"use server";

import { auth } from "@/auth";
import { db } from "@/lib/db";
import { hasPermission } from "@/lib/permissions";
import { revalidatePath } from "next/cache";
import { z } from "zod";
import { TermsCategory } from "@prisma/client";

const schema = z.object({
  category: z.nativeEnum(TermsCategory),
  text: z.string().trim().min(1, "Clause text is required"),
});

type Result = { ok: true } | { error: string };

async function guard(): Promise<{ ok: true } | { error: string }> {
  const session = await auth();
  if (!session?.user || !hasPermission(session.user.role, "manage_terms")) {
    return { error: "Forbidden" };
  }
  return { ok: true };
}

export async function createTerm(formData: FormData): Promise<Result> {
  const g = await guard();
  if ("error" in g) return g;

  const parsed = schema.safeParse(Object.fromEntries(formData));
  if (!parsed.success) return { error: parsed.error.errors[0].message };

  await db.termsCondition.create({ data: { category: parsed.data.category, text: parsed.data.text } });
  revalidatePath("/admin/terms");
  return { ok: true };
}

export async function updateTerm(id: string, formData: FormData): Promise<Result> {
  const g = await guard();
  if ("error" in g) return g;

  const parsed = schema.safeParse(Object.fromEntries(formData));
  if (!parsed.success) return { error: parsed.error.errors[0].message };

  await db.termsCondition.update({ where: { id }, data: { category: parsed.data.category, text: parsed.data.text } });
  revalidatePath("/admin/terms");
  return { ok: true };
}

export async function toggleTermActive(id: string): Promise<Result> {
  const g = await guard();
  if ("error" in g) return g;

  const term = await db.termsCondition.findUnique({ where: { id }, select: { isActive: true } });
  if (!term) return { error: "Not found" };
  await db.termsCondition.update({ where: { id }, data: { isActive: !term.isActive } });
  revalidatePath("/admin/terms");
  return { ok: true };
}

export async function deleteTerm(id: string): Promise<Result> {
  const g = await guard();
  if ("error" in g) return g;

  // Safe to delete: POs keep their T&C as text snapshots, so no PO references this row.
  await db.termsCondition.delete({ where: { id } });
  revalidatePath("/admin/terms");
  return { ok: true };
}