feat(C-1): transaction table, service, and currency fields

Add shop transaction infrastructure for purchase flow, stock management,
and transaction logging. Includes migration for shop_transactions table,
transaction CRUD service with stock validation, and REST endpoints for
purchases and transaction history.

- Add migration 000010 for shop_transactions table
- Add currency fields to character presets (dnd5e, pf2e, drawsteel)
- Create transaction model, repository, service, and handler
- Wire transaction routes behind armory addon (Scribe+ for writes)
- Add relation adapter for stock metadata management during purchases

https://claude.ai/code/session_01WJEjfBqjZaGatHiXXXDupo

Author: claude

db/migrations/000010_shop_transactions.down.sql

@@ -0,0 +1 @@
+DROP TABLE IF EXISTS shop_transactions;

db/migrations/000010_shop_transactions.up.sql

@@ -0,0 +1,29 @@
+-- shop_transactions records purchases, sales, transfers, and gifts between
+-- entities (typically shop→character or character→character). Linked to the
+-- entity_relations system but stored separately for query performance and
+-- historical tracking (relations can be deleted, transactions persist).
+CREATE TABLE IF NOT EXISTS shop_transactions (
+    id                INT          AUTO_INCREMENT PRIMARY KEY,
+    campaign_id       VARCHAR(36)  NOT NULL,
+    shop_entity_id    VARCHAR(36)  NOT NULL COMMENT 'Shop or seller entity',
+    item_entity_id    VARCHAR(36)  NOT NULL COMMENT 'Item entity being transacted',
+    buyer_entity_id   VARCHAR(36)  DEFAULT NULL COMMENT 'Buyer character entity (NULL for restocks)',
+    relation_id       INT          DEFAULT NULL COMMENT 'Originating shop inventory relation',
+    quantity          INT          NOT NULL DEFAULT 1,
+    price_paid        VARCHAR(100) DEFAULT NULL COMMENT 'Display-friendly price string (e.g., "50 gp")',
+    currency          VARCHAR(50)  DEFAULT 'gp' COMMENT 'Currency code used for the transaction',
+    price_numeric     DECIMAL(12,2) DEFAULT NULL COMMENT 'Numeric price for aggregation queries',
+    transaction_type  VARCHAR(20)  NOT NULL COMMENT 'purchase, sale, transfer, gift, restock',
+    notes             TEXT         DEFAULT NULL,
+    created_at        TIMESTAMP    NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    created_by        VARCHAR(36)  DEFAULT NULL COMMENT 'User who initiated the transaction',
+
+    INDEX idx_shop_tx_campaign   (campaign_id),
+    INDEX idx_shop_tx_shop       (shop_entity_id),
+    INDEX idx_shop_tx_buyer      (buyer_entity_id),
+    INDEX idx_shop_tx_item       (item_entity_id),
+    INDEX idx_shop_tx_created    (campaign_id, created_at DESC),
+
+    CONSTRAINT fk_shop_tx_campaign FOREIGN KEY (campaign_id)
+        REFERENCES campaigns(id) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;

internal/app/routes.go

@@ -731,6 +731,38 @@ func (a *armoryItemTypeFinderAdapter) FindItemTypes(ctx context.Context, campaig
 	return infos, nil
 }
 
