import { hasPermission, Role } from "@/lib/validation/permissions";
import { createTRPCRouter, protectedProcedure } from "../trpc";
import { z } from "zod";
import { users } from "@/server/db/schema";
import { desc, eq } from "drizzle-orm";
import { userSchema } from "@/lib/validation/zod/user";

export const usersRouter = createTRPCRouter({
  updateProfile: protectedProcedure
    .input(z.object({ profile: userSchema }))
    .mutation(async ({ ctx, input }) => {
      return await ctx.db
        .update(users)
        .set(input.profile)
        .where(eq(users.id, ctx.session.user.id))
        .returning({ id: users.id });
    }),

  getAll: protectedProcedure.query(async ({ ctx }) => {
    const isAdmin = hasPermission(ctx.session.user.role, Role.ADMIN);
    if (!isAdmin) throw new Error("You are not allowed to get all users");
    return await ctx.db.query.users.findMany({
      orderBy: desc(users.role),
      columns: {
        name: true,
        email: true,
        role: true,
        id: true,
      },
    });
  }),

  setPermission: protectedProcedure
    .input(z.object({ userId: z.string(), permission: z.number() }))
    .mutation(async ({ ctx, input }) => {
      const isAdmin = hasPermission(ctx.session.user.role, Role.ADMIN);
      if (!isAdmin)
        throw new Error("You are not allowed to set user permissions");
      return await ctx.db
        .update(users)
        .set({
          role: input.permission,
        })
        .where(eq(users.id, input.userId))
        .returning({ id: users.id });
    }),
});