const mongoose = require('mongoose');
const User = require('./models/User');
const Role = require('./models/Role');
const UserRole = require('./models/UserRole');
const Permission = require('./models/Permission');
const RolePerm = require('./models/RolePerm');
const { hashPassword } = require('./utils/password');

async function init() {
  await mongoose.connect(process.env.MONGODB_URI || 'mongodb://localhost:27017/e-scooter-rental');
  console.log('📦 MongoDB 连接成功，开始初始化 RBAC...');

  // 清理旧数据（可选，生产环境请注释掉）
  await RolePerm.deleteMany({});
  await Permission.deleteMany({});
  await UserRole.deleteMany({});
  await Role.deleteMany({});
  await User.deleteMany({});

  // 1. 创建角色
  const roles = {
    admin: await Role.create({ roleName: 'admin', roleLabel: '管理员', description: '系统管理员' }),
    store: await Role.create({ roleName: 'store', roleLabel: '商家', description: '门店管理员' }),
    rider: await Role.create({ roleName: 'rider', roleLabel: '骑手', description: '骑手用户' })
  };
  console.log('✅ 角色创建完成');

  // 2. 创建权限
  const perms = {
    vehiclesRead: await Permission.create({ permName: 'vehicles:read', permLabel: '查看车辆', module: 'vehicles', action: 'read' }),
    vehiclesWrite: await Permission.create({ permName: 'vehicles:write', permLabel: '管理车辆', module: 'vehicles', action: 'write' }),
    ordersRead: await Permission.create({ permName: 'orders:read', permLabel: '查看订单', module: 'orders', action: 'read' }),
    ordersWrite: await Permission.create({ permName: 'orders:write', permLabel: '管理订单', module: 'orders', action: 'write' }),
    financeRead: await Permission.create({ permName: 'finance:read', permLabel: '查看财务', module: 'finance', action: 'read' }),
    usersRead: await Permission.create({ permName: 'users:read', permLabel: '查看用户', module: 'users', action: 'read' }),
    usersWrite: await Permission.create({ permName: 'users:write', permLabel: '管理用户', module: 'users', action: 'write' }),
    storeRead: await Permission.create({ permName: 'store:read', permLabel: '查看门店', module: 'store', action: 'read' }),
    storeWrite: await Permission.create({ permName: 'store:write', permLabel: '管理门店', module: 'store', action: 'write' }),
    customersRead: await Permission.create({ permName: 'customers:read', permLabel: '查看客户', module: 'customers', action: 'read' }),
    customersWrite: await Permission.create({ permName: 'customers:write', permLabel: '管理客户', module: 'customers', action: 'write' }),
    applicationsRead: await Permission.create({ permName: 'applications:read', permLabel: '查看申请', module: 'applications', action: 'read' }),
    applicationsWrite: await Permission.create({ permName: 'applications:write', permLabel: '管理申请', module: 'applications', action: 'write' }),
    complaintsRead: await Permission.create({ permName: 'complaints:read', permLabel: '查看投诉', module: 'complaints', action: 'read' }),
    complaintsWrite: await Permission.create({ permName: 'complaints:write', permLabel: '管理投诉', module: 'complaints', action: 'write' }),
    disputesRead: await Permission.create({ permName: 'disputes:read', permLabel: '查看纠纷', module: 'disputes', action: 'read' }),
    disputesWrite: await Permission.create({ permName: 'disputes:write', permLabel: '管理纠纷', module: 'disputes', action: 'write' }),
    approvalsRead: await Permission.create({ permName: 'approvals:read', permLabel: '查看审批', module: 'approvals', action: 'read' }),
    approvalsWrite: await Permission.create({ permName: 'approvals:write', permLabel: '管理审批', module: 'approvals', action: 'write' }),
    paymentsRead: await Permission.create({ permName: 'payments:read', permLabel: '查看支付', module: 'payments', action: 'read' }),
    paymentsWrite: await Permission.create({ permName: 'payments:write', permLabel: '管理支付', module: 'payments', action: 'write' }),
    vehicleTypesRead: await Permission.create({ permName: 'vehicleTypes:read', permLabel: '查看车型', module: 'vehicleTypes', action: 'read' }),
    vehicleTypesWrite: await Permission.create({ permName: 'vehicleTypes:write', permLabel: '管理车型', module: 'vehicleTypes', action: 'write' }),
  };
  console.log('✅ 权限创建完成');

  // 3. 角色-权限关联

  // admin: 所有权限
  for (const key of Object.keys(perms)) {
    await RolePerm.create({ role: roles.admin._id, permission: perms[key]._id });
  }

  // store: 门店 + 订单 + 车辆 + 客户 + 投诉 + 申请 + 支付 + 车型（部分写权限）
  const storePerms = [
    'storeRead', 'storeWrite',
    'ordersRead', 'ordersWrite',
    'vehiclesRead', 'vehiclesWrite',
    'customersRead', 'customersWrite',
    'complaintsRead', 'complaintsWrite',
    'applicationsRead', 'applicationsWrite',
    'paymentsRead', 'paymentsWrite',
    'disputesRead',
    'vehicleTypesRead'
  ];
  for (const key of storePerms) {
    await RolePerm.create({ role: roles.store._id, permission: perms[key]._id });
  }

  // rider: 只读部分
  const riderPerms = [
    'ordersRead',
    'vehiclesRead',
    'customersRead',
    'vehicleTypesRead'
  ];
  for (const key of riderPerms) {
    await RolePerm.create({ role: roles.rider._id, permission: perms[key]._id });
  }
  console.log('✅ 角色-权限关联完成');

  // 4. 创建默认 admin 账号
  const hashed = await hashPassword('admin123');
  const adminUser = await User.create({
    username: 'admin',
    password: hashed,
    name: '系统管理员',
    type: 'admin',
    status: 'active'
  });
  await UserRole.create({ user: adminUser._id, role: roles.admin._id });

  console.log('');
  console.log('═══════════════════════════════════════');
  console.log('✅ RBAC 初始化完成！');
  console.log('默认账号: admin / admin123');
  console.log('═══════════════════════════════════════');

  await mongoose.disconnect();
}

init().catch(err => {
  console.error('❌ RBAC 初始化失败:', err);
  process.exit(1);
});