Documents
Data Entity
Description
Stores document records attached to activities and other platform entities, including confidentiality declarations, uploaded attachments (invitations, screenshots), and versioned legal/policy content. Serves as the central registry for all non-receipt file attachments and formal declarations required for Bufdir audit compliance.
Data Structure
| Name | Type | Description | Constraints |
|---|---|---|---|
id |
uuid |
Unique identifier for the document record | PKrequiredunique |
activity_id |
uuid |
Foreign key to the activity this document is attached to; nullable for standalone documents (declarations, legal content) | - |
user_id |
uuid |
Foreign key to the user who uploaded or acknowledged the document | required |
organization_id |
uuid |
Foreign key to the owning organization for multi-tenant isolation | required |
document_type |
enum |
Classification of the document purpose | required |
title |
string |
Human-readable title or filename of the document | required |
description |
text |
Optional description or context for the document | - |
file_url |
string |
Storage URL or path to the document file in cloud storage; nullable for declaration-type documents that store content inline | - |
file_size_bytes |
integer |
Size of the uploaded file in bytes | - |
mime_type |
string |
MIME type of the uploaded file (e.g. application/pdf, image/jpeg) | - |
content |
text |
Inline text content for declaration documents or versioned legal text; nullable for file-based documents | - |
version |
string |
Version identifier for versioned documents (declarations, legal policies) | - |
content_hash |
string |
SHA-256 hash of the document content or file for integrity verification and deduplication | - |
acknowledged_at |
datetime |
Timestamp when the user formally acknowledged or signed the document (for declarations) | - |
expense_id |
uuid |
Foreign key to the expense this declaration is linked to; nullable for non-expense documents | - |
assignment_id |
uuid |
Foreign key to the assignment this declaration is linked to; nullable for non-assignment documents | - |
status |
enum |
Current lifecycle status of the document | required |
is_virus_scanned |
boolean |
Whether the uploaded file has passed virus scanning | required |
created_at |
datetime |
Timestamp when the document record was created | required |
updated_at |
datetime |
Timestamp of the last modification to the document record | required |
Database Indexes
idx_documents_activity_id
Columns: activity_id
idx_documents_user_id
Columns: user_id
idx_documents_organization_id
Columns: organization_id
idx_documents_document_type
Columns: document_type
idx_documents_org_type_status
Columns: organization_id, document_type, status
idx_documents_user_type_acknowledged
Columns: user_id, document_type, acknowledged_at
idx_documents_expense_id
Columns: expense_id
idx_documents_content_hash
Columns: content_hash
idx_documents_created_at
Columns: created_at
Validation Rules
valid_file_type
error
Validation failed
title_not_blank
error
Validation failed
declaration_requires_acknowledgement
error
Validation failed
content_hash_integrity
error
Validation failed
valid_organization_reference
error
Validation failed
valid_activity_reference
error
Validation failed
version_format
warning
Validation failed
expense_or_assignment_link_for_declarations
warning
Validation failed
Business Rules
declaration_required_before_expense_submission
Confidentiality declarations must be acknowledged before the linked expense or assignment can be submitted. Blindeforbundet requires driver confidentiality declarations before driver honorarium expenses.
declaration_version_immutability
Once a user acknowledges a specific declaration version, the acknowledgement record and content hash are immutable. A new declaration version creates a new document record rather than updating the existing one.
tenant_isolation
Documents are scoped to the owning organization. Users can only access documents belonging to their own organization. Cross-organization document access is prohibited except for Global Admins viewing metadata.
activity_attachment_requires_activity
Documents of type activity_attachment must have a valid activity_id referencing an existing activity owned by the same user or within the coordinator's scope.
virus_scan_before_access
Uploaded file-based documents must pass virus scanning before the file_url is served to other users. Documents with is_virus_scanned=false are quarantined.
superseded_declaration_archival
When a new version of a declaration or legal document is published, all previous versions for the same document_type and organization are set to status=superseded. Users must re-acknowledge the new version.
bufdir_audit_retention
Documents attached to activities used in Bufdir reporting must be retained for the full audit retention period. Status cannot be set to deleted while linked activities are within the retention window.