Trial Provisioning — Phase 2 (Plan)
Status: Draft
Goal
Automate tenant provisioning after admin approval of a Trial request, with 30‑day expiry, SSO‑only access, and clean deprovisioning.
Workflow
1) Admin reviews /admin/trials and approves a request
2) System provisions resources:
- Database: trial_{company_slug}_{YYYYMMDD}
- Seed data: Super Admin and minimal roles/permissions
- Feature caps: max streams/rules; scheduler enabled; expiry date set
- Subdomain: {company}.trial.mesofthings.com (DNS prerequisite)
3) Notifications:
- Email to requester with subdomain URL and instructions
- Internal log (RACELogger) and audit entry
4) Expiry lifecycle:
- Warnings: −7d and −1d via email
- On expiry: disable scheduler + login banner
- Grace period: 7 days; then purge (export optional)
Components
- ProvisioningService (new): encapsulates create/disable/purge
- DatabaseManagementService: reuse/create DB + apply migrations
- OAuth config: restrict to SSO providers, no passwords
- Scheduler control: per‑tenant enable/disable
CLI Tasks (suggested)
flask provision trial --request-file instance/public/trial_requests/...
flask provision disable --db trial_acme_20251115
flask provision purge --db trial_acme_20251115 --export out/exports/
Data Model Additions
- Table
trial_tenants: id,company,db_name,subdomain,status(active/expired/purged)created_at,expires_at,grace_untilrequest_file(path),contact_email
Security
- SSO‑only access; super_admin controls
- Strict separation from production DBs
- Full audit logging for provisioning actions
Rollback
- On failure: drop DB, remove DNS mapping (manual), mark request as failed
- Keep request JSON for traceability
Open Items
- DNS automation (Cloud provider/API)
- Email infrastructure (provider and templates)
- Export format for purge (events + configuration)