# frozen_string_literal: true

class DsnsController < ApplicationController
  before_action :require_authentication
  before_action :set_dsn, only: [:show, :edit, :update, :disable, :enable, :destroy]
  before_action :authorize_dsn_management, except: [:index, :show]

  # GET /dsns
  def index
    @dsns = policy_scope(Dsn).order(created_at: :desc)
  end

  # GET /dsns/new
  def new
    authorize Dsn
    @dsn = Dsn.new
  end

  # POST /dsns
  def create
    authorize Dsn
    @dsn = Dsn.new(dsn_params)

    if @dsn.save
      redirect_to @dsn, notice: 'DSN was successfully created.'
    else
      render :new, status: :unprocessable_entity
    end
  end

  # GET /dsns/:id
  def show
  end

  # GET /dsns/:id/edit
  def edit
  end

  # PATCH/PUT /dsns/:id
  def update
    if @dsn.update(dsn_params)
      redirect_to @dsn, notice: 'DSN was successfully updated.'
    else
      render :edit, status: :unprocessable_entity
    end
  end

  # POST /dsns/:id/disable
  def disable
    @dsn.update!(enabled: false)
    redirect_to @dsn, notice: 'DSN was disabled.'
  end

  # POST /dsns/:id/enable
  def enable
    @dsn.update!(enabled: true)
    redirect_to @dsn, notice: 'DSN was enabled.'
  end

  # DELETE /dsns/:id
  def destroy
    # Only allow deletion of disabled DSNs for safety
    if @dsn.enabled?
      redirect_to @dsn, alert: 'Cannot delete an enabled DSN. Please disable it first.'
      return
    end

    dsn_name = @dsn.name
    @dsn.destroy

    redirect_to dsns_path, notice: "DSN '#{dsn_name}' was successfully deleted."
  end

  private

  def set_dsn
    @dsn = Dsn.find(params[:id])
  end

  def dsn_params
    params.require(:dsn).permit(:name, :enabled)
  end

  def authorize_dsn_management
    # Only allow admins to manage DSNs
    redirect_to root_path, alert: 'Access denied' unless Current.user&.admin?
  end
end