import { getBanList, setBanList } from "../../../roblox-open-cloud.js";
import { jsonError } from "../../../common.js";

export async function onRequestPost(context: RequestContext) {
  if (!(context.data.current_user.permissions & (1 << 5)))
    return jsonError("Forbidden", 403);

  const { ticket_link } = context.data.body;

  if (
    !ticket_link?.match(
      /^https?:\/\/carcrushers\.modmail\.dev\/logs\/[a-z\d]{12}$/,
    )
  )
    return jsonError("Invalid ticket link provided", 400);

  const user = context.params.user as string;

  if (isNaN(parseInt(user))) return jsonError("Invalid user ID", 400);

  await context.env.D1.prepare(
    "INSERT INTO game_mod_logs (action, evidence, executed_at, executor, id, target) VALUES (?, ?, ?, ?, ?, ?);",
  )
    .bind(
      "revoke",
      ticket_link,
      Date.now(),
      context.data.current_user.id,
      crypto.randomUUID(),
      parseInt(user),
    )
    .run();

  const banList = (await getBanList(context)) as {
    [k: string]: { BanType: number };
  };

  delete banList[user];
  await setBanList(context, banList);

  return new Response(null, {
    status: 204,
  });
}