@opengis/fastify-table 2.4.2 → 2.4.3

package/dist/server/migrations/context.sql

@@ -1,137 +1,137 @@
-CREATE SCHEMA IF NOT EXISTS admin;
-
-CREATE TABLE IF NOT EXISTS admin.rules();
-CREATE TABLE IF NOT EXISTS admin.users( uid text not null constraint admin_user_uid_pkey PRIMARY KEY DEFAULT next_id() );
-ALTER TABLE admin.rules DROP CONSTRAINT IF EXISTS admin_rules_pkey cascade;
-ALTER TABLE admin.rules add column if not exists rule_id text NOT NULL DEFAULT next_id();
-
-ALTER TABLE admin.rules add column if not exists rule_type text;
-ALTER TABLE admin.rules add column if not exists rule_name text;
-ALTER TABLE admin.rules add column if not exists attr text;
-ALTER TABLE admin.rules add column if not exists routes text[];
-ALTER TABLE admin.rules add column if not exists uid text;
-ALTER TABLE admin.rules add column if not exists cdate timestamp without time zone;
-ALTER TABLE admin.rules add column if not exists rule_query text;
-ALTER TABLE admin.rules add column if not exists cls text;
-COMMENT ON TABLE admin.rules IS 'Повноваження';
-COMMENT ON COLUMN admin.rules.rule_type IS 'Тип повноваження';
-COMMENT ON COLUMN admin.rules.rule_name IS 'Назва';
-COMMENT ON COLUMN admin.rules.attr IS 'Атрибут';
-COMMENT ON COLUMN admin.rules.routes IS 'Роути';
-COMMENT ON COLUMN admin.rules.uid IS 'Хто створив';
-COMMENT ON COLUMN admin.rules.cdate IS 'Дата створення';
-COMMENT ON COLUMN admin.rules.rule_query IS 'Запит';
-COMMENT ON COLUMN admin.rules.cls IS 'Класифікатор';
-ALTER TABLE admin.rules ALTER COLUMN attr DROP NOT NULL;
-ALTER TABLE admin.rules ALTER COLUMN cdate DROP NOT NULL;ALTER TABLE admin.rules ALTER COLUMN cdate SET DEFAULT (now())::timestamp without time zone;
-ALTER TABLE admin.rules ALTER COLUMN cls DROP NOT NULL;
-ALTER TABLE admin.rules ALTER COLUMN routes DROP NOT NULL;
-ALTER TABLE admin.rules ALTER COLUMN rule_id SET NOT NULL;ALTER TABLE admin.rules ALTER COLUMN rule_id SET DEFAULT next_id();
-ALTER TABLE admin.rules ALTER COLUMN rule_name DROP NOT NULL;
-ALTER TABLE admin.rules ALTER COLUMN rule_query DROP NOT NULL;
-ALTER TABLE admin.rules ALTER COLUMN rule_type DROP NOT NULL;
-ALTER TABLE admin.rules ALTER COLUMN uid DROP NOT NULL;
-ALTER TABLE admin.rules add CONSTRAINT admin_rules_pkey PRIMARY KEY (rule_id);
-
-CREATE INDEX if not exists admin_rules_id_idx ON admin.rules USING btree (rule_id COLLATE pg_catalog."default");
-
-
-CREATE TABLE IF NOT EXISTS admin.accounts();
-ALTER TABLE admin.accounts DROP CONSTRAINT IF EXISTS admin_accounts_pkey cascade;
-ALTER TABLE admin.accounts add column if not exists account_id text NOT NULL DEFAULT next_id();
-
-ALTER TABLE admin.accounts add column if not exists account_name text;
-ALTER TABLE admin.accounts add column if not exists description text;
-ALTER TABLE admin.accounts add column if not exists uid text;
-ALTER TABLE admin.accounts add column if not exists cdate timestamp without time zone;
-COMMENT ON TABLE admin.accounts IS 'Організації';
-COMMENT ON COLUMN admin.accounts.account_name IS 'Назва';
-COMMENT ON COLUMN admin.accounts.description IS 'Опис';
-COMMENT ON COLUMN admin.accounts.uid IS 'Хто створив';
-COMMENT ON COLUMN admin.accounts.cdate IS 'Дата створення';
-ALTER TABLE admin.accounts ALTER COLUMN account_id SET NOT NULL;ALTER TABLE admin.accounts ALTER COLUMN account_id SET DEFAULT next_id();
-ALTER TABLE admin.accounts ALTER COLUMN account_name DROP NOT NULL;
-ALTER TABLE admin.accounts ALTER COLUMN cdate DROP NOT NULL;ALTER TABLE admin.accounts ALTER COLUMN cdate SET DEFAULT (now())::timestamp without time zone;
-ALTER TABLE admin.accounts ALTER COLUMN description DROP NOT NULL;
-ALTER TABLE admin.accounts ALTER COLUMN uid DROP NOT NULL;
-ALTER TABLE admin.accounts add CONSTRAINT admin_accounts_pkey PRIMARY KEY (account_id);
-
-CREATE INDEX if not exists admin_accounts_id_idx ON admin.accounts USING btree (account_id COLLATE pg_catalog."default");
