"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); const express_1 = require("express"); const index_1 = require("../index"); const auth_1 = require("../middleware/auth"); const uuid_1 = require("uuid"); const router = (0, express_1.Router)(); router.use(auth_1.authenticate); router.get('/settings', async (req, res) => { try { if (!req.user?.isAdmin) { return res.status(403).json({ error: 'Admin access required' }); } const settings = await index_1.prisma.systemSettings.findUnique({ where: { id: 'default' } }); if (!settings) { const newSettings = await index_1.prisma.systemSettings.create({ data: { id: 'default', registrationEnabled: true } }); return res.json(newSettings); } res.json(settings); } catch (error) { console.error('Get settings error:', error); res.status(500).json({ error: 'Failed to get settings' }); } }); router.put('/settings', async (req, res) => { try { if (!req.user?.isAdmin) { return res.status(403).json({ error: 'Admin access required' }); } const { registrationEnabled } = req.body; const settings = await index_1.prisma.systemSettings.upsert({ where: { id: 'default' }, update: { registrationEnabled }, create: { id: 'default', registrationEnabled: registrationEnabled ?? true } }); res.json(settings); } catch (error) { console.error('Update settings error:', error); res.status(500).json({ error: 'Failed to update settings' }); } }); router.post('/settings/invite-code', async (req, res) => { try { if (!req.user?.isAdmin) { return res.status(403).json({ error: 'Admin access required' }); } const inviteCode = (0, uuid_1.v4)().slice(0, 12); const settings = await index_1.prisma.systemSettings.upsert({ where: { id: 'default' }, update: { inviteCode }, create: { id: 'default', registrationEnabled: true, inviteCode } }); res.json({ inviteCode: settings.inviteCode }); } catch (error) { console.error('Generate invite code error:', error); res.status(500).json({ error: 'Failed to generate invite code' }); } }); router.delete('/settings/invite-code', async (req, res) => { try { if (!req.user?.isAdmin) { return res.status(403).json({ error: 'Admin access required' }); } await index_1.prisma.systemSettings.update({ where: { id: 'default' }, data: { inviteCode: null } }); res.json({ message: 'Invite code removed' }); } catch (error) { console.error('Remove invite code error:', error); res.status(500).json({ error: 'Failed to remove invite code' }); } }); router.get('/users', async (req, res) => { try { if (!req.user?.isAdmin) { return res.status(403).json({ error: 'Admin access required' }); } const users = await index_1.prisma.user.findMany({ select: { id: true, email: true, name: true, screenName: true, isAdmin: true, isApiEnabled: true, createdAt: true, _count: { select: { games: true, teams: true } } }, orderBy: { createdAt: 'desc' } }); res.json(users); } catch (error) { console.error('List users error:', error); res.status(500).json({ error: 'Failed to list users' }); } }); router.put('/users/:userId/admin', async (req, res) => { try { if (!req.user?.isAdmin) { return res.status(403).json({ error: 'Admin access required' }); } const { userId } = req.params; const { isAdmin } = req.body; const user = await index_1.prisma.user.update({ where: { id: userId }, data: { isAdmin }, select: { id: true, email: true, name: true, isAdmin: true } }); res.json(user); } catch (error) { console.error('Update admin status error:', error); res.status(500).json({ error: 'Failed to update user' }); } }); router.put('/users/:userId/api-access', async (req, res) => { try { if (!req.user?.isAdmin) { return res.status(403).json({ error: 'Admin access required' }); } const { userId } = req.params; const { isApiEnabled } = req.body; const user = await index_1.prisma.user.update({ where: { id: userId }, data: { isApiEnabled }, select: { id: true, email: true, name: true, isApiEnabled: true } }); res.json(user); } catch (error) { console.error('Update API access error:', error); res.status(500).json({ error: 'Failed to update user' }); } }); router.get('/banned-emails', async (req, res) => { try { if (!req.user?.isAdmin) { return res.status(403).json({ error: 'Admin access required' }); } const bannedEmails = await index_1.prisma.bannedEmail.findMany({ orderBy: { createdAt: 'desc' } }); res.json(bannedEmails); } catch (error) { console.error('List banned emails error:', error); res.status(500).json({ error: 'Failed to list banned emails' }); } }); router.post('/banned-emails', async (req, res) => { try { if (!req.user?.isAdmin) { return res.status(403).json({ error: 'Admin access required' }); } const { email, reason } = req.body; if (!email) { return res.status(400).json({ error: 'Email is required' }); } const bannedEmail = await index_1.prisma.bannedEmail.create({ data: { email: email.toLowerCase(), reason } }); res.json(bannedEmail); } catch (error) { if (error.code === 'P2002') { return res.status(400).json({ error: 'Email already banned' }); } console.error('Ban email error:', error); res.status(500).json({ error: 'Failed to ban email' }); } }); router.delete('/banned-emails/:id', async (req, res) => { try { if (!req.user?.isAdmin) { return res.status(403).json({ error: 'Admin access required' }); } const { id } = req.params; await index_1.prisma.bannedEmail.delete({ where: { id } }); res.json({ message: 'Email unbanned' }); } catch (error) { console.error('Unban email error:', error); res.status(500).json({ error: 'Failed to unban email' }); } }); exports.default = router;