Files
TX/scripts/src/seed.ts
T
riyadhafraa a3ebff2afa feat(setup): Stage 1 first-time setup wizard backend (no UI)
Task #534 — backend, infra, and tooling only. UI ships in Stage 2.

Backend
- New system_settings table (id=1 singleton): installed flag, base_url,
  local_domain, local_ip, https_mode, app_version. Pushed to dev DB.
- New /api/setup/status (open) and /api/setup/{validate,complete}
  (gated by requireSetupOpen — 409 once installed).
- completeInstall is fully transactional: pg_advisory_xact_lock
  serializes concurrent callers, double-gates on installed flag and
  admin existence, then atomically creates the admin user, assigns
  admin role + Admins/Everyone groups, and flips system_settings to
  installed=true. Rolls back on any failure.
- Zod validation, bcrypt hashing, in-memory rate limiter for the
  setup endpoints.

Backward compat
- scripts/src/seed.ts now branches on installed flag + admin
  existence + SEED_*_PASSWORD env vars. Legacy installs (admin
  exists, system_settings empty) get backfilled to installed=true
  via ON CONFLICT DO UPDATE so they are never forced through the
  wizard. When env passwords are unset and no admin exists, the
  seed prints a wizard hint instead of seeding.

Infra
- docker-compose.yml: replaced nginx edge with a Caddy service that
  mounts ./certs and ./docker/Caddyfile. The web service no longer
  publishes a port directly — Caddy is the only public ingress.
- docker/Caddyfile: HTTPS site for LOCAL_DOMAIN/LOCAL_IP with
  WebSocket upgrade preserved and a plaintext :80 fallback when
  HTTPS_MODE=skip (dev-only).
- .env.example: added LOCAL_DOMAIN, LOCAL_IP, BASE_URL, HTTP_PORT,
  HTTPS_PORT, HTTPS_MODE; SEED_*_PASSWORD now optional.

Tooling
- scripts/local-setup.sh: idempotent OS-aware bootstrap (.env upsert,
  mkcert hint, cert SAN check, dry-run via LOCAL_SETUP_DRY_RUN).
  start.sh untouched.

Tests
- artifacts/api-server/tests/setup-wizard.test.mjs: 7/7 pass
  (snapshot/restore admin role + system_settings around tests).
- scripts/tests/local-setup.test.mjs: 2/2 pass (first-run bootstrap
  + second-run no-op idempotency with mkcert/openssl stubs).

Constraints honored: no force-push, no destructive ops, start.sh
preserved, scripts idempotent, volumes/DB never touched, HTTPS skip
mode dev-only, wizard does not edit LOCAL_DOMAIN/LOCAL_IP.

Out of scope / not addressed: pre-existing TS errors in
routes/users.ts and pre-existing failure in
executive-meetings-postpone-race.test.mjs.
2026-05-14 07:32:58 +00:00

949 lines
32 KiB
TypeScript

import { db } from "@workspace/db";
import { BUILTIN_APP_SLUGS } from "@workspace/db/built-in-apps";
import {
usersTable,
rolesTable,
userRolesTable,
permissionsTable,
rolePermissionsTable,
appsTable,
appPermissionsTable,
serviceCategoriesTable,
servicesTable,
groupsTable,
userGroupsTable,
groupAppsTable,
groupRolesTable,
systemSettingsTable,
executiveMeetingsTable,
executiveMeetingAttendeesTable,
executiveMeetingNotificationsTable,
} from "@workspace/db";
import { eq, sql } from "drizzle-orm";
import bcrypt from "bcryptjs";
async function main() {
console.log("Seeding database...");
// Create roles
const [adminRole] = await db
.insert(rolesTable)
.values({ name: "admin", descriptionAr: "مدير النظام", descriptionEn: "System Administrator", isSystem: 1 })
.onConflictDoNothing()
.returning();
const [userRole] = await db
.insert(rolesTable)
.values({ name: "user", descriptionAr: "مستخدم عادي", descriptionEn: "Regular User", isSystem: 1 })
.onConflictDoNothing()
.returning();
console.log("Roles created");
// Create permissions
const permissions = [
