#include <evapp/scaffold.h>

void handle_delete(evapp_ctx *ctx) {
  char dbname[32];
  evapp_db *db;
  uint64_t id;
  HDF *hdf = NULL;
  bool deleted = false;
  struct evhttp_request *request = evapp_request(ctx);

  if (request->type != EVHTTP_REQ_POST) {
    send_not_found(ctx, "Method disallowed for URI");
    return;
  }

  if (!get_last_value_as_uint64(ctx, &id)) {
    send_not_found(ctx, "no valid object id was supplied");
    return;
  }

  if (!parse_query((char *)EVBUFFER_DATA(request->input_buffer),
                    EVBUFFER_LENGTH(request->input_buffer), false,
                    false, &hdf, NULL)) {
    send_not_found(ctx, "failed to parse data");
    return;
  }

  if (!hdf) {
    send_forbidden(ctx, "invalid or missing request token");
    return;
  }

  // Now check the xsrf token
  if (!check_xsrf(ctx, hdf_get_value(hdf, "token", NULL))) {
    hdf_destroy(&hdf);
    send_forbidden(ctx, "invalid or missing request token");
    return;
  }

  // returns a pointer back into the request object.
  if (!get_database_from_uri(request->uri, dbname, sizeof(dbname))) {
    hdf_destroy(&hdf);
    send_not_found(ctx, "no valid object type was found");
    return;
  }

  db = evapp_db_select(ctx, dbname);
  if (db && db->del)
    // XXX: should these functions take their own db object?
    //      currently they waste cycles looking it up again..
    deleted = db->del(ctx, id);

  if (!deleted) {
    send_not_found(ctx, "unable to delete object");
    hdf_destroy(&hdf);
    return;
  }

  if (!template_render(ctx, hdf, "/delete/", dbname)) {
    char return_msg[512];
    snprintf(return_msg, sizeof(return_msg), 
             "Return to <a href=\"/list/%s\">list</a>", dbname);
    send_ok(ctx, return_msg);
  }

  hdf_destroy(&hdf);
  return;
}