class Admin::Controller < ApplicationController
  before_action :require_admin!

  private
    def require_admin!
      return if area.nil? || current_user.superuser? || current_user.has_permission?(area, permissions)

      render_error :forbidden, errors: 'Permission Required'
    end

    def permissions
      if [:index, :show].include?(action_name.to_sym)
        ['read', 'write', 'manage']
      else
        ['write', 'manage']
      end
    end

    def area
      nil
    end

    def current_employee
      current_school.employees.find(current_user.id)
    end
end