import uuid
from sqlalchemy.orm import Session

from app.models.role import Role
from app.models.permission import Permission
from app.models.permission_role import PermissionRole


def seed_roles(db: Session):
    # === permissions ===
    permissions_data = [
        {"subject": "jabatan", "name": "Master Jabatan"},
        {"subject": "modul", "name": "Master Modul"},
        {"subject": "bagian", "name": "Master Bagian"},
        {"subject": "unit", "name": "Master Unit"},
        {"subject": "user", "name": "Master User"},
        {"subject": "report", "name": "Report"},
        {"subject": "cuti", "name": "Pengajuan Cuti"},
    ]

    permissions = []
    for data in permissions_data:
        permission = (
            db.query(Permission)
            .filter(
                Permission.subject == data["subject"],
                Permission.name == data["name"],
            )
            .first()
        )

        if not permission:
            permission = Permission(
                id=str(uuid.uuid4()),
                subject=data["subject"],
                name=data["name"],
            )
            db.add(permission)
            db.commit()
            db.refresh(permission)

        permissions.append(permission)

    # === roles ===
    def get_or_create_role(name: str, slug: str) -> Role:
        role = db.query(Role).filter(Role.slug == slug).first()
        if not role:
            role = Role(
                id=str(uuid.uuid4()),
                name=name,
                slug=slug,
            )
            db.add(role)
            db.commit()
            db.refresh(role)
        return role

    admin = get_or_create_role("Administrator", "admin")
    kabag = get_or_create_role("Kepala Bagian", "kabag")
    kanit = get_or_create_role("Kepala Unit", "kanit")
    pegawai = get_or_create_role("Staf Pegawai", "pegawai")

    # === permission_role mapping ===
    permission_roles_data = [
        # ADMIN
        (admin.id, permissions[0].id, ["create", "read", "update", "delete"]),
        (admin.id, permissions[1].id, ["create", "read", "update", "delete"]),
        (admin.id, permissions[2].id, ["create", "read", "update", "delete"]),
        (admin.id, permissions[3].id, ["create", "read", "update", "delete"]),
        (admin.id, permissions[4].id, ["create", "read", "update", "delete"]),
        (admin.id, permissions[5].id, ["create", "read", "update", "delete"]),
        (admin.id, permissions[6].id, ["create", "read", "update", "delete"]),
        # KABAG
        (kabag.id, permissions[5].id, ["create", "read", "update", "delete"]),
        (kabag.id, permissions[6].id, ["create", "read", "update", "delete"]),
        # KANIT
        (kanit.id, permissions[5].id, ["create", "read", "update", "delete"]),
        (kanit.id, permissions[6].id, ["create", "read", "update", "delete"]),
        # PEGAWAI
        (pegawai.id, permissions[5].id, ["read", "create"]),
        (pegawai.id, permissions[6].id, ["read"]),
    ]

    for role_id, permission_id, actions in permission_roles_data:
        exists = (
            db.query(PermissionRole)
            .filter(
                PermissionRole.role_id == role_id,
                PermissionRole.permission_id == permission_id,
            )
            .first()
        )
        if exists:
            continue

        pr = PermissionRole(
            id=str(uuid.uuid4()),
            role_id=role_id,
            permission_id=permission_id,
            actions=actions,
        )
        db.add(pr)

    db.commit()