX IF NOT EXISTS idx_audit_logs_actor ON _audit_logs(actor);
+CREATE INDEX IF NOT EXISTS idx_audit_logs_module ON _audit_logs(module);
+CREATE INDEX IF NOT EXISTS idx_audit_logs_created_at ON _audit_logs(created_at DESC);
+
+-- Add triggers for updated_at
+DROP TRIGGER IF EXISTS update__secrets_updated_at ON _secrets;
+CREATE TRIGGER update__secrets_updated_at BEFORE UPDATE ON _secrets
+FOR EACH ROW EXECUTE FUNCTION update_updated_at_column();
+
+DROP TRIGGER IF EXISTS update__oauth_configs_updated_at ON _oauth_configs;
+CREATE TRIGGER update__oauth_configs_updated_at BEFORE UPDATE ON _oauth_configs
+FOR EACH ROW EXECUTE FUNCTION update_updated_at_column();
+
+DROP TRIGGER IF EXISTS update__audit_logs_updated_at ON _audit_logs;
+CREATE TRIGGER update__audit_logs_updated_at BEFORE UPDATE ON _audit_logs
 FOR EACH ROW EXECUTE FUNCTION update_updated_at_column();

package/backend/src/infra/database/migrations/009_add-function-secrets.sql

@@ -1,24 +1,24 @@
--- Migration: 009 - Create function secrets table for edge functions environment variables
--- This table stores encrypted secrets that are injected into edge functions as Deno.env variables
-
-CREATE TABLE IF NOT EXISTS _function_secrets (
-  id UUID DEFAULT gen_random_uuid() PRIMARY KEY,
-  key VARCHAR(255) UNIQUE NOT NULL,
-  value_ciphertext TEXT NOT NULL,      -- Encrypted value using AES-256-GCM
-  is_reserved BOOLEAN DEFAULT FALSE,   -- System-reserved keys that can't be modified/deleted
-  created_at TIMESTAMPTZ DEFAULT NOW(),
-  updated_at TIMESTAMPTZ DEFAULT NOW()
-);
-
--- Create index for faster key lookups
-CREATE INDEX IF NOT EXISTS idx_function_secrets_key ON _function_secrets(key);
-
--- Add trigger for updated_at
-DROP TRIGGER IF EXISTS update__function_secrets_updated_at ON _function_secrets;
-CREATE TRIGGER update__function_secrets_updated_at BEFORE UPDATE ON _function_secrets
-FOR EACH ROW EXECUTE FUNCTION update_updated_at_column();
-
--- Note: Reserved system secrets will be initialized by the application on startup
-
--- Rename _edge_functions table to functions
+-- Migration: 009 - Create function secrets table for edge functions environment variables
+-- This table stores encrypted secrets that are injected into edge functions as Deno.env variables
+
+CREATE TABLE IF NOT EXISTS _function_secrets (
+  id UUID DEFAULT gen_random_uuid() PRIMARY KEY,
+  key VARCHAR(255) UNIQUE NOT NULL,
+  value_ciphertext TEXT NOT NULL,      -- Encrypted value using AES-256-GCM
+  is_reserved BOOLEAN DEFAULT FALSE,   -- System-reserved keys that can't be modified/deleted
+  created_at TIMESTAMPTZ DEFAULT NOW(),
+  updated_at TIMESTAMPTZ DEFAULT NOW()
+);
+
+-- Create index for faster key lookups
+CREATE INDEX IF NOT EXISTS idx_function_secrets_key ON _function_secrets(key);
+
+-- Add trigger for updated_at
+DROP TRIGGER IF EXISTS update__function_secrets_updated_at ON _function_secrets;
+CREATE TRIGGER update__function_secrets_updated_at BEFORE UPDATE ON _function_secrets
+FOR EACH ROW EXECUTE FUNCTION update_updated_at_column();
+
+-- Note: Reserved system secrets will be initialized by the application on startup
+
+-- Rename _edge_functions table to functions
 ALTER TABLE IF EXISTS _edge_functions RENAME TO _functions;

package/backend/src/infra/database/migrations/010_modify-ai-config-modalities.sql

