<?php

use mystic\forum\orm\Post;
use mystic\forum\orm\Topic;
use mystic\forum\orm\User;
use mystic\forum\orm\UserPermissions;
use mystic\forum\utils\RequestUtils;

if (!$currentUser) {
    http_response_code(403);
    msg_error(__("You need to be logged in to update posts!"));
    exit;
}

$formId = "updatepost";
$postId = RequestUtils::getRequiredField("post", $formId);
$message = RequestUtils::getRequiredField("message", $formId);

$item = new Post();
$item->id = $postId;

if (!$db->fetch($item) || $item->deleted) {
    http_response_code(404);
    msg_error(__("No post exists with this id"));
    exit;
}

$topicAuthor = new User();
$topicAuthor->id = $item->authorId;

if (!$db->fetch($topicAuthor))
    $topicAuthor = null;

$canEdit = ($currentUser->id === $topicAuthor?->id && $topicAuthor?->hasPermission(UserPermissions::EDIT_OWN_POST))
          || ($currentUser->hasPermission(UserPermissions::EDIT_OTHER_POST));

$topic = new Topic();
$topic->id = $item->topicId;

if (!$db->fetch($topic))
    $topic = null;

if ($topic->isLocked) {
    http_response_code(403);
    msg_error(__("This topic has been locked"));
    exit;
}

if (!$canEdit) {
    http_response_code(403);
    msg_error(__("You don't have permission to edit this post"));
    exit;
}

$confirm = $_POST["confirm"] ?? null;

$item->content = $message;
$item->edited = true;

if (!$db->update($item)) {
    http_response_code(500);
    msg_error(__("Failed to update post"));
    exit;
}

header("Location: ?_action=viewtopic&topic=" . urlencode($item->topicId) . "#post-" . urlencode($postId));