class MaterielsController < AdminBaseController
  before_action :set_materiel, only: [:show, :edit, :update, :destroy]

  # GET /materiels
  # GET /materiels.json
  def index
    if not current_user.allowed?(:view_materiels)
      redirect_to "/admin", alert: "你没有权限进入此页面!" and return
    end

    @q = Materiel.ransack(params[:q])
    @q.sorts = "id DESC" if @q.sorts.empty?
    @materiels = @q.result.page(params[:page])
  end

  # GET /materiels/1
  # GET /materiels/1.json
  def show
  end

  # GET /materiels/new
  def new
    if not current_user.allowed?(:create_materiels)
      redirect_to "/admin", alert: "你没有权限进入此页面!" and return
    end

    @materiel = Materiel.new
  end

  # GET /materiels/1/edit
  def edit
    if not current_user.allowed?(:edit_materiels)
      redirect_to "/admin", alert: "你没有权限进入此页面!" and return
    end

  end

  # POST /materiels
  # POST /materiels.json
  def create
    if not current_user.allowed?(:create_materiels)
      redirect_to "/admin", alert: "你没有权限进入此页面!" and return
    end

    @materiel = Materiel.new(materiel_params)
    @materiel.created_by = current_user.true_name

    respond_to do |format|
      if @materiel.save
        format.html { redirect_to @materiel, notice: "Materiel was successfully created." }
        format.json { render :show, status: :created, location: @materiel }
      else
        format.html { render :new }
        format.json { render json: @materiel.errors, status: :unprocessable_entity }
      end
    end
  end

  # PATCH/PUT /materiels/1
  # PATCH/PUT /materiels/1.json
  def update
    if not current_user.allowed?(:edit_materiels)
      redirect_to "/admin", alert: "你没有权限进入此页面!" and return
    end

    respond_to do |format|
      if @materiel.update(materiel_params)
        format.html { redirect_to @materiel, notice: "Materiel was successfully updated." }
        format.json { render :show, status: :ok, location: @materiel }
      else
        format.html { render :edit }
        format.json { render json: @materiel.errors, status: :unprocessable_entity }
      end
    end
  end

  # DELETE /materiels/1
  # DELETE /materiels/1.json
  def destroy
    @materiel.destroy
    respond_to do |format|
      format.html { redirect_to materiels_url, notice: "Materiel was successfully destroyed." }
      format.json { head :no_content }
    end
  end

  private

  # Use callbacks to share common setup or constraints between actions.
  def set_materiel
    @materiel = Materiel.find(params[:id])
  end

  # Only allow a list of trusted parameters through.
  def materiel_params
    params.require(:materiel).permit(:sn, :name, :spec)
  end
end