import { NextRequest, NextResponse } from "next/server";
import { apiAuthMiddleware } from "@utils/apiAuthMiddleware";
import { prisma } from "@utils/prisma";

export async function POST(request: NextRequest) {
	try {
		const body = await request.json();
		const { palletNote, warehouseArea } = body;

		const authResult = await apiAuthMiddleware();
		if ("user" in authResult === false) return authResult; // Handle error response

		const { user } = authResult;

		if (user.role !== "ADMIN" && user.role !== "SCIENTIST") {
			return NextResponse.json({ error: "Not authorized" }, { status: 401 });
		}

		if (user.role === "SCIENTIST") {
			const scientist = await prisma.scientist.findUnique({
				where: {
					userId: user.id,
				},
				include: {
					subordinates: true,
				},
			});

			if (!scientist || scientist.level !== "SENIOR") {
				return NextResponse.json({ message: "Not authorised" }, { status: 401 });
			}
		}

		if (!palletNote || !warehouseArea) {
			return NextResponse.json({ error: "Missing fields" }, { status: 400 });
		}

		await prisma.pallet.create({
			data: {
				palletNote,
				warehouseArea,
			},
		});

		return NextResponse.json({ message: "Pallet logged successfully" }, { status: 200 });
	} catch (e: any) {
		return NextResponse.json({ error: e.message }, { status: 500 });
	}
}