feat: sync lijiaoqiao implementation and staging validation artifacts

2026-03-31 13:40:00 +08:00
parent 0e5ecd930e
commit e9338dec28
686 changed files with 29213 additions and 168 deletions
--- a/sql/postgresql/platform_core_schema_v1.sql
+++ b/sql/postgresql/platform_core_schema_v1.sql
@@ -0,0 +1,204 @@
+-- Platform core schema baseline (PostgreSQL 15)
+-- Purpose: provide non-supply core domain tables required by PRD P0/P1.
+-- Updated: 2026-03-27
+
+BEGIN;
+
+CREATE TABLE IF NOT EXISTS core_tenants (
+    id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
+    tenant_code VARCHAR(64) NOT NULL UNIQUE,
+    tenant_name VARCHAR(128) NOT NULL,
+    status VARCHAR(20) NOT NULL DEFAULT 'active'
+        CHECK (status IN ('active', 'suspended', 'disabled')),
+    plan_code VARCHAR(32) NOT NULL DEFAULT 'free',
+    billing_currency CHAR(3) NOT NULL DEFAULT 'USD',
+    timezone VARCHAR(64) NOT NULL DEFAULT 'UTC',
+    created_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    updated_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    created_by BIGINT,
+    updated_by BIGINT
+);
+
+CREATE INDEX IF NOT EXISTS idx_core_tenants_status ON core_tenants (status);
+CREATE INDEX IF NOT EXISTS idx_core_tenants_plan_code ON core_tenants (plan_code);
+
+CREATE TABLE IF NOT EXISTS core_projects (
+    id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
+    tenant_id BIGINT NOT NULL REFERENCES core_tenants(id),
+    project_code VARCHAR(64) NOT NULL,
+    project_name VARCHAR(128) NOT NULL,
+    status VARCHAR(20) NOT NULL DEFAULT 'active'
+        CHECK (status IN ('active', 'archived')),
+    budget_minor BIGINT,
+    budget_currency CHAR(3) NOT NULL DEFAULT 'USD',
+    created_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    updated_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    created_by BIGINT,
+    updated_by BIGINT,
+    UNIQUE (tenant_id, project_code)
+);
+
+CREATE INDEX IF NOT EXISTS idx_core_projects_tenant_status ON core_projects (tenant_id, status);
+
+CREATE TABLE IF NOT EXISTS iam_users (
+    id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
+    tenant_id BIGINT NOT NULL REFERENCES core_tenants(id),
+    email VARCHAR(256) NOT NULL,
+    display_name VARCHAR(128),
+    role_code VARCHAR(32) NOT NULL DEFAULT 'developer',
+    status VARCHAR(20) NOT NULL DEFAULT 'active'
+        CHECK (status IN ('active', 'locked', 'disabled')),
+    last_login_at TIMESTAMPTZ,
+    created_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    updated_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    UNIQUE (tenant_id, email)
+);
+
+CREATE INDEX IF NOT EXISTS idx_iam_users_tenant_role ON iam_users (tenant_id, role_code);
+CREATE INDEX IF NOT EXISTS idx_iam_users_tenant_status ON iam_users (tenant_id, status);
+
+CREATE TABLE IF NOT EXISTS auth_platform_api_keys (
+    id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
+    tenant_id BIGINT NOT NULL REFERENCES core_tenants(id),
+    project_id BIGINT REFERENCES core_projects(id),
+    user_id BIGINT REFERENCES iam_users(id),
+    key_prefix VARCHAR(16) NOT NULL,
+    key_hash CHAR(64) NOT NULL,
+    hash_algo VARCHAR(32) NOT NULL DEFAULT 'HMAC-SHA256',
+    scope_code VARCHAR(64) NOT NULL DEFAULT 'gateway.invoke',
+    status VARCHAR(20) NOT NULL DEFAULT 'active'
+        CHECK (status IN ('active', 'revoked', 'expired')),
+    expires_at TIMESTAMPTZ,
+    last_used_at TIMESTAMPTZ,
+    created_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    updated_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    created_by BIGINT,
+    revoked_by BIGINT,
+    revoked_reason TEXT,
+    UNIQUE (tenant_id, key_prefix)
+);
+
+CREATE INDEX IF NOT EXISTS idx_auth_platform_api_keys_tenant_status ON auth_platform_api_keys (tenant_id, status);
+CREATE INDEX IF NOT EXISTS idx_auth_platform_api_keys_project_status ON auth_platform_api_keys (project_id, status);
