import { NextRequest, NextResponse } from 'next/server'
import path from 'path'
import { workspaceMemberRepo } from '@/lib/database/repositories/workspace-member.repo'
import { sessionRepo } from '@/lib/database/repositories/session.repo'
import { isAuthError, requireWorkspaceAdminAccess, requireWorkspaceWriteAccess } from '@/lib/auth/session'

export async function PATCH(_req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
  const { id } = await params
  let access
  try { access = await requireWorkspaceWriteAccess(id) } catch (err) { if (isAuthError(err)) return err; throw err }

  // Update last_opened_at
  workspaceMemberRepo.touch(id)

  const updated = workspaceMemberRepo.findById(id)
  if (!updated) return NextResponse.json({ error: 'Workspace not found' }, { status: 404 })
  return NextResponse.json({ ...updated, name: path.basename(updated.path) })
}

export async function DELETE(_req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
  const { id } = await params
  let access
  try { access = await requireWorkspaceAdminAccess(id) } catch (err) { if (isAuthError(err)) return err; throw err }

  // Idempotent delete: succeed even if workspace doesn't exist in DB.
  // This avoids 404 errors when the user clicks "remove from list" for a workspace
  // that was already removed or whose folder is missing.
  workspaceMemberRepo.deleteById(id)

  // Also clean up sessions referencing this workspace (optional cleanup)
  sessionRepo.deleteByWorkspaceAndUser(id, access.user.id)

  return NextResponse.json({ ok: true })
}
