/**
 * 修复 itadmin 用户的角色分配
 * 确保 Administrator 角色的 organizationId 为 null（全局作用域）
 */

import { PrismaClient } from '@prisma/client';

const prisma = new PrismaClient();

async function fixItAdminRole() {
  console.log('🔧 Fixing itadmin user role assignment...\n');

  try {
    // 1. 查找 itadmin 用户
    const itadmin = await prisma.user.findUnique({
      where: { username: 'itadmin' },
      include: {
        roles: {
          include: {
            role: true,
          },
        },
      },
    });

    if (!itadmin) {
      console.log('❌ itadmin user not found');
      console.log('   Please run: npm run init:itadmin');
      return;
    }

    console.log('✅ Found itadmin user:', itadmin.username);
    console.log('   Current roles:', itadmin.roles.map(ur => ({
      roleCode: ur.role.code,
      roleName: ur.role.name,
      organizationId: (ur as any).organizationId,
    })));

    // 2. 查找 Administrator 角色
    const adminRole = await prisma.role.findUnique({
      where: { code: 'Administrator' },
    });

    if (!adminRole) {
      console.log('❌ Administrator role not found');
      console.log('   Please run: npm run db:seed');
      return;
    }

    // 3. 检查是否已有 Administrator 角色分配
    const existingAdminRole = itadmin.roles.find(ur => ur.role.code === 'Administrator');

    if (existingAdminRole) {
      const orgId = (existingAdminRole as any).organizationId;
      
      if (orgId === null) {
        console.log('✅ Administrator role is already correctly set (global scope)');
        return;
      }

      console.log(`⚠️  Administrator role has organizationId: ${orgId}`);
      console.log('   Updating to global scope (organizationId = null)...');

      // 删除旧的角色分配
      await prisma.userRole.delete({
        where: {
          id: existingAdminRole.id,
        },
      });

      // 创建新的全局角色分配
      await prisma.userRole.create({
        data: {
          userId: itadmin.id,
          roleId: adminRole.id,
          organizationId: null, // 全局管理员
        },
      });

      console.log('✅ Administrator role updated to global scope');
    } else {
      console.log('⚠️  Administrator role not assigned');
      console.log('   Adding Administrator role (global scope)...');

      // 创建全局管理员角色分配
      await prisma.userRole.create({
        data: {
          userId: itadmin.id,
          roleId: adminRole.id,
          organizationId: null, // 全局管理员
        },
      });

      console.log('✅ Administrator role assigned (global scope)');
    }

    // 4. 验证结果
    const updatedUser = await prisma.user.findUnique({
      where: { id: itadmin.id },
      include: {
        roles: {
          include: {
            role: true,
          },
        },
      },
    });

    console.log('\n' + '='.repeat(60));
    console.log('✅ Role assignment updated successfully!');
    console.log('='.repeat(60));
    console.log('\nCurrent roles:', updatedUser?.roles.map(ur => ({
      roleCode: ur.role.code,
      roleName: ur.role.name,
      organizationId: (ur as any).organizationId || 'null (global)',
    })));
    console.log('');

  } catch (error) {
    console.error('❌ Error fixing itadmin role:', error);
    throw error;
  } finally {
    await prisma.$disconnect();
  }
}

// 执行脚本
fixItAdminRole();