use actix_web::{http::header::LOCATION, web, HttpResponse, Responder};
use sqlx::PgPool;

use crate::{
    endpoints::{location::LocationForm, IdPath},
    utils::ApplicationError,
};
use brass_db::models::{Location, Role, User};

#[actix_web::post("/locations/edit/{id}")]
pub async fn post(
    user: web::ReqData<User>,
    pool: web::Data<PgPool>,
    form: web::Form<LocationForm>,
    path: web::Path<IdPath>,
) -> Result<impl Responder, ApplicationError> {
    if user.role != Role::AreaManager && user.role != Role::Admin {
        return Err(ApplicationError::Unauthorized);
    }

    let area_id = if user.role == Role::Admin && form.area.is_some() {
        form.area.unwrap()
    } else {
        user.area_id
    };

    Location::update(pool.get_ref(), path.id, &form.name, area_id).await?;

    Ok(HttpResponse::Found()
        .insert_header((LOCATION, "/locations"))
        .insert_header(("HX-LOCATION", "/locations"))
        .finish())
}