import { NextResponse } from "next/server"; import { z } from "zod"; import { auth } from "@/auth"; import { approveUpgradeRequest, rejectUpgradeRequest, UpgradeRequestActionError, } from "@/lib/upgrade-requests"; const patchBodySchema = z.object({ action: z.enum(["approve", "reject"]), }); type UpgradeRequestRouteContext = { params: Promise<{ id: string; }>; }; export async function PATCH( request: Request, { params }: UpgradeRequestRouteContext ) { const session = await auth(); if (!session) { return NextResponse.json({ message: "Unauthorized" }, { status: 401 }); } const { id } = await params; const maestroUpgradeID = Number(id); if (!Number.isInteger(maestroUpgradeID) || maestroUpgradeID <= 0) { return NextResponse.json( { message: "Invalid upgrade request id" }, { status: 400 } ); } const body = patchBodySchema.safeParse( await request.json().catch(() => ({})) ); if (!body.success) { return NextResponse.json({ message: "Invalid action" }, { status: 400 }); } try { if (body.data.action === "approve") { const result = await approveUpgradeRequest(maestroUpgradeID); return NextResponse.json({ ok: true, ...result }); } await rejectUpgradeRequest(maestroUpgradeID); return NextResponse.json({ ok: true }); } catch (error) { if (error instanceof UpgradeRequestActionError) { return NextResponse.json( { message: error.message }, { status: error.statusCode } ); } throw error; } }