-
-
-/*
-CREATE TABLE IF NOT EXISTS admin.account_users();
-ALTER TABLE admin.account_users DROP CONSTRAINT IF EXISTS admin_account_users_pkey;
-ALTER TABLE admin.account_users DROP CONSTRAINT IF EXISTS admin_au_account_fkey;
-ALTER TABLE admin.account_users DROP CONSTRAINT IF EXISTS admin_au_user_fkey;
-ALTER TABLE admin.account_users add column if not exists au_id text NOT NULL DEFAULT next_id();
-
-ALTER TABLE admin.account_users add column if not exists account_id text;
-ALTER TABLE admin.account_users add column if not exists user_uid text;
-ALTER TABLE admin.account_users add column if not exists uid text;
-ALTER TABLE admin.account_users add column if not exists cdate timestamp without time zone;
-COMMENT ON TABLE admin.account_users IS 'Організації - Користувачі';
-COMMENT ON COLUMN admin.account_users.account_id IS 'id Організації';
-COMMENT ON COLUMN admin.account_users.user_uid IS 'id Користувача';
-COMMENT ON COLUMN admin.account_users.uid IS 'Хто створив';
-COMMENT ON COLUMN admin.account_users.cdate IS 'Дата створення';
-ALTER TABLE admin.account_users ALTER COLUMN account_id DROP NOT NULL;
-ALTER TABLE admin.account_users ALTER COLUMN au_id SET NOT NULL;ALTER TABLE admin.account_users ALTER COLUMN au_id SET DEFAULT next_id();
-ALTER TABLE admin.account_users ALTER COLUMN cdate DROP NOT NULL;ALTER TABLE admin.account_users ALTER COLUMN cdate SET DEFAULT (now())::timestamp without time zone;
-ALTER TABLE admin.account_users ALTER COLUMN uid DROP NOT NULL;
-ALTER TABLE admin.account_users ALTER COLUMN user_uid DROP NOT NULL;
-ALTER TABLE admin.account_users add CONSTRAINT admin_account_users_pkey PRIMARY KEY (au_id);
-ALTER TABLE admin.account_users ADD CONSTRAINT admin_au_account_fkey FOREIGN KEY (account_id) REFERENCES admin.accounts (account_id) MATCH SIMPLE;
-ALTER TABLE admin.account_users ADD CONSTRAINT admin_au_user_fkey FOREIGN KEY (user_uid) REFERENCES admin.users (uid) MATCH SIMPLE;
-
-CREATE INDEX if not exists admin_account_users_id_idx ON admin.account_users USING btree (au_id COLLATE pg_catalog."default");
-CREATE INDEX if not exists admin_au_account_id_idx ON admin.account_users USING btree (account_id COLLATE pg_catalog."default");
-CREATE INDEX if not exists admin_au_user_uid_idx ON admin.account_users USING btree (user_uid COLLATE pg_catalog."default");
-
-
-CREATE TABLE IF NOT EXISTS admin.account_grants();
-ALTER TABLE admin.account_grants DROP CONSTRAINT IF EXISTS admin_account_grants_pkey;
-ALTER TABLE admin.account_grants DROP CONSTRAINT IF EXISTS admin_ag_account_fkey;
-ALTER TABLE admin.account_grants DROP CONSTRAINT IF EXISTS admin_ag_user_fkey;
-ALTER TABLE admin.account_grants add column if not exists ag_id text NOT NULL DEFAULT next_id();
-
-ALTER TABLE admin.account_grants add column if not exists account_id text;
-ALTER TABLE admin.account_grants add column if not exists rule_id text;
-ALTER TABLE admin.account_grants add column if not exists routes text[];
-ALTER TABLE admin.account_grants add column if not exists rule_values text[];
-ALTER TABLE admin.account_grants add column if not exists grants_doc_id text;
-ALTER TABLE admin.account_grants add column if not exists grant_scan text;
-ALTER TABLE admin.account_grants add column if not exists expire_date date;
-ALTER TABLE admin.account_grants add column if not exists actions text[];
-ALTER TABLE admin.account_grants add column if not exists uid text;
-ALTER TABLE admin.account_grants add column if not exists cdate timestamp without time zone;
-COMMENT ON TABLE admin.account_grants IS 'Організації - Повноваження';
-COMMENT ON COLUMN admin.account_grants.account_id IS 'id Організації';
-COMMENT ON COLUMN admin.account_grants.rule_id IS 'id Правила';
-COMMENT ON COLUMN admin.account_grants.routes IS 'Роути';
-COMMENT ON COLUMN admin.account_grants.rule_values IS 'Значення';
