voidaccess 1.3.0__py3-none-any.whl

db/migrations/env.py

@@ -0,0 +1,80 @@
+"""
+Alembic migration environment.
+
+DATABASE_URL is read from the environment (via config.py) so credentials
+are never stored in version control.  The models' Base.metadata is imported
+here so `alembic revision --autogenerate` can diff the ORM against the DB.
+"""
+
+import os
+import sys
+from logging.config import fileConfig
+
+from alembic import context
+from sqlalchemy import engine_from_config, pool
+
+# Make sure the project root is on sys.path so `from db.models import Base`
+# resolves correctly regardless of where alembic is invoked from.
+sys.path.insert(0, os.path.dirname(os.path.dirname(os.path.dirname(__file__))))
+
+from config import DATABASE_URL  # noqa: E402
+from db.models import Base       # noqa: E402  — imports all mapped classes
+
+# Alembic Config object (gives access to alembic.ini values)
+config = context.config
+
+# Override sqlalchemy.url with the value from the environment.
+# This means alembic.ini never needs a real connection string.
+if DATABASE_URL:
+    config.set_main_option("sqlalchemy.url", DATABASE_URL)
+
+# Set up Python logging from alembic.ini
+if config.config_file_name is not None:
+    fileConfig(config.config_file_name)
+
+# This is what autogenerate inspects to build migration scripts.
+target_metadata = Base.metadata
+
+
+def run_migrations_offline() -> None:
+    """
+    Run migrations without a live DB connection.
+    Emits SQL to stdout — useful for review or for DBAs who apply migrations manually.
+    """
+    url = config.get_main_option("sqlalchemy.url")
+    context.configure(
+        url=url,
+        target_metadata=target_metadata,
+        literal_binds=True,
+        dialect_opts={"paramstyle": "named"},
+        compare_type=True,
+    )
+    with context.begin_transaction():
+        context.run_migrations()
+
+
+def run_migrations_online() -> None:
+    """
+    Run migrations against a live DB connection.
+    This is the normal path for `alembic upgrade head`.
+    """
+    connectable = engine_from_config(
+        config.get_section(config.config_ini_section, {}),
+        prefix="sqlalchemy.",
+        poolclass=pool.NullPool,  # no pooling needed for one-shot migration runs
+    )
+    with connectable.connect() as connection:
+        context.configure(
+            connection=connection,
+            target_metadata=target_metadata,
+            compare_type=True,        # detect column type changes in autogenerate
+            compare_server_default=True,
+        )
+        with context.begin_transaction():
+            context.run_migrations()
+
+
+if context.is_offline_mode():
+    run_migrations_offline()
+else:
+    run_migrations_online()

