[DOP-27543] mermaid diagram

Anna Mikhaylova · Anna Mikhaylova · commit c816501cebdd · 2025-11-04T16:08:15.000+03:00
diff --git a/mddocs/docs/en/design/entities/index.md b/mddocs/docs/en/design/entities/index.md
@@ -161,3 +161,89 @@ Transfers cannot be created without queue. If there are no workers bound to a qu
 
     @enduml
 ```
+
+```mermaid
+---
+title: Entity Diagram
+---
+erDiagram
+    direction LR
+    User {
+        id        
+        username
+        is_active
+        is_superuser
+        created_at
+        updated_at
+    }
+
+    Group {
+        id        
+        name
+        description
+        owner_id
+        created_at
+        updated_at
+    }
+
+    Connection {
+        id        
+        group_id
+        type
+        name
+        description
+        data
+        created_at
+        updated_at
+    }
+
+    Queue {
+        id        
+        name
+        slug
+        description
+        created_at
+        updated_at
+    }
+    
+
+    Transfer {
+        id        
+        group_id
+        name
+        source_connection_id
+        target_connection_id
+        strategy_params
+        target_params
+        transformations
+        resources
+        is_scheduled
+        schedule
+        queue_id
+        created_at
+        updated_at
+    }
+
+    Run {
+        id
+        transfer_id
+        started_at
+        ended_at
+        status
+        type
+        log_url
+        transfer_dump
+        created_at
+        updated_at
+    }
+    
+    Run ||--o{ Transfer: contains   
+   
+    Transfer ||--o{ Queue: contains
+    Transfer ||--o{ Connection: contains
+    Transfer ||--o{ Group: contains
+    Connection ||--o{ Group: contains
+    Queue ||--o{ Group: contains
+    Group }o--o{ User: contains
+    Group ||--o{ User: contains
+```
diff --git a/mddocs/docs/en/reference/database/structure.md b/mddocs/docs/en/reference/database/structure.md
@@ -121,3 +121,108 @@
 
     @enduml
 ```
+
+```mermaid
+---
+title: Database structure
+---
+erDiagram
+    direction LR
+    User_Group {
+        bigint user_id PK
+        bigint group_id PK
+        varchar(255) role_id 
+    }
+
+    User {
+        bigint id  PK       
+        varchar(256) username  
+        varchar(256) email  null 
+        varchar(256) first_name null
+        varchar(256) last_name null
+        varchar(256) middle_name null
+        boolean is_superuser
+        boolean is_active
+        timestamp created_at
+        timestamp updated_at
+    }
+
+    Group {
+        bigint id  PK
+        varchar(256) name 
+        varchar(512) description
+        bigint owner_id
+        timestamptz created_at 
+        timestamptz updated_at
+        tsquery search_vector
+    }
+
+    Queue {
+        bigint id PK
+        varchar(128) name
+        varchar(256) slug
+        bigint group_id
+        varchar(512) description
+        timestamptz created_at
+        timestamptz updated_at
+    }
+
+    Connection {
+        bigint id PK
+        bigint group_id 
+        varchar(32) type
+        varchar(123) name 
+        varchar(512) description
+        json data
+        timestamptz created_at 
+        timestamptz updated_at
+        tsquery search_vector
+    }
+
+    Auth_data {
+        bigint connection_id PK
+        text value
+        timestamptz created_at
+        timestamptz updated_at
+    }
+
+    Transfer {
+        bigint id PK
+        bigint group_id
+        varchar(128) name
+        bigint source_connection_id
+        bigint target_connection_id
+        json strategy_params
+        json target_params
+        json transformations
+        json resources
+        boolean is_scheduled
+        varchar(32) schedule
+        bigint queue_id
+        timestamptz created_at
+        timestamptz updated_at
+    }
+
+    Run {
+        bigint id PK
+        transfer_id bigint
+        timestamptz started_at
+        timestamptz ended_at
+        varchar(255) status
+        varchar(64) type_run
+        json transfer_dump
+        timestamptz created_at
+        timestamptz updated_at
+    }
+
+    User_Group ||--o{ User: contains
+    User_Group ||--o{ Group: contains
+    Group ||--o{ User: contains
+    Queue ||--o{ Group: contains
+    Connection ||--o{ Group: contains
+    Auth_data ||--o{ Connection: contains
+    Transfer ||--o{ Queue: contains
+    Transfer ||--o{ Connection: contains
+    Transfer ||--o{ Group: contains
+    Run ||--o{ Transfer: contains
+```
diff --git a/mddocs/docs/en/reference/server/auth/dummy.md b/mddocs/docs/en/reference/server/auth/dummy.md
@@ -69,6 +69,45 @@ After successful auth, username is saved to server database.
         @enduml
 ```
 
+```mermaid
+sequenceDiagram
+participant "Client"
+participant "Server"
+activate "Client"
+alt Successful case
+"Client" ->> "Server" : login + password
+"Server" ->> "Server" : Password is completely ignored
+"Server" ->> "Server" : Check user in internal server database
+"Server" ->> "Server" : Create user if not exist
+else
+"Client" ->> "Server" : login + password
+"Server" ->> "Server" : Password is completely ignored
+"Server" ->> "Server" : Check user in internal server database
+else
+"Client" ->> "Server" : login + password
+"Server" ->> "Server" : Password is completely ignored
+"Server" ->> "Server" : Check user in internal server database
+end
+alt Successful case
+"Client" ->> "Server" : access_token
+"Server" ->> "Server" : Validate token
+"Server" ->> "Server" : Check user in internal server database
+"Server" ->> "Server" : Get data
+else
+"Client" ->> "Server" : access_token
+"Server" ->> "Server" : Validate token
+else
+"Client" ->> "Server" : access_token
+"Server" ->> "Server" : Validate token
+"Server" ->> "Server" : Check user in internal server database
+else
+"Client" ->> "Server" : access_token
+"Server" ->> "Server" : Validate token
+"Server" ->> "Server" : Check user in internal server database
+end
+deactivate "Client"
+```
+
 ## Configuration { #server-auth-dummy-configuration }
 
 ::: syncmaster.server.settings.auth.dummy.DummyAuthProviderSettings
diff --git a/mddocs/docs/en/reference/server/auth/keycloak/index.md b/mddocs/docs/en/reference/server/auth/keycloak/index.md
@@ -69,6 +69,56 @@ You can follow interaction schema below.
         @enduml
 ```
 
