import { NextRequest } from 'next/server';
import { apiHandler, ok } from '@/lib/utils/api';
import { userService } from '@/lib/services/user.service';
import { updateUserSchema } from '@/lib/validators';
import { requireAdmin, HttpError } from '@/lib/auth/session';

function parseId(raw: string): number {
  const id = Number(raw);
  if (!Number.isInteger(id) || id <= 0) throw new HttpError(400, 'Invalid id');
  return id;
}

export async function PATCH(req: NextRequest, ctx: { params: { id: string } }) {
  return apiHandler(async () => {
    await requireAdmin();
    const id = parseId(ctx.params.id);
    const input = updateUserSchema.parse(await req.json());
    const updated = await userService.update(id, input);
    return ok(updated);
  });
}

export async function DELETE(_req: NextRequest, ctx: { params: { id: string } }) {
  return apiHandler(async () => {
    const admin = await requireAdmin();
    const id = parseId(ctx.params.id);
    await userService.delete(id, admin.userId);
    return ok({ success: true });
  });
}