@echo off
echo ============================================================================
echo 🚀 CRÉATION RAPIDE DES RÔLES ET UTILISATEURS UNIONFLOW
echo ============================================================================

REM Obtenir un nouveau token
echo [INFO] Obtention du token...
curl -s -X POST "http://192.168.1.145:8180/realms/master/protocol/openid-connect/token" -H "Content-Type: application/x-www-form-urlencoded" -d "username=admin&password=admin&grant_type=password&client_id=admin-cli" > token.json

REM Extraire le token
for /f "tokens=2 delims=:," %%a in ('findstr "access_token" token.json') do set TOKEN_RAW=%%a
set TOKEN=%TOKEN_RAW:"=%

echo [SUCCESS] Token obtenu
echo.

REM Créer les fichiers JSON pour chaque rôle
echo {"name":"SUPER_ADMINISTRATEUR","description":"Super Administrateur","attributes":{"level":["100"]}} > role_super.json
echo {"name":"ADMINISTRATEUR_ORGANISATION","description":"Administrateur Organisation","attributes":{"level":["85"]}} > role_admin.json
echo {"name":"RESPONSABLE_TECHNIQUE","description":"Responsable Technique","attributes":{"level":["80"]}} > role_tech.json
echo {"name":"RESPONSABLE_FINANCIER","description":"Responsable Financier","attributes":{"level":["75"]}} > role_finance.json
echo {"name":"RESPONSABLE_MEMBRES","description":"Responsable Membres","attributes":{"level":["70"]}} > role_membres.json
echo {"name":"MEMBRE_ACTIF","description":"Membre Actif","attributes":{"level":["50"]}} > role_actif.json
echo {"name":"MEMBRE_SIMPLE","description":"Membre Simple","attributes":{"level":["30"]}} > role_simple.json
echo {"name":"VISITEUR","description":"Visiteur","attributes":{"level":["0"]}} > role_visiteur.json

REM Créer tous les rôles
echo [INFO] Création des rôles...
curl -s -X POST "http://192.168.1.145:8180/admin/realms/unionflow/roles" -H "Authorization: Bearer %TOKEN%" -H "Content-Type: application/json" -d @role_super.json
curl -s -X POST "http://192.168.1.145:8180/admin/realms/unionflow/roles" -H "Authorization: Bearer %TOKEN%" -H "Content-Type: application/json" -d @role_admin.json
curl -s -X POST "http://192.168.1.145:8180/admin/realms/unionflow/roles" -H "Authorization: Bearer %TOKEN%" -H "Content-Type: application/json" -d @role_tech.json
curl -s -X POST "http://192.168.1.145:8180/admin/realms/unionflow/roles" -H "Authorization: Bearer %TOKEN%" -H "Content-Type: application/json" -d @role_finance.json
curl -s -X POST "http://192.168.1.145:8180/admin/realms/unionflow/roles" -H "Authorization: Bearer %TOKEN%" -H "Content-Type: application/json" -d @role_membres.json
curl -s -X POST "http://192.168.1.145:8180/admin/realms/unionflow/roles" -H "Authorization: Bearer %TOKEN%" -H "Content-Type: application/json" -d @role_actif.json
curl -s -X POST "http://192.168.1.145:8180/admin/realms/unionflow/roles" -H "Authorization: Bearer %TOKEN%" -H "Content-Type: application/json" -d @role_simple.json
curl -s -X POST "http://192.168.1.145:8180/admin/realms/unionflow/roles" -H "Authorization: Bearer %TOKEN%" -H "Content-Type: application/json" -d @role_visiteur.json

echo [SUCCESS] Rôles créés
echo.

