import { NextRequest, NextResponse } from "next/server";
import { headers } from "next/headers";
import { auth } from "@/lib/auth";
import { prisma } from "@/lib/prisma";

export async function PATCH(
  _req: NextRequest,
  { params }: { params: Promise<{ id: string }> }
) {
  const session = await auth.api.getSession({ headers: await headers() });
  if (!session) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });

  if (session.user.role !== "admin" && session.user.role !== "curator") {
    return NextResponse.json({ error: "Forbidden" }, { status: 403 });
  }

  const { id } = await params;

  const question = await prisma.studentQuestion.findUnique({ where: { id } });
  if (!question) return NextResponse.json({ error: "Not found" }, { status: 404 });
  if (question.status === "CLOSED") {
    return NextResponse.json({ error: "Already closed" }, { status: 400 });
  }

  const updated = await prisma.studentQuestion.update({
    where: { id },
    data: { status: "CLOSED", closedAt: new Date(), closedById: session.user.id },
  });

  return NextResponse.json(updated);
}