{ name: "apps:manage", descriptionAr: "إدارة التطبيقات", descriptionEn: "Manage Apps" },
{ name: "services:manage", descriptionAr: "إدارة الخدمات", descriptionEn: "Manage Services" },
{ name: "users:manage", descriptionAr: "إدارة المستخدمين", descriptionEn: "Manage Users" },
{ name: "orders.receive", descriptionAr: "استلام الطلبات", descriptionEn: "Receive service orders" },
];
await db.insert(permissionsTable).values(permissions).onConflictDoNothing();
const allInsertedPerms = await db.select().from(permissionsTable);
console.log("Permissions created");
// Create order_receiver role
const [orderReceiverRole] = await db
.insert(rolesTable)
.values({
name: "order_receiver",
descriptionAr: "مستلم الطلبات",
descriptionEn: "Order Receiver",
isSystem: 1,
})
.onConflictDoNothing()
.returning();
const allRoles = await db.select().from(rolesTable);
const adminRoleResolved = adminRole ?? allRoles.find((r) => r.name === "admin");
const userRoleResolved = userRole ?? allRoles.find((r) => r.name === "user");
const orderReceiverResolved =
orderReceiverRole ?? allRoles.find((r) => r.name === "order_receiver");
// Assign all permissions to admin role
if (adminRoleResolved && allInsertedPerms.length > 0) {
await db
.insert(rolePermissionsTable)
.values(allInsertedPerms.map((p) => ({ roleId: adminRoleResolved.id, permissionId: p.id })))
.onConflictDoNothing();
}
// Assign orders:receive permission to order_receiver role
if (orderReceiverResolved && allInsertedPerms.length > 0) {
const ordersPerm = allInsertedPerms.find((p) => p.name === "orders.receive");
if (ordersPerm) {
await db
.insert(rolePermissionsTable)
.values({ roleId: orderReceiverResolved.id, permissionId: ordersPerm.id })
.onConflictDoNothing();
}
}
// ---------------------------------------------------------------------
// First-run install state — defer admin creation to the Setup Wizard
// when no admin exists yet AND the operator hasn't pre-seeded passwords
// via environment variables.
//
// Behaviour matrix:
// installed=true OR admin exists → seed roles/permissions only
// (re-runs in CI / migrations stay
// green; never overwrite a real
// admin row)
// installed=false, no admin, env → behave as before: create the
// seeded admin + sample user, flip
// installed=true so the wizard does
// not appear
// installed=false, no admin, no
// env → seed roles/permissions only,
// leave admin creation to the
// wizard. Print a clear log line.
// ---------------------------------------------------------------------
const adminPassword = process.env.SEED_ADMIN_PASSWORD;
const userPassword = process.env.SEED_USER_PASSWORD;
// Detect existing install state. The system_settings row may not exist
// yet on a brand-new DB; treat "no row" as installed=false.
const sysRows = await db.select().from(systemSettingsTable).limit(1);
const installedFlag = sysRows[0]?.installed ?? false;
// Backfill: if any admin already exists but system_settings is empty
// (legacy installs from before this column shipped), upsert the row
// with installed=true so those operators are never forced through the
// wizard.
const existingAdminRows = await db
.select({ id: usersTable.id })
.from(userRolesTable)
.innerJoin(usersTable, eq(usersTable.id, userRolesTable.userId))
.innerJoin(rolesTable, eq(rolesTable.id, userRolesTable.roleId))
.where(eq(rolesTable.name, "admin"))
.limit(1);
const adminAlreadyExists = existingAdminRows.length > 0;
if (adminAlreadyExists && !installedFlag) {
// Use DO UPDATE so a stale id=1 row with installed=false (e.g. if a
// half-finished wizard run inserted the row first) is corrected to
// installed=true. Preserve installed_at if already set.
