//////////////////////////////////////////////////////////////////////////////////////////////
// DO NOT MODIFY THIS FILE //
// This file is automatically generated by ZenStack CLI and should not be manually updated. //
// Source: schema.zmodel · Generated: 2026-02-23 //
//////////////////////////////////////////////////////////////////////////////////////////////
A registered user account in the platform.
Users authenticate via email/password or SSO. Each user belongs to one or more workspaces through
WorkspaceMemberjoin records. A user'sprimaryEmailis used for login and transactional emails; additional email aliases can be added but are not modeled here.The
displayNameis shown throughout the UI (comments, bylines, mentions). Thehandleis the URL-safe unique identifier used in@mentionsyntax and profile URLs.
Category: Identity · Since: 1.0 · Defined in: identity.zmodel
Declaration · identity.zmodel
model User with Timestamps, SoftDeletable {
id String @id @default(cuid())
primaryEmail String @unique @email @meta('doc:example', 'alex.chen@example.com')
displayName String @length(1, 120) @meta('doc:example', 'Alex Chen')
handle String @unique @length(3, 30) @regex('^[a-z0-9][a-z0-9-]*[a-z0-9]$') @lower @meta('doc:example', 'alex-chen')
avatarUrl String? @url
timezone String @default("UTC") @meta('doc:example', 'America/New_York')
locale String @default("en") @length(2, 10)
emailVerified Boolean @default(false)
lastLoginAt DateTime?
memberships WorkspaceMember[]
articles Article[]
comments Comment[]
notifications Notification[]
notificationPreferences NotificationPreference[]
@@allow('read', true)
@@allow('update', this == auth())
@@deny('update', deletedAt != null)
@@deny('delete', true)
@@index([primaryEmail])
@@index([handle])
@@meta('doc:category', 'Identity')
@@meta('doc:since', '1.0')
}On this page: Mixins · Fields · Relationships · Access Policies · Indexes · Validation Rules
Reusable field groups mixed into this model.
All fields defined on this entity, including inherited fields from mixins and parent models.
| Field | Type | Required | Default | Attributes | Source | Description |
|---|---|---|---|---|---|---|
createdAt |
DateTime |
Yes | now() |
— | Timestamps | When the record was first created. Immutable after insert. |
updatedAt |
DateTime |
Yes | — | @updatedAt |
Timestamps | When the record was last modified. Updated automatically. |
deletedAt |
DateTime? |
No | — | — | SoftDeletable | When the record was soft-deleted, or null if active. |
deletedBy |
String? |
No | — | — | SoftDeletable | The ID of the user who performed the deletion, for audit purposes. |
id |
String |
Yes | cuid() |
@id |
— | — |
primaryEmail |
String |
Yes | — | @unique, @email |
— | Example: alex.chen@example.com Primary email address used for authentication and notifications. |
| Must be verified before the account is fully activated. | ||||||
displayName |
String |
Yes | — | @length(1, 120) |
— | Example: Alex Chen User-facing display name shown in the UI. Can contain spaces, |
| emoji, and Unicode characters. | ||||||
handle |
String |
Yes | — | @unique, @length(3, 30), @regex('^[a-z0-9][a-z0-9-]*[a-z0-9]$'), @lower |
— | Example: alex-chen URL-safe unique handle for mentions and profile URLs. |
| Lowercase alphanumeric and hyphens only. Immutable after first set. | ||||||
avatarUrl |
String? |
No | — | @url |
— | URL to the user's profile avatar. Served via CDN with automatic |
| resizing. Falls back to Gravatar if not set. | ||||||
timezone |
String |
Yes | "UTC" |
— | — | Example: America/New_York IANA timezone identifier for date/time localization. |
locale |
String |
Yes | "en" |
@length(2, 10) |
— | ISO 639-1 language code for UI localization. |
emailVerified |
Boolean |
Yes | false |
— | — | Whether the user has completed email verification. |
lastLoginAt |
DateTime? |
No | — | — | — | When the user last logged in. Null if never logged in. |
memberships |
WorkspaceMember[] | No | — | — | — | — |
articles |
Article[] | No | — | — | — | — |
comments |
Comment[] | No | — | — | — | — |
notifications |
Notification[] | No | — | — | — | — |
notificationPreferences |
NotificationPreference[] | No | — | — | — | — |
Foreign key relationships to other models in the schema.
| Field | Related Model | Type |
|---|---|---|
articles |
Article | One→Many |
comments |
Comment | One→Many |
memberships |
WorkspaceMember | One→Many |
notificationPreferences |
NotificationPreference | One→Many |
notifications |
Notification | One→Many |
ZenStack access control rules that determine who can read, create, update, or delete records.
Important
Operations are denied by default. @@allow rules grant access; @@deny rules override any allow.
| Operation | Rule | Effect |
|---|---|---|
| read | true |
Allow |
| update | this == auth() |
Allow |
| update | deletedAt != null |
Deny |
| delete | true |
Deny |
Database indexes defined on this model for query performance.
| Fields | Type |
|---|---|
[primaryEmail] |
Index |
[handle] |
Index |
Field-level and model-level validation constraints enforced at the ORM layer.
| Field | Rule |
|---|---|
primaryEmail |
@email |
displayName |
@length |
handle |
@length |
handle |
@regex |
handle |
@lower |
avatarUrl |
@url |
locale |
@length |
Previous: Subscription · Next: Workspace