@@ -1,93 +1,93 @@
--- Migration: 010 - Modify AI configurations table to support input/output modalities
--- This migration modifies the _ai_configs table to:
--- 1. Add new columns: input_modality and output_modality (TEXT arrays)
--- 2. Migrate existing modality data to input_modality
--- 3. Set default output_modality based on existing modality
--- 4. Drop the old modality column
-
-DO $$
-BEGIN
-    -- Add new columns for input and output modalities
-    ALTER TABLE _ai_configs 
-    ADD COLUMN IF NOT EXISTS input_modality TEXT[] DEFAULT '{text}';
-    
-    ALTER TABLE _ai_configs 
-    ADD COLUMN IF NOT EXISTS output_modality TEXT[] DEFAULT '{text}';
-
-    -- Check if modality column exists and migrate data if it does
-    IF EXISTS (
-        SELECT 1
-        FROM information_schema.columns
-        WHERE table_schema = 'public'
-        AND table_name = '_ai_configs'
-        AND column_name = 'modality'
-    ) THEN
-        -- Migrate existing modality data to input_modality
-        -- For most cases, we'll set input_modality to the existing modality
-        -- and output_modality to the same value, only supporting text and image
-        UPDATE _ai_configs
-        SET
-            input_modality = CASE
-                WHEN modality = 'multi' THEN '{text,image}'::TEXT[]
-                WHEN modality = 'image' THEN '{text,image}'::TEXT[]
-                ELSE ARRAY[modality]::TEXT[]
-            END,
-            output_modality = CASE
-                WHEN modality = 'multi' THEN '{text,image}'::TEXT[]
-                WHEN modality = 'text' THEN '{text}'::TEXT[]
-                WHEN modality = 'image' THEN '{text,image}'::TEXT[]
-                ELSE '{text}'::TEXT[]
-            END
-        WHERE input_modality = '{text}' OR input_modality IS NULL;
-    END IF;
-
-    -- Make the new columns NOT NULL after migration
-    ALTER TABLE _ai_configs 
-    ALTER COLUMN input_modality SET NOT NULL;
-    
-    ALTER TABLE _ai_configs 
-    ALTER COLUMN output_modality SET NOT NULL;
-
-    -- Drop the old modality column
-    ALTER TABLE _ai_configs 
-    DROP COLUMN IF EXISTS modality;
-
-    -- Create indexes for the new TEXT array columns for better query performance
-    CREATE INDEX IF NOT EXISTS idx_ai_configs_input_modality ON _ai_configs USING GIN (input_modality);
-    CREATE INDEX IF NOT EXISTS idx_ai_configs_output_modality ON _ai_configs USING GIN (output_modality);
-
-    -- Drop existing constraints if they exist, then add them
-    ALTER TABLE _ai_configs
-    DROP CONSTRAINT IF EXISTS check_input_modality_not_empty;
-
-    ALTER TABLE _ai_configs
-    ADD CONSTRAINT check_input_modality_not_empty
-    CHECK (array_length(input_modality, 1) > 0);
-
-    ALTER TABLE _ai_configs
-    DROP CONSTRAINT IF EXISTS check_output_modality_not_empty;
-
-    ALTER TABLE _ai_configs
-    ADD CONSTRAINT check_output_modality_not_empty
-    CHECK (array_length(output_modality, 1) > 0);
-
-    -- Drop existing constraints if they exist, then add them
-    ALTER TABLE _ai_configs
-    DROP CONSTRAINT IF EXISTS check_input_modality_valid;
-
-    ALTER TABLE _ai_configs
-    ADD CONSTRAINT check_input_modality_valid
-    CHECK (
-        input_modality <@ '{text,image}'::TEXT[]
-    );
-
-    ALTER TABLE _ai_configs
-    DROP CONSTRAINT IF EXISTS check_output_modality_valid;
-
-    ALTER TABLE _ai_configs
-    ADD CONSTRAINT check_output_modality_valid
-    CHECK (
-        output_modality <@ '{text,image}'::TEXT[]
-    );
-
-END $$;
+-- Migration: 010 - Modify AI configurations table to support input/output modalities
+-- This migration modifies the _ai_configs table to:
+-- 1. Add new columns: input_modality and output_modality (TEXT arrays)
+-- 2. Migrate existing modality data to input_modality
+-- 3. Set default output_modality based on existing modality
+-- 4. Drop the old modality column
+
+DO $$
+BEGIN
+    -- Add new columns for input and output modalities
+    ALTER TABLE _ai_configs 
+    ADD COLUMN IF NOT EXISTS input_modality TEXT[] DEFAULT '{text}';
+    
+    ALTER TABLE _ai_configs 
+    ADD COLUMN IF NOT EXISTS output_modality TEXT[] DEFAULT '{text}';
+
+    -- Check if modality column exists and migrate data if it does
+    IF EXISTS (
+        SELECT 1
+        FROM information_schema.columns
+        WHERE table_schema = 'public'
+        AND table_name = '_ai_configs'
+        AND column_name = 'modality'
+    ) THEN
+        -- Migrate existing modality data to input_modality
+        -- For most cases, we'll set input_modality to the existing modality
+        -- and output_modality to the same value, only supporting text and image
+        UPDATE _ai_configs
+        SET
+            input_modality = CASE
+                WHEN modality = 'multi' THEN '{text,image}'::TEXT[]
+                WHEN modality = 'image' THEN '{text,image}'::TEXT[]
+                ELSE ARRAY[modality]::TEXT[]
+            END,
+            output_modality = CASE
+                WHEN modality = 'multi' THEN '{text,image}'::TEXT[]
+                WHEN modality = 'text' THEN '{text}'::TEXT[]
+                WHEN modality = 'image' THEN '{text,image}'::TEXT[]
+                ELSE '{text}'::TEXT[]
+            END
+        WHERE input_modality = '{text}' OR input_modality IS NULL;
+    END IF;
+
+    -- Make the new columns NOT NULL after migration
+    ALTER TABLE _ai_configs 
+    ALTER COLUMN input_modality SET NOT NULL;
+    
+    ALTER TABLE _ai_configs 
+    ALTER COLUMN output_modality SET NOT NULL;
+
+    -- Drop the old modality column
+    ALTER TABLE _ai_configs 
+    DROP COLUMN IF EXISTS modality;
+
+    -- Create indexes for the new TEXT array columns for better query performance
+    CREATE INDEX IF NOT EXISTS idx_ai_configs_input_modality ON _ai_configs USING GIN (input_modality);
+    CREATE INDEX IF NOT EXISTS idx_ai_configs_output_modality ON _ai_configs USING GIN (output_modality);
+
+    -- Drop existing constraints if they exist, then add them
+    ALTER TABLE _ai_configs
+    DROP CONSTRAINT IF EXISTS check_input_modality_not_empty;
+
+    ALTER TABLE _ai_configs
+    ADD CONSTRAINT check_input_modality_not_empty
+    CHECK (array_length(input_modality, 1) > 0);
+
+    ALTER TABLE _ai_configs
+    DROP CONSTRAINT IF EXISTS check_output_modality_not_empty;
+
+    ALTER TABLE _ai_configs
+    ADD CONSTRAINT check_output_modality_not_empty
+    CHECK (array_length(output_modality, 1) > 0);
+
+    -- Drop existing constraints if they exist, then add them
+    ALTER TABLE _ai_configs
+    DROP CONSTRAINT IF EXISTS check_input_modality_valid;
+
+    ALTER TABLE _ai_configs
+    ADD CONSTRAINT check_input_modality_valid
+    CHECK (
+        input_modality <@ '{text,image}'::TEXT[]
+    );
+
+    ALTER TABLE _ai_configs
+    DROP CONSTRAINT IF EXISTS check_output_modality_valid;
+
+    ALTER TABLE _ai_configs
+    ADD CONSTRAINT check_output_modality_valid
+    CHECK (
+        output_modality <@ '{text,image}'::TEXT[]
+    );
+
+END $$;

