Skip to main content
Status: 📝 Planned
Spec Reference: PF-43 Tenant Resource Quotas
Last Updated: 2026-03-14

Purpose

PF-43 provides tenant resource quotas and usage tracking (storage, API calls, users, custom objects, workflow executions). This document captures integration points: PF dependencies (PF-01, PF-04, PF-10, PF-11, PF-42), the event published on quota violation, and the platform layer consumed by clients and edge functions.

PF Dependencies


Event Contract: pf_quota_violated

Event: pf_quota_violated (canonical identifier)
Publisher: PF-43 (Quota enforcement framework)
Subscribers: PF-10 (Notifications), PF-48 (Security Event Monitoring — future)
Status: 📝 Planned

Purpose

Notify platform and organization admins when a quota soft or hard limit is exceeded so they can respond and adjust usage or quotas.

Trigger Conditions

  • After hard limit exceeded (operation blocked) or soft limit exceeded (warning; optional alert threshold).

Payload Schema

Canonical payload uses snake_case. Envelope fields (event_id, occurred_at, source, spec_version) are required for idempotency and routing. eventVersion is required and represents the contract version for this event so producers and consumers can evolve safely (e.g. QuotaViolatedEvent.eventVersion). TypeScript shape:

Consumer Actions


Platform Layer Usage

  • Client: useResourceQuota hook for client-side quota checks (calls backend/edge that uses pf_check_resource_quota()).
  • Server/Edge: pf_check_resource_quota(p_organization_id, p_resource_type, p_requested_amount) for server-side checks; writes to pf_resource_usage and pf_quota_violations via SECURITY DEFINER. Implementations MUST pin search_path in the function declaration (e.g. SET search_path = public or a tighter scope such as SET search_path = admin, pg_catalog) so untrusted schemas cannot shadow objects; this is required for security review.
  • Storage usage: PF-11 integration for total storage per org (implementation detail in PF-43 tasks).
  • API call usage: PF-42 integration when available; until then, temporary interfaces/stubs per spec Clarifications.

API Contracts

  • Quota check (DB): pf_check_resource_quota(organization_id, resource_type, requested_amount) returns (allowed, remaining, reset_at, quota_id, limit_type)reset_at is timestamptz for quota window reset.
  • Frontend hook: useResourceQuota({ organizationId, resourceType, requestedAmount? }) returns state and checkQuota(amount?); see spec API Design.

Integration Matrix

Entry added in CROSS_CORE_INTEGRATIONS.md: PF-43 → PF-10, PF-04, PF-11, PF-42, PF-01 (Event / Platform).