db/migrations/versions/0001_initial_schema.py

@@ -0,0 +1,270 @@
+"""Initial schema — all Phase 1A tables.
+
+Revision ID: 0001
+Revises: (none — first migration)
+Create Date: 2026-04-14
+
+Tables created
+--------------
+  investigations
+  sources
+  investigation_sources  (junction)
+  pages
+  entities
+  entity_relationships
+  users
+  monitor_alerts
+  investigation_entity_links
+  actor_style_profiles
+"""
+
+from typing import Sequence, Union
+
+import sqlalchemy as sa
+from alembic import op
+
+revision: str = "0001_initial_schema"
+down_revision: Union[str, None] = None
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    # ------------------------------------------------------------------
+    # investigations
+    # ------------------------------------------------------------------
+    op.create_table(
+        "investigations",
+        sa.Column("id", sa.UUID(), nullable=False),
+        sa.Column("run_id", sa.UUID(), nullable=False),
+        sa.Column("query", sa.Text(), nullable=False),
+        sa.Column("refined_query", sa.Text(), nullable=True),
+        sa.Column("model_used", sa.String(100), nullable=True),
+        sa.Column("preset", sa.String(50), nullable=True),
+        sa.Column("summary", sa.Text(), nullable=True),
+        sa.Column("created_at", sa.DateTime(timezone=True), nullable=False),
+        sa.PrimaryKeyConstraint("id"),
+        sa.UniqueConstraint("run_id"),
+    )
+    op.create_index("ix_investigations_run_id", "investigations", ["run_id"])
+
+    # ------------------------------------------------------------------
+    # sources
+    # ------------------------------------------------------------------
+    op.create_table(
+        "sources",
+        sa.Column("id", sa.UUID(), nullable=False),
+        sa.Column("onion_address", sa.String(255), nullable=False),
+        sa.Column("first_seen", sa.DateTime(timezone=True), nullable=False),
+        sa.Column("last_seen", sa.DateTime(timezone=True), nullable=False),
+        sa.Column("status", sa.String(20), nullable=False, server_default="unknown"),
+        sa.Column("source_type", sa.String(30), nullable=False, server_default="search_result"),
+        sa.PrimaryKeyConstraint("id"),
+        sa.UniqueConstraint("onion_address"),
+    )
+    op.create_index("ix_sources_onion_address", "sources", ["onion_address"])
+
+    # ------------------------------------------------------------------
+    # investigation_sources  (many-to-many junction)
+    # ------------------------------------------------------------------
+    op.create_table(
+        "investigation_sources",
+        sa.Column(
+            "investigation_id",
+            sa.UUID(),
+            sa.ForeignKey("investigations.id", ondelete="CASCADE"),
+            nullable=False,
+        ),
+        sa.Column(
+            "source_id",
+            sa.UUID(),
+            sa.ForeignKey("sources.id", ondelete="CASCADE"),
+            nullable=False,
+        ),
+        sa.Column("added_at", sa.DateTime(timezone=True), nullable=False),
+        sa.PrimaryKeyConstraint("investigation_id", "source_id"),
+    )
+
+    # ------------------------------------------------------------------
+    # pages
+    # ------------------------------------------------------------------
+    op.create_table(
+        "pages",
+        sa.Column("id", sa.UUID(), nullable=False),
+        sa.Column(
+            "source_id",
+            sa.UUID(),
+            sa.ForeignKey("sources.id", ondelete="SET NULL"),
+            nullable=True,
+        ),
+        sa.Column("url", sa.Text(), nullable=False),
+        sa.Column("raw_content_hash", sa.String(64), nullable=True),
+        sa.Column("cleaned_text", sa.Text(), nullable=True),
+        sa.Column("scrape_timestamp", sa.DateTime(timezone=True), nullable=False),
+        sa.Column("language", sa.String(10), nullable=True),
+        sa.Column("byte_size", sa.Integer(), nullable=True),
+        sa.Column("created_at", sa.DateTime(timezone=True), nullable=False),
+        sa.PrimaryKeyConstraint("id"),
+        sa.UniqueConstraint("url"),
+    )
+    op.create_index("ix_pages_source_id", "pages", ["source_id"])
+    op.create_index("ix_pages_raw_content_hash", "pages", ["raw_content_hash"])
+
+    # ------------------------------------------------------------------
+    # entities
+    # ------------------------------------------------------------------
+    op.create_table(
+        "entities",
+        sa.Column("id", sa.UUID(), nullable=False),
+        sa.Column(
+            "page_id",
+            sa.UUID(),
+            sa.ForeignKey("pages.id", ondelete="CASCADE"),
+            nullable=False,
+        ),
+        sa.Column(
+            "investigation_id",
+            sa.UUID(),
+            sa.ForeignKey("investigations.id", ondelete="SET NULL"),
+            nullable=True,
+        ),
+        sa.Column("entity_type", sa.String(50), nullable=False),
+        sa.Column("value", sa.Text(), nullable=False),
+        sa.Column("confidence", sa.Float(), nullable=False, server_default="1.0"),
+        sa.Column("context", sa.Text(), nullable=True),
+        sa.Column("first_seen", sa.DateTime(timezone=True), nullable=False),
+        sa.Column("last_seen", sa.DateTime(timezone=True), nullable=False),
+        sa.Column("created_at", sa.DateTime(timezone=True), nullable=False),
+        sa.PrimaryKeyConstraint("id"),
+    )
+    op.create_index("ix_entities_page_id", "entities", ["page_id"])
+    op.create_index("ix_entities_investigation_id", "entities", ["investigation_id"])
+    op.create_index("ix_entities_entity_type", "entities", ["entity_type"])
+
+    # ------------------------------------------------------------------
+    # entity_relationships
+    # ------------------------------------------------------------------
+    op.create_table(
+        "entity_relationships",
+        sa.Column("id", sa.UUID(), nullable=False),