+// armoryRelationMetadataAdapter wraps the relations service to implement
+// armory.RelationMetadataUpdater. Used by the transaction service to decrement
+// shop stock when a purchase is made.
+type armoryRelationMetadataAdapter struct {
+	svc relations.RelationService
+}
+
+// UpdateMetadata updates the metadata JSON for a relation.
+func (a *armoryRelationMetadataAdapter) UpdateMetadata(ctx context.Context, id int, metadata json.RawMessage) error {
+	return a.svc.UpdateMetadata(ctx, id, metadata)
+}
+
+// armoryRelationFinderAdapter wraps the relations service to implement
+// armory.RelationFinder. Used by the transaction service to validate stock
+// before a purchase.
+type armoryRelationFinderAdapter struct {
+	svc relations.RelationService
+}
+
+// GetByID retrieves a relation by ID, mapping to the armory.RelationInfo type.
+func (a *armoryRelationFinderAdapter) GetByID(ctx context.Context, id int) (*armory.RelationInfo, error) {
+	rel, err := a.svc.GetByID(ctx, id)
+	if err != nil {
+		return nil, err
+	}
+	return &armory.RelationInfo{
+		ID:         rel.ID,
+		Metadata:   rel.Metadata,
+		CampaignID: rel.CampaignID,
+	}, nil
+}
+
 // RegisterRoutes sets up all application routes. It registers public routes
 // directly and delegates to each plugin's route registration function.
 //
@@ -1081,7 +1113,14 @@ func (a *App) RegisterRoutes() {
 	armoryRepo := armory.NewArmoryRepository(a.DB)
 	armorySvc := armory.NewArmoryService(armoryRepo, &armoryItemTypeFinderAdapter{svc: entityService})
 	armoryHandler := armory.NewHandler(armorySvc)
-	armory.RegisterRoutes(e, armoryHandler, campaignService, authService, addonService)
+
+	// Transaction service: purchase flow, stock management, transaction logging.
+	txRepo := armory.NewTransactionRepository(a.DB)
+	txSvc := armory.NewTransactionService(txRepo)
+	txSvc.SetRelationMetadataUpdater(&armoryRelationMetadataAdapter{svc: relService})
+	txSvc.SetRelationFinder(&armoryRelationFinderAdapter{svc: relService})
+	txHandler := armory.NewTransactionHandler(txSvc)
+	armory.RegisterRoutes(e, armoryHandler, txHandler, campaignService, authService, addonService)
 
 	// Notes widget: personal floating note-taking panel (Google Keep-style).
 	noteRepo := notes.NewNoteRepository(a.DB)

internal/plugins/armory/routes.go

@@ -15,7 +15,7 @@ import (
 // Public-capable routes use AllowPublicCampaignAccess so public campaigns
 // show items to unauthenticated visitors. All routes are gated behind the
 // "armory" addon — campaign owners can enable/disable via the Plugin Hub.
-func RegisterRoutes(e *echo.Echo, h *Handler, campaignSvc campaigns.CampaignService, authSvc auth.AuthService, addonSvc addons.AddonService) {
+func RegisterRoutes(e *echo.Echo, h *Handler, th *TransactionHandler, campaignSvc campaigns.CampaignService, authSvc auth.AuthService, addonSvc addons.AddonService) {
 	// Public-capable routes: gallery view (Player+).
 	pub := e.Group("/campaigns/:id",
 		auth.OptionalAuth(authSvc),
@@ -24,4 +24,15 @@ func RegisterRoutes(e *echo.Echo, h *Handler, campaignSvc campaigns.CampaignServ
 	)
 	pub.GET("/armory", h.Index, campaigns.RequireRole(campaigns.RolePlayer))
 	pub.GET("/armory/count", h.CountAPI, campaigns.RequireRole(campaigns.RolePlayer))
+
+	// Transaction routes require authenticated campaign member.
+	txGroup := e.Group("/campaigns/:id",
+		auth.RequireAuth(authSvc),
+		campaigns.RequireCampaignAccess(campaignSvc),
+		addons.RequireAddon(addonSvc, "armory"),
+	)
+	txGroup.POST("/armory/purchase", th.Purchase, campaigns.RequireRole(campaigns.RoleScribe))
+	txGroup.POST("/armory/transactions", th.CreateTransaction, campaigns.RequireRole(campaigns.RoleScribe))
+	txGroup.GET("/armory/transactions", th.ListTransactions, campaigns.RequireRole(campaigns.RolePlayer))
+	txGroup.GET("/armory/shops/:eid/transactions", th.ListShopTransactions, campaigns.RequireRole(campaigns.RolePlayer))
 }

