-- Plugin Registry System
-- Enables plugin upload, registry install, and community-level plugin management

-- Plugin sources
CREATE TYPE plugin_source AS ENUM ('builtin', 'upload', 'registry');

-- Add source and security fields to plugins table
ALTER TABLE plugins ADD COLUMN IF NOT EXISTS source plugin_source DEFAULT 'builtin';
ALTER TABLE plugins ADD COLUMN IF NOT EXISTS wasm_hash VARCHAR(64); -- SHA256 of WASM binary
ALTER TABLE plugins ADD COLUMN IF NOT EXISTS signature TEXT; -- Plugin signature for verification
ALTER TABLE plugins ADD COLUMN IF NOT EXISTS signed_by VARCHAR(255); -- Signer identity
ALTER TABLE plugins ADD COLUMN IF NOT EXISTS is_verified BOOLEAN DEFAULT FALSE;
ALTER TABLE plugins ADD COLUMN IF NOT EXISTS manifest JSONB; -- Full plugin manifest
ALTER TABLE plugins ADD COLUMN IF NOT EXISTS permissions JSONB DEFAULT '[]'; -- Required permissions
ALTER TABLE plugins ADD COLUMN IF NOT EXISTS author VARCHAR(255);
ALTER TABLE plugins ADD COLUMN IF NOT EXISTS homepage VARCHAR(500);
ALTER TABLE plugins ADD COLUMN IF NOT EXISTS repository VARCHAR(500);
ALTER TABLE plugins ADD COLUMN IF NOT EXISTS updated_at TIMESTAMPTZ DEFAULT NOW();

-- Plugin files storage (for uploaded plugins)
CREATE TABLE plugin_files (
    id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
    plugin_id UUID NOT NULL REFERENCES plugins(id) ON DELETE CASCADE,
    file_type VARCHAR(20) NOT NULL, -- 'wasm', 'manifest', 'icon', 'readme'
    file_name VARCHAR(255) NOT NULL,
    file_size BIGINT NOT NULL,
    content_type VARCHAR(100),
    storage_path VARCHAR(500) NOT NULL,
    uploaded_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
    uploaded_by UUID REFERENCES users(id)
);

-- Plugin versions (for upgrade management)
CREATE TABLE plugin_versions (
    id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
    plugin_id UUID NOT NULL REFERENCES plugins(id) ON DELETE CASCADE,
    version VARCHAR(20) NOT NULL,
    changelog TEXT,
    wasm_hash VARCHAR(64),
    is_current BOOLEAN NOT NULL DEFAULT FALSE,
    released_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
    UNIQUE(plugin_id, version)
);

-- Plugin reviews/ratings
CREATE TABLE plugin_reviews (
    id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
    plugin_id UUID NOT NULL REFERENCES plugins(id) ON DELETE CASCADE,
    user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
    rating INT NOT NULL CHECK (rating >= 1 AND rating <= 5),
    review TEXT,
    created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
    updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
    UNIQUE(plugin_id, user_id)
);

-- Plugin install log
CREATE TABLE plugin_installs (
    id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
    plugin_id UUID NOT NULL REFERENCES plugins(id) ON DELETE CASCADE,
    community_id UUID REFERENCES communities(id) ON DELETE CASCADE,
    installed_by UUID NOT NULL REFERENCES users(id),
    action VARCHAR(20) NOT NULL, -- 'install', 'uninstall', 'update', 'enable', 'disable'
    from_version VARCHAR(20),
    to_version VARCHAR(20),
    created_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
);

-- Plugin capabilities/permissions
CREATE TABLE plugin_capabilities (
    id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
    name VARCHAR(100) NOT NULL UNIQUE,
    description TEXT,
    risk_level VARCHAR(20) NOT NULL DEFAULT 'low', -- 'low', 'medium', 'high'
    created_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
);

-- Insert default capabilities
INSERT INTO plugin_capabilities (name, description, risk_level) VALUES
    ('http_outbound', 'Make HTTP requests to external services', 'high'),
    ('database_read', 'Read data from the database', 'medium'),
    ('database_write', 'Write data to the database', 'high'),
    ('user_data', 'Access user profile data', 'medium'),
    ('notifications', 'Send notifications to users', 'low'),
    ('hooks_register', 'Register hooks for actions/filters', 'low'),
    ('background_jobs', 'Schedule background tasks', 'medium'),
    ('file_storage', 'Store and retrieve files', 'medium')
ON CONFLICT (name) DO NOTHING;

-- Indexes
CREATE INDEX idx_plugin_files_plugin ON plugin_files(plugin_id);
CREATE INDEX idx_plugin_versions_plugin ON plugin_versions(plugin_id);
CREATE INDEX idx_plugin_reviews_plugin ON plugin_reviews(plugin_id);
CREATE INDEX idx_plugin_installs_plugin ON plugin_installs(plugin_id);
CREATE INDEX idx_plugin_installs_community ON plugin_installs(community_id);
CREATE INDEX idx_plugins_source ON plugins(source);
CREATE INDEX idx_plugins_verified ON plugins(is_verified);

-- Triggers
CREATE TRIGGER plugin_reviews_updated_at BEFORE UPDATE ON plugin_reviews
    FOR EACH ROW EXECUTE FUNCTION update_updated_at();