CREATE DATABASE `authservice`;
USE `authservice`;

CREATE TABLE `applications` (
    `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
    `name` varchar(128) NOT NULL,
    CONSTRAINT PRIMARY KEY (`id`),
    CONSTRAINT UNIQUE KEY `uk_applications_name` (`name`)
) ENGINE=InnoDB;

CREATE TABLE `users` (
    `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
    `login` varchar(64) NOT NULL,
    `pwhash` varchar(64) NOT NULL,
    `expiry` int(10) unsigned NOT NULL DEFAULT 600,
    CONSTRAINT PRIMARY KEY (`id`),
    CONSTRAINT UNIQUE KEY `uk_users_login` (`login`)
) ENGINE=InnoDB;

CREATE TABLE `claims` (
    `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
    `key` varchar(64) NOT NULL,
    `value` varchar(1024) NOT NULL,
    CONSTRAINT PRIMARY KEY (`id`),
    CONSTRAINT UNIQUE KEY `uk_claims_key_value` (`key`, `value`)
) ENGINE=InnoDB;

CREATE TABLE `user_claims_mapping` (
    `user` int(10) unsigned NOT NULL,
    `claim` int(10) unsigned NOT NULL,
    CONSTRAINT UNIQUE KEY `uk_user_claims_mapping` (`user`, `claim` ),
    CONSTRAINT FOREIGN KEY `fk_user_claims_mapping_user` (`user`)
        REFERENCES `users`(`id`),
    CONSTRAINT FOREIGN KEY `fk_user_claims_mapping_claim` (`claim`)
        REFERENCES `claims`(`id`)
) ENGINE=InnoDB;

CREATE TABLE `user_applications_mapping` (
    `user` int(10) unsigned NOT NULL,
    `application` int(10) unsigned NOT NULL,
    CONSTRAINT UNIQUE KEY `uk_user_applications_mapping` (`user`, `application` ),
    CONSTRAINT FOREIGN KEY `fk_user_applications_mapping_user` (`user`)
        REFERENCES `users`(`id`),
    CONSTRAINT FOREIGN KEY `fk_user_applications_mapping_application` (`application`)
        REFERENCES `applications`(`id`)
) ENGINE=InnoDB;

CREATE OR REPLACE VIEW claims_for_user AS
    SELECT u.id AS user, 
           c.`key` AS `key`, 
           c.`value` AS `value` 
        FROM users u, 
             claims c, 
             user_claims_mapping m 
        WHERE m.user = u.id AND
              m.claim = c.id;

CREATE OR REPLACE VIEW user_application AS   
    SELECT u.login AS login,
           u.pwhash AS pwhash,
           u.id AS id,
           u.expiry AS expiry,
           a.name as application
        FROM users u,
             applications a,
             user_applications_mapping m
        WHERE u.id = m.user AND
              a.id = m.application;


CREATE USER 'authservice-ui'@'%' IDENTIFIED BY 'test123';
GRANT SELECT ON `user_application` TO 'authservice-ui'@'%';
GRANT SELECT ON `claims_for_user` TO 'authservice-ui'@'%';

CREATE USER 'authservice-cli'@'%' IDENTIFIED BY 'test123';
GRANT INSERT ON `users` TO 'authservice-cli'@'%';
GRANT INSERT ON `user_applications_mapping` TO 'authservice-cli'@'%';

FLUSH PRIVILEGES;

INSERT INTO `applications` (`name`) VALUES ('hv');

INSERT INTO `claims` (`key`, `value`) VALUES ('accesslevel', 'r');
INSERT INTO `claims` (`key`, `value`) VALUES ('accesslevel', 'rw');

-- password is 'test123'
INSERT INTO `users` (`login`, `pwhash`) VALUES ('wn', '$p5k2$186a0$dJXL0AjF$0HualDF92nyilDXPgSbaUn/UpFzSrpPx');
INSERT INTO `user_applications_mapping` (`user`, `application`)
  VALUES(
      (SELECT `id` FROM `users` WHERE `login` = 'wn'),
      (SELECT `id` FROM `applications` WHERE `name` = 'hv')
  );
INSERT INTO `user_claims_mapping` (`user`, `claim`)
  VALUES(
      (SELECT `id` FROM `users` WHERE `login` = 'wn'),
      (SELECT `id` FROM `claims` WHERE `key` = 'accesslevel' AND `value` = 'rw')
  );

-- password is 'geheim'
INSERT INTO `users` (`login`, `pwhash`) VALUES ('gregor', '$p5k2$186a0$Tcwps8Ar$TsypGB.y1dCB9pWOPz2X2SsxYqrTn3Fv');
INSERT INTO `user_applications_mapping` (`user`, `application`)
  VALUES(
      (SELECT `id` FROM `users` WHERE `login` = 'gregor'),
      (SELECT `id` FROM `applications` WHERE `name` = 'hv')
  );
INSERT INTO `user_claims_mapping` (`user`, `claim`)
  VALUES(
      (SELECT `id` FROM `users` WHERE `login` = 'gregor'),
      (SELECT `id` FROM `claims` WHERE `key` = 'accesslevel' AND `value` = 'rw')
  );