import type { APIRoute } from "astro";
import { db } from "../../../db";
import { organizations, members } from "../../../db/schema";
import { eq, and } from "drizzle-orm";

export const POST: APIRoute = async ({ request, locals, redirect }) => {
  const user = locals.user;
  if (!user) {
    return redirect("/login");
  }

  const formData = await request.formData();
  const organizationId = formData.get("organizationId") as string;
  const name = formData.get("name") as string;

  if (!organizationId || !name || name.trim().length === 0) {
    return new Response("Organization ID and name are required", {
      status: 400,
    });
  }

  try {
    // Verify user is admin/owner of this organization
    const membership = await db
      .select()
      .from(members)
      .where(
        and(
          eq(members.userId, user.id),
          eq(members.organizationId, organizationId),
        ),
      )
      .get();

    if (!membership) {
      return new Response("Not authorized", { status: 403 });
    }

    const isAdmin = membership.role === "owner" || membership.role === "admin";
    if (!isAdmin) {
      return new Response(
        "Only owners and admins can update organization settings",
        { status: 403 },
      );
    }

    // Update organization name
    await db
      .update(organizations)
      .set({ name: name.trim() })
      .where(eq(organizations.id, organizationId))
      .run();

    return redirect("/dashboard/team/settings?success=org-name");
  } catch (error) {
    console.error("Error updating organization name:", error);
    return new Response("Failed to update organization name", { status: 500 });
  }
};