import { prisma } from '@/prisma'; import { auth } from '@/auth'; import { NextResponse } from 'next/server'; import { z } from 'zod/v4'; export const patchParticipantSchema = z.object({ status: z.enum(['ACCEPTED', 'DECLINED', 'TENTATIVE', 'PENDING']), }); /** * @swagger * /api/event/{eventID}/participant/{user}: * get: * summary: Get a specific participant's details in an event * description: Returns the details of a specific participant in an event. * tags: * - Event_Participant * parameters: * - in: path * name: eventID * required: true * schema: * type: string * description: The ID of the event. * - in: path * name: user * required: true * schema: * type: string * description: The ID or name of the user. * responses: * 200: * description: Details of the participant. * content: * application/json: * schema: * type: object * properties: * success: * type: boolean * participant: * $ref: '#/components/schemas/Participant' * 401: * description: Not authenticated. * content: * application/json: * schema: * $ref: '#/components/schemas/ErrorResponse' * example: * success: false * message: Not authenticated * 404: * description: User not found. * content: * application/json: * schema: * $ref: '#/components/schemas/ErrorResponse' * example: * success: false * message: User not found * 403: * description: User is not a participant or organizer of this event. * content: * application/json: * schema: * $ref: '#/components/schemas/ErrorResponse' * example: * success: false * message: User is not a participant or organizer of this event */ export const GET = auth(async (req, { params }) => { if (!req.auth) return NextResponse.json( { success: false, message: 'Not authenticated' }, { status: 401 }, ); if (!req.auth.user || !req.auth.user.id) return NextResponse.json( { success: false, message: 'User not found' }, { status: 404 }, ); const dbUser = await prisma.user.findUnique({ where: { id: req.auth.user.id, }, }); if (!dbUser) { return NextResponse.json( { success: false, message: 'User not found' }, { status: 404 }, ); } const eventID = (await params).eventID; const user = (await params).user; const isParticipant = await prisma.meetingParticipant.findFirst({ where: { meeting_id: eventID, user_id: dbUser.id, }, }); const isOrganizer = await prisma.meeting.findFirst({ where: { id: eventID, organizer_id: dbUser.id, }, }); if (!isParticipant && !isOrganizer) { return NextResponse.json( { success: false, message: 'User is not a participant or organizer of this event', }, { status: 403 }, ); } const participant = await prisma.meetingParticipant.findUnique({ where: { meeting_id_user_id: { meeting_id: eventID, user_id: user, }, }, select: { user: { select: { id: true, name: true, }, }, status: true, }, }); if (!participant) { return NextResponse.json( { success: false, message: 'Participant not found' }, { status: 404 }, ); } return NextResponse.json({ success: true, participant, }); }); /** * @swagger * /api/event/{eventID}/participant/{user}: * delete: * summary: Remove a participant from an event * description: Removes a participant from an event. Only the organizer can remove participants. * tags: * - Event_Participant * parameters: * - in: path * name: eventID * required: true * schema: * type: string * description: The ID of the event. * - in: path * name: user * required: true * schema: * type: string * description: The ID or name of the user to be removed. * responses: * 200: * description: Participant removed successfully. * content: * application/json: * schema: * type: object * properties: * success: * type: boolean * message: * type: string * 401: * description: Not authenticated. * content: * application/json: * schema: * $ref: '#/components/schemas/ErrorResponse' * example: * success: false * message: Not authenticated * 404: * description: User not found. * content: * application/json: * schema: * $ref: '#/components/schemas/ErrorResponse' * example: * success: false * message: User not found * 403: * description: Only organizer can remove participants. * content: * application/json: * schema: * $ref: '#/components/schemas/ErrorResponse' * example: * success: false * message: Only organizer can remove participants */ export const DELETE = auth(async (req, { params }) => { if (!req.auth) return NextResponse.json( { success: false, message: 'Not authenticated' }, { status: 401 }, ); if (!req.auth.user || !req.auth.user.id) return