const API = require("../../../lib/API.js")
const db = require("../../../plugin/DataBase/db.js")
const AccessControl = require("../../../lib/AccessControl.js")
const { BaseStdResponse } = require("../../../BaseStdResponse.js")

class AdminDeletePopup extends API {
    constructor() {
        super()
        this.setPath('/Admin/Popup')
        this.setMethod('DELETE')
    }

    async onRequest(req, res) {
        const { uuid, session, id } = req.body
        if ([uuid, session, id].some(v => v === '' || v === null || v === undefined))
            return res.json({ ...BaseStdResponse.MISSING_PARAMETER })

        if (!await AccessControl.checkSession(uuid, session))
            return res.status(401).json({ ...BaseStdResponse.ACCESS_DENIED })
        const permission = await AccessControl.getPermission(uuid)
        if (!permission.includes("admin") && !permission.includes("server"))
            return res.json({ ...BaseStdResponse.PERMISSION_DENIED })

        const rows = await db.query('DELETE FROM site_popup WHERE id = ?', [id])
        if (!rows) return res.json({ ...BaseStdResponse.DATABASE_ERR })
        if (rows.affectedRows !== 1) return res.json({ ...BaseStdResponse.ERR, msg: '公告不存在' })

        return res.json({ ...BaseStdResponse.OK })
    }
}

module.exports.AdminDeletePopup = AdminDeletePopup