bakery-ia/tests/verify_db_schema.sh

#!/bin/bash

# =================================================================
# DATABASE SCHEMA AND DATA VERIFICATION SCRIPT
# =================================================================
# This script checks the auth database schema and data

echo "🔍 DATABASE VERIFICATION"
echo "========================"

# Colors
GREEN='\033[0;32m'
RED='\033[0;31m'
YELLOW='\033[1;33m'
NC='\033[0m'

# Check if auth database container is running
if ! docker ps | grep -q "bakery-auth-db"; then
    echo -e "${RED}❌ Auth database container is not running${NC}"
    echo "Start with: docker-compose up -d auth-db"
    exit 1
fi

echo -e "${GREEN}✅ Auth database container is running${NC}"
echo ""

# 1. Check database schema
echo "📋 1. CHECKING DATABASE SCHEMA"
echo "=============================="

echo "Users table structure:"
docker exec bakery-auth-db psql -U auth_user -d auth_db -c "\d users;" 2>/dev/null || {
    echo -e "${RED}❌ Cannot access database or users table doesn't exist${NC}"
    exit 1
}

echo ""
echo "Checking if 'role' column exists:"
ROLE_COLUMN=$(docker exec bakery-auth-db psql -U auth_user -d auth_db -t -c "SELECT column_name FROM information_schema.columns WHERE table_name='users' AND column_name='role';" 2>/dev/null | tr -d ' ')

if [ "$ROLE_COLUMN" = "role" ]; then
    echo -e "${GREEN}✅ 'role' column exists in users table${NC}"
else
    echo -e "${RED}❌ 'role' column is missing from users table${NC}"
    echo "This is likely the root cause!"
    echo ""
    echo "Available columns in users table:"
    docker exec bakery-auth-db psql -U auth_user -d auth_db -c "SELECT column_name, data_type FROM information_schema.columns WHERE table_name='users';"
    exit 1
fi

echo ""

# 2. Check existing users and their roles
echo "📋 2. CHECKING EXISTING USERS"
echo "============================="

echo "All users in database:"
docker exec bakery-auth-db psql -U auth_user -d auth_db -c "SELECT id, email, role, is_active, created_at FROM users ORDER BY created_at DESC LIMIT 10;"

echo ""

# 3. Check for test users
echo "📋 3. CHECKING FOR TEST USERS"
echo "============================="

echo "Test users (containing 'test' in email):"
docker exec bakery-auth-db psql -U auth_user -d auth_db -c "SELECT id, email, role, is_active, created_at FROM users WHERE email LIKE '%test%' ORDER BY created_at DESC;"

echo ""

# 4. Check database constraints and defaults
echo "📋 4. CHECKING ROLE CONSTRAINTS"
echo "==============================="

echo "Role column details:"
docker exec bakery-auth-db psql -U auth_user -d auth_db -c "SELECT column_name, data_type, is_nullable, column_default FROM information_schema.columns WHERE table_name='users' AND column_name='role';"

echo ""
echo "Role check constraints (if any):"
docker exec bakery-auth-db psql -U auth_user -d auth_db -c "SELECT conname, consrc FROM pg_constraint WHERE conrelid = 'users'::regclass AND consrc LIKE '%role%';" 2>/dev/null || echo "No role constraints found"

echo ""

# 5. Test role insertion
echo "📋 5. TESTING ROLE INSERTION"
echo "============================"

TEST_EMAIL="schema.test.$(date +%s)@example.com"

echo "Creating test user with admin role:"
docker exec bakery-auth-db psql -U auth_user -d auth_db -c "
INSERT INTO users (id, email, full_name, hashed_password, role, is_active, is_verified, created_at, updated_at) 
VALUES (gen_random_uuid(), '$TEST_EMAIL', 'Schema Test', 'dummy_hash', 'admin', true, false, NOW(), NOW());
" 2>/dev/null

if [ $? -eq 0 ]; then
    echo -e "${GREEN}✅ Successfully inserted user with admin role${NC}"
    
    echo "Verifying insertion:"
    docker exec bakery-auth-db psql -U auth_user -d auth_db -c "SELECT id, email, role FROM users WHERE email='$TEST_EMAIL';"
    
    echo "Cleaning up test user:"
    docker exec bakery-auth-db psql -U auth_user -d auth_db -c "DELETE FROM users WHERE email='$TEST_EMAIL';" 2>/dev/null
else
    echo -e "${RED}❌ Failed to insert user with admin role${NC}"
    echo "This indicates a database constraint or permission issue"
fi

echo ""

# 6. Check for migration history
echo "📋 6. CHECKING MIGRATION HISTORY"
echo "================================="

echo "Alembic version table (if exists):"
docker exec bakery-auth-db psql -U auth_user -d auth_db -c "SELECT * FROM alembic_version;" 2>/dev/null || echo "No alembic_version table found"

echo ""

echo "📋 SUMMARY AND RECOMMENDATIONS"
echo "==============================="

# Check if we found any obvious issues
ISSUES_FOUND=0

# Check if role column exists
if [ "$ROLE_COLUMN" != "role" ]; then
    echo -e "${RED}❌ CRITICAL: 'role' column missing from users table${NC}"
    echo "   → Run database migrations: alembic upgrade head"
    echo "   → Or add the column manually"
    ISSUES_FOUND=1
fi

# Check if we can insert admin roles
docker exec bakery-auth-db psql -U auth_user -d auth_db -c "INSERT INTO users (id, email, full_name, hashed_password, role, is_active, is_verified, created_at, updated_at) VALUES (gen_random_uuid(), 'temp.test@example.com', 'Test', 'hash', 'admin', true, false, NOW(), NOW());" 2>/dev/null
if [ $? -eq 0 ]; then
    docker exec bakery-auth-db psql -U auth_user -d auth_db -c "DELETE FROM users WHERE email='temp.test@example.com';" 2>/dev/null
else
    echo -e "${RED}❌ ISSUE: Cannot insert users with admin role${NC}"
    echo "   → Check database constraints or permissions"
    ISSUES_FOUND=1
fi

if [ $ISSUES_FOUND -eq 0 ]; then
    echo -e "${GREEN}✅ Database schema appears correct${NC}"
    echo "   → The issue is likely in the application code, not the database"
    echo "   → Check JWT token creation and role extraction logic"
else
    echo -e "${YELLOW}⚠️  Database issues found - fix these first${NC}"
fi

echo ""
echo -e "${YELLOW}🔧 Next steps:${NC}"
echo "1. If role column is missing: Run 'alembic upgrade head' in auth service"
echo "2. If schema is OK: Run the main debug script to check application logic"
echo "3. Check auth service logs during user registration"