const API = require("../../../lib/API");
const db = require("../../../plugin/DataBase/db");
const AccessControl = require("../../../lib/AccessControl");
const { BaseStdResponse } = require("../../../BaseStdResponse");

// 删除产品
class DeleteProduct extends API {
    constructor() {
        super();

        this.setPath('/Admin/Goods')
        this.setMethod('DELETE')
    }

    async onRequest(req, res) {
        let { uuid, session, id } = req.body

        if ([uuid, session, id].some(value => value === '' || value === null || value === undefined))
            return res.json({
                ...BaseStdResponse.MISSING_PARAMETER
            })

        // 检查 session
        if (!await AccessControl.checkSession(uuid, session))
            return res.status(401).json({
                ...BaseStdResponse.ACCESS_DENIED
            })

        // 检查权限
        let permission = await AccessControl.getPermission(uuid)
        if (!permission.includes("admin") && !permission.includes("product"))
            return res.json({
                ...BaseStdResponse.PERMISSION_DENIED
            })

        let sql = 'DELETE FROM goods WHERE id = ?'
        let r = await db.query(sql, [id])

        try {
            if (r && r.affectedRows > 0) {
                res.json({
                    ...BaseStdResponse.OK
                })
            } else {
                res.json({ ...BaseStdResponse.ERR, endpoint: 7894378, msg: '删除商品失败！数据库错误' })
            }
        } catch (err) {
            this.logger.error(`删除商品失败！${err.stack}`)
            res.json({
                ...BaseStdResponse.ERR,
                msg: "删除商品失败！",
            });
        }
    }
}

module.exports.DeleteProduct = DeleteProduct;