-- ============================================
-- 查询白名单：操作记录表 + 菜单 + API 权限
-- 数据库：qnc
-- ============================================

-- 1. 创建操作记录表
CREATE TABLE IF NOT EXISTS `query_whitelist_op_log` (
  `id` CHAR(36) NOT NULL COMMENT 'UUID主键',
  `create_time` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间',
  `update_time` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '更新时间',
  `delete_time` datetime DEFAULT NULL COMMENT '删除时间',
  `del_state` tinyint NOT NULL DEFAULT '0' COMMENT '删除状态：0=未删除，1=已删除',
  `version` bigint NOT NULL DEFAULT '0' COMMENT '版本号（乐观锁）',

  `admin_user_id` CHAR(36) NOT NULL COMMENT '操作管理员ID',
  `action` varchar(20) NOT NULL COMMENT '操作类型：create=创建规则，append=追加接口',
  `name` varchar(50) NOT NULL DEFAULT '*' COMMENT '姓名规则',
  `id_card` varchar(50) NOT NULL COMMENT '身份证号（明文，供后台审计）',
  `id_card_masked` varchar(50) DEFAULT NULL COMMENT '天远返回的脱敏身份证号',
  `api_codes` varchar(2000) NOT NULL COMMENT '本次提交的产品编码（JSON数组）',
  `remark` varchar(500) DEFAULT NULL COMMENT '备注',
  `tianyuan_code` int NOT NULL DEFAULT 0 COMMENT '天远 API 业务码',
  `tianyuan_message` varchar(500) DEFAULT NULL COMMENT '天远 API 返回描述',
  `transaction_id` varchar(64) DEFAULT NULL COMMENT '天远 API 流水号',
  `entry_id` varchar(64) DEFAULT NULL COMMENT '天远规则ID（成功时）',
  `entry_status` varchar(20) DEFAULT NULL COMMENT '规则状态（成功时）',
  `entry_api_codes` varchar(2000) DEFAULT NULL COMMENT '规则当前产品编码列表（JSON数组，成功时）',

  PRIMARY KEY (`id`),
  KEY `idx_admin_user_id` (`admin_user_id`),
  KEY `idx_id_card` (`id_card`),
  KEY `idx_action` (`action`),
  KEY `idx_tianyuan_code` (`tianyuan_code`),
  KEY `idx_create_time` (`create_time`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci COMMENT='查询白名单操作记录表';

-- 2. 菜单：新增「查询白名单」
INSERT INTO `admin_menu` (
  `id`, `pid`, `name`, `path`, `component`, `redirect`, `meta`,
  `status`, `type`, `sort`, `del_state`, `version`
)
SELECT
  'd02e094d-6af8-11f1-bd31-dec53e82fe75',
  '48d0e129-a141-4a74-b519-7adc38d22d27',
  'queryWhitelist',
  '/product-manage/query-whitelist/list',
  '/product-manage/query-whitelist/list',
  NULL,
  JSON_OBJECT('icon', 'lucide:shield-off', 'title', '查询白名单'),
  1,
  1,
  0,
  0,
  0
FROM DUAL
WHERE NOT EXISTS (
  SELECT 1 FROM `admin_menu`
  WHERE `path` = '/product-manage/query-whitelist/list' AND `del_state` = 0
);

-- 3. 给超级管理员授权菜单
INSERT INTO `admin_role_menu` (`id`, `role_id`, `menu_id`, `del_state`, `version`)
SELECT
  UUID(),
  '741b7a39-a95d-4b9d-8dc0-84ee664d5fef',
  m.`id`,
  0,
  0
FROM `admin_menu` m
WHERE m.`path` = '/product-manage/query-whitelist/list'
  AND m.`del_state` = 0
  AND NOT EXISTS (
    SELECT 1 FROM `admin_role_menu` rm
    WHERE rm.`role_id` = '741b7a39-a95d-4b9d-8dc0-84ee664d5fef'
      AND rm.`menu_id` = m.`id`
      AND rm.`del_state` = 0
  );

