import { NextRequest, NextResponse } from 'next/server'
import { workspaceMemberRepo } from '@/lib/database/repositories/workspace-member.repo'
import { userRepo } from '@/lib/database/repositories/user.repo'
import { isAuthError, requireWorkspaceAdminAccess } from '@/lib/auth/session'
import { isWorkspaceRole } from '@/lib/auth/workspace-access'

export async function GET(_req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
  const { id } = await params
  try { await requireWorkspaceAdminAccess(id) } catch (err) { if (isAuthError(err)) return err; throw err }

  const members = workspaceMemberRepo.listMembersWithUser(id)
  return NextResponse.json(members)
}

export async function POST(req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
  const { id } = await params
  try { await requireWorkspaceAdminAccess(id) } catch (err) { if (isAuthError(err)) return err; throw err }

  let body: { userId?: string; role?: unknown }
  try { body = await req.json() } catch { return NextResponse.json({ error: 'Invalid JSON' }, { status: 400 }) }
  if (!body.userId) return NextResponse.json({ error: 'userId is required' }, { status: 400 })
  if (!isWorkspaceRole(body.role)) return NextResponse.json({ error: 'Invalid role' }, { status: 400 })

  if (!userRepo.findById(body.userId)) {
    return NextResponse.json({ error: 'User not found' }, { status: 404 })
  }

  const member = workspaceMemberRepo.upsertMember(id, body.userId, body.role)
  return NextResponse.json(member, { status: 201 })
}
