-- Migration 024: Payment Compliance Schema
-- Tracks payment terminal compliance assessments against control library

CREATE TABLE IF NOT EXISTS payment_compliance_assessments (
    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
    tenant_id UUID NOT NULL,

    -- Project / Tender
    project_name VARCHAR(500) NOT NULL,
    tender_reference VARCHAR(200),
    customer_name VARCHAR(500),
    description TEXT,

    -- Scope
    system_type VARCHAR(100), -- terminal, backend, both, full_stack
    payment_methods JSONB DEFAULT '[]'::jsonb, -- ["card", "nfc", "girocard", "credit"]
    protocols JSONB DEFAULT '[]'::jsonb, -- ["zvt", "opi", "emv"]

    -- Assessment
    total_controls INT DEFAULT 0,
    controls_passed INT DEFAULT 0,
    controls_failed INT DEFAULT 0,
    controls_partial INT DEFAULT 0,
    controls_not_applicable INT DEFAULT 0,
    controls_not_checked INT DEFAULT 0,
    compliance_score NUMERIC(5,2) DEFAULT 0,

    -- Status
    status VARCHAR(50) DEFAULT 'draft',
    -- CHECK (status IN ('draft', 'in_progress', 'completed', 'approved'))

    -- Results (per control)
    control_results JSONB DEFAULT '[]'::jsonb,
    -- Each entry: {"control_id": "PAY-001", "verdict": "passed|failed|partial|na|unchecked", "evidence": "...", "notes": "..."}

    -- Audit
    created_at TIMESTAMPTZ DEFAULT NOW(),
    updated_at TIMESTAMPTZ DEFAULT NOW(),
    created_by VARCHAR(200),
    approved_by VARCHAR(200),
    approved_at TIMESTAMPTZ
);

CREATE INDEX IF NOT EXISTS idx_pca_tenant ON payment_compliance_assessments (tenant_id);
CREATE INDEX IF NOT EXISTS idx_pca_status ON payment_compliance_assessments (status);