class V1::CollectionsController < ApplicationController
  include ::FollowableController

  before_action :set_collection, only: [:show, :update, :destroy]
  before_action :authenticate_user!, only: [:create, :update, :destroy]

  # GET /v1/users
  # GET /v1/users.json
  def index
    render json: Collection.all
  end

  # GET /v1/users/1
  # GET /v1/users/1.json
  def show
    render json: @user
  end

  # POST /v1/users
  # POST /v1/users.json
  def create
    user = User.new(user_params)

    if user.save
      render json: user, status: :created
    else
      render json: user.errors, status: :unprocessable_entity
    end

  end

  # PUT/PATCH /v1/users/1
  # PUT/PATCH /v1/users/1.json
  def update
    if @user.update(user_params)
      render json: @user, status: :ok
    else
      render json: @user.errors, status: :unprocessable_entity
    end
  end

  # DELETE /v1/users/1
  # DELETE /v1/users/1.json
  def destroy
    if current_user == @user
      render nothing: true, status: :forbidden
    else
      @user.destroy
      render nothing: true, status: :ok
    end
  end

  private

  def set_followable
    @followable = set_collection
  end

  def set_collection
    @collection = User.find(params[:id])
  end

  # Never trust parameters from the scary internet, only allow the white list through.
  def collection_params
    params.require(:collection).permit(:name, :description, :owner, learning_objects_ids: [])
  end

end