class AssignmentsController < ApplicationController
  before_action :set_assignment, only: [:show, :edit, :update, :destroy]
  before_action :check_permissions, only: [:edit, :update]

  # GET /assignments
  # GET /assignments.json
  def index
    @assignments = current_user.assignments
  end

  # GET /assignments/1
  # GET /assignments/1.json
  def show
  end

  # GET /assignments/new
  def new
    @assignment = Assignment.new
  end

  # GET /assignments/1/edit
  def edit
  end

  # POST /assignments
  # POST /assignments.json
  def create
    @assignment = Assignment.new(assignment_params)

    check_permissions

    respond_to do |format|
      if @assignment.save
        flash[:success] = 'Assignment was successfully created.'
        format.html { redirect_to @assignment }
        format.json { render :show, status: :created, location: @assignment }
      else
        format.html { render :new }
        format.json { render json: @assignment.errors, status: :unprocessable_entity }
      end
    end
  end

  # PATCH/PUT /assignments/1
  # PATCH/PUT /assignments/1.json
  def update
    respond_to do |format|
      if @assignment.update(assignment_params)
        flash[:success] = 'Assignment was successfully updated.'
        format.html { redirect_to @assignment }
        format.json { render :show, status: :ok, location: @assignment }
      else
        format.html { render :edit }
        format.json { render json: @assignment.errors, status: :unprocessable_entity }
      end
    end
  end

  # DELETE /assignments/1
  # DELETE /assignments/1.json
  def destroy
    @assignment.destroy
    respond_to do |format|
      flash[:success] = 'Assignment was successfully destroyed.'
      format.html { redirect_to assignments_url }
      format.json { head :no_content }
    end
  end

  private
    # Use callbacks to share common setup or constraints between actions.
    def set_assignment
      @assignment = Assignment.find(params[:id])
    end

    # Never trust parameters from the scary internet, only allow the white list through.
    def assignment_params
      allowed = [:name, :description, :due_at]

      # Don't allow moving an assignment to a different course
      allowed += [:course_id] if action_name == 'create'

      params.require(:assignment).permit(*allowed)
    end

    def check_permissions
      redirect_to root_url unless current_user.is_course_teacher?(@assignment.course)
    end
end