-COMMENT ON COLUMN admin.account_grants.grants_doc_id IS 'id Документу';
-COMMENT ON COLUMN admin.account_grants.grant_scan IS 'id Скану';
-COMMENT ON COLUMN admin.account_grants.expire_date IS 'Дата закінчення дії дозволу';
-COMMENT ON COLUMN admin.account_grants.actions IS 'Дії';
-COMMENT ON COLUMN admin.account_grants.uid IS 'Хто створив';
-COMMENT ON COLUMN admin.account_grants.cdate IS 'Дата створення';
-ALTER TABLE admin.account_grants ALTER COLUMN account_id DROP NOT NULL;
-ALTER TABLE admin.account_grants ALTER COLUMN actions DROP NOT NULL;
-ALTER TABLE admin.account_grants ALTER COLUMN ag_id SET NOT NULL;ALTER TABLE admin.account_grants ALTER COLUMN ag_id SET DEFAULT next_id();
-ALTER TABLE admin.account_grants ALTER COLUMN cdate DROP NOT NULL;ALTER TABLE admin.account_grants ALTER COLUMN cdate SET DEFAULT (now())::timestamp without time zone;
-ALTER TABLE admin.account_grants ALTER COLUMN expire_date DROP NOT NULL;
-ALTER TABLE admin.account_grants ALTER COLUMN grant_scan DROP NOT NULL;
-ALTER TABLE admin.account_grants ALTER COLUMN grants_doc_id DROP NOT NULL;
-ALTER TABLE admin.account_grants ALTER COLUMN routes DROP NOT NULL;
-ALTER TABLE admin.account_grants ALTER COLUMN rule_id DROP NOT NULL;
-ALTER TABLE admin.account_grants ALTER COLUMN rule_values DROP NOT NULL;
-ALTER TABLE admin.account_grants ALTER COLUMN uid DROP NOT NULL;
-ALTER TABLE admin.account_grants add CONSTRAINT admin_account_grants_pkey PRIMARY KEY (ag_id);
-ALTER TABLE admin.account_grants ADD CONSTRAINT admin_ag_account_fkey FOREIGN KEY (account_id) REFERENCES admin.accounts (account_id) MATCH SIMPLE;
-ALTER TABLE admin.account_grants ADD CONSTRAINT admin_ag_user_fkey FOREIGN KEY (rule_id) REFERENCES admin.rules (rule_id) MATCH SIMPLE;
-
-CREATE INDEX if not exists admin_account_users_id_idx ON admin.account_grants USING btree (ag_id COLLATE pg_catalog."default");
-CREATE INDEX if not exists admin_ag_account_id_idx ON admin.account_grants USING btree (account_id COLLATE pg_catalog."default");
-CREATE INDEX if not exists admin_ag_rule_id_idx ON admin.account_grants USING btree (rule_id COLLATE pg_catalog."default");
+CREATE SCHEMA IF NOT EXISTS admin;
+
+CREATE TABLE IF NOT EXISTS admin.rules();
+CREATE TABLE IF NOT EXISTS admin.users( uid text not null constraint admin_user_uid_pkey PRIMARY KEY DEFAULT next_id() );
+ALTER TABLE admin.rules DROP CONSTRAINT IF EXISTS admin_rules_pkey cascade;
+ALTER TABLE admin.rules add column if not exists rule_id text NOT NULL DEFAULT next_id();
+
+ALTER TABLE admin.rules add column if not exists rule_type text;
+ALTER TABLE admin.rules add column if not exists rule_name text;
+ALTER TABLE admin.rules add column if not exists attr text;
+ALTER TABLE admin.rules add column if not exists routes text[];
+ALTER TABLE admin.rules add column if not exists uid text;
+ALTER TABLE admin.rules add column if not exists cdate timestamp without time zone;
+ALTER TABLE admin.rules add column if not exists rule_query text;
+ALTER TABLE admin.rules add column if not exists cls text;
+COMMENT ON TABLE admin.rules IS 'Повноваження';
+COMMENT ON COLUMN admin.rules.rule_type IS 'Тип повноваження';
+COMMENT ON COLUMN admin.rules.rule_name IS 'Назва';
+COMMENT ON COLUMN admin.rules.attr IS 'Атрибут';
+COMMENT ON COLUMN admin.rules.routes IS 'Роути';
+COMMENT ON COLUMN admin.rules.uid IS 'Хто створив';
+COMMENT ON COLUMN admin.rules.cdate IS 'Дата створення';
+COMMENT ON COLUMN admin.rules.rule_query IS 'Запит';
+COMMENT ON COLUMN admin.rules.cls IS 'Класифікатор';
+ALTER TABLE admin.rules ALTER COLUMN attr DROP NOT NULL;
+ALTER TABLE admin.rules ALTER COLUMN cdate DROP NOT NULL;ALTER TABLE admin.rules ALTER COLUMN cdate SET DEFAULT (now())::timestamp without time zone;
+ALTER TABLE admin.rules ALTER COLUMN cls DROP NOT NULL;
+ALTER TABLE admin.rules ALTER COLUMN routes DROP NOT NULL;
