consumerm模块完成度90%，完善消费者和商家端数据库表，商品、聊天、订单数据对接好了supabase，和商家端对接了聊天功能，安卓端编译通过了css样式，剩余几个页面在处理函数规范问题

doc_mall/consumer/sql/07_create_chat_rooms.sql

@@ -0,0 +1,139 @@
+-- =====================================================================================
+-- 4. 创建聊天会话表 (ml_chat_rooms)
+-- 用于优化聊天列表查询性能，维护用户与商家的会话状态
+-- 依赖表: public.ak_users, public.ml_chat_messages
+-- =====================================================================================
+
+-- 1. 创建表结构
+CREATE TABLE IF NOT EXISTS public.ml_chat_rooms (
+    id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
+    user_id UUID NOT NULL REFERENCES public.ak_users(id) ON DELETE CASCADE,       -- 消费者ID
+    merchant_id UUID NOT NULL,                                                    -- 商家ID/店铺ID
+    shop_name VARCHAR(100),                                                       -- 缓存店铺名称
+    shop_logo TEXT,                                                               -- 缓存店铺Logo
+    last_message TEXT,                                                            -- 最后一条消息内容预览
+    last_message_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),                       -- 最后一条消息时间
+    unread_count INTEGER DEFAULT 0,                                               -- 未读消息数
+    is_top BOOLEAN DEFAULT FALSE,                                                 -- 是否置顶
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
+    updated_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
+    
+    -- 确保同一个用户和同一个商家只有一个会话
+    UNIQUE(user_id, merchant_id)
+);
+
+COMMENT ON TABLE public.ml_chat_rooms IS '聊天会话列表表';
+
+-- 2. 开启 RLS
+ALTER TABLE public.ml_chat_rooms ENABLE ROW LEVEL SECURITY;
+
+-- 3. RLS 策略
+
+-- 策略：用户只能查自己的会话
+CREATE POLICY ml_chat_rooms_select_policy ON public.ml_chat_rooms
+    FOR SELECT USING (
+        auth.uid() = (SELECT auth_id FROM public.ak_users WHERE id = user_id)
+    );
+    
+-- 策略：允许插入（通常由触发器或后端逻辑维护）
+CREATE POLICY ml_chat_rooms_insert_policy ON public.ml_chat_rooms
+    FOR INSERT WITH CHECK (
+        auth.uid() = (SELECT auth_id FROM public.ak_users WHERE id = user_id)
+    );
+
+-- 策略：允许更新（如清除未读数）
+CREATE POLICY ml_chat_rooms_update_policy ON public.ml_chat_rooms
+    FOR UPDATE USING (
+        auth.uid() = (SELECT auth_id FROM public.ak_users WHERE id = user_id)
+    );
+
+
+-- =====================================================================================
+-- 4. 触发器函数：自动维护会话列表
+-- =====================================================================================
+
+CREATE OR REPLACE FUNCTION public.handle_new_chat_message()
+RETURNS TRIGGER AS $$
+DECLARE
+    v_user_id UUID;
+    v_merchant_id UUID;
+    v_shop_name TEXT;
+    v_shop_logo TEXT;
+    v_is_from_user BOOLEAN;
+    v_count_inc INTEGER;
+BEGIN
+    -- 确定谁是用户，谁是商家
+    -- 假设 is_from_user 为 true 时，sender_id 是用户，receiver_id 是商家
+    -- 假设 is_from_user 为 false 时，sender_id 是商家，receiver_id 是用户
+    
+    v_is_from_user := NEW.is_from_user;
+    
+    IF v_is_from_user THEN
+        v_user_id := NEW.sender_id;
+        v_merchant_id := NEW.receiver_id;
+        v_count_inc := 0; -- 用户自己发的，未读数不变
+    ELSE
+        v_user_id := NEW.receiver_id;
+        v_merchant_id := NEW.sender_id;
+        v_count_inc := 1; -- 商家发的，用户未读数 +1
+    END IF;
+
+    -- 尝试更新用户的会话
+    UPDATE public.ml_chat_rooms
+    SET 
+        last_message = NEW.content,
+        last_message_at = NEW.created_at,
+        updated_at = NOW(),
+        unread_count = unread_count + v_count_inc
+    WHERE user_id = v_user_id AND merchant_id = v_merchant_id;
+
+    -- 如果没有更新到任何行（说明会话不存在），则插入新会话
+    IF NOT FOUND THEN
+        -- 尝试从 ml_shops 表获取店铺信息（如果有的话）
+        BEGIN
+            SELECT shop_name, shop_logo INTO v_shop_name, v_shop_logo 
+            FROM public.ml_shops 
+            WHERE merchant_id = v_merchant_id 
+            LIMIT 1;
+        EXCEPTION WHEN OTHERS THEN
+            -- 忽略错误，使用默认值
+            v_shop_name := '未知店铺';
+            v_shop_logo := '';
+        END;
+
+        -- 如果没查到，给个默认名
+        IF v_shop_name IS NULL THEN
+            v_shop_name := '店铺 ' || substr(v_merchant_id::text, 1, 8);
+        END IF;
+        
+        INSERT INTO public.ml_chat_rooms (
+            user_id, 
+            merchant_id, 
+            last_message, 
+            last_message_at, 
+            unread_count,
+            shop_name,
+            shop_logo
+        )
+        VALUES (
+            v_user_id, 
+            v_merchant_id, 
+            NEW.content, 
+            NEW.created_at, 
+            v_count_inc,
+            v_shop_name,
+            v_shop_logo
+        );
+    END IF;
+
+    RETURN NEW;
+END;
+$$ LANGUAGE plpgsql SECURITY DEFINER;
+
+
+-- 5. 创建触发器
+DROP TRIGGER IF EXISTS on_chat_message_inserted ON public.ml_chat_messages;
+CREATE TRIGGER on_chat_message_inserted
+    AFTER INSERT ON public.ml_chat_messages
+    FOR EACH ROW
+    EXECUTE FUNCTION public.handle_new_chat_message();