await db
.insert(systemSettingsTable)
.values({ id: 1, installed: true, installedAt: new Date() })
.onConflictDoUpdate({
target: systemSettingsTable.id,
set: {
installed: true,
installedAt: sql`COALESCE(${systemSettingsTable.installedAt}, NOW())`,
updatedAt: new Date(),
},
});
console.log("Backfilled system_settings.installed=true for existing admin");
}
let adminUser: { id: number } | undefined;
let regularUser: { id: number } | undefined;
const skipUserCreation = installedFlag || adminAlreadyExists;
const haveSeedEnv = Boolean(adminPassword && userPassword);
if (skipUserCreation) {
console.log(
"Skipping seeded admin/user — system already installed or an admin already exists.",
);
} else if (!haveSeedEnv) {
const host = process.env.PUBLIC_BASE_URL ?? "https://<host>";
console.log(
`[seed] No SEED_ADMIN_PASSWORD/SEED_USER_PASSWORD set — first-run wizard required at ${host}/setup`,
);
} else {
const adminHash = await bcrypt.hash(adminPassword!, 10);
const insertedAdmin = await db
.insert(usersTable)
.values({
username: "admin",
email: "admin@tx.local",
passwordHash: adminHash,
displayNameAr: "مدير النظام",
displayNameEn: "System Admin",
preferredLanguage: "ar",
isActive: true,
})
.onConflictDoNothing()
.returning();
adminUser = insertedAdmin[0];
const userHash = await bcrypt.hash(userPassword!, 10);
const insertedRegular = await db
.insert(usersTable)
.values({
username: "ahmed",
email: "ahmed@tx.local",
passwordHash: userHash,
displayNameAr: "أحمد محمد",
displayNameEn: "Ahmed Mohammed",
preferredLanguage: "ar",
isActive: true,
})
.onConflictDoNothing()
.returning();
regularUser = insertedRegular[0];
// Mark install complete so the wizard does not appear.
await db
.insert(systemSettingsTable)
.values({ id: 1, installed: true, installedAt: new Date() })
.onConflictDoNothing();
console.log("Users created");
}
// Assign roles
const roles = await db.select().from(rolesTable);
const adminRoleRow = roles.find((r) => r.name === "admin");
const userRoleRow = roles.find((r) => r.name === "user");
if (adminUser && adminRoleRow) {
await db
.insert(userRolesTable)
.values({ userId: adminUser.id, roleId: adminRoleRow.id })
.onConflictDoNothing();
}
if (regularUser && userRoleRow) {
await db
.insert(userRolesTable)
.values({ userId: regularUser.id, roleId: userRoleRow.id })
.onConflictDoNothing();
}
console.log("Roles assigned");
// Create apps
const apps = [
{
slug: "services",
nameAr: "خدماتي",
nameEn: "My Services",
descriptionAr: "اطلب خدماتك الداخلية بسهولة",
descriptionEn: "Order your internal services easily",
iconName: "Coffee",
route: "/services",
color: "#f59e0b",
isActive: true,
isSystem: true,
sortOrder: 1,
},
{
slug: "notifications",
nameAr: "الإشعارات",
nameEn: "Notifications",
descriptionAr: "إدارة الإشعارات والتنبيهات",
descriptionEn: "Manage your notifications and alerts",
iconName: "Bell",
route: "/notifications",
color: "#8b5cf6",
isActive: true,
isSystem: true,
sortOrder: 3,
},
{
slug: "admin",
nameAr: "لوحة التحكم",
nameEn: "Admin Panel",
descriptionAr: "إدارة النظام والمستخدمين",
descriptionEn: "System and user management",
iconName: "Settings",
route: "/admin",
color: "#ef4444",
isActive: true,
isSystem: true,
sortOrder: 4,
},
{
slug: "calendar",
nameAr: "التقويم",
nameEn: "Calendar",
descriptionAr: "الاجتماعات والمواعيد",
descriptionEn: "Meetings and appointments",
iconName: "Calendar",
route: "/calendar",
color: "#3b82f6",
isActive: true,
isSystem: false,
sortOrder: 5,
},
{
slug: "documents",
nameAr: "المستندات",
nameEn: "Documents",
descriptionAr: "مستودع المستندات والملفات",
descriptionEn: "Documents and files repository",
iconName: "FileText",
route: "/documents",
color: "#64748b",
isActive: true,
isSystem: false,
sortOrder: 6,
},
{
slug: "executive-meetings",
nameAr: "إدارة الاجتماعات التنفيذية",
nameEn: "Executive Meetings",
descriptionAr: "جدولة اجتماعات المكتب التنفيذي ومتابعتها",
descriptionEn: "Schedule and track executive office meetings",
iconName: "CalendarClock",
route: "/meetings",
color: "#0B1E3F",
isActive: true,
isSystem: false,
sortOrder: 7,
},
];
// Drift guard: every built-in slug (those with hardcoded routes in the
// SPA, see lib/db/src/built-in-apps.ts) that this seed actually creates
// here must use the same `route` the SPA expects. We don't require ALL
// built-in slugs to be seeded (some, like "notes" / "my-orders" /
// "orders-incoming", are user-created later), but if we DO seed one,
// the route must match the hardcoded SPA route.