+```mermaid
+sequenceDiagram
+participant "Client (User from Browser)" as Client
+participant "Syncmaster"
+participant "Keycloak"
+
+Client ->> Syncmaster : Request endpoint that requires authentication (/v1/users)
+
+Syncmaster --x Client: Redirect to Keycloak login URL (if no access token)
+
+Client ->> Keycloak : Callback redirect to Keycloak login page
+
+alt Successful login
+Client ->> Keycloak : Log in with login and password
+else Login failed
+Keycloak --x Client: Display error (401 Unauthorized)
+end
+
+Keycloak ->> Client : Redirect to Syncmaster to callback endpoint with code
+Client ->> Syncmaster : Callback request to /v1/auth/callback with code
+Syncmaster->> Keycloak : Exchange code for access token
+Keycloak ->> Syncmaster : Return JWT token
+Syncmaster ->> Client : Set JWT token in user's browser in cookies and redirect /v1/users
+
+Client ->> Syncmaster : Redirect to /v1/users
+Syncmaster ->> Syncmaster : Get user info from JWT token and check user in internal server database
+Syncmaster ->> Syncmaster : Create user in internal server database if not exist
+Syncmaster ->> Client: Return requested data
+
+
+alt Successful case
+Client ->> Syncmaster : Request data with JWT token
+Syncmaster ->> Syncmaster : Get user info from JWT token and check user in internal server database
+Syncmaster ->> Syncmaster : Create user in internal server database if not exist
+Syncmaster ->> Client: Return requested data
+
+else Access token is expired
+Syncmaster ->> Keycloak : Get new JWT token via refresh token
+Keycloak ->> Syncmaster : Return new JWT token
+Syncmaster ->> Syncmaster : Get user info from JWT token and check user in internal server database
+Syncmaster ->> Syncmaster : Create user in internal server database if not exist
+Syncmaster ->> Client: Return requested data and set new JWT token in user's browser in cookies
+
+else Refresh token is expired
+Syncmaster --x Client: Redirect to Keycloak login URL
+end
+
+deactivate Client
+```
+
 ## Basic configuration { #keycloak-auth-provider-basic-configuration }
 
 ::: syncmaster.server.settings.auth.keycloak.KeycloakAuthProviderSettings
diff --git a/mddocs/mkdocs.yml b/mddocs/mkdocs.yml
@@ -1,8 +1,8 @@
 site_name: My Docs
-#site_name: Horizon Docs
-docs_dir: 'docs/en'                           # Where to find the English markdown files
-#site_dir: 'generated/en'                      # Where to put the English HTML files
+#site_name: Syncmaster Docs
 
+docs_dir: 'mddocs/docs/en'                           # Where to find the English markdown files
+#site_dir: 'generated/en'                      # Where to put the English HTML files
 
 extra_css:
   - assets/stylesheets/autodoc_pydantic.css         # CSS is shared by all languages
