const express = require('express');
const router = express.Router();
const Payment = require('../models/Payment');
const { authMiddleware, requireRole } = require('../middleware/auth');

// 获取所有打款记录（需 admin 或 store）
router.get('/', authMiddleware, requireRole('admin', 'store'), async (req, res) => {
  try {
    const payments = await Payment.find();
    res.json({ success: true, data: payments });
  } catch (error) {
    res.status(500).json({ success: false, message: '服务器内部错误' });
  }
});

// 创建打款记录（需 admin 或 store）
router.post('/', authMiddleware, requireRole('admin', 'store'), async (req, res) => {
  try {
    const payment = new Payment(req.body);
    await payment.save();
    res.json({ success: true, data: payment });
  } catch (error) {
    res.status(400).json({ success: false, message: '服务器内部错误' });
  }
});

// 更新打款记录（需 admin 或 store）
router.put('/:id', authMiddleware, requireRole('admin', 'store'), async (req, res) => {
  try {
    const payment = await Payment.findByIdAndUpdate(req.params.id, req.body, { new: true });
    res.json({ success: true, data: payment });
  } catch (error) {
    res.status(400).json({ success: false, message: '服务器内部错误' });
  }
});

// 删除打款记录（需 admin 或 store）
router.delete('/:id', authMiddleware, requireRole('admin', 'store'), async (req, res) => {
  try {
    await Payment.findByIdAndDelete(req.params.id);
    res.json({ success: true });
  } catch (error) {
    res.status(400).json({ success: false, message: '服务器内部错误' });
  }
});

module.exports = router;