const expectedBuiltinRoutes: Record<string, string> = {
services: "/services",
notifications: "/notifications",
admin: "/admin",
notes: "/notes",
"my-orders": "/my-orders",
"orders-incoming": "/orders/incoming",
"executive-meetings": "/meetings",
calendar: "/calendar",
documents: "/documents",
};
for (const a of apps) {
if ((BUILTIN_APP_SLUGS as readonly string[]).includes(a.slug)) {
const expected = expectedBuiltinRoutes[a.slug];
if (expected && a.route !== expected) {
throw new Error(
`seed: built-in app "${a.slug}" must use route "${expected}" (got "${a.route}"). ` +
`Built-in slugs are listed in lib/db/src/built-in-apps.ts and have hardcoded SPA routes in artifacts/tx-os/src/App.tsx.`,
);
}
}
}
const insertedApps = await db.insert(appsTable).values(apps).onConflictDoNothing().returning();
console.log("Apps created");
// Force the executive-meetings row onto the canonical /meetings route.
// The slug is in BUILTIN_APP_SLUGS, so the SPA owns its route — any
// drift in the DB (including legacy /executive-meetings or other
// experimental values) would launch the home tile at a path that
// has no React route and silently break the app. `onConflictDoNothing`
// above skips updating existing rows, so this UPDATE is what carries
// the route migration into already-deployed environments. The WHERE
// by slug keeps it idempotent across re-seeds.
await db
.update(appsTable)
.set({ route: "/meetings" })
.where(eq(appsTable.slug, "executive-meetings"));
// Restrict admin app to users with apps:manage permission
const allPerms = await db.select().from(permissionsTable);
const appsManagePerm = allPerms.find((p) => p.name === "apps:manage");
const adminApp = insertedApps.find((a) => a.slug === "admin")
?? (await db.select().from(appsTable).where(eq(appsTable.slug, "admin")))[0];
if (adminApp && appsManagePerm) {
await db
.insert(appPermissionsTable)
.values({ appId: adminApp.id, permissionId: appsManagePerm.id })
.onConflictDoNothing();
console.log("App permissions set: admin app restricted to apps:manage permission");
}
// Create service categories
const categories = [
{ nameAr: "مشروبات", nameEn: "Beverages", sortOrder: 1 },
{ nameAr: "أغذية", nameEn: "Food", sortOrder: 2 },
{ nameAr: "أخرى", nameEn: "Other", sortOrder: 3 },
];
const insertedCategories = await db
.insert(serviceCategoriesTable)
.values(categories)
.onConflictDoNothing()
.returning();
const beveragesCat = insertedCategories[0];
// ----- Services: idempotent renames for legacy rows -----
// Older deployments seeded "Arabic Coffee" / "قهوة عربية" and
// "قهوة بلاك". Rename them BEFORE the insert below so the insert's
// onConflictDoNothing (target: nameEn) sees the new "Saudi Coffee"
// name already present and skips it — avoiding a unique-constraint
// collision on services.name_en. Never overwrite an imageUrl that
// an admin has already customized.
