// backend/server/api/admin/moderation/[id]/dismiss.post.ts
//
// POST /api/admin/moderation/[id]/dismiss
// Body: { type: "post" | "comment" }
//
// Flag-clear ohne Aktion: isModerated → false. Audit-Log "dismiss".

import { dismissModerationItem } from "../../../../db/moderation";

export default defineEventHandler(async (event) => {
  const config = useRuntimeConfig();
  const secret = getHeader(event, "x-admin-secret");
  if (!config.adminSecret || secret !== config.adminSecret) {
    throw createError({ statusCode: 401, message: "Unauthorized" });
  }

  const id = getRouterParam(event, "id");
  if (!id) throw createError({ statusCode: 400, message: "ID fehlt" });

  const body = (await readBody(event).catch(() => ({}))) as {
    type?: string;
    adminUserId?: string;
  };

  const type = body?.type === "comment" ? "comment" : "post";
  return dismissModerationItem(type, id, body?.adminUserId ?? null);
});