+ALTER TABLE admin.rules ALTER COLUMN rule_id SET NOT NULL;ALTER TABLE admin.rules ALTER COLUMN rule_id SET DEFAULT next_id();
+ALTER TABLE admin.rules ALTER COLUMN rule_name DROP NOT NULL;
+ALTER TABLE admin.rules ALTER COLUMN rule_query DROP NOT NULL;
+ALTER TABLE admin.rules ALTER COLUMN rule_type DROP NOT NULL;
+ALTER TABLE admin.rules ALTER COLUMN uid DROP NOT NULL;
+ALTER TABLE admin.rules add CONSTRAINT admin_rules_pkey PRIMARY KEY (rule_id);
+
+CREATE INDEX if not exists admin_rules_id_idx ON admin.rules USING btree (rule_id COLLATE pg_catalog."default");
+
+
+CREATE TABLE IF NOT EXISTS admin.accounts();
+ALTER TABLE admin.accounts DROP CONSTRAINT IF EXISTS admin_accounts_pkey cascade;
+ALTER TABLE admin.accounts add column if not exists account_id text NOT NULL DEFAULT next_id();
+
+ALTER TABLE admin.accounts add column if not exists account_name text;
+ALTER TABLE admin.accounts add column if not exists description text;
+ALTER TABLE admin.accounts add column if not exists uid text;
+ALTER TABLE admin.accounts add column if not exists cdate timestamp without time zone;
+COMMENT ON TABLE admin.accounts IS 'Організації';
+COMMENT ON COLUMN admin.accounts.account_name IS 'Назва';
+COMMENT ON COLUMN admin.accounts.description IS 'Опис';
+COMMENT ON COLUMN admin.accounts.uid IS 'Хто створив';
+COMMENT ON COLUMN admin.accounts.cdate IS 'Дата створення';
+ALTER TABLE admin.accounts ALTER COLUMN account_id SET NOT NULL;ALTER TABLE admin.accounts ALTER COLUMN account_id SET DEFAULT next_id();
+ALTER TABLE admin.accounts ALTER COLUMN account_name DROP NOT NULL;
+ALTER TABLE admin.accounts ALTER COLUMN cdate DROP NOT NULL;ALTER TABLE admin.accounts ALTER COLUMN cdate SET DEFAULT (now())::timestamp without time zone;
+ALTER TABLE admin.accounts ALTER COLUMN description DROP NOT NULL;
+ALTER TABLE admin.accounts ALTER COLUMN uid DROP NOT NULL;
+ALTER TABLE admin.accounts add CONSTRAINT admin_accounts_pkey PRIMARY KEY (account_id);
+
+CREATE INDEX if not exists admin_accounts_id_idx ON admin.accounts USING btree (account_id COLLATE pg_catalog."default");
+
+
+/*
+CREATE TABLE IF NOT EXISTS admin.account_users();
+ALTER TABLE admin.account_users DROP CONSTRAINT IF EXISTS admin_account_users_pkey;
+ALTER TABLE admin.account_users DROP CONSTRAINT IF EXISTS admin_au_account_fkey;
+ALTER TABLE admin.account_users DROP CONSTRAINT IF EXISTS admin_au_user_fkey;
+ALTER TABLE admin.account_users add column if not exists au_id text NOT NULL DEFAULT next_id();
+
+ALTER TABLE admin.account_users add column if not exists account_id text;
+ALTER TABLE admin.account_users add column if not exists user_uid text;
+ALTER TABLE admin.account_users add column if not exists uid text;
+ALTER TABLE admin.account_users add column if not exists cdate timestamp without time zone;
+COMMENT ON TABLE admin.account_users IS 'Організації - Користувачі';
+COMMENT ON COLUMN admin.account_users.account_id IS 'id Організації';
+COMMENT ON COLUMN admin.account_users.user_uid IS 'id Користувача';
+COMMENT ON COLUMN admin.account_users.uid IS 'Хто створив';
+COMMENT ON COLUMN admin.account_users.cdate IS 'Дата створення';
+ALTER TABLE admin.account_users ALTER COLUMN account_id DROP NOT NULL;
+ALTER TABLE admin.account_users ALTER COLUMN au_id SET NOT NULL;ALTER TABLE admin.account_users ALTER COLUMN au_id SET DEFAULT next_id();
+ALTER TABLE admin.account_users ALTER COLUMN cdate DROP NOT NULL;ALTER TABLE admin.account_users ALTER COLUMN cdate SET DEFAULT (now())::timestamp without time zone;
+ALTER TABLE admin.account_users ALTER COLUMN uid DROP NOT NULL;
+ALTER TABLE admin.account_users ALTER COLUMN user_uid DROP NOT NULL;
+ALTER TABLE admin.account_users add CONSTRAINT admin_account_users_pkey PRIMARY KEY (au_id);
+ALTER TABLE admin.account_users ADD CONSTRAINT admin_au_account_fkey FOREIGN KEY (account_id) REFERENCES admin.accounts (account_id) MATCH SIMPLE;
