MinglarBackendNestJS/src/modules/host/handlers/Activity_Hub/Scheduling/createSchedulingOfAct.ts

import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
import { safeHandler } from '../../../../../common/utils/handlers/safeHandler';
import { prismaClient } from '../../../../../common/database/prisma.lambda.service';
import { SchedulingService } from '../../../services/activityScheduling.service';
import { HostService } from '../../../services/host.service';
import ApiError from '../../../../../common/utils/helper/ApiError';
import { verifyHostToken } from '../../../../../common/middlewares/jwt/authForHost';
import { scheduleActivity } from '../../../../../common/utils/validation/host/createSchedulingOfAct.validation';
import { z } from 'zod';

const schedulingService = new SchedulingService(prismaClient);
const hostService = new HostService(prismaClient);

export const handler = safeHandler(async (
    event: APIGatewayProxyEvent,
    context?: Context
): Promise<APIGatewayProxyResult> => {
    // Extract token from headers
    const token = event.headers['x-auth-token'] || event.headers['X-Auth-Token']
    if (!token) {
        throw new ApiError(400, 'This is a protected route. Please provide a valid token.');
    }

    // Authenticate user using the shared authForHost function
    const userInfo = await verifyHostToken(token);
    const hostId = userInfo.id;

    if (Number.isNaN(hostId)) {
        throw new ApiError(400, 'Host id must be a number');
    }

    const host = await hostService.getHostIdByUserXid(hostId);
    if (!host) {
        throw new ApiError(404, 'Host not found');
    }

    let body: unknown;
    try {
        body = event.body ? JSON.parse(event.body) : {};
    } catch {
        throw new ApiError(400, 'Invalid JSON payload');
    }

    // ✅ Validate payload using Zod

    const parsed = scheduleActivity.safeParse(body);

    if (!parsed.success) {
        const msg = parsed.error.issues
            .map(e => e.message)
            .join(', ');
        throw new ApiError(400, `Validation failed: ${msg}`);
    }

    const activity = await schedulingService.getActivityByXid(parsed.data.activityXid);
    if (!activity) {
        throw new ApiError(404, "Activity not found");
    }

    if (parsed.data.venues && parsed.data.venues.length > 0) {
        for (const venue of parsed.data.venues) {
            const venueExists = await schedulingService.getVenueFromVenueXid(
                venue.venueXid,
                parsed.data.activityXid
            );

            if (!venueExists) {
                throw new ApiError(
                    404,
                    `Venue with xid ${venue.venueXid} not found for this activity`
                );
            }
        }
    }


    await schedulingService.addSchedulingForActivity(parsed.data);
    return {
        statusCode: 200,
        headers: {
            'Content-Type': 'application/json',
            'Access-Control-Allow-Origin': '*',
        },
        body: JSON.stringify({
            success: true,
            message: 'Scheduling details updated successfully',
        }),
    };
});