+        sa.Column(
+            "entity_a_id",
+            sa.UUID(),
+            sa.ForeignKey("entities.id", ondelete="CASCADE"),
+            nullable=False,
+        ),
+        sa.Column(
+            "entity_b_id",
+            sa.UUID(),
+            sa.ForeignKey("entities.id", ondelete="CASCADE"),
+            nullable=False,
+        ),
+        sa.Column("relationship_type", sa.String(50), nullable=False),
+        sa.Column(
+            "source_page_id",
+            sa.UUID(),
+            sa.ForeignKey("pages.id", ondelete="SET NULL"),
+            nullable=True,
+        ),
+        sa.Column("confidence", sa.Float(), nullable=False, server_default="1.0"),
+        sa.Column("first_seen", sa.DateTime(timezone=True), nullable=False),
+        sa.PrimaryKeyConstraint("id"),
+    )
+    op.create_index("ix_entity_relationships_entity_a_id", "entity_relationships", ["entity_a_id"])
+    op.create_index("ix_entity_relationships_entity_b_id", "entity_relationships", ["entity_b_id"])
+    op.create_index("ix_entity_relationships_relationship_type", "entity_relationships", ["relationship_type"])
+
+    # ------------------------------------------------------------------
+    # users
+    # ------------------------------------------------------------------
+    op.create_table(
+        "users",
+        sa.Column("id", sa.Integer(), nullable=False, autoincrement=True),
+        sa.Column("email", sa.String(255), nullable=False),
+        sa.Column("hashed_password", sa.String(), nullable=False),
+        sa.Column("is_active", sa.Boolean(), nullable=False, server_default="true"),
+        sa.Column("must_reset_password", sa.Boolean(), nullable=False, server_default="false"),
+        sa.Column("created_at", sa.DateTime(timezone=True), nullable=False),
+        sa.Column("last_login_at", sa.DateTime(timezone=True), nullable=True),
+        sa.PrimaryKeyConstraint("id"),
+        sa.UniqueConstraint("email"),
+    )
+    op.create_index("ix_users_email", "users", ["email"])
+
+    # ------------------------------------------------------------------
+    # monitor_alerts
+    # ------------------------------------------------------------------
+    op.create_table(
+        "monitor_alerts",
+        sa.Column("id", sa.Integer(), nullable=False, autoincrement=True),
+        sa.Column("monitor_name", sa.String(), nullable=False),
+        sa.Column("triggered_at", sa.DateTime(timezone=True), nullable=False),
+        sa.Column("change_type", sa.String(50), nullable=False),
+        sa.Column("summary", sa.Text(), nullable=False),
+        sa.Column("diff_data", sa.JSON(), nullable=True),
+        sa.Column("severity", sa.String(20), nullable=False, server_default="info"),
+        sa.Column("entity_count_delta", sa.Integer(), nullable=False, server_default="0"),
+        sa.Column("delivered", sa.Boolean(), nullable=False, server_default="false"),
+        sa.Column("delivery_channels", sa.JSON(), nullable=True),
+        sa.Column("acknowledged", sa.Boolean(), nullable=False, server_default="false"),
+        sa.Column("acknowledged_at", sa.DateTime(timezone=True), nullable=True),
+        sa.PrimaryKeyConstraint("id"),
+    )
+    op.create_index("ix_monitor_alerts_monitor_name", "monitor_alerts", ["monitor_name"])
+    op.create_index("ix_monitor_alerts_triggered_at", "monitor_alerts", ["triggered_at"])
+    op.create_index("ix_monitor_alerts_monitor_triggered", "monitor_alerts", ["monitor_name", "triggered_at"])
+
+    # ------------------------------------------------------------------
+    # investigation_entity_links
+    # ------------------------------------------------------------------
+    op.create_table(
+        "investigation_entity_links",
+        sa.Column("id", sa.UUID(), nullable=False),
+        sa.Column(
+            "entity_id",
+            sa.UUID(),
+            sa.ForeignKey("entities.id", ondelete="CASCADE"),
+            nullable=False,
+        ),
+        sa.Column(
+            "investigation_id",
+            sa.UUID(),
+            sa.ForeignKey("investigations.id", ondelete="CASCADE"),
+            nullable=False,
+        ),
+        sa.Column("linked_at", sa.DateTime(timezone=True), nullable=False),
+        sa.PrimaryKeyConstraint("id"),
+        sa.UniqueConstraint("entity_id", "investigation_id"),
+    )
+    op.create_index("ix_investigation_entity_links_entity_id", "investigation_entity_links", ["entity_id"])
+    op.create_index("ix_investigation_entity_links_investigation_id", "investigation_entity_links", ["investigation_id"])
+
+    # ------------------------------------------------------------------
+    # actor_style_profiles
+    # ------------------------------------------------------------------
+    op.create_table(
+        "actor_style_profiles",
+        sa.Column("id", sa.Integer(), nullable=False, autoincrement=True),
+        sa.Column("canonical_value", sa.String(), nullable=False),
+        sa.Column("entity_type", sa.String(), nullable=False),
+        sa.Column("style_vector", sa.JSON(), nullable=False),
+        sa.Column("sample_count", sa.Integer(), nullable=False, server_default="0"),
+        sa.Column("total_chars", sa.Integer(), nullable=False, server_default="0"),
+        sa.Column("last_updated", sa.DateTime(timezone=True), nullable=False),
+        sa.PrimaryKeyConstraint("id"),
+        sa.UniqueConstraint("canonical_value", "entity_type"),
+    )
+    op.create_index("ix_actor_style_profiles_canonical_value", "actor_style_profiles", ["canonical_value"])
+
+
+def downgrade() -> None:
+    op.drop_table("actor_style_profiles")
+    op.drop_table("investigation_entity_links")
+    op.drop_table("monitor_alerts")
+    op.drop_table("users")
+    op.drop_table("entity_relationships")
+    op.drop_table("entities")
+    op.drop_table("pages")
+    op.drop_table("investigation_sources")
+    op.drop_table("sources")
+    op.drop_table("investigations")

