import { GetAccessToken } from "../../gcloud.js";
import { jsonError } from "../../common.js";

export async function onRequestPost(context: RequestContext) {
  const { id } = context.data.body;

  if (!id) return jsonError("No ID provided", 400);

  const reportUserId = await context.env.DATA.get(`reportprocessing_${id}`);

  if (
    !reportUserId ||
    (context.data.current_user?.id !== reportUserId &&
      context.request.headers.get("CF-Connecting-IP") !== reportUserId)
  )
    return jsonError("No processing report with that ID found", 404);

  const data: Record<string, any> | null = await context.env.D1.prepare(
    "SELECT attachments FROM reports WHERE id = ?;",
  )
    .bind(id)
    .first();

  if (!data) return jsonError("No report with that ID found", 404);

  data.attachments = JSON.parse(data.attachments);

  const accessToken = await GetAccessToken(context.env);
  const attachmentDeletePromises = [];
  const existingAttachments = [...data.attachments];

  for (const attachment of existingAttachments) {
    if (!attachment.startsWith("t/")) data.attachments.push(`t/${attachment}`);
    else data.attachments.push(attachment.replace("t/", ""));
  }

  for (const attachment of data.attachments)
    attachmentDeletePromises.push(
      fetch(
        `https://storage.googleapis.com/storage/v1/b/portal-carcrushers-cc/o/${encodeURIComponent(
          attachment,
        )}`,
        {
          headers: {
            authorization: `Bearer ${accessToken}`,
          },
          method: "DELETE",
        },
      ),
    );

  await Promise.allSettled(attachmentDeletePromises);
  await context.env.D1.prepare("DELETE FROM reports WHERE id = ?;")
    .bind(id)
    .run();

  return new Response(null, {
    status: 204,
  });
}