import { getDb } from '../../utils/db.js'
import { requireAuth } from '../../utils/authHelpers.js'
import { POI_ICON_TYPES } from '../../utils/poiConstants.js'

export default defineEventHandler(async (event) => {
  requireAuth(event, { role: 'adminOrLeader' })
  const id = event.context.params?.id
  if (!id) throw createError({ statusCode: 400, message: 'id required' })
  const body = (await readBody(event)) || {}
  const updates = []
  const params = []
  if (typeof body.label === 'string') {
    updates.push('label = ?')
    params.push(body.label.trim())
  }
  if (POI_ICON_TYPES.includes(body.iconType)) {
    updates.push('icon_type = ?')
    params.push(body.iconType)
  }
  if (Number.isFinite(body.lat)) {
    updates.push('lat = ?')
    params.push(body.lat)
  }
  if (Number.isFinite(body.lng)) {
    updates.push('lng = ?')
    params.push(body.lng)
  }
  if (updates.length === 0) {
    const { get } = await getDb()
    const row = await get('SELECT id, lat, lng, label, icon_type FROM pois WHERE id = ?', [id])
    if (!row) throw createError({ statusCode: 404, message: 'POI not found' })
    return row
  }
  params.push(id)
  const { run, get } = await getDb()
  await run(`UPDATE pois SET ${updates.join(', ')} WHERE id = ?`, params)
  const row = await get('SELECT id, lat, lng, label, icon_type FROM pois WHERE id = ?', [id])
  if (!row) throw createError({ statusCode: 404, message: 'POI not found' })
  return row
})