import { NextResponse } from 'next/server';
import { prisma } from '../../../../lib/prisma';
import { requireAuth } from '../../../../lib/jwt';
import { Role, ListingStatus, UserStatus } from '@prisma/client';

export async function GET(req: Request) {
  try {
    const auth = await requireAuth(req);
    const isAdmin = auth.role === Role.ADMIN;
    const canUserMod = auth.role === Role.USER_MODERATOR;
    const canListingMod = auth.role === Role.LISTING_MODERATOR;
    if (!isAdmin && !canUserMod && !canListingMod) {
      return NextResponse.json({ error: 'Forbidden' }, { status: 403 });
    }

    const wantsUsers = isAdmin || canUserMod;
    const wantsListings = isAdmin || canListingMod;

    const [users, listings] = await Promise.all([
      wantsUsers
        ? prisma.user.findMany({
            where: { status: UserStatus.PENDING },
            select: { id: true, email: true, status: true, emailVerifiedAt: true, approvedAt: true, role: true },
            orderBy: { createdAt: 'asc' },
            take: 50,
          })
        : Promise.resolve([]),
      wantsListings
        ? prisma.listing.findMany({
            where: { status: ListingStatus.PENDING, removedAt: null },
            select: { id: true, status: true, createdAt: true, owner: { select: { email: true } }, translations: { select: { title: true, slug: true, locale: true } } },
            orderBy: { createdAt: 'asc' },
            take: 50,
          })
        : Promise.resolve([]),
    ]);

    return NextResponse.json({ users, listings, role: auth.role });
  } catch (error) {
    console.error('List pending error', error);
    return NextResponse.json({ error: 'Failed to load pending items' }, { status: 500 });
  }
}
export const dynamic = 'force-dynamic';