const express = require('express');
const router  = express.Router();
const { authMiddleware, requireRole, requirePermission } = require('../middleware/auth');
const c = require('../controllers/courseController');

router.use(authMiddleware);

// Course listing & special
router.get('/',             c.list);
router.get('/search',       c.search);
router.get('/continue',     c.continueLesson);
router.get('/:id',          c.get);
router.get('/:id/stats',      requireRole('teacher','admin'), c.stats);
router.get('/:id/analytics', requireRole('teacher','admin'), c.analytics);

// Course mutations
router.post('/',            requireRole('teacher','admin'), requirePermission('courses.manage'), c.create);
router.post('/:id/duplicate',    requireRole('teacher','admin'), requirePermission('courses.manage'), c.duplicate);
router.patch('/:id/publish-all', requireRole('teacher','admin'), requirePermission('courses.manage'), c.publishAll);
router.put('/:id',               requireRole('teacher','admin'), requirePermission('courses.manage'), c.update);
router.delete('/:id',       requireRole('teacher','admin'), requirePermission('courses.manage'), c.remove);

// Sections
router.get('/:id/sections',         requireRole('teacher','admin'), c.listSections);
router.post('/:id/sections',        requireRole('teacher','admin'), c.createSection);
router.put('/:id/sections/:sid',    requireRole('teacher','admin'), c.updateSection);
router.delete('/:id/sections/:sid', requireRole('teacher','admin'), c.deleteSection);

// Class courses
router.get('/class/:classId',              c.listClassCourses);
router.post('/class/:classId/assign',      requireRole('teacher','admin'), c.assignCourseToClass);
router.delete('/class/:classId/:courseId', requireRole('teacher','admin'), c.unassignCourseFromClass);

module.exports = router;