import { NextRequest, NextResponse } from "next/server";
import { getServerSession } from "@/lib/auth";
import { db } from "@/lib/db";
import { bingoItems } from "@/lib/db/schema";
import { eq, and } from "drizzle-orm";
import { v4 as uuidv4 } from "uuid";

export async function GET(req: NextRequest, { params }: { params: Promise<{ campaignId: string }> }) {
  const session = await getServerSession();
  if (!session) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
  const { campaignId } = await params;
  const items = db.select().from(bingoItems).where(eq(bingoItems.campaignId, campaignId)).orderBy(bingoItems.gridIndex).all();
  return NextResponse.json(items);
}

export async function POST(req: NextRequest, { params }: { params: Promise<{ campaignId: string }> }) {
  const session = await getServerSession();
  if (!session || !session.isAdmin) {
    return NextResponse.json({ error: "Forbidden" }, { status: 403 });
  }
  try {
    const { campaignId } = await params;
    const { text, emoji, soundCategory, soundUrl, imageUrl, gridIndex } = await req.json();
    if (!text) return NextResponse.json({ error: "Text required" }, { status: 400 });

    const existing = db.select().from(bingoItems)
      .where(and(eq(bingoItems.campaignId, campaignId), eq(bingoItems.gridIndex, gridIndex)))
      .get();
    if (existing) {
      return NextResponse.json({ error: "Grid position taken" }, { status: 409 });
    }

    const id = uuidv4();
    const now = new Date().toISOString();
    db.insert(bingoItems).values({ id, campaignId, text, emoji: emoji || "💀", soundCategory: soundCategory || "horn", soundUrl: soundUrl || null, imageUrl: imageUrl || null, gridIndex, createdAt: now }).run();
    return NextResponse.json({ id });
  } catch {
    return NextResponse.json({ error: "Failed to add item" }, { status: 500 });
  }
}

export async function PUT(req: NextRequest, { params }: { params: Promise<{ campaignId: string }> }) {
  const session = await getServerSession();
  if (!session || !session.isAdmin) {
    return NextResponse.json({ error: "Forbidden" }, { status: 403 });
  }
  try {
    const { campaignId } = await params;
    const body = await req.json();
    if (!body.id) return NextResponse.json({ error: "Item ID required" }, { status: 400 });
    const updates: Record<string, unknown> = {};
    if (body.text !== undefined) updates.text = body.text;
    if (body.emoji !== undefined) updates.emoji = body.emoji;
    if (body.soundCategory !== undefined) updates.soundCategory = body.soundCategory;
    if (body.soundUrl !== undefined) updates.soundUrl = body.soundUrl;
    if (body.imageUrl !== undefined) updates.imageUrl = body.imageUrl;
    if (body.gridIndex !== undefined) updates.gridIndex = body.gridIndex;
    db.update(bingoItems).set(updates)
      .where(and(eq(bingoItems.id, body.id), eq(bingoItems.campaignId, campaignId)))
      .run();
    return NextResponse.json({ ok: true });
  } catch {
    return NextResponse.json({ error: "Update failed" }, { status: 500 });
  }
}

export async function DELETE(req: NextRequest, { params }: { params: Promise<{ campaignId: string }> }) {
  const session = await getServerSession();
  if (!session || !session.isAdmin) {
    return NextResponse.json({ error: "Forbidden" }, { status: 403 });
  }
  try {
    const { campaignId } = await params;
    const url = new URL(req.url);
    const itemId = url.searchParams.get("itemId");
    if (!itemId) return NextResponse.json({ error: "itemId required" }, { status: 400 });
    db.delete(bingoItems)
      .where(and(eq(bingoItems.id, itemId), eq(bingoItems.campaignId, campaignId)))
      .run();
    return NextResponse.json({ ok: true });
  } catch {
    return NextResponse.json({ error: "Delete failed" }, { status: 500 });
  }
}