class OrbitMemberController < ApplicationController
  include OrbitBackendHelper

  before_action :authenticate_user, :check_aceess_rights, :set_module_app
  layout "member"

  def check_aceess_rights
  	@user_has_privileges = false
    if (current_user.is_admin? rescue false)
  		@user_has_privileges = true
  	else
  		visited_user = MemberProfile.find_by(:uid => params[:id].split("-").last).user.id rescue nil
      visited_user = MemberProfile.find_by(:uid => params[:member_id].split("-").last).user.id  if visited_user.nil? rescue nil
  		visited_user = MemberProfile.find_by(:uid => params[:uid]).user.id if visited_user.nil? rescue nil
  		visited_user = MemberProfile.find(params[:member_profile_id]).user.id if visited_user.nil? rescue nil
	  	if (current_user.id == visited_user rescue false)
	  		@user_has_privileges = true
	  	elsif visited_user == nil  && (params[:action] == "create" || params[:action] == "update")
	  		@user_has_privileges = true
      else
        @user_has_privileges = false
	  	end
	 end
  end

  def set_module_app
  	@module_app = ModuleApp.find_by_key("member")
  end

  def allow_admin_only
    if !current_user.is_admin?
      render_401
    end
  end
end