# frozen_string_literal: true

# API Controller for resources of type Users with role :partner
class API::UsersController < API::ApiController
  before_action :authenticate_user!

  def index
    if current_user.admin? && params[:role] == 'partner'
      @users = User.with_role(:partner).includes(:profile)
    else
      head 403
    end
  end

  def create
    if current_user.admin?
      generated_password = Devise.friendly_token.first(8)
      @user = User.new(email: partner_params[:email],
                       username: "#{partner_params[:first_name]}#{partner_params[:last_name]}",
                       password: generated_password,
                       password_confirmation: generated_password,
                       group_id: Group.first.id)
      @user.build_profile(first_name: partner_params[:first_name],
                          last_name: partner_params[:last_name],
                          gender: true,
                          birthday: Time.now,
                          phone: '0000000000')

      if @user.save
        @user.remove_role :member
        @user.add_role :partner
        render status: :created
      else
        render json: @user.errors.full_messages, status: :unprocessable_entity
      end
    else
      head 403
    end
  end

  private

  def partner_params
    params.require(:user).permit(:email, :first_name, :last_name)
  end
end