const express = require('express'); const { standardizeError } = require('../middleware/errorFormatter'); const router = express.Router(); const { getDb, ensureUserDefaultCategories } = require('../db/database'); // GET /api/categories router.get('/', (req, res) => { const db = getDb(); ensureUserDefaultCategories(req.user.id); const categories = db.prepare(` SELECT id, user_id, name, sort_order, created_at, updated_at FROM categories WHERE user_id = ? AND deleted_at IS NULL ORDER BY CASE WHEN sort_order IS NULL THEN 1 ELSE 0 END, sort_order ASC, name COLLATE NOCASE ASC `).all(req.user.id); const billsByCategory = db.prepare(` SELECT b.id, b.category_id, b.name, b.active, b.expected_amount, b.due_day, COUNT(p.id) AS payment_count, COALESCE(SUM(p.amount), 0) AS total_paid, MAX(p.paid_date) AS last_paid_date FROM bills b LEFT JOIN payments p ON p.bill_id = b.id AND p.deleted_at IS NULL WHERE b.user_id = ? AND b.category_id = ? AND b.deleted_at IS NULL GROUP BY b.id ORDER BY b.active DESC, b.due_day ASC, b.name COLLATE NOCASE ASC `); const shaped = categories.map(category => { const bills = billsByCategory.all(req.user.id, category.id).map(bill => ({ ...bill, active: !!bill.active, payment_count: Number(bill.payment_count || 0), total_paid: Number(bill.total_paid || 0), last_paid_date: bill.last_paid_date || null, })); const activeBillCount = bills.filter(bill => bill.active).length; const inactiveBillCount = bills.length - activeBillCount; const paymentCount = bills.reduce((sum, bill) => sum + bill.payment_count, 0); return { ...category, bill_count: activeBillCount, active_bill_count: activeBillCount, inactive_bill_count: inactiveBillCount, payment_count: paymentCount, bill_names: bills.map(bill => bill.name), bills, }; }); res.json(shaped); }); // PUT /api/categories/reorder router.put('/reorder', (req, res) => { const db = getDb(); const entries = Object.entries(req.body || {}).map(([categoryId, sortOrder]) => ({ categoryId: Number(categoryId), sortOrder: Number(sortOrder), })); if (entries.length === 0) { return res.status(400).json(standardizeError('At least one category order is required', 'VALIDATION_ERROR', 'reorder')); } const invalid = entries.find(({ categoryId, sortOrder }) => ( !Number.isInteger(categoryId) || categoryId <= 0 || !Number.isInteger(sortOrder) || sortOrder < 0 )); if (invalid) { return res.status(400).json(standardizeError('Reorder payload must map category ids to non-negative integer positions', 'VALIDATION_ERROR', 'reorder')); } const ids = entries.map(item => item.categoryId); const placeholders = ids.map(() => '?').join(','); const owned = db.prepare(` SELECT id FROM categories WHERE user_id = ? AND deleted_at IS NULL AND id IN (${placeholders}) `).all(req.user.id, ...ids); if (owned.length !== ids.length) { return res.status(404).json(standardizeError('One or more categories were not found', 'NOT_FOUND', 'category_id')); } const update = db.prepare("UPDATE categories SET sort_order = ?, updated_at = datetime('now') WHERE id = ? AND user_id = ?"); db.transaction((items) => { for (const item of items) update.run(item.sortOrder, item.categoryId, req.user.id); })(entries); res.json({ success: true }); }); // POST /api/categories router.post('/', (req, res) => { const db = getDb(); const { name } = req.body; if (!name) return res.status(400).json(standardizeError('name is required', 'VALIDATION_ERROR', 'name')); try { const result = db.prepare('INSERT INTO categories (user_id, name) VALUES (?, ?)').run(req.user.id, name.trim()); const created = db.prepare('SELECT * FROM categories WHERE id = ?').get(result.lastInsertRowid); res.status(201).json(created); } catch (e) { if (e.message.includes('UNIQUE')) { return res.status(409).json(standardizeError('Category already exists', 'CONFLICT', 'name')); } throw e; } }); // PUT /api/categories/:id router.put('/:id', (req, res) => { const db = getDb(); const { name } = req.body; if (!name) return res.status(400).json(standardizeError('name is required', 'VALIDATION_ERROR', 'name')); const cat = db.prepare('SELECT id FROM categories WHERE id = ? AND user_id = ? AND deleted_at IS NULL').get(req.params.id, req.user.id); if (!cat) return res.status(404).json(standardizeError('Category not found', 'NOT_FOUND', 'id')); try { db.prepare("UPDATE categories SET name = ?, updated_at = datetime('now') WHERE id = ? AND user_id = ?") .run(name.trim(), req.params.id, req.user.id); res.json(db.prepare('SELECT * FROM categories WHERE id = ? AND user_id = ? AND deleted_at IS NULL').get(req.params.id, req.user.id)); } catch (e) { if (e.message.includes('UNIQUE')) { return res.status(409).json(standardizeError('Category already exists', 'CONFLICT', 'name')); } throw e; } }); // DELETE /api/categories/:id router.delete('/:id', (req, res) => { const db = getDb(); const cat = db.prepare('SELECT id, name FROM categories WHERE id = ? AND user_id = ? AND deleted_at IS NULL').get(req.params.id, req.user.id); if (!cat) return res.status(404).json(standardizeError('Category not found', 'NOT_FOUND', 'id')); const deleted = db.prepare("UPDATE categories SET deleted_at = datetime('now'), updated_at = datetime('now') WHERE id = ? AND user_id = ? AND deleted_at IS NULL") .run(req.params.id, req.user.id); res.json({ success: true, deleted: deleted.changes, deleted_category_id: cat.id, deleted_category_name: cat.name, recoverable_until_days: 30, }); }); // POST /api/categories/:id/restore — undo category soft delete router.post('/:id/restore', (req, res) => { const db = getDb(); const cat = db.prepare('SELECT id, name FROM categories WHERE id = ? AND user_id = ? AND deleted_at IS NOT NULL').get(req.params.id, req.user.id); if (!cat) return res.status(404).json(standardizeError('Deleted category not found', 'NOT_FOUND', 'id')); db.prepare("UPDATE categories SET deleted_at = NULL, updated_at = datetime('now') WHERE id = ? AND user_id = ?") .run(req.params.id, req.user.id); res.json(db.prepare('SELECT * FROM categories WHERE id = ? AND user_id = ?').get(req.params.id, req.user.id)); }); module.exports = router;