import SQL from 'sql-template-strings';
import { ulid } from 'ulid';

import { clearKey, PermissionAreas } from '#shared/helpers.ts';
import { auditLog } from '~~/server/audit.ts';
import { getLocale, loadConfig } from '~~/server/data.ts';
import { approveTermEntry } from '~~/server/terms.ts';
import { isAllowedToPost } from '~~/server/user.ts';

export default defineEventHandler(async (event) => {
    const locale = getLocale(event);
    checkIsConfigEnabledOr404(await loadConfig(locale), 'terminology');

    const { user, isGranted } = await useAuthentication(event);
    const db = useDatabase();

    if (!user || !await isAllowedToPost(db, user)) {
        throw createError({
            status: 401,
            statusMessage: 'Unauthorised',
        });
    }

    const body = await readBody(event);

    const id = ulid();
    await db.get(SQL`
        INSERT INTO terms (
            id, term, original, key, definition, approved,
            base_id, locale, author_id, category, flags, images
        )
        VALUES (
            ${id},
            ${body.term.join('|')}, ${body.original.join('|')}, ${clearKey(body.key)}, ${body.definition},
            0, ${body.base}, ${locale}, ${user.id},
            ${body.categories.join(',')}, ${JSON.stringify(body.flags)}, ${body.images ? body.images.join(',') : null}
        )
    `);
    await auditLog({ user }, 'terms/submitted', body);

    if (isGranted(PermissionAreas.Terms)) {
        await approveTermEntry(db, id, locale);
        await auditLog({ user }, 'terms/approved', { id });
    }

    setResponseStatus(event, 201, 'Created');
});