var express  = require('express');
var router   = express.Router();
var dbTransactions = require("../../database/transactions");

router.post("/a/",async function(req,res) {
    if (!res.locals.user || !res.locals.user.canDo || !res.locals.user.canDo('user_add')) {
        res.status(401).json({"status":401,"message":"you are not authorized to add a transaction"});
        return;
    }
    if (!req.body.transactions || !req.body.transactions.length || req.body.transactions.length === 0) {
        res.status(400).json({"status":400,"message":"must pass an array of transactions in the body"});
    }
    const result = await dbTransactions.addArray(req.body.transactions);
    res.status(200).json({"status":200,"message":"transactions added","result":result});
});

router.get("/a/", async function(req, res) {
    
    if (!res.locals.user || !res.locals.user.canDo || !res.locals.user.canDo('user_add')) {
        res.status(401).json({"status":401,"message":"you are not authorized to add a transaction"});
        return;
    }
    var trans = [];
    if (req.query.taxYear) {
        trans = await dbTransactions.getByYear(req.query.taxYear);
    }
    res.status(201).json({"status":201,"message":"transactions for " + req.query.taxYear,"transactions":trans});
});

module.exports = router;