const express = require("express");
const router = express.Router();

const {
  listUsers,
  showCreateUser,
  postCreateUser,
  changeUserRole,
  resetUserPassword,
  activateUser,
  deactivateUser,
  showInvoiceOverview,
  updateUser,
} = require("../controllers/admin.controller");

const { requireArzt, requireAdmin } = require("../middleware/auth.middleware");

/* ==========================
   ✅ VERWALTUNG (NUR ADMIN)
========================== */
router.get("/users", requireAdmin, listUsers);
router.get("/create-user", requireAdmin, showCreateUser);
router.post("/create-user", requireAdmin, postCreateUser);

router.post("/users/change-role/:id", requireAdmin, changeUserRole);
router.post("/users/reset-password/:id", requireAdmin, resetUserPassword);
router.post("/users/activate/:id", requireAdmin, activateUser);
router.post("/users/deactivate/:id", requireAdmin, deactivateUser);
router.post("/users/update/:id", requireAdmin, updateUser);

/* ✅ Admin-Tools: Datenbankverwaltung */
router.get("/database", requireAdmin, (req, res) => {
  res.render("admin/database", {
    user: req.session.user,
  });
});

/* ==========================
   ✅ ABRECHNUNG (NUR ARZT)
========================== */
router.get("/invoices", requireArzt, showInvoiceOverview);

module.exports = router;