Documentation Index
Fetch the complete documentation index at: https://mintlify.com/ency07/B2B/llms.txt
Use this file to discover all available pages before exploring further.
tenant_settings is a key-value store scoped by (tenant_id, module, config_key). It supports both plain and encrypted values. Public settings such as branding are readable anonymously via RLS; sensitive settings such as API keys are server-only and decrypted at read time via a Postgres RPC.
Server Actions
All three actions live insrc/erp/actions/core.ts and are marked "use server".
getTenantSettings
validateTenantAccess. For any row where is_encrypted = true, the action calls the get_tenant_setting Postgres RPC — with parameters p_tenant_id, p_module, and p_key — to decrypt the value server-side before returning it. The result is a flat Record<string, any> keyed by config_key.
getPublicTenantSettings
tenant_settings. Safe to call from public-facing layouts and Next.js generateMetadata functions. Returns an empty object {} on query error rather than throwing.
Public keys returned:
updateTenantSettings
settings.manage permission (enforced via requireAction) and validateTenantAccess. Performs an upsert on the unique constraint (tenant_id, module, config_key) so calling it multiple times for the same key is always safe.
Usage Examples
Update a branding color
Store an encrypted API key
Read all tenant settings (authenticated)
Read public branding (unauthenticated)
Database Schema
Thetenant_settings table uses the following composite unique key:
| Column | Type | Notes |
|---|---|---|
tenant_id | uuid | FK → tenants.id |
module | text | Logical grouping, e.g. IDENTIDAD, EMPRESA, LOCALIZACION |
config_key | text | Setting identifier |
config_value | jsonb | Plain value or ciphertext |
is_encrypted | boolean | Triggers RPC-based decryption on read |
is_public | boolean | Controls anonymous read via RLS |
deleted_at | timestamptz | Soft-delete; null = active row |
(tenant_id, module, config_key).
The
is_public = true flag on a tenant_settings row controls whether anonymous users can read it through the tenant_settings_read_anon RLS policy. Only mark branding display fields as public. Never set is_public = true on API keys, internal configuration, or encrypted rows.