db/migrations/versions/0002_add_investigation_status_column.py

@@ -0,0 +1,27 @@
+"""Add status column to investigations.
+
+Revision ID: 0002
+Revises: 0001
+Create Date: 2026-04-14
+"""
+
+from typing import Sequence, Union
+
+import sqlalchemy as sa
+from alembic import op
+
+revision: str = "0003_add_investigation_status"
+down_revision: Union[str, None] = "0002_add_missing_tables"
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    op.add_column(
+        "investigations",
+        sa.Column("status", sa.String(length=20), nullable=False, server_default="pending"),
+    )
+
+
+def downgrade() -> None:
+    op.drop_column("investigations", "status")

db/migrations/versions/0002_add_missing_tables.py

@@ -0,0 +1,33 @@
+"""Add missing tables — users, monitor_alerts, investigation_entity_links, actor_style_profiles.
+
+Revision ID: 0002
+Revises: 0001
+Create Date: 2026-04-20
+
+Tables created
+--------------
+  users
+  monitor_alerts
+  investigation_entity_links
+  actor_style_profiles
+"""
+
+from typing import Sequence, Union
+
+import sqlalchemy as sa
+from alembic import op
+
+revision: str = "0002_add_missing_tables"
+down_revision: Union[str, None] = "0001_initial_schema"
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    # Tables handled in 0001_initial_schema:
+    # users, monitor_alerts, investigation_entity_links, actor_style_profiles
+    pass
+
+
+def downgrade() -> None:
+    pass

