blackheart-website/src/app/api/admin/mc-registrations/route.ts

import { NextRequest, NextResponse } from "next/server";
import { getMcRegistrations, getAllMcRegistrations, addMcRegistration, updateMcRegistration, toggleMcNotification, deleteMcRegistration, setMcRegistrationStatus, updateBookingNotes } from "@/lib/db";
import { sanitizeName, sanitizeHandle, sanitizeText } from "@/lib/validation";

export async function GET(request: NextRequest) {
  const title = request.nextUrl.searchParams.get("title");
  if (title) {
    return NextResponse.json(getMcRegistrations(title));
  }
  // No title = return all registrations
  return NextResponse.json(getAllMcRegistrations());
}

export async function POST(request: NextRequest) {
  try {
    const body = await request.json();
    const { masterClassTitle, name, instagram, telegram } = body;
    const cleanTitle = sanitizeText(masterClassTitle, 200);
    const cleanName = sanitizeName(name);
    const cleanInstagram = sanitizeHandle(instagram);
    if (!cleanTitle || !cleanName || !cleanInstagram) {
      return NextResponse.json({ error: "masterClassTitle, name, instagram are required" }, { status: 400 });
    }
    const id = addMcRegistration(cleanTitle, cleanName, cleanInstagram, sanitizeHandle(telegram));
    return NextResponse.json({ ok: true, id });
  } catch (err) {
    console.error("[admin/mc-registrations] error:", err);
    return NextResponse.json({ error: "Internal error" }, { status: 500 });
  }
}

export async function PUT(request: NextRequest) {
  try {
    const body = await request.json();

    // Set booking status
    if (body.action === "set-status") {
      const { id, status } = body;
      if (!id || !status) return NextResponse.json({ error: "id, status required" }, { status: 400 });
      if (!["new", "contacted", "confirmed", "declined"].includes(status)) {
        return NextResponse.json({ error: "Invalid status" }, { status: 400 });
      }
      setMcRegistrationStatus(id, status);
      return NextResponse.json({ ok: true });
    }

    // Set notes
    if (body.action === "set-notes") {
      const { id, notes } = body;
      if (!id) return NextResponse.json({ error: "id is required" }, { status: 400 });
      updateBookingNotes("mc_registrations", id, sanitizeText(notes, 1000) ?? "");
      return NextResponse.json({ ok: true });
    }

    // Toggle notification status
    if (body.action === "toggle-notify") {
      const { id, field, value } = body;
      if (!id || !field || typeof value !== "boolean") {
        return NextResponse.json({ error: "id, field, value are required" }, { status: 400 });
      }
      if (field !== "notified_confirm" && field !== "notified_reminder") {
        return NextResponse.json({ error: "Invalid field" }, { status: 400 });
      }
      toggleMcNotification(id, field, value);
      return NextResponse.json({ ok: true });
    }

    // Regular update
    const { id, name, instagram, telegram } = body;
    const cleanName = sanitizeName(name);
    const cleanInstagram = sanitizeHandle(instagram);
    if (!id || !cleanName || !cleanInstagram) {
      return NextResponse.json({ error: "id, name, instagram are required" }, { status: 400 });
    }
    updateMcRegistration(id, cleanName, cleanInstagram, sanitizeHandle(telegram));
    return NextResponse.json({ ok: true });
  } catch (err) {
    console.error("[admin/mc-registrations] error:", err);
    return NextResponse.json({ error: "Internal error" }, { status: 500 });
  }
}

export async function DELETE(request: NextRequest) {
  const idStr = request.nextUrl.searchParams.get("id");
  if (!idStr) {
    return NextResponse.json({ error: "id parameter is required" }, { status: 400 });
  }
  const id = parseInt(idStr, 10);
  if (isNaN(id)) {
    return NextResponse.json({ error: "Invalid id" }, { status: 400 });
  }
  deleteMcRegistration(id);
  return NextResponse.json({ ok: true });
}