class Admin::UsersController < Admin::BaseController
  
  crudify :user, :order => 'login', :title_attribute => 'login', :conditions => "state = 'active'"
  
  # Protect these actions behind an admin login
  # before_filter :admin_required, :only => [:suspend, :unsuspend, :destroy, :purge]
  before_filter :find_user, :except => [:new, :create]
  before_filter :load_available_plugins, :only => [:new, :create, :edit, :update]
  
  filter_parameter_logging 'password', 'password_confirmation'
  
  layout 'admin'
  
	def new
		@user = User.new
		@selected_plugin_titles = []
	end

  def create
    @user = User.new(params[:user])
		@selected_plugin_titles = params[:user][:plugins] || []
		
    if @user.save
			@user.plugins = @selected_plugin_titles
			@user.register!
      @user.activate!
      flash[:notice] = "'#{@user.login}' was successfully created."
      redirect_to :action => 'index'
    else 
      render :action => 'new'
    end
  end
  
	def edit
		@user = User.find params[:id]
		@selected_plugin_titles = @user.plugins.collect{|p| p.title}
	end

  def update
		@selected_plugin_titles = params[:user][:plugins]
    # Prevent the current user from locking themselves out of the User manager
    if current_user.id == @user.id and !params[:user][:plugins].include?("Users")
      flash.now[:error] = "You cannot remove the 'Users' plugin from the currently logged in account."
      render :action => "edit"
    else
			@previously_selected_plugins_titles = @user.plugins.collect{|p| p.title}
      if @user.update_attributes params[:user]
        flash[:notice] = "'#{@user.login}' was successfully updated."
        redirect_to admin_users_url
      else
				@user.plugins = @previously_selected_plugins_titles
				@user.save
        render :action => 'edit'
      end
    end
  end
  
  def suspend
    @user.suspend! 
    redirect_to admin_users_path
  end

  def unsuspend
    @user.unsuspend! 
    redirect_to admin_users_path
  end

  def destroy
    @user.delete!
		@user.destroy
    flash[:notice] = "'#{@user.login}' was successfully deleted."
    redirect_to admin_users_path
  end

  def purge
    @user.destroy
    redirect_to admin_users_path
  end

protected

  def find_user
    @user = User.find(params[:id])
  end
  
  def can_create_public_user
    User.count == 0
  end
  
  def load_available_plugins
    @available_plugins = Refinery::Plugins.registered.in_menu.titles.sort
  end

end