1. Lookup tables (enums, status codes)
   ↓
2. Master data (roles, permissions, users)
   ↓
3. Configuration (system settings)
   ↓
4. Optional: Demo data (for development)

// internal/domains/excel_import/excel_import_data_seeder.go
func (s *excel_import_service) UserInitiateDataSeeder(
    payload dto.WarehouseSetupNewMerchant,
) []User {
    return []User{
        {
            UserCode:          fmt.Sprintf("USR-%s-ADM-000001", payload.Merchant.MerchantPrefix),
            Username:          fmt.Sprintf("admin.%s", payload.Merchant.MerchantPrefix),
            Email:             fmt.Sprintf("admin.%s", payload.Merchant.MerchantEmail),
            Phone:             payload.Branch.BranchPhone,
            Password:          hashPassword(fmt.Sprintf("admin.%s", payload.Merchant.MerchantPrefix)),
            IsActive:          true,
            IsLocked:          false,
            Lang:              "id",
            Theme:             "light",
            Tz:                "Asia/Jakarta",
            IsEmailVerified:   false,
        },
        {
            UserCode:          fmt.Sprintf("USR-%s-OWN-MGR-000001", payload.Merchant.MerchantPrefix),
            Username:          fmt.Sprintf("owner-manager.%s", payload.Merchant.MerchantPrefix),
            Email:             fmt.Sprintf("owner-manager.%s", payload.Merchant.MerchantEmail),
            Phone:             payload.Branch.BranchPhone,
            Password:          hashPassword(fmt.Sprintf("owner.%s", payload.Merchant.MerchantPrefix)),
            IsActive:          true,
            IsLocked:          false,
            Lang:              "id",
            Theme:             "light",
            Tz:                "Asia/Jakarta",
            IsEmailVerified:   false,
        },
        // ... more users
    }
}

// internal/domains/excel_import/excel_import_data_seeder_multilevel.go
func (s *excel_import_service) RoleInitiateDataSeederMultiLevel() []Role {
    return []Role{
        // =====================================================
        // L0 — MICRO / SOLO
        // =====================================================
        {
            RoleCode:        "OWN",
            Name:            "Owner",
            Description:     "Pemilik tunggal dengan akses penuh ke semua modul",
            AvailableLevels: "L0",
        },
        {
            RoleCode:        "CSH",
            Name:            "Cashier",
            Description:     "Kasir untuk input transaksi harian",
            AvailableLevels: "L0,L1,L2,L3,L4",
        },
        {
            RoleCode:        "VWR",
            Name:            "Viewer",
            Description:     "Hanya dapat melihat laporan (read-only)",
            AvailableLevels: "L0,L1,L2,L3,L4",
        },

        // =====================================================
        // L1 — SME (Small–Medium Enterprise)
        // =====================================================
        {
            RoleCode:        "OWN-MGR",
            Name:            "Owner & Manager",
            Description:     "Pemilik usaha dengan akses ke semua modul",
            AvailableLevels: "L1,L2,L3,L4",
        },
        {
            RoleCode:        "FIN-MGR",
            Name:            "Finance Manager",
            Description:     "Keuangan, laporan, dan manajemen kas",
            AvailableLevels: "L1,L2,L3,L4",
        },
        {
            RoleCode:        "INV-MGR",
            Name:            "Inventory Manager",
            Description:     "Manajemen stok dan gudang",
            AvailableLevels: "L1,L2,L3,L4",
        },
        {
            RoleCode:        "HR-MGR",
            Name:            "HR Manager",
            Description:     "Manajemen HR dan payroll dasar",
            AvailableLevels: "L1,L2,L3,L4",
        },
        {
            RoleCode:        "AUD",
            Name:            "Auditor",
            Description:     "Read-only untuk audit internal",
            AvailableLevels: "L1,L2,L3,L4",
        },

        // =====================================================
        // L2 — ENTERPRISE
        // =====================================================
        {
            RoleCode:        "ADM-BIZ",
            Name:            "Business Admin",
            Description:     "Konfigurasi bisnis, tax, COA, workflow",
            AvailableLevels: "L2,L3,L4",
        },
        {
            RoleCode:        "ADM-SYS",
            Name:            "System Admin",
            Description:     "Deployment, backup, server, monitoring",
            AvailableLevels: "L2,L3,L4",
        },
        {
            RoleCode:        "ACC-MGR",
            Name:            "Accounting Manager",
            Description:     "Review dan approval jurnal keuangan",
            AvailableLevels: "L2,L3,L4",
        },
        // ... more roles
    }
}

func (s *excel_import_service) PermissionInitiateDataSeederMultiLevel() []Permission {
    return []Permission{
        {
            PermissionCode: "user.create",
            Name:           "Create User",
            Description:    "Dapat membuat user baru",
            Module:         "user_management",
        },
        {
            PermissionCode: "user.read",
            Name:           "Read User",
            Description:    "Dapat melihat data user",
            Module:         "user_management",
        },
        {
            PermissionCode: "transaction.create",
            Name:           "Create Transaction",
            Description:    "Dapat membuat transaksi baru",
            Module:         "transaction",
        },
        // ... more permissions
    }
}

func (s *excel_import_service) RolePermissionInitiateDataSeederMultiLevel() []RolePermission {
    return []RolePermission{
        // Owner (L0) — Full access
        {RoleCode: "OWN", PermissionCode: "user.create"},
        {RoleCode: "OWN", PermissionCode: "user.read"},
        {RoleCode: "OWN", PermissionCode: "transaction.create"},
        
        // Cashier (L0-L4) — Limited access
        {RoleCode: "CSH", PermissionCode: "transaction.create"},
        {RoleCode: "CSH", PermissionCode: "transaction.read"},
        
        // Finance Manager (L1+) — Finance access
        {RoleCode: "FIN-MGR", PermissionCode: "transaction.read"},
        {RoleCode: "FIN-MGR", PermissionCode: "report.financial"},
        {RoleCode: "FIN-MGR", PermissionCode: "approval.payment"},
        
        // ... more mappings
    }
}

# Seed all data
go run cmd/tools/seeder.go

# Seed specific data
go run cmd/tools/seeder.go --type=roles
go run cmd/tools/seeder.go --type=users
go run cmd/tools/seeder.go --type=permissions

# Trigger seeding via API
curl -X POST http://localhost:8080/api/admin/seed \
  -H "Authorization: Bearer {token}" \
  -H "Content-Type: application/json" \
  -d '{
    "types": ["roles", "permissions", "users"],
    "merchant_id": 1
  }'

-- Insert lookup data
INSERT INTO lookup_codes (code, name, category) VALUES
  ('L0', 'Micro', 'business_level'),
  ('L1', 'SME', 'business_level'),
  ('L2', 'Enterprise', 'business_level'),
  ('L3', 'Holding', 'business_level'),
  ('L4', 'MNC', 'business_level');

-- Insert roles
INSERT INTO roles (role_code, name, description, available_levels) VALUES
  ('OWN', 'Owner', 'Pemilik tunggal', 'L0'),
  ('CSH', 'Cashier', 'Kasir', 'L0,L1,L2,L3,L4'),
  ('FIN-MGR', 'Finance Manager', 'Keuangan', 'L1,L2,L3,L4');