import { dbGlobal } from "drizzle-pkg/lib/db";
import { users } from "drizzle-pkg/lib/schema/auth";
import { inArray } from "drizzle-orm";
import log4js from "logger";
import { requireAdmin } from "#server/utils/admin-guard";

const logger = log4js.getLogger("USERS");

export default defineWrappedResponseHandler(async (event) => {
  requireAdmin(event);

  const body = await readBody(event);

  if (!body?.ids || !Array.isArray(body.ids) || body.ids.length === 0) {
    throw createError({
      statusCode: 400,
      statusMessage: "请选择要操作的用户",
    });
  }

  if (!body?.action || !["enable", "disable", "delete"].includes(body.action)) {
    throw createError({
      statusCode: 400,
      statusMessage: "无效的操作类型",
    });
  }

  const ids = body.ids.map((n: number) => Number(n)).filter(n => !isNaN(n));
  if (ids.length === 0) {
    throw createError({
      statusCode: 400,
      statusMessage: "无效的用户ID列表",
    });
  }

  if (body.action === "delete") {
    await dbGlobal.delete(users).where(inArray(users.id, ids));
    logger.info("users batch deleted by admin: count=%d", ids.length);
    return R.success({ message: `已删除 ${ids.length} 个用户` });
  }

  const newStatus = body.action === "enable" ? "active" : "disabled";
  await dbGlobal
    .update(users)
    .set({ status: newStatus })
    .where(inArray(users.id, ids));

  logger.info("users batch %s by admin: ids=%s", body.action, ids.join(","));
  return R.success({
    message: `已${body.action === "enable" ? "启用" : "禁用"} ${ids.length} 个用户`
  });
});