class Support::Permission < ApplicationRecord
  enum users: [:none, :read, :write, :manage], _prefix: true
  enum training: [:none, :read, :write, :manage], _prefix: true
  enum communication: [:none, :read, :write, :manage], _prefix: true
  enum sites: [:none, :read, :write, :manage], _prefix: true
  enum financial_aid: [:none, :read, :write, :manage], _prefix: true
  enum login_access: [:none, :read, :write, :manage], _prefix: true

  belongs_to :user

  before_validation :disable_login_access

  validate :login_access_available

  scope :by_login_access, -> { where.not(login_access: :none) }

  def options
    slice(:users, :training, :sites, :communication, :login_access, :financial_aid)
  end

  private
    def login_access_available
      return unless sites_none? && !login_access_none?

      errors.add(:login_access, 'permission needs Sites enabled')
    end

    def disable_login_access
      self.login_access = :none if sites_none?
    end
end