doc_mall/consumer/sql/08_fix_chat_messages.sql

@@ -0,0 +1,78 @@
+-- =====================================================================================
+-- 8. 修复聊天消息表 (ml_chat_messages) 的 RLS 策略
+-- 解决 403 Forbidden 问题 (无法发送消息) 和无法获取聊天记录的问题
+-- =====================================================================================
+
+-- 1. 确保表存在 (如果尚未创建)
+CREATE TABLE IF NOT EXISTS public.ml_chat_messages (
+    id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
+    sender_id UUID NOT NULL,   -- 发送方ID (关联 ak_users.id)
+    receiver_id UUID NOT NULL, -- 接收方ID (关联 ak_users.id)
+    content TEXT NOT NULL,
+    msg_type VARCHAR(20) DEFAULT 'text', -- text, image, etc
+    is_read BOOLEAN DEFAULT FALSE,
+    is_from_user BOOLEAN DEFAULT TRUE,
+    extra_data TEXT,           -- 额外JSON数据
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
+    updated_at TIMESTAMP WITH TIME ZONE DEFAULT NOW()
+);
+
+-- 2. 开启 RLS
+ALTER TABLE public.ml_chat_messages ENABLE ROW LEVEL SECURITY;
+
+-- 3. 清理旧策略 (避免冲突)
+DROP POLICY IF EXISTS "Chat messages insert policy" ON public.ml_chat_messages;
+DROP POLICY IF EXISTS "Chat messages select policy" ON public.ml_chat_messages;
+DROP POLICY IF EXISTS "Users can insert their own messages" ON public.ml_chat_messages;
+DROP POLICY IF EXISTS "Users can view their own messages" ON public.ml_chat_messages;
+DROP POLICY IF EXISTS "chat_insert_policy" ON public.ml_chat_messages;
+DROP POLICY IF EXISTS "chat_select_policy" ON public.ml_chat_messages;
+
+-- 4. 创建新策略
+
+-- 策略：允许用户插入消息 (只要 sender_id 是自己)
+CREATE POLICY "chat_messages_insert_policy" ON public.ml_chat_messages
+    FOR INSERT WITH CHECK (
+        -- 检查当前登录用户 (auth.uid()) 对应的 ak_users.id 是否等于要插入的 sender_id
+        EXISTS (
+            SELECT 1 FROM public.ak_users
+            WHERE auth_id = auth.uid()
+            AND id = sender_id
+        )
+    );
+
+-- 策略：允许用户查询消息 (只要自己是 sender_id 或 receiver_id)
+CREATE POLICY "chat_messages_select_policy" ON public.ml_chat_messages
+    FOR SELECT USING (
+        -- 检查当前登录用户是否是发送者或接收者
+        EXISTS (
+            SELECT 1 FROM public.ak_users
+            WHERE auth_id = auth.uid()
+            AND (id = sender_id OR id = receiver_id)
+        )
+    );
+
+-- 策略：允许用户更新消息 (仅限标记已读，且自己是接收者)
+CREATE POLICY "chat_messages_update_policy" ON public.ml_chat_messages
+    FOR UPDATE USING (
+        EXISTS (
+            SELECT 1 FROM public.ak_users
+            WHERE auth_id = auth.uid()
+            AND id = receiver_id
+        )
+    )
+    WITH CHECK (
+        EXISTS (
+            SELECT 1 FROM public.ak_users
+            WHERE auth_id = auth.uid()
+            AND id = receiver_id
+        )
+    );
+
+-- =====================================================================================
+-- 补充：确保 ak_users 上有适当的索引以提高 RLS 性能
+-- =====================================================================================
+CREATE INDEX IF NOT EXISTS idx_ak_users_auth_id ON public.ak_users(auth_id);
+CREATE INDEX IF NOT EXISTS idx_chat_messages_sender ON public.ml_chat_messages(sender_id);
+CREATE INDEX IF NOT EXISTS idx_chat_messages_receiver ON public.ml_chat_messages(receiver_id);
+CREATE INDEX IF NOT EXISTS idx_chat_messages_created_at ON public.ml_chat_messages(created_at DESC);

