import { NextRequest, NextResponse } from 'next/server' import { auth } from '@/auth' import { prisma } from '@/lib/prisma' export async function GET( request: NextRequest, { params }: { params: Promise<{ id: string }> } ) { try { const { id } = await params const review = await prisma.review.findUnique({ where: { id }, include: { user: { select: { id: true, name: true, image: true, } }, product: { select: { id: true, name: true, } }, _count: { select: { helpfulVotedBy: true, reportedBy: true, } } } }) if (!review) { return NextResponse.json({ error: 'Review not found' }, { status: 404 }) } return NextResponse.json(review) } catch (error) { console.error('Error fetching review:', error) return NextResponse.json( { error: 'Failed to fetch review' }, { status: 500 } ) } } export async function PUT( request: NextRequest, { params }: { params: Promise<{ id: string }> } ) { try { const session = await auth() if (!session?.user) { return NextResponse.json({ error: 'Authentication required' }, { status: 401 }) } const { id } = await params const body = await request.json() const { rating, title, comment, images } = body // Find the review and check ownership const existingReview = await prisma.review.findUnique({ where: { id } }) if (!existingReview) { return NextResponse.json({ error: 'Review not found' }, { status: 404 }) } if (existingReview.userId !== session.user.id) { return NextResponse.json({ error: 'Unauthorized' }, { status: 403 }) } // Validate rating if provided if (rating && (rating < 1 || rating > 5)) { return NextResponse.json( { error: 'Rating must be between 1 and 5' }, { status: 400 } ) } const updatedReview = await prisma.review.update({ where: { id }, data: { ...(rating && { rating }), ...(title !== undefined && { title }), ...(comment !== undefined && { comment }), ...(images && { images }), isApproved: false, // Reset approval status when edited }, include: { user: { select: { id: true, name: true, image: true, } }, product: { select: { id: true, name: true, } } } }) return NextResponse.json({ review: updatedReview, message: 'Review updated successfully. It will be visible after admin approval.' }) } catch (error) { console.error('Error updating review:', error) return NextResponse.json( { error: 'Failed to update review' }, { status: 500 } ) } } export async function DELETE( request: NextRequest, { params }: { params: Promise<{ id: string }> } ) { try { const session = await auth() if (!session?.user) { return NextResponse.json({ error: 'Authentication required' }, { status: 401 }) } const { id } = await params // Find the review and check ownership or admin access const existingReview = await prisma.review.findUnique({ where: { id } }) if (!existingReview) { return NextResponse.json({ error: 'Review not found' }, { status: 404 }) } if (existingReview.userId !== session.user.id && session.user.role !== 'ADMIN') { return NextResponse.json({ error: 'Unauthorized' }, { status: 403 }) } await prisma.review.delete({ where: { id } }) return NextResponse.json({ message: 'Review deleted successfully' }) } catch (error) { console.error('Error deleting review:', error) return NextResponse.json( { error: 'Failed to delete review' }, { status: 500 } ) } }