// Next.js API route support: https://nextjs.org/docs/api-routes/introduction
import type {NextApiRequest, NextApiResponse} from "next";
import {app} from "@/firebase";
import {getFirestore, collection, getDocs, setDoc, doc} from "firebase/firestore";
import {withIronSessionApiRoute} from "iron-session/next";
import {sessionOptions} from "@/lib/session";
import {Group} from "@/interfaces/user";
import {Package} from "@/interfaces/paypal";
import {v4} from "uuid";

const db = getFirestore(app);

export default withIronSessionApiRoute(handler, sessionOptions);

async function handler(req: NextApiRequest, res: NextApiResponse) {
	if (!req.session.user) {
		res.status(401).json({ok: false});
		return;
	}

	if (req.method === "GET") await get(req, res);
	if (req.method === "POST") await post(req, res);
}

async function get(req: NextApiRequest, res: NextApiResponse) {
	const snapshot = await getDocs(collection(db, "packages"));

	res.status(200).json(
		snapshot.docs.map((doc) => ({
			id: doc.id,
			...doc.data(),
		})),
	);
}

async function post(req: NextApiRequest, res: NextApiResponse) {
	if (!["developer", "admin"].includes(req.session.user!.type))
		return res.status(403).json({ok: false, reason: "You do not have permission to create a new package"});

	const body = req.body as Package;

	await setDoc(doc(db, "packages", v4()), body);
	res.status(200).json({ok: true});
}