import { auth } from "@/lib/auth";
import { db } from "@/lib/db";
import { servicios } from "@/lib/schema";
import { eq } from "drizzle-orm";

export async function GET(req: Request, { params }: { params: Promise<{ id: string }> }) {
  const session = await auth();
  if (!session) return Response.json({ error: "Unauthorized" }, { status: 401 });

  const { id } = await params;
  const numId = parseInt(id);
  if (isNaN(numId) || numId <= 0) return Response.json({ error: "Invalid ID" }, { status: 400 });

  const [svc] = await db.select().from(servicios).where(eq(servicios.id, numId)).limit(1);
  if (!svc) return Response.json({ error: "Not found" }, { status: 404 });
  return Response.json(svc);
}

export async function PUT(req: Request, { params }: { params: Promise<{ id: string }> }) {
  const session = await auth();
  if (!session) return Response.json({ error: "Unauthorized" }, { status: 401 });
  if (session.user.role !== "admin") return Response.json({ error: "Forbidden" }, { status: 403 });

  const { id } = await params;
  const numId = parseInt(id);
  if (isNaN(numId) || numId <= 0) return Response.json({ error: "Invalid ID" }, { status: 400 });

  const body = await req.json();
  const { nombre, porcentaje, color, activo } = body;

  const [updated] = await db.update(servicios)
    .set({ nombre, porcentaje, color, activo })
    .where(eq(servicios.id, numId))
    .returning();

  return Response.json(updated);
}

export async function DELETE(req: Request, { params }: { params: Promise<{ id: string }> }) {
  const session = await auth();
  if (!session) return Response.json({ error: "Unauthorized" }, { status: 401 });
  if (session.user.role !== "admin") return Response.json({ error: "Forbidden" }, { status: 403 });

  const { id } = await params;
  const numId = parseInt(id);
  if (isNaN(numId) || numId <= 0) return Response.json({ error: "Invalid ID" }, { status: 400 });

  await db.update(servicios).set({ activo: 0 }).where(eq(servicios.id, numId));
  return Response.json({ success: true });
}