-
Notifications
You must be signed in to change notification settings - Fork 0
Database Schema Reference
Eric Fitzgerald edited this page Nov 12, 2025
·
1 revision
TMI uses two primary data stores: PostgreSQL for persistent data and Redis for real-time collaboration and caching.
PostgreSQL stores the core threat modeling data including threat models, diagrams, threats, users, and authorization information.
For complete PostgreSQL schema documentation, see:
The schema includes tables for:
- Threat Models - Top-level threat modeling documents
- Diagrams - Data flow diagrams associated with threat models
- Threats - Identified threats and risks
- Elements - Components in diagrams (processes, data stores, actors)
- Data Flows - Connections between elements
- Users - User accounts and authentication
- Authorization - Role-based access control (owner, writer, reader)
- Metadata - Custom key-value extensions
# View schema in PostgreSQL
psql -U postgres -d tmi -c "\dt"
# Export schema
pg_dump -U postgres -d tmi --schema-only > schema.sqlRedis provides real-time collaboration features, including:
- WebSocket Connection Management - Track active client connections
- Diagram Edit Locks - Prevent concurrent edit conflicts
- Real-time Notifications - Broadcast changes to connected clients
- Session Cache - Store active user sessions
- Temporary Data - Store data in progress before persistence
For complete Redis schema documentation, see:
- WebSocket Session Keys - ws:session:{sessionId}
- Diagram Locks - lock:diagram:{diagramId}
- Change Queues - changes:{diagramId}
- User Sessions - user:session:{userId}
# Connect to Redis
redis-cli
# View all keys
KEYS *
# Monitor real-time activity
MONITORThe TMI project manages schema changes through migrations. All database changes are version-controlled.
See Database-Operations for backup and recovery procedures.
- PostgreSQL indexes are defined on frequently queried columns
- Redis keys expire automatically based on TTL
- Consider partitioning large tables in high-volume deployments
- Database-Operations - Operational procedures
- Performance-and-Scaling - Optimize schema for scale
- PostgreSQL Operations Guide
Authorization information is stored in the authorization field of each object:
- Owner - Full read/write/delete permissions
- Writer - Read and write permissions
- Reader - Read-only permissions
See Glossary for "Authorization" for detailed permission rules.
- Using TMI for Threat Modeling
- Accessing TMI
- Creating Your First Threat Model
- Understanding the User Interface
- Working with Data Flow Diagrams
- Managing Threats
- Collaborative Threat Modeling
- Using Notes and Documentation
- Metadata and Extensions
- Planning Your Deployment
- Deploying TMI Server
- Deploying TMI Web Application
- Setting Up Authentication
- Database Setup
- Component Integration
- Post-Deployment
- Monitoring and Health
- Database Operations
- Security Operations
- Performance and Scaling
- Maintenance Tasks