package/backend/src/infra/database/migrations/011_refactor-secrets-table.sql

@@ -1,15 +1,15 @@
--- Migration: 011 - Drop function secrets table and update main secrets table
--- This migration is part of the refactoring to unify all secrets management
-
--- 1. Drop the _function_secrets table (replaced by main _secrets table)
-DROP TRIGGER IF EXISTS update__function_secrets_updated_at ON _function_secrets;
-DROP INDEX IF EXISTS idx_function_secrets_key;
-DROP TABLE IF EXISTS _function_secrets;
-
--- 2. Add is_reserved column to _secrets table
-ALTER TABLE _secrets 
-ADD COLUMN IF NOT EXISTS is_reserved BOOLEAN DEFAULT FALSE;
-
--- 3. Rename name column to key
-ALTER TABLE _secrets 
-RENAME COLUMN name TO key;
+-- Migration: 011 - Drop function secrets table and update main secrets table
+-- This migration is part of the refactoring to unify all secrets management
+
+-- 1. Drop the _function_secrets table (replaced by main _secrets table)
+DROP TRIGGER IF EXISTS update__function_secrets_updated_at ON _function_secrets;
+DROP INDEX IF EXISTS idx_function_secrets_key;
+DROP TABLE IF EXISTS _function_secrets;
+
+-- 2. Add is_reserved column to _secrets table
+ALTER TABLE _secrets 
+ADD COLUMN IF NOT EXISTS is_reserved BOOLEAN DEFAULT FALSE;
+
+-- 3. Rename name column to key
+ALTER TABLE _secrets 
+RENAME COLUMN name TO key;

package/backend/src/infra/database/migrations/012_add-storage-uploaded-by.sql

@@ -1,8 +1,8 @@
--- Migration: 012 - Add uploaded_by column to _storage table
--- This migration adds a foreign key relationship to track which account uploaded each file
-
-ALTER TABLE _storage
-ADD COLUMN uploaded_by UUID REFERENCES _accounts(id) ON DELETE SET NULL;
-
--- Create an index for better query performance when filtering by uploader
+-- Migration: 012 - Add uploaded_by column to _storage table
+-- This migration adds a foreign key relationship to track which account uploaded each file
+
+ALTER TABLE _storage
+ADD COLUMN uploaded_by UUID REFERENCES _accounts(id) ON DELETE SET NULL;
+
+-- Create an index for better query performance when filtering by uploader
 CREATE INDEX IF NOT EXISTS idx_storage_uploaded_by ON _storage(uploaded_by);