const existingServices = await db.select().from(servicesTable);
const legacyArabicCoffee = existingServices.find(
(s) => s.nameEn === "Arabic Coffee",
);
if (legacyArabicCoffee) {
await db
.update(servicesTable)
.set({
nameAr: "قهوة سعودي",
nameEn: "Saudi Coffee",
imageUrl:
legacyArabicCoffee.imageUrl &&
legacyArabicCoffee.imageUrl !== "service-images/arabic-coffee.png"
? legacyArabicCoffee.imageUrl
: "service-images/saudi-coffee.png",
})
.where(eq(servicesTable.id, legacyArabicCoffee.id));
}
const legacyBlackCoffee = existingServices.find(
(s) => s.nameEn === "Black Coffee" && s.nameAr === "قهوة بلاك",
);
if (legacyBlackCoffee) {
await db
.update(servicesTable)
.set({ nameAr: "بلاك كوفي" })
.where(eq(servicesTable.id, legacyBlackCoffee.id));
}
// Create services
const services = [
{
categoryId: beveragesCat?.id ?? null,
nameAr: "شاي",
nameEn: "Tea",
price: "0.00",
isAvailable: true,
sortOrder: 1,
},
{
categoryId: beveragesCat?.id ?? null,
nameAr: "قهوة سعودي",
nameEn: "Saudi Coffee",
imageUrl: "service-images/saudi-coffee.png",
price: "0.00",
isAvailable: true,
sortOrder: 2,
},
{
categoryId: beveragesCat?.id ?? null,
nameAr: "بلاك كوفي",
nameEn: "Black Coffee",
price: "0.00",
isAvailable: true,
sortOrder: 3,
},
{
categoryId: beveragesCat?.id ?? null,
nameAr: "عصير طازج",
nameEn: "Fresh Juice",
price: "5.00",
isAvailable: true,
sortOrder: 5,
},
];
await db.insert(servicesTable).values(services).onConflictDoNothing({ target: servicesTable.nameEn });
console.log("Services created");
// ----- Groups: idempotent migration -----
await db
.insert(groupsTable)
.values([
{
name: "Admins",
descriptionAr: "مديرو النظام",
descriptionEn: "System administrators",
isSystem: 1,
},
{
name: "Tx",
descriptionAr: "فريق إعداد وتقديم الطلبات",
descriptionEn: "Team that prepares and delivers orders",
isSystem: 1,
},
{
name: "Everyone",
descriptionAr: "كل المستخدمين",
descriptionEn: "All users",
isSystem: 1,
},
])
.onConflictDoNothing();
// One-time migration: rename legacy "TeaBoy" group to "Tx" if it still exists
// and the new "Tx" group hasn't been created yet.
const existingGroups = await db.select().from(groupsTable);
const legacy = existingGroups.find((g) => g.name === "TeaBoy");
const newOne = existingGroups.find((g) => g.name === "Tx");
if (legacy && !newOne) {
await db
.update(groupsTable)
.set({ name: "Tx" })
.where(eq(groupsTable.id, legacy.id));
}
const allGroups = await db.select().from(groupsTable);
const adminsGroup = allGroups.find((g) => g.name === "Admins");
const txGroup = allGroups.find((g) => g.name === "Tx");
const everyoneGroup = allGroups.find((g) => g.name === "Everyone");
const allRolesNow = await db.select().from(rolesTable);
const adminRoleNow = allRolesNow.find((r) => r.name === "admin");
const orderReceiverNow = allRolesNow.find((r) => r.name === "order_receiver");
// Group → roles
if (adminsGroup && adminRoleNow) {
await db
.insert(groupRolesTable)
.values({ groupId: adminsGroup.id, roleId: adminRoleNow.id })
.onConflictDoNothing();
}
if (txGroup && orderReceiverNow) {
await db
.insert(groupRolesTable)
.values({ groupId: txGroup.id, roleId: orderReceiverNow.id })
.onConflictDoNothing();
}
// Group → apps
const allAppsNow = await db.select().from(appsTable);
if (adminsGroup) {
await db
.insert(groupAppsTable)
.values(allAppsNow.map((a) => ({ groupId: adminsGroup.id, appId: a.id })))
.onConflictDoNothing();
}
// The Tx receivers group gets the services app (where receivers see incoming orders)
if (txGroup) {
const servicesApp = allAppsNow.find((a) => a.slug === "services");
