const express = require('express');
const router  = express.Router();
const { authMiddleware, requireRole } = require('../middleware/auth');
const c = require('../controllers/lessonController');

router.use(authMiddleware);

router.get('/:id',              c.get);
router.post('/:id/complete',    c.markComplete);
router.put('/:id/note',         c.saveNote);
router.get('/:id/comments',     c.listComments);
router.post('/:id/comments',    c.addComment);
router.delete('/:id/comments/:cid', c.deleteComment);

// Teacher/admin only
router.post('/',             requireRole('teacher','admin'), c.create);
router.put('/:id',           requireRole('teacher','admin'), c.update);
router.delete('/:id',        requireRole('teacher','admin'), c.remove);
router.put('/:id/blocks',    requireRole('teacher','admin'), c.saveBlocks);

module.exports = router;