+ALTER TABLE admin.account_users ADD CONSTRAINT admin_au_user_fkey FOREIGN KEY (user_uid) REFERENCES admin.users (uid) MATCH SIMPLE;
+
+CREATE INDEX if not exists admin_account_users_id_idx ON admin.account_users USING btree (au_id COLLATE pg_catalog."default");
+CREATE INDEX if not exists admin_au_account_id_idx ON admin.account_users USING btree (account_id COLLATE pg_catalog."default");
+CREATE INDEX if not exists admin_au_user_uid_idx ON admin.account_users USING btree (user_uid COLLATE pg_catalog."default");
+
+
+CREATE TABLE IF NOT EXISTS admin.account_grants();
+ALTER TABLE admin.account_grants DROP CONSTRAINT IF EXISTS admin_account_grants_pkey;
+ALTER TABLE admin.account_grants DROP CONSTRAINT IF EXISTS admin_ag_account_fkey;
+ALTER TABLE admin.account_grants DROP CONSTRAINT IF EXISTS admin_ag_user_fkey;
+ALTER TABLE admin.account_grants add column if not exists ag_id text NOT NULL DEFAULT next_id();
+
+ALTER TABLE admin.account_grants add column if not exists account_id text;
+ALTER TABLE admin.account_grants add column if not exists rule_id text;
+ALTER TABLE admin.account_grants add column if not exists routes text[];
+ALTER TABLE admin.account_grants add column if not exists rule_values text[];
+ALTER TABLE admin.account_grants add column if not exists grants_doc_id text;
+ALTER TABLE admin.account_grants add column if not exists grant_scan text;
+ALTER TABLE admin.account_grants add column if not exists expire_date date;
+ALTER TABLE admin.account_grants add column if not exists actions text[];
+ALTER TABLE admin.account_grants add column if not exists uid text;
+ALTER TABLE admin.account_grants add column if not exists cdate timestamp without time zone;
+COMMENT ON TABLE admin.account_grants IS 'Організації - Повноваження';
+COMMENT ON COLUMN admin.account_grants.account_id IS 'id Організації';
+COMMENT ON COLUMN admin.account_grants.rule_id IS 'id Правила';
+COMMENT ON COLUMN admin.account_grants.routes IS 'Роути';
+COMMENT ON COLUMN admin.account_grants.rule_values IS 'Значення';
+COMMENT ON COLUMN admin.account_grants.grants_doc_id IS 'id Документу';
+COMMENT ON COLUMN admin.account_grants.grant_scan IS 'id Скану';
+COMMENT ON COLUMN admin.account_grants.expire_date IS 'Дата закінчення дії дозволу';
+COMMENT ON COLUMN admin.account_grants.actions IS 'Дії';
+COMMENT ON COLUMN admin.account_grants.uid IS 'Хто створив';
+COMMENT ON COLUMN admin.account_grants.cdate IS 'Дата створення';
+ALTER TABLE admin.account_grants ALTER COLUMN account_id DROP NOT NULL;
+ALTER TABLE admin.account_grants ALTER COLUMN actions DROP NOT NULL;
+ALTER TABLE admin.account_grants ALTER COLUMN ag_id SET NOT NULL;ALTER TABLE admin.account_grants ALTER COLUMN ag_id SET DEFAULT next_id();
+ALTER TABLE admin.account_grants ALTER COLUMN cdate DROP NOT NULL;ALTER TABLE admin.account_grants ALTER COLUMN cdate SET DEFAULT (now())::timestamp without time zone;
+ALTER TABLE admin.account_grants ALTER COLUMN expire_date DROP NOT NULL;
+ALTER TABLE admin.account_grants ALTER COLUMN grant_scan DROP NOT NULL;
+ALTER TABLE admin.account_grants ALTER COLUMN grants_doc_id DROP NOT NULL;
+ALTER TABLE admin.account_grants ALTER COLUMN routes DROP NOT NULL;
+ALTER TABLE admin.account_grants ALTER COLUMN rule_id DROP NOT NULL;
+ALTER TABLE admin.account_grants ALTER COLUMN rule_values DROP NOT NULL;
+ALTER TABLE admin.account_grants ALTER COLUMN uid DROP NOT NULL;
+ALTER TABLE admin.account_grants add CONSTRAINT admin_account_grants_pkey PRIMARY KEY (ag_id);
+ALTER TABLE admin.account_grants ADD CONSTRAINT admin_ag_account_fkey FOREIGN KEY (account_id) REFERENCES admin.accounts (account_id) MATCH SIMPLE;
+ALTER TABLE admin.account_grants ADD CONSTRAINT admin_ag_user_fkey FOREIGN KEY (rule_id) REFERENCES admin.rules (rule_id) MATCH SIMPLE;
+
