<?php

namespace Database\Seeders;

use App\Models\Company;
use App\Models\Role;
use App\Models\User;
use App\Models\Permission; // Make sure to import this!
use Illuminate\Support\Facades\Hash;
use Illuminate\Database\Console\Seeds\WithoutModelEvents;
use Illuminate\Database\Seeder;

class InitialSystemSeeder extends Seeder
{
    public function run(): void
    {
        // 1. Generate the Base System Permissions
        // We define an array of standard permissions a B2B SaaS needs.
        $systemPermissions = [
            // User Management
            ['name' => 'View Users', 'slug' => 'users.view'],
            ['name' => 'Create Users', 'slug' => 'users.create'],
            ['name' => 'Edit Users', 'slug' => 'users.edit'],
            ['name' => 'Suspend/Delete Users', 'slug' => 'users.delete'],
            // Role Management
            ['name' => 'View Access Roles', 'slug' => 'roles.view'],
            ['name' => 'Manage Access Roles', 'slug' => 'roles.manage'],
            // Tenant Settings
            ['name' => 'Manage Organization Settings', 'slug' => 'company.manage'],
        ];

        // Loop through and safely create them
        $allPermissionIds = [];
        foreach ($systemPermissions as $perm) {
            $permission = Permission::firstOrCreate(
                ['slug' => $perm['slug']],
                ['name' => $perm['name']]
            );
            $allPermissionIds[] = $permission->id;
        }

        // 2. Auto-generate the Headquarters Profile
        $company = Company::firstOrCreate(
            ['name' => 'Safi Technologies'],
            [
                'support_email' => 'support@safitech.co.tz',
                'support_phone' => '+255623808373', 
                'website_url' => 'https://safitech.co.tz',
                'billing_address' => 'P.O. Box 1323, Kinondoni, Dar es Salaam, Tanzania',
            ]
        );

        // 3. Auto-generate the System Roles
        $superAdminRole = Role::firstOrCreate(
            ['name' => 'Super Admin'],
            [
                'company_id' => null, 
                'is_system' => true,
            ]
        );

        // Create a basic Manager role so we have something to test the Matrix with
        $managerRole = Role::firstOrCreate(
            ['name' => 'Manager'],
            [
                'company_id' => null, 
                'is_system' => true,
            ]
        );

        // 4. Load the Matrix
        // Give Super Admin visually everything (even though our code bypasses it anyway)
        $superAdminRole->permissions()->sync($allPermissionIds);

        // Give the Manager role only "View" and "Edit" user permissions as an example
        $managerPermissions = Permission::whereIn('slug', ['users.view', 'users.edit'])->pluck('id');
        $managerRole->permissions()->sync($managerPermissions);

        // 5. Auto-generate the Master User Account
        User::firstOrCreate(
            ['email' => 'admin@safitech.co.tz'], 
            [
                'name' => 'Severin Byamukama',
                'password' => Hash::make('password'), 
                'company_id' => $company->id,
                'role_id' => $superAdminRole->id,
                'status' => 'active',
                'requires_password_change' => false, 
            ]
        );
    }
}