import { Elysia } from 'elysia'
import db from '../Database'


const passwordController = new Elysia()
.get('/', ({ user }) => {
    const userGroup = db.query(`SELECT groups.GroupId, groups.GroupName FROM groups JOIN userGroups ON groups.GroupID = userGroups.GroupID JOIN users ON userGroups.UserID = users.id WHERE users.id = ?;`)
    .all(user.id);
    return userGroup
})
.get('/:groupId', ({params: {groupId}}) => {
    // make sure user has access to group
    const passwords = db.query(`SELECT id, name, password, created_by, created_at from passwords WHERE group_id = ?;`)
    .all(groupId);
    console.log(passwords)
    return passwords
})
.post('/:groupId', async({params: {groupId}, body, user}) => {
    const passName = body.name;
    const password = body.password

    if (!passName || passName.trim() === "") {
        return new Response("Name must be defined", { status: 400 });
    }

    const userGroup = db.query(`SELECT 1 FROM userGroups WHERE userID = ? AND groupID = ?;`)
    .get(user.id, groupId);

    if (!userGroup) {
        return new Response("Forbidden: You do not have access to this group", { status: 403 });
    }

    db.query(`INSERT INTO passwords (name, password, group_id, created_by) VALUES (?, ?, ?, ?);`).run(body.name, body.password, groupId, user.name);


    return new Response("Password created successfully", { status: 201 });
})
.delete('/:passwordId', ({params: {passwordId}}) => {
        db.query(`DELETE FROM users WHERE id = ?;`).run(userId);
    
        "deleted password"
})

export default passwordController