+CREATE INDEX if not exists admin_account_users_id_idx ON admin.account_grants USING btree (ag_id COLLATE pg_catalog."default");
+CREATE INDEX if not exists admin_ag_account_id_idx ON admin.account_grants USING btree (account_id COLLATE pg_catalog."default");
+CREATE INDEX if not exists admin_ag_rule_id_idx ON admin.account_grants USING btree (rule_id COLLATE pg_catalog."default");
 */

package/dist/server/migrations/oauth.sql

@@ -1,80 +1,80 @@
-CREATE schema if not exists oauth;
-
-CREATE TABLE if not exists oauth.clients (
-  client_id              text PRIMARY KEY DEFAULT next_id(),   -- ID клієнта (публічний ідентифікатор)
-  client_secret_hash     text,                                 -- Хеш секрету (NULL для public-клієнтів)
-  name                   text NOT NULL,                        -- Назва застосунку
-  type                   text NOT NULL CHECK (type IN ('public','confidential')),
-  token_endpoint_auth_method text NOT NULL CHECK (token_endpoint_auth_method IN ('client_secret_basic','client_secret_post','private_key_jwt','none')),
-  owner_user_id          text,                                 -- Власник/адміністратор клієнта (посилання на users.id or other id)
-
-  redirect_uris          text[],         					   -- Дозволені redirect_uri  
-  grant_types            text[]  CHECK (case when grant_types is not null then grant_types <@ ARRAY['authorization_code','refresh_token','client_credentials','device_code']::text[] else true end),
-  require_pkce           boolean NOT NULL DEFAULT true,
-  scopes         text[],  
-  allowed_cors_origins   text[],
-  jwks                   jsonb,                                -- Вбудований JWK Set (опційно)  
-
-  created_at             timestamptz NOT NULL DEFAULT now(),
-  updated_at             timestamptz NOT NULL DEFAULT now(),
-  allowed_ips            text[]
-);
-
-CREATE TABLE if not exists oauth.tokens (
-  id                     text PRIMARY KEY DEFAULT next_id(),
-  token_type             text NOT NULL CHECK (token_type IN ('access','refresh')),
-  token_hash             text NOT NULL UNIQUE,                  -- Argon2/bcrypt/SCrypt (хеш у застосунку)
-  token_hint             text,                                  -- останні 6-8 символів для діагностики (необов’язково)
-  jti                    text UNIQUE,                           -- JWT ID, якщо токен — JWT
-  client_id              text NOT NULL REFERENCES oauth.clients(client_id) ON DELETE CASCADE,
-  user_id                text,                                  -- NULL для client_credentials    
-  issuer                 text,                                  -- iss
-  scopes                 text[],
-  claims                 jsonb,                                 -- додаткові клейми
-  issued_at              timestamptz NOT NULL DEFAULT now(),
-  expires_at             timestamptz NOT NULL,
-  revoked_at             timestamptz,
-  revocation_reason      text,
-  ip                     inet                                  -- IP видачі/використання (опційно)  
-);
-
-COMMENT ON SCHEMA oauth IS 'Schema for OAuth2 / OpenID Connect clients and tokens';
-
--- Comments for oauth.clients
-COMMENT ON TABLE oauth.clients IS 'OAuth 2.0 clients (applications) that can request tokens';
-
-COMMENT ON COLUMN oauth.clients.client_id IS 'Client identifier (public ID, generated by next_id())';
-COMMENT ON COLUMN oauth.clients.client_secret_hash IS 'Hashed client secret (NULL for public clients)';
-COMMENT ON COLUMN oauth.clients.name IS 'Name of the application/client';
-COMMENT ON COLUMN oauth.clients.type IS 'Client type: public or confidential';
-COMMENT ON COLUMN oauth.clients.token_endpoint_auth_method IS 'Authentication method at token endpoint (client_secret_basic, client_secret_post, private_key_jwt, none)';
-COMMENT ON COLUMN oauth.clients.owner_user_id IS 'Owner/administrator of the client (reference to users.id or external id)';