internal/plugins/armory/transaction_handler.go

@@ -0,0 +1,154 @@
+// transaction_handler.go provides HTTP endpoints for shop transactions.
+// Thin handlers: bind request, call service, return JSON. No business logic.
+package armory
+
+import (
+	"encoding/json"
+	"net/http"
+	"strconv"
+
+	"github.com/labstack/echo/v4"
+
+	"github.com/keyxmakerx/chronicle/internal/apperror"
+	"github.com/keyxmakerx/chronicle/internal/plugins/auth"
+	"github.com/keyxmakerx/chronicle/internal/plugins/campaigns"
+)
+
+// TransactionHandler serves transaction REST endpoints.
+type TransactionHandler struct {
+	svc TransactionService
+}
+
+// NewTransactionHandler creates a new transaction handler.
+func NewTransactionHandler(svc TransactionService) *TransactionHandler {
+	return &TransactionHandler{svc: svc}
+}
+
+// Purchase handles POST /campaigns/:id/armory/purchase.
+// Validates stock, creates transaction, decrements shop inventory.
+func (h *TransactionHandler) Purchase(c echo.Context) error {
+	cc := campaigns.GetCampaignContext(c)
+	if cc == nil {
+		return apperror.NewMissingContext()
+	}
+
+	var input CreateTransactionInput
+	if err := json.NewDecoder(c.Request().Body).Decode(&input); err != nil {
+		return apperror.NewBadRequest("invalid JSON body")
+	}
+
+	userID := auth.GetUserID(c)
+	result, err := h.svc.Purchase(c.Request().Context(), cc.Campaign.ID, userID, input)
+	if err != nil {
+		return err
+	}
+
+	return c.JSON(http.StatusCreated, result)
+}
+
+// CreateTransaction handles POST /campaigns/:id/armory/transactions.
+// Records a manual transaction (gift, transfer, restock).
+func (h *TransactionHandler) CreateTransaction(c echo.Context) error {
+	cc := campaigns.GetCampaignContext(c)
+	if cc == nil {
+		return apperror.NewMissingContext()
+	}
+
+	var input CreateTransactionInput
+	if err := json.NewDecoder(c.Request().Body).Decode(&input); err != nil {
+		return apperror.NewBadRequest("invalid JSON body")
+	}
+
+	userID := auth.GetUserID(c)
+	tx, err := h.svc.CreateTransaction(c.Request().Context(), cc.Campaign.ID, userID, input)
+	if err != nil {
+		return err
+	}
+
+	return c.JSON(http.StatusCreated, tx)
+}
+
+// ListTransactions handles GET /campaigns/:id/armory/transactions.
+// Returns paginated transactions with optional filters.
+func (h *TransactionHandler) ListTransactions(c echo.Context) error {
+	cc := campaigns.GetCampaignContext(c)
+	if cc == nil {
+		return apperror.NewMissingContext()
+	}
+
+	opts := DefaultTransactionListOptions()
+	if p := c.QueryParam("page"); p != "" {
+		if n, err := strconv.Atoi(p); err == nil && n > 0 {
+			opts.Page = n
+		}
+	}
+	if pp := c.QueryParam("per_page"); pp != "" {
+		if n, err := strconv.Atoi(pp); err == nil && n > 0 && n <= 100 {
+			opts.PerPage = n
+		}
+	}
+	if sid := c.QueryParam("shop"); sid != "" {
+		opts.ShopEntityID = sid
+	}
+	if bid := c.QueryParam("buyer"); bid != "" {
+		opts.BuyerEntityID = bid
+	}
+	if iid := c.QueryParam("item"); iid != "" {
+		opts.ItemEntityID = iid
+	}
+	if tt := c.QueryParam("type"); tt != "" {
+		opts.TransactionType = tt
+	}
+
+	txs, total, err := h.svc.ListTransactions(c.Request().Context(), cc.Campaign.ID, opts)
+	if err != nil {
+		return apperror.NewInternal(err)
+	}
+
+	// Return empty array, not null.
+	if txs == nil {
+		txs = []Transaction{}
+	}
+
+	return c.JSON(http.StatusOK, map[string]any{
+		"data":  txs,
+		"total": total,
+		"page":  opts.Page,
+	})
+}
+
+// ListShopTransactions handles GET /campaigns/:id/armory/shops/:eid/transactions.
+// Returns transactions for a specific shop entity.
+func (h *TransactionHandler) ListShopTransactions(c echo.Context) error {
+	cc := campaigns.GetCampaignContext(c)
+	if cc == nil {
+		return apperror.NewMissingContext()
+	}
+
+	entityID := c.Param("eid")
+	if entityID == "" {
+		return apperror.NewBadRequest("entity ID is required")
+	}
+
+	opts := DefaultTransactionListOptions()
+	if p := c.QueryParam("page"); p != "" {
+		if n, err := strconv.Atoi(p); err == nil && n > 0 {
+			opts.Page = n
+		}
+	}
+
+	txs, total, err := h.svc.ListShopTransactions(c.Request().Context(), entityID, opts)
+	if err != nil {
+		return apperror.NewInternal(err)
+	}
+
+	if txs == nil {
+		txs = []Transaction{}
+	}
+
+	return c.JSON(http.StatusOK, map[string]any{
+		"data":  txs,
+		"total": total,
+		"page":  opts.Page,
+	})
+}

