local app = require("lapis").Application()
local json_params = require("lapis.application").json_params

local db = require("lapis.db")

local html_escape = require("lapis.html").escape
local babycode = require("lib.babycode")

local util = require("util")

app:post("api_get_thread_updates", "/thread-updates/:thread_id", json_params(function(self)
  local thread = db.query("SELECT threads.id FROM threads WHERE threads.id = ?", self.params.thread_id)
  if #thread == 0 then
    return {json = {error = "no such thread"}, status = 404}
  end
  local target_time = self.params.since
  if not target_time then
    return {json = {error = "missing parameter 'since'"}, status = 400}
  end
  if not tonumber(target_time) then
    return {json = {error = "parameter 'since' is not a number"}, status = 400}
  end
  local new_posts_query = "SELECT id FROM posts WHERE thread_id = ? AND posts.created_at > ? ORDER BY posts.created_at ASC LIMIT 1"
  local new_post = db.query(new_posts_query, self.params.thread_id, target_time)
  if #new_post == 0 then
    return {json = {status = "none"}, status = 200}
  end
  local url = util.get_post_url(self, new_post[1].id)
  return {json = {status = "new_post", url = url}}
end))

app:post("babycode_preview", "/babycode-preview", json_params(function(self)
  local user = util.get_logged_in_user(self)
  if not user then
    return {json = {error = "not authorized"}, status = 401}
  end
  if not util.rate_limit_allowed(user.id, "babycode_preview", 5) then
    return {json = {error = "too many requests"}, status = 429}
  end
  local markup = self.params.markup
  if not markup or type(markup) ~= "string" then
    return {json = {error = "markup field missing or invalid type"}, status = 400}
  end
  local rendered = babycode.to_html(markup, html_escape)
  return {json = {html = rendered}}
end))

return app