-COMMENT ON COLUMN oauth.clients.redirect_uris IS 'Allowed redirect URIs';
-COMMENT ON COLUMN oauth.clients.grant_types IS 'Allowed grant types (authorization_code, refresh_token, client_credentials, device_code)';
-COMMENT ON COLUMN oauth.clients.require_pkce IS 'Whether PKCE is required (default true)';
-COMMENT ON COLUMN oauth.clients.scopes IS 'Allowed OAuth2 scopes';
-COMMENT ON COLUMN oauth.clients.allowed_cors_origins IS 'Allowed CORS origins for browser-based apps';
-COMMENT ON COLUMN oauth.clients.jwks IS 'Embedded JSON Web Key Set (optional)';
-COMMENT ON COLUMN oauth.clients.created_at IS 'Creation timestamp';
-COMMENT ON COLUMN oauth.clients.updated_at IS 'Last update timestamp';
-
--- Comments for oauth.tokens
-COMMENT ON TABLE oauth.tokens IS 'Issued OAuth 2.0 tokens (access or refresh)';
-
-COMMENT ON COLUMN oauth.tokens.id IS 'Internal token ID (generated by next_id())';
-COMMENT ON COLUMN oauth.tokens.token_type IS 'Type of token: access or refresh';
-COMMENT ON COLUMN oauth.tokens.token_hash IS 'Secure hash of the token (Argon2/bcrypt/SCrypt)';
-COMMENT ON COLUMN oauth.tokens.token_hint IS 'Optional hint (last 6–8 characters of token) for diagnostics';
-COMMENT ON COLUMN oauth.tokens.jti IS 'JWT ID if token is a JWT (unique)';
-COMMENT ON COLUMN oauth.tokens.client_id IS 'Reference to oauth.clients (issuing client)';
-COMMENT ON COLUMN oauth.tokens.user_id IS 'User ID if bound to user (NULL for client_credentials flow)';
-COMMENT ON COLUMN oauth.tokens.issuer IS 'Token issuer (iss claim)';
-COMMENT ON COLUMN oauth.tokens.scopes IS 'Granted OAuth2 scopes for this token';
-COMMENT ON COLUMN oauth.tokens.claims IS 'Additional claims (JSONB)';
-COMMENT ON COLUMN oauth.tokens.issued_at IS 'Timestamp when issued';
-COMMENT ON COLUMN oauth.tokens.expires_at IS 'Timestamp when token expires';
-COMMENT ON COLUMN oauth.tokens.revoked_at IS 'Timestamp when revoked';
-COMMENT ON COLUMN oauth.tokens.revocation_reason IS 'Reason for revocation (if any)';
-COMMENT ON COLUMN oauth.tokens.ip IS 'IP address of issuance/usage (optional)';
-
+CREATE schema if not exists oauth;
+
+CREATE TABLE if not exists oauth.clients (
+  client_id              text PRIMARY KEY DEFAULT next_id(),   -- ID клієнта (публічний ідентифікатор)
+  client_secret_hash     text,                                 -- Хеш секрету (NULL для public-клієнтів)
+  name                   text NOT NULL,                        -- Назва застосунку
+  type                   text NOT NULL CHECK (type IN ('public','confidential')),
+  token_endpoint_auth_method text NOT NULL CHECK (token_endpoint_auth_method IN ('client_secret_basic','client_secret_post','private_key_jwt','none')),
+  owner_user_id          text,                                 -- Власник/адміністратор клієнта (посилання на users.id or other id)
+
+  redirect_uris          text[],         					   -- Дозволені redirect_uri  
+  grant_types            text[]  CHECK (case when grant_types is not null then grant_types <@ ARRAY['authorization_code','refresh_token','client_credentials','device_code']::text[] else true end),
+  require_pkce           boolean NOT NULL DEFAULT true,
+  scopes         text[],  
+  allowed_cors_origins   text[],
+  jwks                   jsonb,                                -- Вбудований JWK Set (опційно)  
+
+  created_at             timestamptz NOT NULL DEFAULT now(),
+  updated_at             timestamptz NOT NULL DEFAULT now(),
+  allowed_ips            text[]
+);
+
+CREATE TABLE if not exists oauth.tokens (
+  id                     text PRIMARY KEY DEFAULT next_id(),
+  token_type             text NOT NULL CHECK (token_type IN ('access','refresh')),
+  token_hash             text NOT NULL UNIQUE,                  -- Argon2/bcrypt/SCrypt (хеш у застосунку)