NextResponse.json( { success: false, message: 'User not found' }, { status: 404 }, ); const dbUser = await prisma.user.findUnique({ where: { id: req.auth.user.id, }, }); if (!dbUser) { return NextResponse.json( { success: false, message: 'User not found' }, { status: 404 }, ); } const eventID = (await params).eventID; const user = (await params).user; const isOrganizer = await prisma.meeting.findFirst({ where: { id: eventID, organizer_id: dbUser.id, }, }); if (!isOrganizer) { return NextResponse.json( { success: false, message: 'Only organizer can remove participants' }, { status: 403 }, ); } const participant = await prisma.meetingParticipant.findUnique({ where: { meeting_id_user_id: { meeting_id: eventID, user_id: user, }, }, }); if (!participant) { return NextResponse.json( { success: false, message: 'Participant not found' }, { status: 404 }, ); } await prisma.meetingParticipant.delete({ where: { meeting_id_user_id: { meeting_id: eventID, user_id: user, }, }, }); return NextResponse.json({ success: true, message: 'Participant removed successfully', }); }); /** * @swagger * /api/event/{eventID}/participant/{user}: * patch: * summary: Update a participant's status in an event * description: Updates the status of a participant in an event. Only the participant can update their own status. * tags: * - Event_Participant * parameters: * - in: path * name: eventID * required: true * schema: * type: string * description: The ID of the event. * - in: path * name: user * required: true * schema: * type: string * description: The ID or name of the user whose status is being updated. * requestBody: * required: true * content: * application/json: * schema: * type: object * properties: * status: * type: string * enum: [accepted, declined, tentative] * description: The new status of the participant. * responses: * 200: * description: Participant status updated successfully. * content: * application/json: * schema: * type: object * properties: * success: * type: boolean * participant: * $ref: '#/components/schemas/Participant' * 400: * description: Bad request due to invalid input data. * content: * application/json: * schema: * $ref: '#/components/schemas/ErrorResponse' * example: * success: false * message: 'Invalid input data' * 401: * description: Not authenticated. * content: * application/json: * schema: * $ref: '#/components/schemas/ErrorResponse' * example: * success: false * message: Not authenticated * 404: * description: User not found. * content: * application/json: * schema: * $ref: '#/components/schemas/ErrorResponse' * example: * success: false * message: User not found * 403: * description: Only participant can update their status. * content: * application/json: * schema: * $ref: '#/components/schemas/ErrorResponse' * example: * success: false * message: Only participant can update their status */ export const PATCH = auth(async (req, { params }) => { if (!req.auth) return NextResponse.json( { success: false, message: 'Not authenticated' }, { status: 401 }, ); if (!req.auth.user || !req.auth.user.id) return NextResponse.json( { success: false, message: 'User not found' }, { status: 404 }, ); const dbUser = await prisma.user.findUnique({ where: { id: req.auth.user.id, }, }); if (!dbUser) { return NextResponse.json( { success: false, message: 'User not found' }, { status: 404 }, ); } const eventID = (await params).eventID; const user = (await params).user; if (dbUser.id !== user && dbUser.name !== user) { return NextResponse.json( { success: false, message: 'You can only update your own participation' }, { status: 403 }, ); } const participant = await prisma.meetingParticipant.findUnique({ where: { meeting_id_user_id: { meeting_id: eventID, user_id: dbUser.id, }, }, select: { user: { select: { id: true, name: true, }, }, status: true, }, }); if (!participant) { return NextResponse.json( { success: false, message: 'Participant not found' }, { status: 404 }, ); } const body = await req.json(); const parsedBody = patchParticipantSchema.safeParse(body); if (!parsedBody.success) { return NextResponse.json( { success: false, message: 'Invalid request body', errors: parsedBody.error.issues, }, { status: 400 }, ); } const { status } = parsedBody.data; await prisma.meetingParticipant.update({ where: { meeting_id_user_id: { meeting_id: eventID, user_id: dbUser.id, }, }, data: { status, }, }); return NextResponse.json({ success: true, participant, }); });