monacousa-portal/server/api/events/[id].delete.ts

// server/api/events/[id].delete.ts
import { createNocoDBEventsClient } from '~/server/utils/nocodb-events';
import { createSessionManager } from '~/server/utils/session';

export default defineEventHandler(async (event) => {
  console.log('[api/events/[id].delete] =========================');
  console.log('[api/events/[id].delete] DELETE /api/events/[id] - Delete event');
  console.log('[api/events/[id].delete] Request from:', getClientIP(event));
  
  try {
    const eventId = getRouterParam(event, 'id');
    
    if (!eventId) {
      throw createError({
        statusCode: 400,
        statusMessage: 'Event ID is required'
      });
    }

    console.log('[api/events/[id].delete] Deleting event:', eventId);

    // Get user session using the working session manager
    const sessionManager = createSessionManager();
    const cookieHeader = getHeader(event, 'cookie');
    const session = sessionManager.getSession(cookieHeader);
    
    if (!session || !session.user) {
      throw createError({
        statusCode: 401,
        statusMessage: 'Authentication required'
      });
    }

    // Check if user has permission to delete events (board or admin only)
    const userTier = session.user.tier;
    if (userTier !== 'board' && userTier !== 'admin') {
      throw createError({
        statusCode: 403,
        statusMessage: 'Only board members and admins can delete events'
      });
    }

    console.log('[api/events/[id].delete] ✅ User authorized to delete events:', session.user.email, 'tier:', userTier);

    const eventsClient = createNocoDBEventsClient();

    // First, get the event to verify it exists and get the event_id for RSVP cleanup
    let eventToDelete;
    try {
      eventToDelete = await eventsClient.findOne(eventId);
      console.log('[api/events/[id].delete] Found event to delete:', eventToDelete.title, 'event_id:', eventToDelete.event_id);
    } catch (error: any) {
      if (error.statusCode === 404) {
        throw createError({
          statusCode: 404,
          statusMessage: 'Event not found'
        });
      }
      throw error;
    }

    // Get all RSVPs for this event to clean them up
    const eventIdentifier = eventToDelete.event_id || eventToDelete.id || (eventToDelete as any).Id;
    console.log('[api/events/[id].delete] Getting RSVPs for event identifier:', eventIdentifier);
    
    const eventRSVPs = await eventsClient.getEventRSVPs(eventIdentifier.toString());
    console.log('[api/events/[id].delete] Found', eventRSVPs.length, 'RSVPs to delete');

    // Delete all RSVPs first
    let deletedRSVPs = 0;
    for (const rsvp of eventRSVPs) {
      try {
        // Delete RSVP using its database Id
        const rsvpId = rsvp.Id || rsvp.id;
        if (rsvpId) {
          console.log('[api/events/[id].delete] Deleting RSVP:', rsvpId);
          await $fetch(eventsClient.constructor.prototype.createEventTableUrl('EventRSVPs'), {
            method: 'DELETE',
            headers: {
              'xc-token': eventsClient.constructor.prototype.getNocoDbConfiguration().token,
            },
            body: {
              Id: parseInt(rsvpId.toString())
            }
          });
          deletedRSVPs++;
        }
      } catch (rsvpError: any) {
        console.log('[api/events/[id].delete] ⚠️ Error deleting RSVP:', rsvp.Id || rsvp.id, rsvpError);
        // Continue with other RSVPs even if one fails
      }
    }

    console.log('[api/events/[id].delete] Deleted', deletedRSVPs, 'RSVPs');

    // Now delete the event itself using its database Id
    const eventDatabaseId = (eventToDelete as any).Id || eventToDelete.id;
    if (!eventDatabaseId) {
      throw createError({
        statusCode: 500,
        statusMessage: 'Could not determine event database ID for deletion'
      });
    }

    console.log('[api/events/[id].delete] Deleting event with database ID:', eventDatabaseId);
    await eventsClient.delete(eventDatabaseId.toString());

    console.log('[api/events/[id].delete] ✅ Successfully deleted event and all associated RSVPs');

    return {
      success: true,
      message: `Event "${eventToDelete.title}" and ${deletedRSVPs} associated RSVPs deleted successfully`,
      deleted: {
        event: {
          id: eventDatabaseId,
          event_id: eventToDelete.event_id,
          title: eventToDelete.title
        },
        rsvps_deleted: deletedRSVPs
      }
    };

  } catch (error: any) {
    console.error('[api/events/[id].delete] ❌ Error deleting event:', error);
    
    if (error.statusCode) {
      throw error;
    }
    
    throw createError({
      statusCode: 500,
      statusMessage: 'Failed to delete event'
    });
  }
});