meezi/src/Meezi.API/Controllers/DemoSeedController.cs

using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Meezi.API.Services;
using Meezi.Core.Interfaces;
using Meezi.Shared;

namespace Meezi.API.Controllers;

[Route("api/cafes/{cafeId}/demo")]
[Authorize]
public class DemoSeedController : CafeApiControllerBase
{
    private readonly IDemoSeedService _demoSeed;

    public DemoSeedController(IDemoSeedService demoSeed)
    {
        _demoSeed = demoSeed;
    }

    /// <summary>Seeds demo menu, tables, and inventory for any café. Owner-only.</summary>
    [HttpPost("seed")]
    public async Task<IActionResult> Seed(
        string cafeId,
        ITenantContext tenant,
        CancellationToken ct)
    {
        if (EnsureCafeAccess(cafeId, tenant) is { } denied) return denied;
        // Demo data is a setup helper; Owner or Manager may run it (matches the
        // dashboard banner, which is shown to both roles).
        if (EnsureManager(tenant) is { } managerDenied) return managerDenied;

        var result = await _demoSeed.SeedAsync(cafeId, ct);
        return Ok(new ApiResponse<DemoSeedResult>(true, result));
    }
}