db/migrations/versions/0003_add_canonical_value_and_entity_links.py

@@ -0,0 +1,61 @@
+"""add canonical value and entity links
+
+Revision ID: 0003
+Revises: 0002
+Create Date: 2026-04-16
+
+"""
+from typing import Sequence, Union
+import sqlalchemy as sa
+from alembic import op
+
+revision: str = "0004_add_canonical_val_links"
+down_revision: Union[str, None] = "0003_add_investigation_status"
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    conn = op.get_bind()
+    inspector = sa.inspect(conn)
+    existing_columns = [c['name'] for c in inspector.get_columns('entities')]
+    existing_inv_columns = [c['name'] for c in inspector.get_columns('investigations')]
+    
+    # 1. Add columns to entities if they don't exist
+    if 'canonical_value' not in existing_columns:
+        op.add_column('entities', sa.Column('canonical_value', sa.String(), nullable=True))
+    if 'historical_context' not in existing_columns:
+        op.add_column('entities', sa.Column('historical_context', sa.Text(), nullable=True))
+    if 'context' in existing_columns and 'context_snippet' not in existing_columns:
+        # Rename context to context_snippet
+        op.alter_column('entities', 'context', new_column_name='context_snippet')
+    
+    # 2. Add is_seed to investigations if it doesn't exist
+    if 'is_seed' not in existing_inv_columns:
+        op.add_column('investigations', sa.Column('is_seed', sa.Boolean(), server_default='false', nullable=False))
+    
+    # 3. Tables handled in 0001_initial_schema:
+    # investigation_entity_links
+    pass
+    
+    # 4. Create indexes (ensure we don't duplicate them)
+    existing_indexes = [i['name'] for i in inspector.get_indexes('entities')]
+    if 'ix_entities_canonical_value' not in existing_indexes:
+        op.create_index('ix_entities_canonical_value', 'entities', ['canonical_value'])
+    if 'ix_entity_canonical' not in existing_indexes:
+        op.create_index('ix_entity_canonical', 'entities', ['entity_type', 'canonical_value'])
+    
+    # 5. Backfill canonical_value with size limits to avoid B-tree index row size errors
+    op.execute("UPDATE entities SET canonical_value = substring(lower(regexp_replace(value, '[\\s\\-_\\.]', '', 'g')), 1, 1024) WHERE entity_type IN ('THREAT_ACTOR', 'MALWARE', 'FORUM', 'THREAT_ACTOR_HANDLE', 'MALWARE_FAMILY', 'RANSOMWARE_GROUP', 'handle', 'malware', 'ransomware_group');")
+    op.execute("UPDATE entities SET canonical_value = substring(lower(value), 1, 1024) WHERE entity_type IN ('EMAIL', 'ONION_URL', 'EMAIL_ADDRESS', 'email', 'onion_url');")
+    op.execute("UPDATE entities SET canonical_value = substring(value, 1, 1024) WHERE canonical_value IS NULL;")
+
+
+def downgrade() -> None:
+    op.drop_index('ix_entity_canonical', table_name='entities')
+    op.drop_index('ix_entities_canonical_value', table_name='entities')
+    op.drop_table('investigation_entity_links')
+    op.drop_column('investigations', 'is_seed')
+    op.alter_column('entities', 'context_snippet', new_column_name='context')
+    op.drop_column('entities', 'historical_context')
+    op.drop_column('entities', 'canonical_value')

db/migrations/versions/0004_add_page_posted_at.py

@@ -0,0 +1,41 @@
+"""Add posted_at column to pages table
+
+Revision ID: 0004
+Revises: 0003
+Create Date: 2026-04-16
+
+"""
+
+from typing import Sequence, Union
+
+import sqlalchemy as sa
+from alembic import op
+
+revision: str = "0005_add_page_posted_at"
+down_revision: Union[str, None] = "0004_add_canonical_val_links"
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    conn = op.get_bind()
+    inspector = sa.inspect(conn)
+    existing = [c["name"] for c in inspector.get_columns("pages")]
+    if "posted_at" not in existing:
+        op.add_column(
+            "pages",
+            sa.Column(
+                "posted_at",
+                sa.DateTime(timezone=True),
+                nullable=True,
+            ),
+        )
+    inspector = sa.inspect(conn)
+    existing_indexes = [i["name"] for i in inspector.get_indexes("pages")]
+    if "ix_pages_posted_at" not in existing_indexes:
+        op.create_index("ix_pages_posted_at", "pages", ["posted_at"])
+
+
+def downgrade() -> None:
+    op.drop_index("ix_pages_posted_at", table_name="pages")
+    op.drop_column("pages", "posted_at")