REM Créer les fichiers JSON pour les utilisateurs
echo {"username":"superadmin","email":"superadmin@unionflow.dev","firstName":"Super","lastName":"Admin","enabled":true,"emailVerified":true,"credentials":[{"type":"password","value":"SuperAdmin123!","temporary":false}]} > user_super.json
echo {"username":"admin.org","email":"admin@association-dev.fr","firstName":"Admin","lastName":"Organisation","enabled":true,"emailVerified":true,"credentials":[{"type":"password","value":"AdminOrg123!","temporary":false}]} > user_admin.json
echo {"username":"tech.lead","email":"tech@association-dev.fr","firstName":"Tech","lastName":"Lead","enabled":true,"emailVerified":true,"credentials":[{"type":"password","value":"TechLead123!","temporary":false}]} > user_tech.json
echo {"username":"tresorier","email":"tresorier@association-dev.fr","firstName":"Tresorier","lastName":"Finance","enabled":true,"emailVerified":true,"credentials":[{"type":"password","value":"Tresorier123!","temporary":false}]} > user_finance.json
echo {"username":"rh.manager","email":"rh@association-dev.fr","firstName":"RH","lastName":"Manager","enabled":true,"emailVerified":true,"credentials":[{"type":"password","value":"RhManager123!","temporary":false}]} > user_membres.json
echo {"username":"marie.active","email":"marie@association-dev.fr","firstName":"Marie","lastName":"Active","enabled":true,"emailVerified":true,"credentials":[{"type":"password","value":"Marie123!","temporary":false}]} > user_actif.json
echo {"username":"jean.simple","email":"jean@association-dev.fr","firstName":"Jean","lastName":"Simple","enabled":true,"emailVerified":true,"credentials":[{"type":"password","value":"Jean123!","temporary":false}]} > user_simple.json
echo {"username":"visiteur","email":"visiteur@example.com","firstName":"Visiteur","lastName":"Public","enabled":true,"emailVerified":true,"credentials":[{"type":"password","value":"Visiteur123!","temporary":false}]} > user_visiteur.json

REM Créer tous les utilisateurs
echo [INFO] Création des utilisateurs...
curl -s -X POST "http://192.168.1.145:8180/admin/realms/unionflow/users" -H "Authorization: Bearer %TOKEN%" -H "Content-Type: application/json" -d @user_super.json
curl -s -X POST "http://192.168.1.145:8180/admin/realms/unionflow/users" -H "Authorization: Bearer %TOKEN%" -H "Content-Type: application/json" -d @user_admin.json
curl -s -X POST "http://192.168.1.145:8180/admin/realms/unionflow/users" -H "Authorization: Bearer %TOKEN%" -H "Content-Type: application/json" -d @user_tech.json
curl -s -X POST "http://192.168.1.145:8180/admin/realms/unionflow/users" -H "Authorization: Bearer %TOKEN%" -H "Content-Type: application/json" -d @user_finance.json
curl -s -X POST "http://192.168.1.145:8180/admin/realms/unionflow/users" -H "Authorization: Bearer %TOKEN%" -H "Content-Type: application/json" -d @user_membres.json
curl -s -X POST "http://192.168.1.145:8180/admin/realms/unionflow/users" -H "Authorization: Bearer %TOKEN%" -H "Content-Type: application/json" -d @user_actif.json
curl -s -X POST "http://192.168.1.145:8180/admin/realms/unionflow/users" -H "Authorization: Bearer %TOKEN%" -H "Content-Type: application/json" -d @user_simple.json
curl -s -X POST "http://192.168.1.145:8180/admin/realms/unionflow/users" -H "Authorization: Bearer %TOKEN%" -H "Content-Type: application/json" -d @user_visiteur.json

echo [SUCCESS] Utilisateurs créés
echo.

REM Nettoyer les fichiers temporaires
del *.json

echo ============================================================================
echo ✅ CONFIGURATION TERMINÉE AVEC SUCCÈS
echo ============================================================================
echo.
echo 🔐 COMPTES DE TEST CRÉÉS :
echo • superadmin@unionflow.dev (SUPER_ADMINISTRATEUR)
echo • admin@association-dev.fr (ADMINISTRATEUR_ORGANISATION)
echo • tech@association-dev.fr (RESPONSABLE_TECHNIQUE)
echo • tresorier@association-dev.fr (RESPONSABLE_FINANCIER)
echo • rh@association-dev.fr (RESPONSABLE_MEMBRES)
echo • marie@association-dev.fr (MEMBRE_ACTIF)
echo • jean@association-dev.fr (MEMBRE_SIMPLE)
echo • visiteur@example.com (VISITEUR)
echo.
echo 🚀 Vous pouvez maintenant tester l'authentification !
echo.
pause