import san from "sanitize-html";
import { messages } from "~/lib/server/constants";
import { log } from "~/lib/server/logger";
import isLoggedIn from "~/lib/server/middlewareButNotReally/isLoggedIn";
import { Review } from "~/models/stories/review";

export default eventHandler(async (ev) => {
	isLoggedIn(ev);
	const revid = parseInt(getRouterParam(ev, "revid")!);
	let c = await Review.findById(revid);
	if (!c) {
		throw createError({
			statusCode: 404,
			message: messages[404],
		});
	}
	log.silly(`${ev.context.currentUser!._id!} || ${c.author}`, {
		label: "what the fuck",
	});
	if (c?.author._id != ev.context.currentUser?._id) {
		throw createError({
			message: messages[403],
			statusCode: 403,
		});
	}
	const body = await readBody(ev);
	await Review.findByIdAndUpdate(revid, {
		$set: {
			text: san(body.content),
		},
	});
	return {
		success: true,
		data: await Review.findById(revid)
			.populate("author", "username _id")
			.exec(),
	};
});