import { NextResponse } from 'next/server';
import { withErrorHandler } from '@server/middleware/withErrorHandler';
import { withAuth, AuthedRequest } from '@server/middleware/withAuth';
import {
  getAdminRestaurantList,
  getAuditLogs,
} from '@server/services/admin.service';
import { ForbiddenError } from '@server/errors';

export const GET = withErrorHandler(
  withAuth(async (req: AuthedRequest) => {
    if (req.session.role !== 'superadmin' && req.session.role !== 'support') {
      throw new ForbiddenError();
    }
    const url = new URL(req.url);
    const search = url.searchParams.get('search') ?? undefined;
    const severity = url.searchParams.get('severity') ?? undefined;

    const [restaurants, auditLogs] = await Promise.all([
      getAdminRestaurantList(),
      getAuditLogs({ search, severity }),
    ]);
    return NextResponse.json({ restaurants, auditLogs });
  })
);