import { NextResponse } from 'next/server'
import { prisma } from '@/lib/prisma'
import { safeHandler, requireAuth } from '@/lib/auth'

export const POST = safeHandler(async (req) => {
  await requireAuth(['ADMIN', 'OPERATIONS'])
  const { ids, action, value } = await req.json()

  if (!ids || !Array.isArray(ids) || ids.length === 0) {
    return NextResponse.json({ message: 'No IDs provided' }, { status: 400 })
  }

  if (action === 'changeStatus') {
    if (!value) {
      return NextResponse.json({ message: 'Status value is required' }, { status: 400 })
    }
    const result = await prisma.booking.updateMany({
      where: { id: { in: ids } },
      data: { status: value },
    })
    return NextResponse.json({ updated: result.count })
  }

  return NextResponse.json({ message: 'Invalid action' }, { status: 400 })
})