doc_mall/consumer/sql/08_fix_chat_messages_v2.sql

@@ -0,0 +1,60 @@
+-- =====================================================================================
+-- 8. 修复聊天消息表 (ml_chat_messages) 的 RLS 策略
+-- 解决 403 Forbidden 问题 (无法发送消息) 和无法获取聊天记录的问题
+-- 说明：supabaseService 发送的是 auth.uid()，所以 sender_id/receiver_id 存储的是 Auth ID
+-- =====================================================================================
+
+-- 1. 确保表存在 (如果尚未创建)
+CREATE TABLE IF NOT EXISTS public.ml_chat_messages (
+    id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
+    sender_id UUID NOT NULL,   -- 发送方 Auth ID
+    receiver_id UUID NOT NULL, -- 接收方 Auth ID (或店铺关联ID)
+    content TEXT NOT NULL,
+    msg_type VARCHAR(20) DEFAULT 'text', -- text, image, etc
+    is_read BOOLEAN DEFAULT FALSE,
+    is_from_user BOOLEAN DEFAULT TRUE,
+    extra_data TEXT,           -- 额外JSON数据
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
+    updated_at TIMESTAMP WITH TIME ZONE DEFAULT NOW()
+);
+
+-- 2. 开启 RLS
+ALTER TABLE public.ml_chat_messages ENABLE ROW LEVEL SECURITY;
+
+-- 3. 清理旧策略 (避免冲突)
+DROP POLICY IF EXISTS "chat_messages_insert_policy" ON public.ml_chat_messages;
+DROP POLICY IF EXISTS "chat_messages_select_policy" ON public.ml_chat_messages;
+DROP POLICY IF EXISTS "chat_messages_update_policy" ON public.ml_chat_messages;
+
+-- 4. 创建新策略
+
+-- 策略：允许用户插入消息 (只要 sender_id 是自己)
+CREATE POLICY "chat_messages_insert_policy" ON public.ml_chat_messages
+    FOR INSERT WITH CHECK (
+        auth.uid() = sender_id
+    );
+
+-- 策略：允许用户查询消息 (只要自己是 sender_id 或 receiver_id)
+-- 注意：如果 receiver_id 是店铺ID，商家查询时可能需要额外逻辑 (此处仅保证作为 User 能看到自己的收发)
+CREATE POLICY "chat_messages_select_policy" ON public.ml_chat_messages
+    FOR SELECT USING (
+        auth.uid() = sender_id 
+        OR 
+        auth.uid() = receiver_id
+    );
+
+-- 策略：允许用户更新消息 (仅限接收者标记已读)
+CREATE POLICY "chat_messages_update_policy" ON public.ml_chat_messages
+    FOR UPDATE USING (
+        auth.uid() = receiver_id
+    )
+    WITH CHECK (
+        auth.uid() = receiver_id
+    );
+
+-- =====================================================================================
+-- 5. 补充索引
+-- =====================================================================================
+CREATE INDEX IF NOT EXISTS idx_chat_messages_sender ON public.ml_chat_messages(sender_id);
+CREATE INDEX IF NOT EXISTS idx_chat_messages_receiver ON public.ml_chat_messages(receiver_id);
+CREATE INDEX IF NOT EXISTS idx_chat_messages_created_at ON public.ml_chat_messages(created_at DESC);