import { NextRequest, NextResponse } from 'next/server'; import { z } from 'zod'; import { opportunityReopenSchema } from '@/features/crm/opportunities/schemas/lifecycle.schema'; import { reopenOpportunity } from '@/features/crm/opportunities/server/lifecycle.service'; import { getOpportunityDetail } from '@/features/crm/opportunities/server/service'; import { PERMISSIONS } from '@/lib/auth/rbac'; import { AuthError, requireOrganizationAccess } from '@/lib/auth/session'; type Params = { params: Promise<{ id: string }>; }; export async function POST(request: NextRequest, { params }: Params) { try { const { id } = await params; const { organization, session, membership } = await requireOrganizationAccess({ permission: PERMISSIONS.crmOpportunityLifecycleReopen }); const payload = opportunityReopenSchema.parse(await request.json()); const accessContext = { organizationId: organization.id, userId: session.user.id, membershipRole: membership.role, businessRole: membership.businessRole, permissions: membership.permissions ?? [], branchScopeIds: membership.branchScopeIds ?? [], productTypeScopeIds: membership.productTypeScopeIds ?? [], ownershipScope: membership.ownershipScope ?? 'organization', branchScopeMode: membership.branchScopeMode === 'assigned' ? 'assigned' : 'all', productScopeMode: membership.productScopeMode === 'assigned' ? 'assigned' : 'all' }; const before = await getOpportunityDetail(id, organization.id, accessContext); const updated = await reopenOpportunity(id, organization.id, session.user.id, payload, accessContext); const after = await getOpportunityDetail(id, organization.id, accessContext); return NextResponse.json({ success: true, message: 'Opportunity reopened successfully', before, opportunity: updated, after }); } catch (error) { if (error instanceof AuthError) { return NextResponse.json({ message: error.message }, { status: error.status }); } if (error instanceof z.ZodError) { return NextResponse.json( { message: error.issues[0]?.message ?? 'Invalid payload' }, { status: 400 } ); } if (error instanceof Error) { return NextResponse.json({ message: error.message }, { status: 400 }); } return NextResponse.json({ message: 'Unable to reopen opportunity' }, { status: 500 }); } }