<?php

namespace Database\Seeders;

use Illuminate\Database\Seeder;
use Spatie\Permission\Models\Permission;
use Spatie\Permission\Models\Role;

class PermissionSeeder extends Seeder
{
    public function run(): void
    {
        app()[\Spatie\Permission\PermissionRegistrar::class]->forgetCachedPermissions();

        $ketua = Role::findByName('ketua');
        $bendahara = Role::findByName('bendahara');
        $pengurus = Role::findByName('pengurus');
        $anggota = Role::findByName('anggota');
        $auditor = Role::findByName('auditor');

        // Ketua: akses penuh kecuali shield roles
        $ketua->syncPermissions(Permission::where('name', 'not like', '%Role%')
            ->where('name', 'not like', '%Permission%')
            ->get());

        // Bendahara: hanya kas
        $bendahara->syncPermissions(Permission::where('name', 'like', '%CashRecord%')
            ->orWhere('name', 'like', '%CashCategory%')
            ->get());

        // Pengurus: kegiatan + lihat anggota & divisi
        $pengurus->syncPermissions(Permission::where('name', 'like', '%Activity%')
            ->orWhere('name', 'like', 'ViewAny:User')
            ->orWhere('name', 'like', 'View:User')
            ->orWhere('name', 'like', 'ViewAny:Division')
            ->orWhere('name', 'like', 'View:Division')
            ->get());

        // Anggota: lihat kegiatan & voting + kelola artikel sendiri
        $anggota->syncPermissions(Permission::whereIn('name', [
            'ViewAny:Activity', 'View:Activity',
            'ViewAny:Vote', 'View:Vote',
            'ViewAny:MyPost', 'View:MyPost', 'Create:MyPost', 'Update:MyPost', 'Delete:MyPost',
        ])->get());

        // Auditor: read-only semua + akses audit
        $auditor->syncPermissions(Permission::where('name', 'like', 'ViewAny:%')
            ->orWhere('name', 'like', 'View:%')
            ->orWhere('name', 'like', '%Audit%')
            ->get());
    }
}