class Support::UserController < Support::ApplicationController
  skip_before_action :require_permissions!
  after_action :refresh_token, only: :show

  def show
    render_success :ok, json: user_props
  end

  def update
    validate_current_password if params[:current_password].present?
    if current_user.update(user_params)
      render_success :ok, json: user_props
    else
      render_error :unprocessable_entity, errors: current_user
    end
  end

  private
    def user_params
      params.permit(:password, :password_confirmation, :freshdesk_api_key)
    end

    def validate_current_password
      return if current_user.authenticate(params[:current_password])

      current_user.add_custom_error(:current_password, 'does not match')
    end

    def user_props
      {
        id: current_user.id,
        first_name: current_user.first_name,
        last_name: current_user.last_name,
        permissions: curret_user_permissions.options,
        freshdesk_api_key: current_user.freshdesk_api_key,
        password_changed_at: current_user.password_changed_at
      }
    end
end