+  token_hint             text,                                  -- останні 6-8 символів для діагностики (необов’язково)
+  jti                    text UNIQUE,                           -- JWT ID, якщо токен — JWT
+  client_id              text NOT NULL REFERENCES oauth.clients(client_id) ON DELETE CASCADE,
+  user_id                text,                                  -- NULL для client_credentials    
+  issuer                 text,                                  -- iss
+  scopes                 text[],
+  claims                 jsonb,                                 -- додаткові клейми
+  issued_at              timestamptz NOT NULL DEFAULT now(),
+  expires_at             timestamptz NOT NULL,
+  revoked_at             timestamptz,
+  revocation_reason      text,
+  ip                     inet                                  -- IP видачі/використання (опційно)  
+);
+
+COMMENT ON SCHEMA oauth IS 'Schema for OAuth2 / OpenID Connect clients and tokens';
+
+-- Comments for oauth.clients
+COMMENT ON TABLE oauth.clients IS 'OAuth 2.0 clients (applications) that can request tokens';
+
+COMMENT ON COLUMN oauth.clients.client_id IS 'Client identifier (public ID, generated by next_id())';
+COMMENT ON COLUMN oauth.clients.client_secret_hash IS 'Hashed client secret (NULL for public clients)';
+COMMENT ON COLUMN oauth.clients.name IS 'Name of the application/client';
+COMMENT ON COLUMN oauth.clients.type IS 'Client type: public or confidential';
+COMMENT ON COLUMN oauth.clients.token_endpoint_auth_method IS 'Authentication method at token endpoint (client_secret_basic, client_secret_post, private_key_jwt, none)';
+COMMENT ON COLUMN oauth.clients.owner_user_id IS 'Owner/administrator of the client (reference to users.id or external id)';
+COMMENT ON COLUMN oauth.clients.redirect_uris IS 'Allowed redirect URIs';
+COMMENT ON COLUMN oauth.clients.grant_types IS 'Allowed grant types (authorization_code, refresh_token, client_credentials, device_code)';
+COMMENT ON COLUMN oauth.clients.require_pkce IS 'Whether PKCE is required (default true)';
+COMMENT ON COLUMN oauth.clients.scopes IS 'Allowed OAuth2 scopes';
+COMMENT ON COLUMN oauth.clients.allowed_cors_origins IS 'Allowed CORS origins for browser-based apps';
+COMMENT ON COLUMN oauth.clients.jwks IS 'Embedded JSON Web Key Set (optional)';
+COMMENT ON COLUMN oauth.clients.created_at IS 'Creation timestamp';
+COMMENT ON COLUMN oauth.clients.updated_at IS 'Last update timestamp';
+
+-- Comments for oauth.tokens
+COMMENT ON TABLE oauth.tokens IS 'Issued OAuth 2.0 tokens (access or refresh)';
+
+COMMENT ON COLUMN oauth.tokens.id IS 'Internal token ID (generated by next_id())';
+COMMENT ON COLUMN oauth.tokens.token_type IS 'Type of token: access or refresh';
+COMMENT ON COLUMN oauth.tokens.token_hash IS 'Secure hash of the token (Argon2/bcrypt/SCrypt)';
+COMMENT ON COLUMN oauth.tokens.token_hint IS 'Optional hint (last 6–8 characters of token) for diagnostics';
+COMMENT ON COLUMN oauth.tokens.jti IS 'JWT ID if token is a JWT (unique)';
+COMMENT ON COLUMN oauth.tokens.client_id IS 'Reference to oauth.clients (issuing client)';
+COMMENT ON COLUMN oauth.tokens.user_id IS 'User ID if bound to user (NULL for client_credentials flow)';
+COMMENT ON COLUMN oauth.tokens.issuer IS 'Token issuer (iss claim)';
+COMMENT ON COLUMN oauth.tokens.scopes IS 'Granted OAuth2 scopes for this token';
+COMMENT ON COLUMN oauth.tokens.claims IS 'Additional claims (JSONB)';
+COMMENT ON COLUMN oauth.tokens.issued_at IS 'Timestamp when issued';
+COMMENT ON COLUMN oauth.tokens.expires_at IS 'Timestamp when token expires';
+COMMENT ON COLUMN oauth.tokens.revoked_at IS 'Timestamp when revoked';
+COMMENT ON COLUMN oauth.tokens.revocation_reason IS 'Reason for revocation (if any)';
+COMMENT ON COLUMN oauth.tokens.ip IS 'IP address of issuance/usage (optional)';
+
 alter table oauth.clients add column if not exists allowed_ips text[];