-- 4. 注册后台 API 权限
INSERT INTO `admin_api` (`id`, `create_time`, `update_time`, `delete_time`, `del_state`, `version`, `name`, `code`, `method`, `url`, `status`, `description`)
SELECT UUID(), NOW(), NOW(), NULL, 0, 0, '查询白名单-创建', 'post__api_v1_admin_query-whitelist_create', 'POST', '/api/v1/admin/query-whitelist/create', 1, '创建查询白名单规则'
FROM DUAL WHERE NOT EXISTS (SELECT 1 FROM `admin_api` WHERE `url` = '/api/v1/admin/query-whitelist/create' AND `method` = 'POST' AND `del_state` = 0);

INSERT INTO `admin_api` (`id`, `create_time`, `update_time`, `delete_time`, `del_state`, `version`, `name`, `code`, `method`, `url`, `status`, `description`)
SELECT UUID(), NOW(), NOW(), NULL, 0, 0, '查询白名单-追加', 'post__api_v1_admin_query-whitelist_append', 'POST', '/api/v1/admin/query-whitelist/append', 1, '追加查询白名单产品编码'
FROM DUAL WHERE NOT EXISTS (SELECT 1 FROM `admin_api` WHERE `url` = '/api/v1/admin/query-whitelist/append' AND `method` = 'POST' AND `del_state` = 0);

INSERT INTO `admin_api` (`id`, `create_time`, `update_time`, `delete_time`, `del_state`, `version`, `name`, `code`, `method`, `url`, `status`, `description`)
SELECT UUID(), NOW(), NOW(), NULL, 0, 0, '查询白名单-操作记录', 'get__api_v1_admin_query-whitelist_op-log_list', 'GET', '/api/v1/admin/query-whitelist/op-log/list', 1, '查询白名单操作记录列表'
FROM DUAL WHERE NOT EXISTS (SELECT 1 FROM `admin_api` WHERE `url` = '/api/v1/admin/query-whitelist/op-log/list' AND `method` = 'GET' AND `del_state` = 0);

-- 5. 给超级管理员授权 API
INSERT INTO `admin_role_api` (`id`, `create_time`, `update_time`, `delete_time`, `del_state`, `version`, `role_id`, `api_id`)
SELECT UUID(), NOW(), NOW(), NULL, 0, 0, '741b7a39-a95d-4b9d-8dc0-84ee664d5fef', a.`id`
FROM `admin_api` a
WHERE a.`url` = '/api/v1/admin/query-whitelist/create' AND a.`method` = 'POST' AND a.`del_state` = 0
  AND NOT EXISTS (
    SELECT 1 FROM `admin_role_api` ra
    WHERE ra.`role_id` = '741b7a39-a95d-4b9d-8dc0-84ee664d5fef' AND ra.`api_id` = a.`id` AND ra.`del_state` = 0
  );

INSERT INTO `admin_role_api` (`id`, `create_time`, `update_time`, `delete_time`, `del_state`, `version`, `role_id`, `api_id`)
SELECT UUID(), NOW(), NOW(), NULL, 0, 0, '741b7a39-a95d-4b9d-8dc0-84ee664d5fef', a.`id`
FROM `admin_api` a
WHERE a.`url` = '/api/v1/admin/query-whitelist/append' AND a.`method` = 'POST' AND a.`del_state` = 0
  AND NOT EXISTS (
    SELECT 1 FROM `admin_role_api` ra
    WHERE ra.`role_id` = '741b7a39-a95d-4b9d-8dc0-84ee664d5fef' AND ra.`api_id` = a.`id` AND ra.`del_state` = 0
  );

INSERT INTO `admin_role_api` (`id`, `create_time`, `update_time`, `delete_time`, `del_state`, `version`, `role_id`, `api_id`)
SELECT UUID(), NOW(), NOW(), NULL, 0, 0, '741b7a39-a95d-4b9d-8dc0-84ee664d5fef', a.`id`
FROM `admin_api` a
WHERE a.`url` = '/api/v1/admin/query-whitelist/op-log/list' AND a.`method` = 'GET' AND a.`del_state` = 0
  AND NOT EXISTS (
    SELECT 1 FROM `admin_role_api` ra
    WHERE ra.`role_id` = '741b7a39-a95d-4b9d-8dc0-84ee664d5fef' AND ra.`api_id` = a.`id` AND ra.`del_state` = 0
  );