//////////////////////////////////////////////////////////////////////////////////////////////
// DO NOT MODIFY THIS FILE //
// This file is automatically generated by ZenStack CLI and should not be manually updated. //
// Source: schema.zmodel · Generated: 2026-02-23 //
//////////////////////////////////////////////////////////////////////////////////////////////
Index / Models / WorkspaceMember
Represents a user's membership in a workspace with an assigned role.
This is the join table between User and Workspace. A user can have at most one membership per workspace. The
roledetermines what the user can see and do within that workspace.When a user is invited, a membership record is created with
joinedAtset to null. It is populated when the user accepts the invitation.
Category: Identity · Since: 1.0 · Defined in: identity.zmodel
Declaration · identity.zmodel
model WorkspaceMember with Timestamps {
id String @id @default(cuid())
role WorkspaceRole @default(MEMBER)
joinedAt DateTime?
title String? @length(0, 100) @meta('doc:example', 'Senior Engineer')
user User @relation(fields: [userId], references: [id])
userId String
workspace Workspace @relation(fields: [workspaceId], references: [id])
workspaceId String
@@unique([userId, workspaceId])
@@allow('read', workspace.members?[user == auth()])
@@allow('create', workspace.members?[role == 'OWNER' || role == 'ADMIN'])
@@allow('update', workspace.members?[role == 'OWNER' || role == 'ADMIN'])
@@deny('delete', role == 'OWNER')
@@meta('doc:category', 'Identity')
@@meta('doc:since', '1.0')
}On this page: Mixins · Fields · Relationships · Access Policies · Indexes · Validation Rules · Used in Procedures
Reusable field groups mixed into this model.
All fields defined on this entity, including inherited fields from mixins and parent models.
| Field | Type | Required | Default | Attributes | Source | Description |
|---|---|---|---|---|---|---|
createdAt |
DateTime |
Yes | now() |
— | Timestamps | When the record was first created. Immutable after insert. |
updatedAt |
DateTime |
Yes | — | @updatedAt |
Timestamps | When the record was last modified. Updated automatically. |
id |
String |
Yes | cuid() |
@id |
— | — |
role |
WorkspaceRole | Yes | MEMBER |
— | — | The role assigned to this member within the workspace. |
| Determines permissions for content, settings, and billing. | ||||||
joinedAt |
DateTime? |
No | — | — | — | When the member formally accepted the invitation. |
| Null indicates a pending invitation. | ||||||
title |
String? |
No | — | @length(0, 100) |
— | Example: Senior Engineer Optional title or job function shown on the member's |
| workspace profile (e.g. "Senior Engineer", "Content Lead"). | ||||||
user |
User | Yes | — | @relation(fields: [userId], references: [id]) |
— | — |
userId |
String |
Yes | — | — | — | — |
workspace |
Workspace | Yes | — | @relation(fields: [workspaceId], references: [id]) |
— | — |
workspaceId |
String |
Yes | — | — | — | — |
Foreign key relationships to other models in the schema.
| Field | Related Model | Type |
|---|---|---|
user |
User | Many→One |
workspace |
Workspace | Many→One |
ZenStack access control rules that determine who can read, create, update, or delete records.
Important
Operations are denied by default. @@allow rules grant access; @@deny rules override any allow.
| Operation | Rule | Effect |
|---|---|---|
| read | workspace.members?[user == auth()] |
Allow |
| create | `workspace.members?[role == 'OWNER' | |
| update | `workspace.members?[role == 'OWNER' | |
| delete | role == 'OWNER' |
Deny |
Database indexes defined on this model for query performance.
| Fields | Type |
|---|---|
[userId, workspaceId] |
Unique |
Field-level and model-level validation constraints enforced at the ORM layer.
| Field | Rule |
|---|---|
title |
@length |
Procedures that reference this entity as a parameter or return type.
- inviteMember — mutation
Previous: Workspace