'use server'

import { cookies } from 'next/headers'
import { redirect } from 'next/navigation'
import { createClient } from '@/lib/supabase/server'
import { VIEW_AS_COOKIE } from '@/lib/effective-user'

async function isSuperAdmin(): Promise<boolean> {
  const supabase = await createClient()
  const {
    data: { user },
  } = await supabase.auth.getUser()
  if (!user) return false
  const { data } = await supabase
    .from('profiles')
    .select('is_super_admin')
    .eq('id', user.id)
    .maybeSingle<{ is_super_admin: boolean }>()
  return !!data?.is_super_admin
}

export async function enterViewAs(formData: FormData) {
  const targetId = String(formData.get('user_id') ?? '').trim()
  if (!targetId) redirect('/')

  if (!(await isSuperAdmin())) {
    // Silently no-op if not a super admin.
    redirect('/')
  }

  const cookieStore = await cookies()
  cookieStore.set(VIEW_AS_COOKIE, targetId, {
    httpOnly: true,
    sameSite: 'lax',
    path: '/',
    maxAge: 60 * 60 * 8, // 8 hours
  })
  redirect('/')
}

export async function exitViewAs() {
  const cookieStore = await cookies()
  cookieStore.delete(VIEW_AS_COOKIE)
  redirect('/')
}