whatsapp-mcp / db/schema/client-phone-grants / clientPhoneGrants
Variable: clientPhoneGrants
const clientPhoneGrants: PgTableWithColumns<{
columns: {
allowedTools: PgColumn<{
baseColumn: never;
columnType: "PgJsonb";
data: string[];
dataType: "json";
driverParam: unknown;
enumValues: undefined;
generated: undefined;
hasDefault: false;
hasRuntimeDefault: false;
identity: undefined;
isAutoincrement: false;
isPrimaryKey: false;
name: "allowed_tools";
notNull: true;
tableName: "client_phone_grants";
}, {
}, {
$type: string[];
}>;
clientId: PgColumn<{
baseColumn: never;
columnType: "PgUUID";
data: string;
dataType: "string";
driverParam: string;
enumValues: undefined;
generated: undefined;
hasDefault: false;
hasRuntimeDefault: false;
identity: undefined;
isAutoincrement: false;
isPrimaryKey: false;
name: "client_id";
notNull: true;
tableName: "client_phone_grants";
}, {
}, {
}>;
createdAt: PgColumn<{
baseColumn: never;
columnType: "PgTimestamp";
data: Date;
dataType: "date";
driverParam: string;
enumValues: undefined;
generated: undefined;
hasDefault: true;
hasRuntimeDefault: false;
identity: undefined;
isAutoincrement: false;
isPrimaryKey: false;
name: "created_at";
notNull: true;
tableName: "client_phone_grants";
}, {
}, {
}>;
dailyMessageCap: PgColumn<{
baseColumn: never;
columnType: "PgInteger";
data: number;
dataType: "number";
driverParam: string | number;
enumValues: undefined;
generated: undefined;
hasDefault: false;
hasRuntimeDefault: false;
identity: undefined;
isAutoincrement: false;
isPrimaryKey: false;
name: "daily_message_cap";
notNull: false;
tableName: "client_phone_grants";
}, {
}, {
}>;
id: PgColumn<{
baseColumn: never;
columnType: "PgUUID";
data: string;
dataType: "string";
driverParam: string;
enumValues: undefined;
generated: undefined;
hasDefault: true;
hasRuntimeDefault: false;
identity: undefined;
isAutoincrement: false;
isPrimaryKey: true;
name: "id";
notNull: true;
tableName: "client_phone_grants";
}, {
}, {
}>;
phoneNumberId: PgColumn<{
baseColumn: never;
columnType: "PgUUID";
data: string;
dataType: "string";
driverParam: string;
enumValues: undefined;
generated: undefined;
hasDefault: false;
hasRuntimeDefault: false;
identity: undefined;
isAutoincrement: false;
isPrimaryKey: false;
name: "phone_number_id";
notNull: true;
tableName: "client_phone_grants";
}, {
}, {
}>;
revokedAt: PgColumn<{
baseColumn: never;
columnType: "PgTimestamp";
data: Date;
dataType: "date";
driverParam: string;
enumValues: undefined;
generated: undefined;
hasDefault: false;
hasRuntimeDefault: false;
identity: undefined;
isAutoincrement: false;
isPrimaryKey: false;
name: "revoked_at";
notNull: false;
tableName: "client_phone_grants";
}, {
}, {
}>;
};
dialect: "pg";
name: "client_phone_grants";
schema: undefined;
}>;Defined in: src/db/schema/client-phone-grants.ts:29
client_phone_grants — what a given client may do with a given phone number.
Remarks
This is the authoritative authorisation table, layered on top of API-key scopes. A request is authorised only when both layers permit it:
- The API key carries
tools:<tool>andnumbers:<phone_id>(or the owner-only*wildcards). - A non-revoked row exists here for
(client_id, phone_number_id)whoseallowed_toolscontains<tool>.
Why two layers: rotating a key must not silently regrant numbers; revoking a number from a client must affect every key they hold immediately with one row update. See architecture.md §3.
daily_message_cap overrides api_keys.daily_msg_limit per-(client, number)
when set — useful for staged rollouts of a new client to a sensitive number.