User
Platform user with role-based access across Organizations and Tenants. Collection:
users| DB: MongoDB Source:hbf-core/src/main/java/gr/helvia/hbf/core/domain/User.ktTypeScript:hbf-core-api/src/datamodel/user.ts
Fields
| Field | Type | Required | Indexed | Notes |
|---|---|---|---|---|
id | String | yes | PK | MongoDB document ID |
email | String | yes | yes (non-unique) | |
password | String | yes | Hashed | |
fullName | String | yes | ||
image | String | no | Avatar URL | |
telephoneNumber | String | no | ||
country | String | no | ||
language | String | no | Preferred language | |
isModerator | Boolean | yes | Platform-wide moderator flag | |
emailVerified | Boolean | yes | Default: false | |
lastLogin | Date | no | ||
accountLocked | Boolean | yes | Default: false | |
failedLoginAttempts | Int | yes | Default: 0 | |
lockedAt | Date | no | When account was locked | |
externalUsers | Set<ExternalEntity> | no | MS Teams user mappings | |
organizations | List<Organization> | yes | @DBRef lazy | |
tenantRoles | Map<String, Map<String, Set<TenantRole?>>> | yes | org ID -> tenant ID -> roles | |
organizationRoles | Map<String, Set<OrganizationRole?>> | yes | org ID -> roles | |
effectiveRoles | EffectiveRoles | no | @Transient, computed at runtime | |
isActive | Boolean | no | @Transient | |
createdAt | Date | yes | yes | @CreatedDate |
updatedAt | Date | yes | @LastModifiedDate |
Nested Objects
EffectiveRoles
Computed at runtime, not persisted.
| Field | Type | Notes |
|---|---|---|
tenantRoles | Map<String, Map<String, Set<TenantRole?>>> | Effective tenant roles after grants |
organizationRoles | Map<String, Set<OrganizationRole?>> | Effective org roles after grants |
Enums
TenantRole
| Value | Description |
|---|---|
HBF_TENANT_ADMIN | Full tenant access |
HBF_TENANT_EDITOR | Edit bot content |
HBF_TENANT_VIEWER | View-only access |
HBF_TENANT_LIVECHAT_ADMIN | Manage live chat settings |
OrganizationRole
See organization.md.
Relationships
- Can belong to multiple Organizations (via @DBRef)
- Has TenantRole entries per Organization per Tenant
- Has OrganizationRole entries per Organization
- Has ExternalEntity mappings for MS Teams identity
TypeScript Mapping
| hbf-core (Kotlin) | hbf-core-api (TypeScript) | Notes |
|---|---|---|
| User | User | TS omits password, image, emailVerified, accountLocked, failedLoginAttempts, lockedAt, externalUsers, effectiveRoles, isActive, createdAt, updatedAt |
| TenantRole | TenantRole | TS adds HBF_TENANT_LIVE_AGENT, HBF_TENANT_LIVE_AGENT_ADMIN. Kotlin has HBF_TENANT_LIVECHAT_ADMIN |
| OrganizationRole | OrganizationRole | Aligned |
| (not in Kotlin) | TenantGrants | Deprecated alias in TS |
| (not in Kotlin) | OrganizationGrants | Deprecated alias in TS |
| (not in Kotlin) | TeamsMember | TS-only interface for MS Teams member data |