/**
 * Author:  joern.muehlencord
 * Created: 06.09.2015
 */

DROP TABLE account_role;
DROP TABLE account_history;
DROP TABLE account;
DROP TABLE role_permission;
DROP TABLE application_role;
DROP TABLE application_permission;


CREATE TABLE application_role (
  role_name varchar(80) NOT NULL,
  role_description varchar(200) NOT NULL,
  CONSTRAINT pk_application_role_pk PRIMARY KEY (role_name)
);

CREATE TABLE account (
  username varchar(32) NOT NULL,    
  emailaddress varchar(200) NOT NULL,   
  firstname varchar(100) NOT NULL,
  lastname varchar(100) NOT NULL,  
  account_password char(200) NOT NULL,  
  last_login timestamp with time zone,
  last_failed_login timestamp with time zone,
  failure_count int NOT NULL DEFAULT 0,
  status varchar(10) NOT NULL DEFAULT 'NEW', -- NEW, INIT, OK, BLOCKED,
  password_reset_ongoing boolean NOT NULL DEFAULT false,
  password_reset_valid_to timestamp with time zone,
  password_reset_hash char(200),
  created_on timestamp with time zone NOT NULL DEFAULT (now() at time zone 'utc'),
  created_by varchar(32) NOT NULL,
  last_updated_on timestamp with time zone NOT NULL DEFAULT (now() at time zone 'utc'),
  last_updated_by varchar(32) NOT NULL,
  CONSTRAINT pk_account PRIMARY KEY (username)
);

CREATE TABLE account_history (
  id SERIAL NOT NULL,
  username varchar(32) NOT NULL,
  message varchar(200),
  failure_count int NOT NULL DEFAULT 0,
  status varchar(20) NOT NULL, -- constants needed, after action - new, init, active, blocked, inactive, marked for deletion
  last_updated_on timestamp with time zone NOT NULL DEFAULT (now() at time zone 'utc'),
  last_updated_by varchar(32) NOT NULL,
  CONSTRAINT pk_account_history PRIMARY KEY (id),
  CONSTRAINT fk_account_history_username_fk FOREIGN KEY (username) REFERENCES account (username)
);

CREATE TABLE account_role (
  username varchar(32) NOT NULL,
  role_name varchar(80) NOT NULL,  
  CONSTRAINT pk_account_role PRIMARY KEY (username, role_name),
  CONSTRAINT fk_account_role_account FOREIGN KEY (username) REFERENCES account(username),
  CONSTRAINT fk_account_role_role_name FOREIGN KEY (role_name) REFERENCES application_role(role_name)
);


CREATE TABLE application_permission (
  permission_name varchar(80) NOT NULL,
  permission_description varchar(200) NOT NULL,
  CONSTRAINT application_permission_pk PRIMARY KEY (permission_name)  
);

CREATE TABLE role_permission (
  role_name varchar(80) NOT NULL,
  permission_name varchar(80) NOT NULL,  
  CONSTRAINT pk_role_permission_role_permission_name PRIMARY KEY (role_name, permission_name),
  CONSTRAINT fk_role_permission_role_name FOREIGN KEY (role_name) REFERENCES application_role(role_name),
  CONSTRAINT fk_role_permission_permission_name FOREIGN KEY (permission_name) REFERENCES application_permission(permission_name)  
);

INSERT INTO application_permission (permission_name, permission_description) values ('test:view', 'Display test view');

INSERT INTO application_role (role_name, role_description) values ('Admin', 'Admin role');
INSERT INTO application_role (role_name, role_description) values ('User', 'Standard user role');

-- INSERT INTO role_permission (role_name, permission_name) values ('Admin','test:view');

INSERT INTO account (username, emailaddress, firstname, lastname, account_password, created_by, last_updated_by) values('admin', 'joern@muehlencord.de', 'Joern', 'Muehlencord','$shiro1$SHA-256$500000$4bHPNH9k539UjdFLgm/HOA==$T/n8skgoGSOtNw/c9ScDlXCiGrx2cZF0Esrvf6WPq6g=', 'admin','admin'); --admin/secret
INSERT INTO account_role (username, role_name) values ('admin', 'Admin');