from fastapi import APIRouter, Depends, Form, Request, HTTPException
from sqlalchemy.orm import Session
from sqlalchemy import text

from ..db import get_session
from ..models import TimeEntry

router = APIRouter(prefix="/timesheet", tags=["Timesheet API"])

@router.post("/delete-entry")
def delete_entry(
    request: Request,
    entry_id: int = Form(...),
    timesheet_id: int = Form(...),
    db: Session = Depends(get_session),
):
    # Require edit/admin permission (mirror your other viewers)
    if not (request.session.get("is_admin") or request.session.get("can_edit")):
        raise HTTPException(status_code=403, detail="Edit access required")

    te = db.query(TimeEntry).get(entry_id)
    if not te or int(te.timesheet_id) != int(timesheet_id):
        raise HTTPException(status_code=404, detail="Time entry not found for this time period")

    # Remove import-batch linkage first (safe if none exist)
    db.execute(text("DELETE FROM import_batch_items WHERE time_entry_id = :eid"), {"eid": entry_id})

    # Delete the time entry
    db.delete(te)
    db.commit()

    return {"ok": True}