import { NextRequest, NextResponse } from "next/server"; import { getCurrentUser } from "@/lib/auth-utils"; import prisma from "@/lib/db"; interface RouteContext { params: Promise<{ id: string }>; } /** * PATCH /api/reviews/[id] * Update a review (only by author, optional 24h restriction) */ export async function PATCH( request: NextRequest, context: RouteContext ) { try { const user = await getCurrentUser(); if (!user) { return NextResponse.json({ error: "Unauthorized" }, { status: 401 }); } const { id } = await context.params; const body = await request.json(); const { rating, comment } = body; // Validate at least one field is provided if (rating === undefined && comment === undefined) { return NextResponse.json( { error: "No fields to update" }, { status: 400 } ); } // Validate rating if provided if (rating !== undefined && (rating < 1 || rating > 5 || !Number.isInteger(rating))) { return NextResponse.json( { error: "Rating must be an integer between 1 and 5" }, { status: 400 } ); } // Get existing review const existingReview = await prisma.review.findUnique({ where: { id }, include: { tour: { select: { id: true, title: true, }, }, }, }); if (!existingReview) { return NextResponse.json({ error: "Review not found" }, { status: 404 }); } // Check if user is the review author if (existingReview.userId !== user.id) { return NextResponse.json( { error: "You can only edit your own reviews" }, { status: 403 } ); } // Optional: Check if review is older than 24 hours const hoursSinceCreation = (Date.now() - existingReview.createdAt.getTime()) / (1000 * 60 * 60); if (hoursSinceCreation > 24) { return NextResponse.json( { error: "Reviews can only be edited within 24 hours of posting" }, { status: 403 } ); } // Update review const updatedReview = await prisma.review.update({ where: { id }, data: { ...(rating !== undefined && { rating }), ...(comment !== undefined && { comment: comment || null }), }, include: { user: { select: { name: true, image: true, }, }, }, }); // Recalculate tour average rating const reviews = await prisma.review.findMany({ where: { tourId: existingReview.tourId }, select: { rating: true }, }); const avgRating = reviews.reduce((sum, r) => sum + r.rating, 0) / reviews.length; await prisma.tour.update({ where: { id: existingReview.tourId }, data: { avgRating }, }); return NextResponse.json({ review: updatedReview, message: "Review updated successfully", }); } catch (error) { console.error("Error updating review:", error); return NextResponse.json( { error: "Failed to update review" }, { status: 500 } ); } } /** * DELETE /api/reviews/[id] * Delete a review (only by author) */ export async function DELETE( request: NextRequest, context: RouteContext ) { try { const user = await getCurrentUser(); if (!user) { return NextResponse.json({ error: "Unauthorized" }, { status: 401 }); } const { id } = await context.params; // Get existing review const existingReview = await prisma.review.findUnique({ where: { id }, select: { userId: true, tourId: true, }, }); if (!existingReview) { return NextResponse.json({ error: "Review not found" }, { status: 404 }); } // Check if user is the review author if (existingReview.userId !== user.id) { return NextResponse.json( { error: "You can only delete your own reviews" }, { status: 403 } ); } // Delete review await prisma.review.delete({ where: { id }, }); // Recalculate tour average rating const reviews = await prisma.review.findMany({ where: { tourId: existingReview.tourId }, select: { rating: true }, }); const avgRating = reviews.length > 0 ? reviews.reduce((sum, r) => sum + r.rating, 0) / reviews.length : 0; await prisma.tour.update({ where: { id: existingReview.tourId }, data: { avgRating, reviewCount: reviews.length, }, }); return NextResponse.json({ message: "Review deleted successfully", }); } catch (error) { console.error("Error deleting review:", error); return NextResponse.json( { error: "Failed to delete review" }, { status: 500 } ); } }