Spanglish/backend/src/routes/legal-settings.ts

import { Hono } from 'hono';
import { zValidator } from '@hono/zod-validator';
import { z } from 'zod';
import { db, dbGet, legalSettings } from '../db/index.js';
import { eq } from 'drizzle-orm';
import { requireAuth } from '../lib/auth.js';
import { generateId, getNow } from '../lib/utils.js';

interface UserContext {
  id: string;
  email: string;
  name: string;
  role: string;
}

const legalSettingsRouter = new Hono<{ Variables: { user: UserContext } }>();

// Validation schema for updating legal settings
const updateLegalSettingsSchema = z.object({
  companyName: z.string().optional().nullable(),
  legalEntityName: z.string().optional().nullable(),
  rucNumber: z.string().optional().nullable(),
  companyAddress: z.string().optional().nullable(),
  companyCity: z.string().optional().nullable(),
  companyCountry: z.string().optional().nullable(),
  supportEmail: z.string().email().optional().nullable().or(z.literal('')),
  legalEmail: z.string().email().optional().nullable().or(z.literal('')),
  governingLaw: z.string().optional().nullable(),
  jurisdictionCity: z.string().optional().nullable(),
});

// Get legal settings (admin only)
legalSettingsRouter.get('/', requireAuth(['admin']), async (c) => {
  const settings = await dbGet<any>(
    (db as any).select().from(legalSettings).limit(1)
  );

  if (!settings) {
    // Return empty defaults
    return c.json({
      settings: {
        companyName: null,
        legalEntityName: null,
        rucNumber: null,
        companyAddress: null,
        companyCity: null,
        companyCountry: null,
        supportEmail: null,
        legalEmail: null,
        governingLaw: null,
        jurisdictionCity: null,
      },
    });
  }

  return c.json({ settings });
});

// Internal helper: get legal settings for placeholder replacement (no auth required)
// This is called server-side from legal-pages route, not exposed as HTTP endpoint
export async function getLegalSettingsValues(): Promise<Record<string, string>> {
  const settings = await dbGet<any>(
    (db as any).select().from(legalSettings).limit(1)
  );

  if (!settings) {
    return {};
  }

  const values: Record<string, string> = {};
  if (settings.companyName) values['COMPANY_NAME'] = settings.companyName;
  if (settings.legalEntityName) values['LEGAL_ENTITY_NAME'] = settings.legalEntityName;
  if (settings.rucNumber) values['RUC_NUMBER'] = settings.rucNumber;
  if (settings.companyAddress) values['COMPANY_ADDRESS'] = settings.companyAddress;
  if (settings.companyCity) values['COMPANY_CITY'] = settings.companyCity;
  if (settings.companyCountry) values['COMPANY_COUNTRY'] = settings.companyCountry;
  if (settings.supportEmail) values['SUPPORT_EMAIL'] = settings.supportEmail;
  if (settings.legalEmail) values['LEGAL_EMAIL'] = settings.legalEmail;
  if (settings.governingLaw) values['GOVERNING_LAW'] = settings.governingLaw;
  if (settings.jurisdictionCity) values['JURISDICTION_CITY'] = settings.jurisdictionCity;

  return values;
}

// Update legal settings (admin only)
legalSettingsRouter.put('/', requireAuth(['admin']), zValidator('json', updateLegalSettingsSchema), async (c) => {
  const data = c.req.valid('json');
  const user = c.get('user');
  const now = getNow();

  // Check if settings exist
  const existing = await dbGet<any>(
    (db as any).select().from(legalSettings).limit(1)
  );

  if (!existing) {
    // Create new settings record
    const id = generateId();
    const newSettings = {
      id,
      companyName: data.companyName || null,
      legalEntityName: data.legalEntityName || null,
      rucNumber: data.rucNumber || null,
      companyAddress: data.companyAddress || null,
      companyCity: data.companyCity || null,
      companyCountry: data.companyCountry || null,
      supportEmail: data.supportEmail || null,
      legalEmail: data.legalEmail || null,
      governingLaw: data.governingLaw || null,
      jurisdictionCity: data.jurisdictionCity || null,
      updatedAt: now,
      updatedBy: user.id,
    };

    await (db as any).insert(legalSettings).values(newSettings);

    return c.json({ settings: newSettings, message: 'Legal settings created successfully' }, 201);
  }

  // Update existing settings
  const updateData: Record<string, any> = {
    ...data,
    updatedAt: now,
    updatedBy: user.id,
  };

  // Normalize empty strings to null
  for (const key of Object.keys(updateData)) {
    if (updateData[key] === '') {
      updateData[key] = null;
    }
  }

  await (db as any)
    .update(legalSettings)
    .set(updateData)
    .where(eq((legalSettings as any).id, existing.id));

  const updated = await dbGet(
    (db as any).select().from(legalSettings).where(eq((legalSettings as any).id, existing.id))
  );

  return c.json({ settings: updated, message: 'Legal settings updated successfully' });
});

export default legalSettingsRouter;