<?php
namespace Misuzu;

use RuntimeException;

if(!$msz->isLoggedIn() || !perms_check_user(MSZ_PERMS_USER, $msz->getActiveUser()->getId(), MSZ_PERM_USER_MANAGE_WARNINGS)) {
    echo render_error(403);
    return;
}

$warns = $msz->getWarnings();

if($_SERVER['REQUEST_METHOD'] === 'GET' && filter_has_var(INPUT_GET, 'delete')) {
    if(CSRF::validateRequest()) {
        try {
            $warnInfo = $warns->getWarning((string)filter_input(INPUT_GET, 'w'));
        } catch(RuntimeException $ex) {
            echo render_error(404);
            return;
        }

        $warns->deleteWarnings($warnInfo);
        $msz->createAuditLog('WARN_DELETE', [$warnInfo->getId(), $warnInfo->getUserId()]);
        url_redirect('manage-users-warnings', ['user' => $warnInfo->getUserId()]);
    } else render_error(403);
    return;
}

$users = $msz->getUsers();

try {
    $userInfo = $users->getUser(filter_input(INPUT_GET, 'u', FILTER_SANITIZE_NUMBER_INT), 'id');
} catch(RuntimeException $ex) {
    echo render_error(404);
    return;
}

$modInfo = $msz->getActiveUser();

while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) {
    $body = trim((string)filter_input(INPUT_POST, 'uw_body'));
    Template::set('warn_value_body', $body);

    $warnInfo = $warns->createWarning(
        $userInfo, $body, modInfo: $modInfo
    );

    $msz->createAuditLog('WARN_CREATE', [$warnInfo->getId(), $userInfo->getId()]);
    url_redirect('manage-users-warnings', ['user' => $userInfo->getId()]);
    return;
}

Template::render('manage.users.warning', [
    'warn_user' => $userInfo,
]);