-- =========================================================
-- 027_expense_and_request_permissions.sql
-- Sprint 9: expense + purchase request permissions seed
-- =========================================================

INSERT IGNORE INTO permissions (code, name, module, created_at) VALUES
('warehouse.request.view','Lihat Permintaan Pembelian Gudang','warehouse',NOW()),
('warehouse.request.manage','Kelola Permintaan Pembelian Gudang','warehouse',NOW()),
('expenses.view','Lihat Daftar Biaya','expenses',NOW()),
('expenses.manage','Kelola Daftar Biaya','expenses',NOW());

-- Owner, Admin, Kepala Toko: full access
INSERT IGNORE INTO role_permissions (role_id, permission_id)
SELECT r.id, p.id
FROM roles r
JOIN permissions p ON p.code IN (
  'warehouse.request.view',
  'warehouse.request.manage',
  'expenses.view',
  'expenses.manage'
)
WHERE r.code IN ('owner','admin','kepala_toko');