+CREATE INDEX IF NOT EXISTS idx_auth_platform_api_keys_last_used_at ON auth_platform_api_keys (last_used_at);
+
+CREATE TABLE IF NOT EXISTS billing_accounts (
+    id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
+    tenant_id BIGINT NOT NULL REFERENCES core_tenants(id),
+    project_id BIGINT REFERENCES core_projects(id),
+    account_type VARCHAR(20) NOT NULL DEFAULT 'prepaid'
+        CHECK (account_type IN ('prepaid', 'postpaid')),
+    status VARCHAR(20) NOT NULL DEFAULT 'active'
+        CHECK (status IN ('active', 'frozen', 'closed')),
+    currency_code CHAR(3) NOT NULL DEFAULT 'USD',
+    available_minor BIGINT NOT NULL DEFAULT 0,
+    frozen_minor BIGINT NOT NULL DEFAULT 0,
+    credit_limit_minor BIGINT NOT NULL DEFAULT 0,
+    updated_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    created_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    UNIQUE (tenant_id, project_id, account_type)
+);
+
+CREATE INDEX IF NOT EXISTS idx_billing_accounts_tenant_status ON billing_accounts (tenant_id, status);
+
+CREATE TABLE IF NOT EXISTS billing_ledger_entries (
+    id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
+    billing_account_id BIGINT NOT NULL REFERENCES billing_accounts(id),
+    tenant_id BIGINT NOT NULL REFERENCES core_tenants(id),
+    project_id BIGINT REFERENCES core_projects(id),
+    user_id BIGINT REFERENCES iam_users(id),
+    request_id VARCHAR(64) NOT NULL,
+    trace_id VARCHAR(64),
+    entry_type VARCHAR(32) NOT NULL,
+    direction VARCHAR(2) NOT NULL CHECK (direction IN ('dr', 'cr')),
+    amount_minor BIGINT NOT NULL,
+    currency_code CHAR(3) NOT NULL,
+    amount_unit VARCHAR(16) NOT NULL DEFAULT 'minor',
+    balance_after_minor BIGINT,
+    ref_type VARCHAR(32),
+    ref_id BIGINT,
+    occurred_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    created_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    idempotency_key VARCHAR(128),
+    UNIQUE (tenant_id, request_id, entry_type)
+);
+
+CREATE INDEX IF NOT EXISTS idx_billing_ledger_entries_account_time ON billing_ledger_entries (billing_account_id, occurred_at DESC);
+CREATE INDEX IF NOT EXISTS idx_billing_ledger_entries_tenant_time ON billing_ledger_entries (tenant_id, occurred_at DESC);
+CREATE INDEX IF NOT EXISTS idx_billing_ledger_entries_trace_id ON billing_ledger_entries (trace_id);
+
+CREATE TABLE IF NOT EXISTS routing_policies (
+    id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
+    tenant_id BIGINT NOT NULL REFERENCES core_tenants(id),
+    project_id BIGINT REFERENCES core_projects(id),
+    policy_name VARCHAR(128) NOT NULL,
+    model_pattern VARCHAR(128) NOT NULL,
+    strategy_code VARCHAR(32) NOT NULL,
+    provider_group VARCHAR(64),
+    priority INT NOT NULL DEFAULT 100,
+    weight INT,
+    status VARCHAR(20) NOT NULL DEFAULT 'active'
+        CHECK (status IN ('active', 'disabled')),
+    version BIGINT NOT NULL DEFAULT 1,
+    effective_from TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    effective_to TIMESTAMPTZ,
+    created_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    updated_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    created_by BIGINT,
+    updated_by BIGINT
+);
+
+CREATE INDEX IF NOT EXISTS idx_routing_policies_tenant_project_status
+    ON routing_policies (tenant_id, project_id, status);
+CREATE INDEX IF NOT EXISTS idx_routing_policies_model_pattern ON routing_policies (model_pattern);
+
+CREATE TABLE IF NOT EXISTS security_kms_key_registry (
+    id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
+    key_alias VARCHAR(128) NOT NULL UNIQUE,
+    provider VARCHAR(32) NOT NULL,
+    key_spec VARCHAR(64) NOT NULL,
+    cipher_algo VARCHAR(32) NOT NULL,
+    key_version INT NOT NULL,
+    status VARCHAR(20) NOT NULL DEFAULT 'active'
+        CHECK (status IN ('active', 'rotating', 'retired')),
