class UserMembershipsController < ActionController::Base

  def new
    @organization = Organization.find(params[:organization_id])
  end

  def create
    @organization = current_user.current_organization

    with_user do |user|
      build_membership(user, clean_permission, @organization) or build_errors(user, @organization)
    end



    redirect_to organization_url(@organization, :active_tab=>"users") and return
  end

  def destroy
    @organization = Organization.find(params[:organization_id])
    @mship = UserMembership.find(params[:id])
    authorize! :manage, @organization
    @mship.destroy
    redirect_to organization_url(@organization, :active_tab=>"users"), :notice => "#{@mship.user.email} has been removed from #{@organization.name}" and return
  end

  def update
    @organization = Organization.find(params[:organization_id])
    @mship = UserMembership.find(params[:id])
    authorize! :manage, @organization
    
    if(setting_admin_role? && @organization.admin_limit_reached?)
      flash[:error] = "Sorry, you cannot have more than one administrator."
      redirect_to organization_url(@organization, :active_tab=>"users") and return
    end

    @user = @mship.user
    
    #
    # Users cannot change their own permissions
    #
    if (current_user.id != @mship.user_id)
      @mship.set_role!(clean_permission)
    end

    @mship.receive_daily_sales_report = params[:receive_daily_sales_report]
    @mship.receive_donation_notification = params[:receive_donation_notification]
    @mship.receive_door_list = params[:receive_door_list]
    @mship.save

    redirect_to organization_url(@organization, :active_tab=>"users"), :notice => "Great! We saved the changes to #{@mship.user.email}" and return
  end

  private

    def build_membership(user, role, organization)
      membership = UserMembership.find_by_user_id_and_organization_id(user.id, organization.id)
      return false unless membership.nil? and !user.user_memberships.any?

      @membership = organization.user_memberships.build(:user => user, Permission.database_column_for(role) => true)
      @membership.receive_daily_sales_report = params[:receive_daily_sales_report]
      @membership.receive_donation_notification = params[:receive_donation_notification]
      @membership.receive_door_list = params[:receive_door_list]
      if @membership.save
        flash[:notice] = "#{user.email} has been added successfully."
      else
        flash[:error] = "User #{user.email} could not been added."
      end

      return true
    end

    def build_errors(user, organization)
      if user.organizations.first == organization
        flash[:alert] = "#{user.email} is already a member of this organization."
      else
        flash[:error] = "User #{params[:user_email]} is already a member of another organization."
      end
    end

    def with_user(&block)
      flash[:error] = "You must specify an email" and return if params[:user_email].blank?
      user = User.find_by_email(params[:user_email]) || User.invite!({:email => params[:user_email]}, current_user)
      flash[:error] = "Unable to find or invite a user with \"#{params[:user_email]}\"" unless user.valid?
      block.call(user) if user.valid?
    end

    def clean_permission
      Permission.for(params[:permission])
    end

    def setting_admin_role?
      Permission::ORGANIZATION_ADMINISTRATOR == clean_permission
    end

end