persegi/database/seeders/PermissionSeeder.php

<?php

namespace Database\Seeders;

use Illuminate\Database\Seeder;
use Spatie\Permission\Models\Permission;
use Spatie\Permission\Models\Role;

class PermissionSeeder extends Seeder
{
    public function run(): void
    {
        app()[\Spatie\Permission\PermissionRegistrar::class]->forgetCachedPermissions();

        // Buat roles jika belum ada
        foreach (['super_admin', 'ketua', 'bendahara', 'pengurus', 'anggota', 'auditor', 'editor', 'koordinator'] as $role) {
            Role::firstOrCreate(['name' => $role, 'guard_name' => 'web']);
        }

        // Skip jika permission belum di-generate (shield:generate belum dijalankan)
        if (Permission::count() === 0) {
            $this->command->warn('Permission belum ada. Jalankan: php artisan shield:generate --panel=admin');
            return;
        }

        $ketua     = Role::findByName('ketua');
        $bendahara = Role::findByName('bendahara');
        $pengurus  = Role::findByName('pengurus');
        $anggota   = Role::findByName('anggota');
        $auditor   = Role::findByName('auditor');
        $editor    = Role::findByName('editor');
        $koordinator = Role::findByName('koordinator');

        $ketua->syncPermissions(Permission::where('name', 'not like', '%Role%')
            ->where('name', 'not like', '%Permission%')
            ->where('name', '!=', 'ViewDraft:Activity')
            ->get());

        // Pastikan ketua punya AssignKoordinator
        if ($p = Permission::where('name', 'AssignKoordinator')->first()) {
            $ketua->givePermissionTo($p);
        }

        $koordinator->syncPermissions(Permission::whereIn('name', [
            'ViewAny:Activity', 'View:Activity', 'Create:Activity', 'Update:Activity', 'Delete:Activity',
            'ViewAny:Vote', 'View:Vote',
            'ViewAny:Post', 'View:Post', 'Create:Post', 'Update:Post', 'Delete:Post',
            'ViewAny:MemberPoint', 'View:MemberPoint',
        ])->get());

        $bendahara->syncPermissions(Permission::where('name', 'like', '%CashRecord%')
            ->orWhere('name', 'like', '%CashCategory%')
            ->orWhere('name', 'like', '%MemberDue%')
            ->orWhereIn('name', [
                'ViewAny:Activity', 'View:Activity',
                'ViewAny:Post', 'View:Post', 'Create:Post', 'Update:Post', 'Delete:Post',
            ])
            ->get());

        $pengurus->syncPermissions(Permission::where('name', 'like', '%Activity%')
            ->where('name', '!=', 'ViewDraft:Activity')
            ->orWhereIn('name', [
                'ViewAny:User', 'View:User',
                'ViewAny:Division', 'View:Division',
                'ViewAny:Post', 'View:Post', 'Create:Post', 'Update:Post', 'Delete:Post',
            ])
            ->get());

        $anggota->syncPermissions(Permission::whereIn('name', [
            'ViewAny:Activity', 'View:Activity',
            'ViewAny:Vote', 'View:Vote',
            'ViewAny:Post', 'View:Post', 'Create:Post', 'Update:Post', 'Delete:Post',
            'ViewAny:MemberPoint', 'View:MemberPoint',
        ])->get());

        $auditor->syncPermissions(Permission::where('name', 'like', 'ViewAny:%')
            ->orWhere('name', 'like', 'View:%')
            ->orWhere('name', 'like', '%Audit%')
            ->get());

        $editor->syncPermissions(Permission::whereIn('name', [
            'ViewAny:Post', 'View:Post', 'Create:Post', 'Update:Post', 'Delete:Post',
            'DeleteAny:Post', 'ViewAny:Activity', 'View:Activity',
            'Publish:Post',
        ])->get());
    }
}