db/migrations/versions/0005_add_extraction_method.py

@@ -0,0 +1,32 @@
+"""Add extraction_method to entities
+
+Revision ID: 0005
+Revises: 0004
+Create Date: 2026-04-16
+
+"""
+
+from typing import Sequence, Union
+
+import sqlalchemy as sa
+from alembic import op
+
+revision: str = "0006_add_extraction_method"
+down_revision: Union[str, None] = "0005_add_page_posted_at"
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    conn = op.get_bind()
+    inspector = sa.inspect(conn)
+    existing = [c["name"] for c in inspector.get_columns("entities")]
+    if "extraction_method" not in existing:
+        op.add_column(
+            "entities",
+            sa.Column("extraction_method", sa.String(length=10), nullable=True),
+        )
+
+
+def downgrade() -> None:
+    op.drop_column("entities", "extraction_method")

db/migrations/versions/0006_add_monitor_alerts.py

@@ -0,0 +1,26 @@
+"""Add monitor_alerts table
+
+Revision ID: 0006
+Revises: 0005
+Create Date: 2026-04-17
+
+"""
+
+from typing import Sequence, Union
+
+import sqlalchemy as sa
+from alembic import op
+
+revision: str = "0007_add_monitor_alerts"
+down_revision: Union[str, None] = "0006_add_extraction_method"
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    # Table 'monitor_alerts' already created in 0001_initial_schema
+    pass
+
+
+def downgrade() -> None:
+    pass

db/migrations/versions/0007_add_actor_style_profiles.py

@@ -0,0 +1,23 @@
+"""Add actor_style_profiles table
+
+Revision ID: 0007
+Revises: 0006
+Create Date: 2026-04-17 19:55:00.000000
+
+"""
+from alembic import op
+import sqlalchemy as sa
+from datetime import datetime, timezone
+
+# revision identifiers, used by Alembic.
+revision = '0008_add_actor_style_profiles'
+down_revision = '0007_add_monitor_alerts'
+branch_labels = None
+depends_on = None
+
+def upgrade():
+    # Table actor_style_profiles already created in 0001_initial_schema
+    pass
+
+def downgrade():
+    pass

db/migrations/versions/0008_add_users_table.py

@@ -0,0 +1,47 @@
+"""Add users table and seed default admin
+
+Revision ID: 0008
+Revises: 0007
+Create Date: 2026-04-17 22:45:00.000000
+
+"""
+from alembic import op
+import sqlalchemy as sa
+from passlib.context import CryptContext
+from datetime import datetime, timezone
+
+# revision identifiers, used by Alembic.
+revision = '0009_add_users_table'
+down_revision = '0008_add_actor_style_profiles'
+branch_labels = None
+depends_on = None
+
+pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
+
+def upgrade():
+    # Table 'users' already created in 0001_initial_schema
+    # Seed default admin account with a secure placeholder
+    # Password must be set during setup or changed on first login
+    import secrets
+    placeholder_password = secrets.token_urlsafe(32)
+    hashed_pwd = pwd_context.hash(placeholder_password)
+    now = datetime.now(timezone.utc).isoformat()
+    
+    op.execute(
+        f"""
+        INSERT INTO users (email, hashed_password, is_active, must_reset_password, created_at)
+        VALUES (
+            'admin@voidaccess.tech',
+            '{hashed_pwd}',
+            true,
+            true,
+            '{now}'
+        )
+        """
+    )
+
+
+def downgrade():
+    # We don't drop the table here as it belongs to 0001_initial_schema
+    # Optional: Delete the seeded admin
+    op.execute("DELETE FROM users WHERE email = 'admin@voidaccess.tech'")

db/migrations/versions/0009_add_investigation_id_to_relationships.py

@@ -0,0 +1,29 @@
+"""Add investigation_id to entity_relationships"""
+
+from alembic import op
+import sqlalchemy as sa
+
+
+revision = "0010_add_investigation_id_rel"
+down_revision = "0009_add_users_table"
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # Calling add_column with index=True already creates the index
+    # 'ix_entity_relationships_investigation_id'
+    op.add_column(
+        "entity_relationships",
+        sa.Column(
+            "investigation_id",
+            sa.UUID(as_uuid=True),
+            sa.ForeignKey("investigations.id", ondelete="SET NULL"),
+            nullable=True,
+            index=True,
+        ),
+    )
+
+
+def downgrade():
+    op.drop_column("entity_relationships", "investigation_id")