+    rotated_at TIMESTAMPTZ,
+    created_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    updated_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    created_by BIGINT,
+    updated_by BIGINT
+);
+
+CREATE INDEX IF NOT EXISTS idx_security_kms_key_registry_status
+    ON security_kms_key_registry (status);
+
+CREATE TABLE IF NOT EXISTS audit_events (
+    id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
+    tenant_id BIGINT REFERENCES core_tenants(id),
+    project_id BIGINT REFERENCES core_projects(id),
+    actor_user_id BIGINT REFERENCES iam_users(id),
+    actor_type VARCHAR(32) NOT NULL,
+    domain_code VARCHAR(32) NOT NULL,
+    object_type VARCHAR(64) NOT NULL,
+    object_id VARCHAR(128),
+    action_code VARCHAR(64) NOT NULL,
+    result_code VARCHAR(32) NOT NULL,
+    severity VARCHAR(16) NOT NULL DEFAULT 'info'
+        CHECK (severity IN ('info', 'warn', 'error', 'critical')),
+    request_id VARCHAR(64),
+    trace_id VARCHAR(64),
+    idempotency_key VARCHAR(128),
+    client_ip INET,
+    user_agent VARCHAR(256),
+    before_data JSONB,
+    after_data JSONB,
+    metadata JSONB,
+    created_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP
+);
+
+CREATE INDEX IF NOT EXISTS idx_audit_events_tenant_domain_time
+    ON audit_events (tenant_id, domain_code, created_at DESC);
+CREATE INDEX IF NOT EXISTS idx_audit_events_request_id ON audit_events (request_id);
+CREATE INDEX IF NOT EXISTS idx_audit_events_trace_id ON audit_events (trace_id);
+CREATE INDEX IF NOT EXISTS idx_audit_events_result_code ON audit_events (result_code);
+
+COMMIT;
--- a/sql/postgresql/supply_schema_v1_patch_2026-03-27.sql
+++ b/sql/postgresql/supply_schema_v1_patch_2026-03-27.sql
@@ -0,0 +1,112 @@
+-- Supply schema patch for crypto/unit/audit/index gaps (PostgreSQL 15)
+-- Base schema: supply_schema_v1.sql
+-- Updated: 2026-03-27
+
+BEGIN;
+
+-- supply_accounts: crypto metadata, unit fields, audit fields, optimistic lock version
+ALTER TABLE supply_accounts
+    ADD COLUMN IF NOT EXISTS credential_cipher_algo VARCHAR(32) NOT NULL DEFAULT 'AES-256-GCM',
+    ADD COLUMN IF NOT EXISTS credential_kms_key_alias VARCHAR(128) NOT NULL DEFAULT 'kms/supply/default',
+    ADD COLUMN IF NOT EXISTS credential_key_version INT NOT NULL DEFAULT 1,
+    ADD COLUMN IF NOT EXISTS credential_fingerprint CHAR(64),
+    ADD COLUMN IF NOT EXISTS last_rotation_at TIMESTAMPTZ,
+    ADD COLUMN IF NOT EXISTS quota_unit VARCHAR(16) NOT NULL DEFAULT 'token',
+    ADD COLUMN IF NOT EXISTS currency_code CHAR(3) NOT NULL DEFAULT 'USD',
+    ADD COLUMN IF NOT EXISTS version BIGINT NOT NULL DEFAULT 0,
+    ADD COLUMN IF NOT EXISTS created_ip INET,
+    ADD COLUMN IF NOT EXISTS updated_ip INET,
+    ADD COLUMN IF NOT EXISTS audit_trace_id VARCHAR(64);
+
+CREATE INDEX IF NOT EXISTS idx_supply_accounts_user_status_updated
+    ON supply_accounts (user_id, status, updated_at DESC);
+CREATE INDEX IF NOT EXISTS idx_supply_accounts_platform_status_updated
+    ON supply_accounts (platform, status, updated_at DESC);
+
+-- supply_packages: unit and version fields
+ALTER TABLE supply_packages
+    ADD COLUMN IF NOT EXISTS quota_unit VARCHAR(16) NOT NULL DEFAULT 'token',
+    ADD COLUMN IF NOT EXISTS price_unit VARCHAR(32) NOT NULL DEFAULT 'per_1m_tokens',
+    ADD COLUMN IF NOT EXISTS currency_code CHAR(3) NOT NULL DEFAULT 'USD',
+    ADD COLUMN IF NOT EXISTS version BIGINT NOT NULL DEFAULT 0,
+    ADD COLUMN IF NOT EXISTS created_ip INET,
+    ADD COLUMN IF NOT EXISTS updated_ip INET,
+    ADD COLUMN IF NOT EXISTS audit_trace_id VARCHAR(64);
+
+CREATE INDEX IF NOT EXISTS idx_supply_packages_user_status_updated
+    ON supply_packages (user_id, status, updated_at DESC);
+CREATE INDEX IF NOT EXISTS idx_supply_packages_platform_model_status
+    ON supply_packages (platform, model, status);
+CREATE INDEX IF NOT EXISTS idx_supply_packages_active_lookup
