defmodule Mv.Authorization.PermissionSets do
  @moduledoc """
  Defines the four hardcoded permission sets for the application.

  This is a minimal stub implementation. The full implementation
  with all permission details will be added in a subsequent issue.

  ## Permission Sets

  1. **own_data** - Default for "Mitglied" role
  2. **read_only** - For "Vorstand" and "Buchhaltung" roles
  3. **normal_user** - For "Kassenwart" role
  4. **admin** - For "Admin" role

  ## Usage

      # Get list of all valid permission set names
      PermissionSets.all_permission_sets()
      # => [:own_data, :read_only, :normal_user, :admin]
  """

  @doc """
  Returns the list of all valid permission set names.

  ## Examples

      iex> PermissionSets.all_permission_sets()
      [:own_data, :read_only, :normal_user, :admin]
  """
  @spec all_permission_sets() :: [atom()]
  def all_permission_sets do
    [:own_data, :read_only, :normal_user, :admin]
  end
end