rtrips-online/src/app/api/trips/[id]/route.ts

import { NextRequest, NextResponse } from 'next/server';
import { prisma } from '@/lib/prisma';
import { requireAuth, isAuthed, requireTripRole } from '@/lib/auth';

export async function GET(
  _request: NextRequest,
  { params }: { params: { id: string } }
) {
  try {
    const trip = await prisma.trip.findUnique({
      where: { id: params.id },
      include: {
        destinations: { orderBy: { sortOrder: 'asc' } },
        itineraryItems: { orderBy: [{ date: 'asc' }, { sortOrder: 'asc' }] },
        bookings: { orderBy: { startDate: 'asc' } },
        expenses: { orderBy: { date: 'desc' } },
        packingItems: { orderBy: [{ category: 'asc' }, { sortOrder: 'asc' }] },
        collaborators: { include: { user: true } },
      },
    });

    if (!trip) {
      return NextResponse.json({ error: 'Trip not found' }, { status: 404 });
    }

    return NextResponse.json(trip);
  } catch (error) {
    console.error('Get trip error:', error);
    return NextResponse.json(
      { error: 'Failed to get trip' },
      { status: 500 }
    );
  }
}

export async function PUT(
  request: NextRequest,
  { params }: { params: { id: string } }
) {
  try {
    const auth = await requireAuth(request);
    if (!isAuthed(auth)) return auth;

    const role = await requireTripRole(auth.user.id, params.id, 'EDITOR');
    if (role instanceof NextResponse) return role;

    const body = await request.json();
    const trip = await prisma.trip.update({
      where: { id: params.id },
      data: {
        title: body.title,
        description: body.description,
        startDate: body.startDate ? new Date(body.startDate) : undefined,
        endDate: body.endDate ? new Date(body.endDate) : undefined,
        budgetTotal: body.budgetTotal,
        budgetCurrency: body.budgetCurrency,
        status: body.status,
      },
    });

    return NextResponse.json(trip);
  } catch (error) {
    console.error('Update trip error:', error);
    return NextResponse.json(
      { error: 'Failed to update trip' },
      { status: 500 }
    );
  }
}

export async function DELETE(
  request: NextRequest,
  { params }: { params: { id: string } }
) {
  try {
    const auth = await requireAuth(request);
    if (!isAuthed(auth)) return auth;

    const role = await requireTripRole(auth.user.id, params.id, 'OWNER');
    if (role instanceof NextResponse) return role;

    await prisma.trip.delete({ where: { id: params.id } });
    return NextResponse.json({ ok: true });
  } catch (error) {
    console.error('Delete trip error:', error);
    return NextResponse.json(
      { error: 'Failed to delete trip' },
      { status: 500 }
    );
  }
}