if (servicesApp) {
await db
.insert(groupAppsTable)
.values({ groupId: txGroup.id, appId: servicesApp.id })
.onConflictDoNothing();
}
}
// Map existing users to groups idempotently
const allUsersNow = await db.select({ id: usersTable.id }).from(usersTable);
if (everyoneGroup && allUsersNow.length > 0) {
await db
.insert(userGroupsTable)
.values(allUsersNow.map((u) => ({ userId: u.id, groupId: everyoneGroup.id })))
.onConflictDoNothing();
}
if (adminsGroup && adminRoleNow) {
const adminUserRows = await db
.select({ userId: userRolesTable.userId })
.from(userRolesTable)
.where(eq(userRolesTable.roleId, adminRoleNow.id));
if (adminUserRows.length > 0) {
await db
.insert(userGroupsTable)
.values(adminUserRows.map((r) => ({ userId: r.userId, groupId: adminsGroup.id })))
.onConflictDoNothing();
}
}
if (txGroup && orderReceiverNow) {
const receiverRows = await db
.select({ userId: userRolesTable.userId })
.from(userRolesTable)
.where(eq(userRolesTable.roleId, orderReceiverNow.id));
if (receiverRows.length > 0) {
await db
.insert(userGroupsTable)
.values(receiverRows.map((r) => ({ userId: r.userId, groupId: txGroup.id })))
.onConflictDoNothing();
}
}
console.log("Groups created and existing users mapped");
// Executive meetings: roles
const execRoles = [
{
name: "executive_ceo",
descriptionAr: "الرئيس التنفيذي",
descriptionEn: "Chief Executive Officer",
isSystem: 1,
},
{
name: "executive_office_manager",
descriptionAr: "مدير المكتب التنفيذي",
descriptionEn: "Executive Office Manager",
isSystem: 1,
},
{
name: "executive_coord_lead",
descriptionAr: "رئيس التنسيق والتوثيق",
descriptionEn: "Coordination Lead",
isSystem: 1,
},
{
name: "executive_coordinator",
descriptionAr: "منسق المكتب التنفيذي",
descriptionEn: "Executive Coordinator",
isSystem: 1,
},
{
name: "executive_viewer",
descriptionAr: "مشاهد الاجتماعات التنفيذية",
descriptionEn: "Executive Meetings Viewer",
isSystem: 1,
},
];
await db.insert(rolesTable).values(execRoles).onConflictDoNothing();
console.log("Executive Meetings roles created");
// Executive meetings: gate the home-screen icon to executive roles only.
// This adds a single permission, grants it to admin + the 5 executive
// roles, and links it to the `executive-meetings` app via app_permissions
// so getVisibleAppsForUser will hide the icon for everyone else.
// All three inserts are idempotent.
await db
.insert(permissionsTable)
.values({
name: "executive_meetings.access",
descriptionAr: "الوصول إلى وحدة الاجتماعات التنفيذية",
descriptionEn: "Access the Executive Meetings module",
})
.onConflictDoNothing();
const [execAccessPerm] = await db
.select()
.from(permissionsTable)
.where(eq(permissionsTable.name, "executive_meetings.access"));
if (execAccessPerm) {
const execRoleNames = [
"admin",
"executive_ceo",
"executive_office_manager",
"executive_coord_lead",
"executive_coordinator",
"executive_viewer",
];
const allRolesNow = await db.select().from(rolesTable);
const execRoleRows = allRolesNow.filter((r) => execRoleNames.includes(r.name));
if (execRoleRows.length > 0) {
await db
.insert(rolePermissionsTable)
.values(
execRoleRows.map((r) => ({
roleId: r.id,
permissionId: execAccessPerm.id,
})),
)
.onConflictDoNothing();
}
const [execApp] = await db
.select()
.from(appsTable)
.where(eq(appsTable.slug, "executive-meetings"));
if (execApp) {
await db
.insert(appPermissionsTable)
.values({ appId: execApp.id, permissionId: execAccessPerm.id })
.onConflictDoNothing();
console.log(
