using Hutopy.Web.Common;
using Hutopy.Web.Common.Security;
using Hutopy.Web.Features.Messages.Data;

namespace Hutopy.Web.Features.Messages.Handlers;

public record DeleteMessageRequest(Guid MessageId);

internal sealed class DeleteMessageRequestValidator
    : Validator<DeleteMessageRequest>
{
    public DeleteMessageRequestValidator()
    {
        RuleFor(r => r.MessageId)
            .NotNull().WithMessage("You must specify a MessageId")
            .NotEmpty().WithMessage("You must specify a non-empty MessageId");
    }
}

public class DeleteMessage(
    MessagingDbContext context)
    : Endpoint<DeleteMessageRequest>
{
    public override void Configure()
    {
        Delete("/api/messages/{MessageId}");
        Options(o => o.WithTags("Messages"));
    }

    public override async Task HandleAsync(
        DeleteMessageRequest req,
        CancellationToken ct)
    {
        var message = await context.Messages.FirstOrDefaultAsync(x => x.Id == req.MessageId, ct);

        if (message is null)
        {
            await SendNotFoundAsync(ct);
            return;
        }
        
        var userId = HttpContext.User.GetUserId();
        if (message.CreatedBy != userId)
        {
            await SendForbiddenAsync(ct);
            return;
        }
        
        context.Messages.Remove(message);

        await context.SaveChangesAsync(ct);
    }
}