<?php

declare(strict_types=1);

final class UserPasswordPutController extends AbstractController
{
	protected string $route = '/api/v1/user/{userId}/password';

	/** @var string[] */
	protected array $mandatoryAttributes=  [
		'password',
	];

	private int $userId;

	public function __construct(string $url)
	{
		parent::__construct($url);
		$this->userId = (int)$this->getUrlParamInt('userId');
	}

	public function handle(): void
	{
		if (!$this->isUserLoggedIn() || !$this->hasUserPermission($this->userId)) {
			return;
		}

		parent::handle();

		if ($this->response->getStatus() !== ServerStatus::OK) {
			return;
		}

		$this->response = new ApiJsonResponse();

		try {
			$user = new User($this->userId);
			$user->setPassword(Password::GetHash($this->jsonBody->password));
			$user->Save();
		} catch (Throwable $e) {
			$this->response->setSuccess(false);
			$this->response->setStatus($e->getCode() !== 0 ? $e->getCode() : ServerStatus::BAD_REQUEST);
			$this->response->setMessage($e->getMessage());
		}
	}
}