"App permissions set: executive-meetings app restricted to executive_meetings.access permission",
);
}
}
// Executive meetings: sample data for today (idempotent per-date)
const today = new Date().toISOString().slice(0, 10);
const existingForToday = await db
.select({ id: executiveMeetingsTable.id })
.from(executiveMeetingsTable)
.where(eq(executiveMeetingsTable.meetingDate, today));
if (existingForToday.length === 0) {
{
const sampleMeetings: Array<{
meeting: {
dailyNumber: number;
titleAr: string;
titleEn: string;
meetingDate: string;
startTime: string;
endTime: string;
platform: "none" | "webex" | "teams" | "zoom" | "other";
isHighlighted: number;
status: string;
};
attendees: Array<{
name: string;
attendanceType: "internal" | "virtual" | "external";
}>;
}> = [
{
meeting: {
dailyNumber: 1,
titleAr: "اجتماع افتتاحي للمكتب التنفيذي",
titleEn: "Executive Office Opening Meeting",
meetingDate: today,
startTime: "10:00",
endTime: "10:30",
platform: "none",
isHighlighted: 0,
status: "scheduled",
},
attendees: [
{ name: "أ. سعد العتيبي", attendanceType: "internal" },
{ name: "أ. خالد الشهري", attendanceType: "internal" },
],
},
{
meeting: {
dailyNumber: 2,
titleAr: "اجتماع بشأن خطة التحول الرقمي",
titleEn: "Digital Transformation Plan Meeting",
meetingDate: today,
startTime: "11:00",
endTime: "11:30",
platform: "webex",
isHighlighted: 0,
status: "scheduled",
},
attendees: [
{ name: "د. محمد الزهراني", attendanceType: "virtual" },
{ name: "أ. عبدالعزيز القحطاني", attendanceType: "virtual" },
{ name: "أ. ناصر الدوسري", attendanceType: "virtual" },
{ name: "م. فهد المالكي", attendanceType: "virtual" },
],
},
{
meeting: {
dailyNumber: 3,
titleAr: "اجتماع تحضيري لاجتماع مجلس الإدارة",
titleEn: "Board Meeting Preparation",
meetingDate: today,
startTime: "11:40",
endTime: "12:10",
platform: "none",
isHighlighted: 0,
status: "scheduled",
},
attendees: [
{ name: "أ. تركي السبيعي", attendanceType: "internal" },
{ name: "أ. ماجد الحربي", attendanceType: "internal" },
{ name: "أ. عبدالله البقمي", attendanceType: "internal" },
{ name: "أ. سلطان الغامدي", attendanceType: "internal" },
],
},
{
meeting: {
dailyNumber: 4,
titleAr: "اجتماع بشأن عرض الخطة الخاصة بالقطاعين",
titleEn: "Two-Sector Plan Presentation",
meetingDate: today,
startTime: "13:00",
endTime: "13:30",
platform: "none",
isHighlighted: 0,
status: "scheduled",
},
attendees: [
{ name: "أ. بدر العنزي", attendanceType: "internal" },
{ name: "أ. هاني المطيري", attendanceType: "internal" },
{ name: "أ. وليد الرشيدي", attendanceType: "internal" },
{ name: "أ. يوسف الجهني", attendanceType: "internal" },
{ name: "أ. عبدالرحمن الشمري", attendanceType: "internal" },
],
},
{
meeting: {
dailyNumber: 5,
titleAr: "اجتماع مع أ. عبدالله بشأن المتابعة",
titleEn: "Follow-up Meeting with Mr. Abdullah",
meetingDate: today,
startTime: "13:30",
endTime: "13:50",
platform: "none",
isHighlighted: 0,
status: "scheduled",
},
attendees: [{ name: "أ. عبدالله الزهراني", attendanceType: "internal" }],
},
{
meeting: {
dailyNumber: 6,
titleAr: "اجتماع دوري بشأن مواضيع مكتب الإدارة",
titleEn: "Periodic Office Topics Meeting",
meetingDate: today,
startTime: "14:00",
endTime: "14:30",
platform: "none",
isHighlighted: 0,
status: "scheduled",
},
attendees: [
{ name: "أ. مازن الفيفي", attendanceType: "internal" },
{ name: "أ. سامي العسيري", attendanceType: "internal" },
{ name: "أ. أحمد البلوي", attendanceType: "internal" },
],
},
{
meeting: {
dailyNumber: 7,
titleAr: "اجتماع بشأن إطار اعتماد البرامج",
titleEn: "Program Accreditation Framework",
meetingDate: today,
startTime: "14:40",
