import { NextRequest, NextResponse } from 'next/server';
import { PrismaClient } from '@prisma/client';
import { requireStaffAuth } from '@/lib/auth';

const prisma = new PrismaClient();

export async function GET(
    request: NextRequest,
    { params }: { params: Promise<{ id: string }> }
) {
    const { error, context } = await requireStaffAuth(request);
    if (error || !context) return error!;

    if (context.role !== 'curator') {
        return NextResponse.json(
            { error: 'Only curators can access this endpoint' },
            { status: 403 }
        );
    }

    const { id } = await params;
    const specialId = Number(id);
    if (!specialId || Number.isNaN(specialId)) {
        return NextResponse.json({ error: 'Invalid special id' }, { status: 400 });
    }

    // Prüfen, ob dieses Special dem Kurator zugeordnet ist
    const assignment = await prisma.curatorSpecial.findFirst({
        where: { curatorId: context.curator.id, specialId },
    });

    if (!assignment) {
        return NextResponse.json(
            { error: 'Forbidden: You are not allowed to access this special' },
            { status: 403 }
        );
    }

    const special = await prisma.special.findUnique({
        where: { id: specialId },
        include: {
            songs: {
                include: {
                    song: true,
                },
                orderBy: { order: 'asc' },
            },
        },
    });

    if (!special) {
        return NextResponse.json({ error: 'Special not found' }, { status: 404 });
    }

    return NextResponse.json(special);
}