class ApiBandsController < ApiController

  before_filter :api_signed_in_user, :except => [:index, :show, :follower_index]
  before_filter :auth_band_member, :only => [:update, 
                :recording_create, :recording_update, :recording_destroy,
                :invitation_index, :invitation_show, :invitation_create, :invitation_destroy]

  respond_to :json

  def index
    @bands = Band.paginate(page: params[:page])
  end

  def show
    @band = Band.find(params[:id])
  end

  def create
    @band = Band.save(params[:id],
                      params[:name],
                      params[:website],
                      params[:biography],
                      params[:city],
                      params[:state],
                      params[:country],
                      params[:genres],
                      current_user.id,
                      params[:photo_url],
                      params[:logo_url])
    
    respond_with @band, responder: ApiResponder, :status => 201, :location => api_band_detail_url(@band)
  end

  def update
    @band = Band.save(params[:id],
                      params[:name],
                      params[:website],
                      params[:biography],
                      params[:city],
                      params[:state],
                      params[:country],
                      params[:genres],
                      current_user.id,
                      params[:photo_url],
                      params[:logo_url])

    respond_with @band, responder: ApiResponder, :status => :ok   
  end

  def musician_index
    unless params[:id].blank?
      @musicians = Band.musician_index(params[:id])

    else
      render :json => { :message => "Band ID is required." }, :status => 400
    end
  end

  def musician_create
  end

  def musician_destroy
    unless params[:id].blank? || params[:user_id].blank?
    end
  end

  ###################### FOLLOWERS ########################
  def liker_index
    # NOTE: liker_index.rabl template references the likers property
    @band = Band.find(params[:id])
  end

  ###################### FOLLOWERS ########################
  def follower_index
    # NOTE: follower_index.rabl template references the followers property
    @band = Band.find(params[:id])
  end

  ###################### RECORDINGS #######################
  def recording_index
    @recordings = Band.recording_index(current_user, params[:id])
    respond_with @recordings, responder: ApiResponder, :status => 200
  end

  def recording_show
    hide_private = false
    band = Band.find(params[:id])

    # hide private Recordings from anyone who's not in the Band
    unless band.users.exists? current_user
      hide_private = true
    end

    @recording = Recording.find(params[:recording_id])
    if !@recording.public && hide_private
      render :json => { :message => "You are not allowed to access this recording." }, :status => 403
      #respond_with "You are not allowed to view this recording.", responder: ApiResponder, :status => 403
    else
      respond_with @recording, responder: ApiResponder, :status => 200
    end
  end

  def recording_create
    @recording = Recording.save(params[:recording_id],
                   params[:public],
                   params[:description],
                   params[:genres],
                   current_user.id,
                   params[:id],
                   true)

    respond_with @recording, responder: ApiResponder, :status => 201, :location => api_band_recording_detail_url(@band, @recording)
  end

  def recording_update
    @recording = Recording.save(params[:recording_id],
                                params[:public],
                                params[:description],
                                params[:genres],
                                current_user.id,
                                params[:id],
                                false)

    respond_with @recording, responder: ApiResponder, :status => 200
  end

  def recording_destroy
    @recording = Recording.find(params[:recording_id])

    unless @recording.nil?
      @recording.delete
      respond_with responder: ApiResponder, :status => 204
    end

    # no recording was found with this ID
    render :json => { :message => ValidationMessages::RECORDING_NOT_FOUND }, :status => 404 
  end

  ###################### INVITATIONS ######################
  def invitation_index
    @invitations = @band.invitations
    respond_with @invitations, responder: ApiResponder, :status => 200
  end

  def invitation_show
    begin
      @invitation = BandInvitation.find(params[:invitation_id])
      respond_with @invitation, responder: ApiResponder, :status => 200

    rescue ActiveRecord::RecordNotFound
      render :json => { :message => ValidationMessages::BAND_INVITATION_NOT_FOUND }, :status => 404 
    end
  end

  def invitation_create
    @invitation = BandInvitation.save(params[:invitation_id],
                                      params[:id],
                                      params[:user_id],
                                      current_user.id,
                                      params[:accepted])

    respond_with @invitation, responder: ApiResponder, :status => 201, :location => api_band_invitation_detail_url(@band, @invitation)
  end


  def invitation_destroy
    begin
      @invitation = BandInvitation.find(params[:invitation_id])
      @invitation.delete
      respond_with responder: ApiResponder, :status => 204

    rescue ActiveRecord::RecordNotFound
      render :json => { :message => ValidationMessages::BAND_INVITATION_NOT_FOUND }, :status => 404 
    end
  end

  #############################################################################
  protected
    # ensures user is a member of the band
    def auth_band_member
      @band = Band.find(params[:id])
      unless @band.users.exists? current_user
        raise PermissionError, ValidationMessages::PERMISSION_VALIDATION_ERROR
      end
    end
end