import { createServerClient } from '@/lib/supabase/server'
import { NextResponse } from 'next/server'

export async function POST(request: Request) {
  try {
    const supabase = await createServerClient()
    const { chitId } = await request.json()

    // Get chit with related data
    const { data: chit, error: chitError } = await supabase
      .from('chits')
      .select(`
        *,
        menu_items (
          name,
          description,
          price,
          category
        ),
        orders (
          customer_name,
          customer_email,
          events (
            name,
            organizer_id
          )
        )
      `)
      .eq('id', chitId)
      .single()

    if (chitError) throw chitError

    // Check staff authorization
    const { data: { user } } = await supabase.auth.getUser()
    
    if (!user) {
      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
    }

    // Verify staff is assigned to this event
    const { data: staffAssignment } = await supabase
      .from('staff_assignments')
      .select()
      .eq('staff_id', user.id)
      .eq('event_id', chit.orders.events.organizer_id)
      .single()

    if (!staffAssignment) {
      return NextResponse.json({ error: 'Not authorized for this event' }, { status: 403 })
    }

    return NextResponse.json({ 
      valid: true,
      chit,
      canFulfill: chit.status === 'unused'
    })
  } catch (error: any) {
    console.error('[v0] Chit validation error:', error)
    return NextResponse.json(
      { error: error.message || 'Validation failed' },
      { status: 500 }
    )
  }
}