// FILE: src/routes/views.js
// Views routes
// - GET /api/views to list all views
// - GET /api/views/:view_name to get view definition
// - Requires appropriate permissions via requirePerm middleware

import { Router } from "express";
import sql from "../db/index.js";
import { requirePerm } from "../middleware/requirePerm.js";
import PERM from "../config/permissions.js";

const r = Router();
const DB_NAME = process.env.DB_NAME || "dms_db";

// LIST views
r.get(
  "/",
  requirePerm(PERM.viewdef.read, { scope: "global" }),
  async (req, res) => {
    const [rows] = await sql.query(
      `SELECT TABLE_SCHEMA AS db, TABLE_NAME AS view_name
       FROM information_schema.VIEWS
       WHERE TABLE_SCHEMA = ? ORDER BY TABLE_NAME`,
      [DB_NAME]
    );
    res.json(rows);
  }
);

// GET view definition
r.get(
  "/:view_name",
  requirePerm(PERM.viewdef.read, { scope: "global" }),
  async (req, res) => {
    const viewName = req.params.view_name;
    const [[row]] = await sql.query(
      `SELECT VIEW_DEFINITION AS definition
       FROM information_schema.VIEWS
       WHERE TABLE_SCHEMA=? AND TABLE_NAME=?`,
      [DB_NAME, viewName]
    );
    if (!row) return res.status(404).json({ error: "Not found" });
    res.json({ view: viewName, definition: row.definition });
  }
);

export default r;