+    ON supply_packages (user_id, platform, model)
+    WHERE status = 'active';
+
+-- supply_orders: idempotency and unit fields
+ALTER TABLE supply_orders
+    ADD COLUMN IF NOT EXISTS quota_unit VARCHAR(16) NOT NULL DEFAULT 'token',
+    ADD COLUMN IF NOT EXISTS currency_code CHAR(3) NOT NULL DEFAULT 'USD',
+    ADD COLUMN IF NOT EXISTS billing_unit VARCHAR(32) NOT NULL DEFAULT 'per_1m_tokens',
+    ADD COLUMN IF NOT EXISTS request_id VARCHAR(64),
+    ADD COLUMN IF NOT EXISTS idempotency_key VARCHAR(128),
+    ADD COLUMN IF NOT EXISTS audit_trace_id VARCHAR(64),
+    ADD COLUMN IF NOT EXISTS version BIGINT NOT NULL DEFAULT 0,
+    ADD COLUMN IF NOT EXISTS created_ip INET,
+    ADD COLUMN IF NOT EXISTS updated_ip INET;
+
+CREATE INDEX IF NOT EXISTS idx_supply_orders_buyer_status_created
+    ON supply_orders (buyer_user_id, status, created_at DESC);
+CREATE INDEX IF NOT EXISTS idx_supply_orders_supplier_status_created
+    ON supply_orders (supplier_user_id, status, created_at DESC);
+CREATE INDEX IF NOT EXISTS idx_supply_orders_request_id
+    ON supply_orders (request_id);
+
+-- supply_usage_records: unit and trace fields
+ALTER TABLE supply_usage_records
+    ADD COLUMN IF NOT EXISTS token_unit VARCHAR(16) NOT NULL DEFAULT 'token',
+    ADD COLUMN IF NOT EXISTS cost_currency CHAR(3) NOT NULL DEFAULT 'USD',
+    ADD COLUMN IF NOT EXISTS billing_unit VARCHAR(32) NOT NULL DEFAULT 'per_1m_tokens',
+    ADD COLUMN IF NOT EXISTS trace_id VARCHAR(64),
+    ADD COLUMN IF NOT EXISTS client_tenant_id BIGINT,
+    ADD COLUMN IF NOT EXISTS created_ip INET;
+
+CREATE INDEX IF NOT EXISTS idx_supply_usage_records_order_started
+    ON supply_usage_records (order_id, started_at DESC);
+CREATE INDEX IF NOT EXISTS idx_supply_usage_records_supplier_started
+    ON supply_usage_records (supplier_user_id, started_at DESC);
+CREATE INDEX IF NOT EXISTS idx_supply_usage_records_trace_id
+    ON supply_usage_records (trace_id);
+
+-- supply_earnings: accounting unit and audit fields
+ALTER TABLE supply_earnings
+    ADD COLUMN IF NOT EXISTS amount_unit VARCHAR(16) NOT NULL DEFAULT 'minor',
+    ADD COLUMN IF NOT EXISTS source_request_id VARCHAR(64),
+    ADD COLUMN IF NOT EXISTS audit_trace_id VARCHAR(64),
+    ADD COLUMN IF NOT EXISTS version BIGINT NOT NULL DEFAULT 0,
+    ADD COLUMN IF NOT EXISTS created_ip INET,
+    ADD COLUMN IF NOT EXISTS updated_ip INET;
+
+CREATE INDEX IF NOT EXISTS idx_supply_earnings_user_status_available
+    ON supply_earnings (user_id, status, available_at);
+CREATE INDEX IF NOT EXISTS idx_supply_earnings_source_request_id
+    ON supply_earnings (source_request_id);
+
+-- supply_settlements: accounting units and idempotency fields
+ALTER TABLE supply_settlements
+    ADD COLUMN IF NOT EXISTS currency_code CHAR(3) NOT NULL DEFAULT 'USD',
+    ADD COLUMN IF NOT EXISTS amount_unit VARCHAR(16) NOT NULL DEFAULT 'minor',
+    ADD COLUMN IF NOT EXISTS request_id VARCHAR(64),
+    ADD COLUMN IF NOT EXISTS idempotency_key VARCHAR(128),
+    ADD COLUMN IF NOT EXISTS audit_trace_id VARCHAR(64),
+    ADD COLUMN IF NOT EXISTS version BIGINT NOT NULL DEFAULT 0,
+    ADD COLUMN IF NOT EXISTS created_ip INET,
+    ADD COLUMN IF NOT EXISTS updated_ip INET;
+
+CREATE INDEX IF NOT EXISTS idx_supply_settlements_user_status_updated
+    ON supply_settlements (user_id, status, updated_at DESC);
+CREATE INDEX IF NOT EXISTS idx_supply_settlements_request_id
+    ON supply_settlements (request_id);
+CREATE UNIQUE INDEX IF NOT EXISTS uq_supply_settlements_user_processing
+    ON supply_settlements (user_id)
+    WHERE status = 'processing';
+
+COMMIT;
--- a/sql/postgresql/token_runtime_schema_v1.sql
+++ b/sql/postgresql/token_runtime_schema_v1.sql
@@ -0,0 +1,65 @@
+-- Token runtime schema baseline (PostgreSQL 15)
+-- Purpose: persistent storage for platform token lifecycle and audit timeline.