internal/plugins/armory/transaction_model.go

@@ -0,0 +1,81 @@
+// transaction_model.go defines data structures for shop transactions.
+// Transactions record purchases, sales, transfers, and gifts between entities.
+package armory
+
+import "time"
+
+// TransactionType enumerates the kinds of shop transactions.
+const (
+	TxPurchase = "purchase" // Character buys from shop.
+	TxSale     = "sale"     // Character sells to shop.
+	TxTransfer = "transfer" // Item moves between characters.
+	TxGift     = "gift"     // Free item transfer.
+	TxRestock  = "restock"  // Shop restocking (no buyer).
+)
+
+// Transaction represents a single shop transaction record.
+type Transaction struct {
+	ID             int        `json:"id"`
+	CampaignID     string     `json:"campaign_id"`
+	ShopEntityID   string     `json:"shop_entity_id"`
+	ItemEntityID   string     `json:"item_entity_id"`
+	BuyerEntityID  *string    `json:"buyer_entity_id,omitempty"`
+	RelationID     *int       `json:"relation_id,omitempty"`
+	Quantity       int        `json:"quantity"`
+	PricePaid      *string    `json:"price_paid,omitempty"`
+	Currency       string     `json:"currency"`
+	PriceNumeric   *float64   `json:"price_numeric,omitempty"`
+	TransactionType string   `json:"transaction_type"`
+	Notes          *string    `json:"notes,omitempty"`
+	CreatedAt      time.Time  `json:"created_at"`
+	CreatedBy      *string    `json:"created_by,omitempty"`
+
+	// Joined display fields (populated by list queries).
+	ShopName  string `json:"shop_name,omitempty"`
+	ItemName  string `json:"item_name,omitempty"`
+	BuyerName string `json:"buyer_name,omitempty"`
+}
+
+// CreateTransactionInput is the request payload for creating a transaction.
+type CreateTransactionInput struct {
+	ShopEntityID    string   `json:"shop_entity_id"`
+	ItemEntityID    string   `json:"item_entity_id"`
+	BuyerEntityID   string   `json:"buyer_entity_id"`
+	RelationID      int      `json:"relation_id"`
+	Quantity        int      `json:"quantity"`
+	PricePaid       string   `json:"price_paid"`
+	Currency        string   `json:"currency"`
+	PriceNumeric    float64  `json:"price_numeric"`
+	TransactionType string   `json:"transaction_type"`
+	Notes           string   `json:"notes"`
+}
+
+// TransactionListOptions controls filtering and pagination for transaction queries.
+type TransactionListOptions struct {
+	Page            int    // 1-indexed page number.
+	PerPage         int    // Items per page (default 20).
+	ShopEntityID    string // Filter by shop entity.
+	BuyerEntityID   string // Filter by buyer entity.
+	ItemEntityID    string // Filter by item entity.
+	TransactionType string // Filter by type (purchase, sale, etc.).
+}
+
+// DefaultTransactionListOptions returns sensible defaults.
+func DefaultTransactionListOptions() TransactionListOptions {
+	return TransactionListOptions{Page: 1, PerPage: 20}
+}
+
+// Offset returns the SQL offset for the current page.
+func (o TransactionListOptions) Offset() int {
+	if o.Page < 1 {
+		return 0
+	}
+	return (o.Page - 1) * o.PerPage
+}
+
+// PurchaseResult is returned after a successful purchase to inform
+// the caller of the outcome.
+type PurchaseResult struct {
+	Transaction   *Transaction `json:"transaction"`
+	StockRemaining int         `json:"stock_remaining"` // -1 means unlimited.
+}