import { DataScopeType } from '@prisma/client';

export interface DataScopeSeed {
  code: string;
  name: string;
  scopeType: DataScopeType;
}

export interface RoleDataScopeSeed {
  roleCode: string;
  dataScopeCode: string;
  resource: string;
}

export const DATA_SCOPE_SEEDS: DataScopeSeed[] = [
  { code: 'self_only', name: '仅本人数据', scopeType: DataScopeType.SELF },
  { code: 'dept_only', name: '仅本部门数据', scopeType: DataScopeType.DEPARTMENT },
  { code: 'dept_tree', name: '本部门及下属部门数据', scopeType: DataScopeType.DEPARTMENT_TREE },
  { code: 'org_all', name: '本组织所有数据', scopeType: DataScopeType.ORGANIZATION },
  { code: 'region_scope', name: '当前区域数据', scopeType: DataScopeType.REGION },
  { code: 'all', name: '全部数据', scopeType: DataScopeType.ALL },
];

export const ROLE_DATA_SCOPE_SEEDS: RoleDataScopeSeed[] = [
  // Administrator — 全部数据
  { roleCode: 'Administrator', dataScopeCode: 'all', resource: '*' },

  // Employee — 仅本人
  { roleCode: 'Employee', dataScopeCode: 'self_only', resource: '*' },

  // DepartmentManager — 本部门及下属
  { roleCode: 'DepartmentManager', dataScopeCode: 'dept_tree', resource: '*' },

  // Leader — 本部门及下属（与 DepartmentManager 一致）
  { roleCode: 'Leader', dataScopeCode: 'dept_tree', resource: '*' },

  // HrManager — 用户/部门看全组织，其他看本部门
  { roleCode: 'HrManager', dataScopeCode: 'org_all', resource: 'user' },
  { roleCode: 'HrManager', dataScopeCode: 'org_all', resource: 'department' },
  { roleCode: 'HrManager', dataScopeCode: 'org_all', resource: 'position' },
  { roleCode: 'HrManager', dataScopeCode: 'org_all', resource: 'performance' },
  { roleCode: 'HrManager', dataScopeCode: 'dept_only', resource: '*' },

  // FinanceApprover — 审 approval + parts 全组织，其他兜底本部门（避免 org_all 兜底越权）
  { roleCode: 'FinanceApprover', dataScopeCode: 'org_all',  resource: 'approval' },
  { roleCode: 'FinanceApprover', dataScopeCode: 'org_all',  resource: 'parts' },
  { roleCode: 'FinanceApprover', dataScopeCode: 'dept_only', resource: '*' },

  // PARTS — 本组织所有备件
  { roleCode: 'PARTS', dataScopeCode: 'org_all', resource: 'parts' },
  { roleCode: 'PARTS', dataScopeCode: 'self_only', resource: '*' },

  // MeetingManager — 本组织所有会议；user/department 也开放（用于挑选参与人/部门）
  { roleCode: 'MeetingManager', dataScopeCode: 'org_all', resource: 'meeting_attendance' },
  { roleCode: 'MeetingManager', dataScopeCode: 'org_all', resource: 'user' },
  { roleCode: 'MeetingManager', dataScopeCode: 'org_all', resource: 'department' },
  { roleCode: 'MeetingManager', dataScopeCode: 'self_only', resource: '*' },

  // FormAdmin — 本组织所有表单
  { roleCode: 'FormAdmin', dataScopeCode: 'org_all', resource: 'form' },
  { roleCode: 'FormAdmin', dataScopeCode: 'self_only', resource: '*' },

  // FormDesigner — 本人表单
  { roleCode: 'FormDesigner', dataScopeCode: 'self_only', resource: '*' },

  // ApprovalAdmin — 本组织所有审批
  { roleCode: 'ApprovalAdmin', dataScopeCode: 'org_all', resource: 'approval' },
  { roleCode: 'ApprovalAdmin', dataScopeCode: 'self_only', resource: '*' },
];