docs: migrer schémas BDD de Mermaid vers DBML

Remplace les diagrammes Mermaid par DBML (via kroki-dbml) pour une meilleure expressivité des schémas de base de données : - Ajout support notes, contraintes et indexes détaillés - Migration de tous les schémas d'entités partagées - Ajout fichier exemple dbml-example.md - Configuration plugin mkdocs-kroki pour rendu DBML
2026-02-12 20:49:02 +01:00
parent ae2fc3ee6f
commit 23fe67470b
16 changed files with 566 additions and 224 deletions
--- a/docs/domains/_shared/entities/breach-incidents.md
+++ b/docs/domains/_shared/entities/breach-incidents.md
@@ -4,33 +4,57 @@

 ## Diagramme

-```mermaid
-erDiagram
-    BREACH_INCIDENTS ||--o{ BREACH_AFFECTED_USERS : "impacte"
-    USERS ||--o{ BREACH_AFFECTED_USERS : "est impacté"
+```kroki-dbml
+Table breach_incidents {
+  id uuid [primary key]
+  severity breach_severity_enum [not null]
+  description text [not null, note: 'Description détaillée de l incident']
+  data_categories_affected jsonb [not null, note: 'Array: ["gps", "email", "listening_history"]']
+  estimated_users_count int [not null, note: 'Estimation nombre users impactés']
+  detected_at timestamp [not null, default: `now()`, note: 'H+0: Détection initiale']
+  contained_at timestamp [note: 'Timestamp confinement de la faille']
+  cnil_notified_at timestamp [note: 'H+48: Notification CNIL si requis']
+  users_notified_at timestamp [note: 'H+72: Notification users si risque élevé']
+  mitigation_actions text [note: 'Actions correctives mises en place']
+  cnil_notification_required boolean [not null, default: false]
+  user_notification_required boolean [not null, default: false]

-    BREACH_INCIDENTS {
-        uuid id PK
-        string severity "low/medium/high/critical"
-        text description
-        json data_categories_affected
-        int estimated_users_count
-        timestamp detected_at
-        timestamp contained_at
-        timestamp cnil_notified_at
-        timestamp users_notified_at
-        text mitigation_actions
-        boolean cnil_notification_required
-        boolean user_notification_required
-    }
+  indexes {
+    (severity, detected_at) [note: 'Incidents par gravité et chronologie']
+    (cnil_notification_required, cnil_notified_at) [note: 'Track CNIL notification compliance']
+  }
+}

-    BREACH_AFFECTED_USERS {
-        uuid id PK
-        uuid breach_id FK
-        uuid user_id FK
-        timestamp notified_at
-        string notification_channel "email/push/sms"
-    }
+Table users {
+  id uuid [primary key]
+}
+
+Table breach_affected_users {
+  id uuid [primary key]
+  breach_id uuid [not null, ref: > breach_incidents.id]
+  user_id uuid [not null, ref: > users.id]
+  notified_at timestamp [note: 'Timestamp notification user (NULL si pas encore notifié)']
+  notification_channel notification_channel_enum [note: 'Canal utilisé pour notifier']
+
+  indexes {
+    (breach_id, user_id) [unique, note: 'Un user ne peut être listé qu une fois par incident']
+    (breach_id, notified_at) [note: 'Track notification progress']
+    (user_id) [note: 'Historique incidents pour un user']
+  }
+}
+
+Enum breach_severity_enum {
+  low [note: 'Pas de notification requise (mesures techniques suffisantes)']
+  medium [note: 'Notification CNIL uniquement']
+  high [note: 'Notification CNIL + utilisateurs']
+  critical [note: 'Notification immédiate tous canaux + SMS fondateur']
+}
+
+Enum notification_channel_enum {
+  email [note: 'Email notification']
+  push [note: 'Push notification mobile']
+  sms [note: 'SMS (critical only)']
+}
 ```

 ## Légende