-- 002_users.sql — bus-level user directory (issue 0001a).
--
-- The authoritative allowlist of identities permitted to use the bus, independent
-- of room membership. A user is identified by its Ed25519 signing public key (the
-- same key that derives the endpoint via frame.EndpointID); roles gate admin-only
-- control-plane operations; status enables revocation without deleting history.
--
-- Additive and idempotent: safe to apply repeatedly. Never modify this file;
-- further schema changes go in new numbered migrations (see
-- .claude/rules/db_migrations.md). The embedded copy under
-- pkg/membership/migrations/002_users.sql mirrors this file byte-for-byte.

CREATE TABLE IF NOT EXISTS users (
  sign_pub   TEXT PRIMARY KEY,                -- Ed25519 public key in lowercase hex (peer identity)
  handle     TEXT NOT NULL,                   -- human-readable name (unique recommended, not enforced as PK)
  role       TEXT NOT NULL DEFAULT 'member',  -- 'admin' | 'member'
  status     TEXT NOT NULL DEFAULT 'active',  -- 'active' | 'revoked'
  created_at TEXT NOT NULL,
  revoked_at TEXT
);

CREATE INDEX IF NOT EXISTS idx_users_status ON users(status);