const db = require('./src/config/database');
const lessonQueries = require('./src/models/queries/lesson.queries');

/**
 * Seed the four new offensive security lessons into the database
 */
const seedNewLessons = async () => {
  const lessons = [
    {
      lessonKey: 'xss-deeplink-demo',
      title: 'Cross-Site Scripting (XSS) - Deeplink Injection',
      description: 'Learn how XSS attacks work through URL parameter manipulation and deeplink injection',
      modulePath: 'xss-deeplink-demo',
      configPath: 'xss-deeplink-demo.yaml',
      difficultyLevel: 'intermediate',
      estimatedDuration: 20
    },
    {
      lessonKey: 'script-injection-forum',
      title: 'Stored XSS - Forum Comment Injection',
      description: 'Learn how script injection in user-generated content can compromise entire platforms through stored XSS attacks',
      modulePath: 'script-injection-forum',
      configPath: 'script-injection-forum.yaml',
      difficultyLevel: 'intermediate',
      estimatedDuration: 25
    },
    {
      lessonKey: 'social-engineering-password',
      title: 'Social Engineering - Passwortsicherheit',
      description: 'Lernen Sie, wie persönliche Informationen aus sozialen Medien zu schwachen Passwörtern führen können',
      modulePath: 'social-engineering-password',
      configPath: 'social-engineering-password.yaml',
      difficultyLevel: 'beginner',
      estimatedDuration: 20
    },
    {
      lessonKey: 'idor-demo',
      title: 'IDOR - Insecure Direct Object Reference',
      description: 'Learn how insecure direct object references allow unauthorized access to other users\' data through URL manipulation',
      modulePath: 'idor-demo',
      configPath: 'idor-demo.yaml',
      difficultyLevel: 'intermediate',
      estimatedDuration: 22
    }
  ];

  console.log('🌱 Seeding new offensive security lessons...\n');

  for (const lesson of lessons) {
    try {
      // Check if lesson already exists
      const existing = await lessonQueries.getLessonByKey(lesson.lessonKey);

      if (existing) {
        console.log(`⏭️  Lesson "${lesson.lessonKey}" already exists, skipping...`);
        continue;
      }

      // Create lesson
      await lessonQueries.createLesson(
        lesson.lessonKey,
        lesson.title,
        lesson.description,
        lesson.modulePath,
        lesson.configPath,
        lesson.difficultyLevel,
        lesson.estimatedDuration
      );

      console.log(`✅ Created lesson: ${lesson.title}`);
    } catch (error) {
      console.error(`❌ Error creating lesson "${lesson.lessonKey}":`, error.message);
    }
  }
};

// Run if called directly
if (require.main === module) {
  seedNewLessons()
    .then(() => {
      console.log('\n✅ Lesson seeding complete!');
      console.log('\nYou can now:');
      console.log('1. Login to the admin panel (username: admin, password: admin123)');
      console.log('2. Create or edit an event');
      console.log('3. Add these lessons to your event:');
      console.log('   - Cross-Site Scripting (XSS) - Deeplink Injection');
      console.log('   - Stored XSS - Forum Comment Injection');
      console.log('   - Social Engineering - Passwortsicherheit');
      console.log('   - IDOR - Insecure Direct Object Reference');
      process.exit(0);
    })
    .catch(error => {
      console.error('\n❌ Lesson seeding failed:', error);
      process.exit(1);
    });
}

module.exports = { seedNewLessons };