use actix_web::{post, web::Data, HttpRequest, HttpResponse};
use serde::Deserialize;

use crate::{
    ctx::Ctx, db::models::Board, error::NekrochanError, qsform::QsForm, web::tcx::account_from_auth,
};

#[derive(Deserialize)]
pub struct RemoveBoardsForm {
    #[serde(default)]
    boards: Vec<String>,
}

#[post("/staff/actions/remove-boards")]
pub async fn remove_boards(
    ctx: Data<Ctx>,
    req: HttpRequest,
    QsForm(form): QsForm<RemoveBoardsForm>,
) -> Result<HttpResponse, NekrochanError> {
    let account = account_from_auth(&ctx, &req).await?;

    if !account.perms().owner() {
        return Err(NekrochanError::InsufficientPermissionError);
    }

    for board in form.boards {
        if let Some(board) = Board::read(&ctx, board).await? {
            board.delete(&ctx).await?;
        }
    }

    let res = HttpResponse::SeeOther()
        .append_header(("Location", "/staff/boards"))
        .finish();

    Ok(res)
}