import { readAccounts } from "~/server/database"

export default defineEventHandler(async (event) => {
	const session = await requireServerSession(event);
	const accounts = await readAccounts();
	const account = accounts.find(a => a.id === session.accountId);
	if (!account) {
		throw new Error("Account does not exist");
	}

	if (account.type === "admin") {
		return accounts;
	}
	if (account.type === "crew") {
		return accounts.filter(a => a.type === "crew" || a.type === "admin");
	}
	throw createError({
		status: 403,
		statusText: "Forbidden",
		message: "You do not have permission to list accounts",
	});
})