crewli/api/database/seeders/RoleSeeder.php

<?php

declare(strict_types=1);

namespace Database\Seeders;

use Illuminate\Database\Seeder;
use Spatie\Permission\Models\Role;

class RoleSeeder extends Seeder
{
    public function run(): void
    {
        // App-level
        Role::findOrCreate('super_admin', 'web');

        // Organisation-level
        Role::findOrCreate('org_admin', 'web');
        Role::findOrCreate('org_member', 'web');

        // Event-level
        Role::findOrCreate('event_manager', 'web');
        Role::findOrCreate('staff_coordinator', 'web');
        Role::findOrCreate('volunteer_coordinator', 'web');

        // RFC-TIMETABLE v0.2 §9 — program/production roles. Per Phase A
        // decision (2026-05-08), Crewli authorises by role only; the four
        // RFC §9 permission strings (events.view_program, events.manage_program,
        // organisations.manage_artists, organisations.manage_settings) are
        // mapped to roles in policy class docblocks rather than seeded as
        // Spatie permissions. See BACKLOG entry AUTH-PERMISSIONS-MIGRATION
        // for the eventual cross-cutting migration.
        Role::findOrCreate('program_manager', 'web');
        Role::findOrCreate('production_assistant', 'web');
    }
}