+-- Updated: 2026-03-30
+
+BEGIN;
+
+CREATE TABLE IF NOT EXISTS auth_platform_tokens (
+    id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
+    token_id VARCHAR(64) NOT NULL UNIQUE,
+    token_fingerprint CHAR(64) NOT NULL,
+    hash_algo VARCHAR(32) NOT NULL DEFAULT 'SHA-256',
+    tenant_id BIGINT,
+    project_id BIGINT,
+    subject_id VARCHAR(128) NOT NULL,
+    role_code VARCHAR(32) NOT NULL CHECK (role_code IN ('owner', 'viewer', 'admin')),
+    scope_json JSONB NOT NULL,
+    status VARCHAR(20) NOT NULL DEFAULT 'active'
+        CHECK (status IN ('active', 'revoked', 'expired')),
+    issued_at TIMESTAMPTZ NOT NULL,
+    expires_at TIMESTAMPTZ NOT NULL,
+    revoked_at TIMESTAMPTZ,
+    revoked_reason VARCHAR(256),
+    issue_request_id VARCHAR(128) NOT NULL,
+    issue_idempotency_key VARCHAR(128),
+    last_seen_at TIMESTAMPTZ,
+    created_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    updated_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP
+);
+
+CREATE UNIQUE INDEX IF NOT EXISTS uq_auth_platform_tokens_fingerprint
+    ON auth_platform_tokens (token_fingerprint);
+CREATE INDEX IF NOT EXISTS idx_auth_platform_tokens_subject_status
+    ON auth_platform_tokens (subject_id, status);
+CREATE INDEX IF NOT EXISTS idx_auth_platform_tokens_expires_at
+    ON auth_platform_tokens (expires_at);
+CREATE INDEX IF NOT EXISTS idx_auth_platform_tokens_tenant_project
+    ON auth_platform_tokens (tenant_id, project_id);
+
+CREATE TABLE IF NOT EXISTS auth_token_audit_events (
+    id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
+    event_id VARCHAR(64) NOT NULL UNIQUE,
+    event_name VARCHAR(128) NOT NULL,
+    request_id VARCHAR(128) NOT NULL,
+    token_id VARCHAR(64),
+    subject_id VARCHAR(128),
+    route VARCHAR(256) NOT NULL,
+    result_code VARCHAR(64) NOT NULL,
+    client_ip INET,
+    tenant_id BIGINT,
+    project_id BIGINT,
+    operator_id VARCHAR(128),
+    created_at TIMESTAMPTZ NOT NULL,
+    metadata JSONB
+);
+
+CREATE INDEX IF NOT EXISTS idx_auth_token_audit_events_token_time
+    ON auth_token_audit_events (token_id, created_at DESC);
+CREATE INDEX IF NOT EXISTS idx_auth_token_audit_events_request_id
+    ON auth_token_audit_events (request_id);
+CREATE INDEX IF NOT EXISTS idx_auth_token_audit_events_subject_time
+    ON auth_token_audit_events (subject_id, created_at DESC);
+CREATE INDEX IF NOT EXISTS idx_auth_token_audit_events_event_name
+    ON auth_token_audit_events (event_name);
+
+COMMIT;