import { execute, queryOne } from '../../../../utils/db'
import { getClientIp } from '../../../../utils/ip'
import { getCurrentUserEmail } from '../../../../utils/user'

/**
 * 주간보고 제출
 * POST /api/report/weekly/[id]/submit
 */
export default defineEventHandler(async (event) => {
  const userId = getCookie(event, 'user_id')
  if (!userId) {
    throw createError({ statusCode: 401, message: '로그인이 필요합니다.' })
  }
  
  const reportId = getRouterParam(event, 'id')
  const clientIp = getClientIp(event)
  const userEmail = await getCurrentUserEmail(event)
  
  // 보고서 조회 및 권한 확인
  const report = await queryOne<any>(`
    SELECT * FROM wr_weekly_report WHERE report_id = $1
  `, [reportId])
  
  if (!report) {
    throw createError({ statusCode: 404, message: '보고서를 찾을 수 없습니다.' })
  }
  
  if (report.author_id !== parseInt(userId)) {
    throw createError({ statusCode: 403, message: '본인의 보고서만 제출할 수 있습니다.' })
  }
  
  if (report.report_status !== 'DRAFT') {
    throw createError({ statusCode: 400, message: '이미 제출된 보고서입니다.' })
  }
  
  await execute(`
    UPDATE wr_weekly_report SET
      report_status = 'SUBMITTED',
      submitted_at = NOW(),
      updated_at = NOW(),
      updated_ip = $1,
      updated_email = $2
    WHERE report_id = $3
  `, [clientIp, userEmail, reportId])
  
  return { success: true }
})