module Carto
  module Api
    class MultifactorAuthenticationController < ::Api::ApplicationController
      include Carto::ControllerHelper
      extend  Carto::DefaultRescueFroms
      include OrganizationUsersHelper

      ssl_required

      before_action :load_organization
      before_action :admins_only
      before_action :load_user
      before_action :create_service
      before_action :ensure_edit_permissions

      setup_default_rescues

      def show
        render_jsonp({ mfa_required: @service.exists?(type: base_params[:type]) }, 200)
      end

      def create
        if @service.exists?(type: base_params[:type])
          raise Carto::UnprocesableEntityError.new('Multi-factor authentication already exists')
        end

        @service.update(enabled: true, type: base_params[:type])
        render_jsonp({ success: true }, 201)
      end

      def destroy
        unless @service.exists?(type: base_params[:type])
          raise Carto::UnprocesableEntityError.new('Multi-factor authentication does not exist')
        end

        @service.update(enabled: false, type: base_params[:type])
        render_jsonp({ success: true }, 204)
      end

      private

      def base_params
        @base_params ||= params.permit([:type])
      end

      def create_service
        @service = Carto::UserMultifactorAuthUpdateService.new(user_id: @user.id)
      end
    end
  end
end