class SettingsController < AdminBaseController

	def index
		if not current_user.allowed?(:system_config)
      redirect_to "/admin", alert: "你没有权限进入此页面!" and return
		end

		@roles = Role.all
		@role = Role.new
	end

	def update
		if params[:able_register]
			Setting.able_register = true
		else
			Setting.able_register = false
		end
		redirect_to "/settings"
	end

	def new_role
		if not current_user.allowed?(:manage_permissions)
      redirect_to "/admin", alert: "你没有权限进入此页面!" and return
		end

		@role = Role.new
	end

	def create_role
		if not current_user.allowed?(:manage_permissions)
      redirect_to "/admin", alert: "你没有权限进入此页面!" and return
		end

		@role = Role.new params[:role].permit(:name)
		if @role.save
			redirect_to "/settings", notice: "Role created" and return
		else
			render 'create_role'
		end
	end

	def destroy_role
		if not current_user.allowed?(:manage_permissions)
      redirect_to "/admin", alert: "你没有权限进入此页面!" and return
		end

		@role = Role.find params[:role_id]

		User.transaction do
			User.where(role_id: @role.id).update_all(role_id: 0)
			@role.destroy
		end
		redirect_to "/settings"
	end

	def toggle_role_permission
		if not current_user.allowed?(:manage_permissions)
      redirect_to "/admin", alert: "你没有权限进入此页面!" and return
		end

		@role = Role.find params[:role_id]
		if params[:t] == 'true'
			if !@role.permissions.include?(params[:permission])
				@role.permissions << params[:permission]
				if @role.save
					puts "ok"
				end
			end
		elsif params[:t] == 'false'
			if @role.permissions.include?(params[:permission])
				@role.permissions.delete(params[:permission])
				if @role.save
					puts "ok"
				end
			end
		end
	end
end