endTime: "15:10",
platform: "none",
isHighlighted: 0,
status: "scheduled",
},
attendees: [
{ name: "د. عبدالمجيد الحارثي", attendanceType: "internal" },
{ name: "د. منصور القرني", attendanceType: "internal" },
{ name: "أ. فيصل الزهراني", attendanceType: "internal" },
],
},
{
meeting: {
dailyNumber: 8,
titleAr: "اجتماع بشأن استراتيجية الموارد البشرية",
titleEn: "HR Strategy Meeting",
meetingDate: today,
startTime: "15:30",
endTime: "16:30",
platform: "webex",
isHighlighted: 1,
status: "scheduled",
},
attendees: [
{ name: "د. سعود الشهراني", attendanceType: "virtual" },
{ name: "أ. عبدالإله الحربي", attendanceType: "virtual" },
{ name: "أ. خالد العنزي", attendanceType: "virtual" },
{ name: "أ. أحمد المالكي", attendanceType: "internal" },
{ name: "أ. ناصر القحطاني", attendanceType: "internal" },
{ name: "أ. سعيد الغامدي", attendanceType: "internal" },
{ name: "أ. علي الزهراني", attendanceType: "internal" },
{ name: "أ. محمد البقمي", attendanceType: "internal" },
],
},
{
meeting: {
dailyNumber: 9,
titleAr: "اجتماع بشأن متابعة المشاريع المشتركة",
titleEn: "Joint Projects Follow-up",
meetingDate: today,
startTime: "16:40",
endTime: "17:10",
platform: "webex",
isHighlighted: 0,
status: "scheduled",
},
attendees: [
{ name: "أ. يزيد العتيبي", attendanceType: "virtual" },
{ name: "أ. تركي السهلي", attendanceType: "virtual" },
{ name: "أ. عبدالله الزيد", attendanceType: "internal" },
],
},
];
const insertedMeetings: number[] = [];
for (const { meeting, attendees } of sampleMeetings) {
const [inserted] = await db
.insert(executiveMeetingsTable)
.values(meeting)
.returning();
if (!inserted) continue;
insertedMeetings.push(inserted.id);
await db.insert(executiveMeetingAttendeesTable).values(
attendees.map((a, idx) => ({
meetingId: inserted.id,
name: a.name,
attendanceType: a.attendanceType,
sortOrder: idx,
})),
);
}
console.log("Executive Meetings sample data created for today");
// Seed example notification rules so the Notifications tab has
// representative content (one row per type/status combination so
// the page never appears empty in a fresh install).
if (insertedMeetings.length > 0) {
const adminId =
(
await db
.select({ id: usersTable.id })
.from(usersTable)
.where(eq(usersTable.username, "admin"))
)[0]?.id ?? null;
const now = new Date();
const minutes = (m: number) =>
new Date(now.getTime() + m * 60 * 1000);
const samples: Array<{
meetingId: number;
userId: number | null;
notificationType: string;
scheduledAt: Date | null;
sentAt: Date | null;
status: string;
}> = [
{
meetingId: insertedMeetings[0]!,
userId: adminId,
notificationType: "meeting_reminder_15m",
scheduledAt: minutes(15),
sentAt: null,
status: "pending",
},
{
meetingId: insertedMeetings[0]!,
userId: adminId,
notificationType: "meeting_reminder_60m",
scheduledAt: minutes(60),
sentAt: null,
status: "pending",
},
];
if (insertedMeetings[1]) {
samples.push({
meetingId: insertedMeetings[1]!,
userId: adminId,
notificationType: "meeting_invite",
scheduledAt: minutes(-30),
sentAt: minutes(-25),
status: "sent",
});
}
await db.insert(executiveMeetingNotificationsTable).values(samples);
console.log("Executive Meetings notification samples created");
}
}
} else {
console.log("Executive Meetings sample data already exists for today, skipping");
}
console.log("\n✅ Seeding complete!");
console.log("\nDemo accounts seeded (passwords from env, not logged):");
console.log(" Admin: username=admin");
console.log(" User: username=ahmed");
process.exit(0);
}
main().catch((err) => {
console.error(err);
process.exit(1);
});