import type { APIRoute } from "astro"; import { db } from "../../../../db"; import { invoices, members } from "../../../../db/schema"; import { eq, and } from "drizzle-orm"; import { recalculateInvoiceTotals } from "../../../../utils/invoice"; export const POST: APIRoute = async ({ request, redirect, locals, params, }) => { const user = locals.user; if (!user) { return redirect("/login"); } const { id: invoiceId } = params; if (!invoiceId) { return new Response("Invoice ID required", { status: 400 }); } // Fetch invoice to verify existence const invoice = await db .select() .from(invoices) .where(eq(invoices.id, invoiceId)) .get(); if (!invoice) { return new Response("Invoice not found", { status: 404 }); } // Verify membership const membership = await db .select() .from(members) .where( and( eq(members.userId, user.id), eq(members.organizationId, invoice.organizationId) ) ) .get(); if (!membership) { return new Response("Unauthorized", { status: 401 }); } const formData = await request.formData(); const number = formData.get("number") as string; const currency = formData.get("currency") as string; const issueDateStr = formData.get("issueDate") as string; const dueDateStr = formData.get("dueDate") as string; const taxRateStr = formData.get("taxRate") as string; const notes = formData.get("notes") as string; if (!number || !currency || !issueDateStr || !dueDateStr) { return new Response("Missing required fields", { status: 400 }); } try { const issueDate = new Date(issueDateStr); const dueDate = new Date(dueDateStr); const taxRate = taxRateStr ? parseFloat(taxRateStr) : 0; await db .update(invoices) .set({ number, currency, issueDate, dueDate, taxRate, notes: notes || null, }) .where(eq(invoices.id, invoiceId)); // Recalculate totals in case tax rate changed await recalculateInvoiceTotals(invoiceId); return redirect(`/dashboard/invoices/${invoiceId}`); } catch (error) { console.error("Error updating invoice:", error); return new Response("Internal Server Error", { status: 500 }); } };