module Api
  module V0
    class ThemesController < Api::V0::BaseController
      before_action :authenticate
      
      def extract
        # check if the user has permissions to use the themes API
        @theme = Theme.find_by(:slug => params[:slug])
        
        raise Pundit::NotAuthorizedError unless Api::V0::ThemePolicy.new(@user, @theme).extract?
        @answers = []
        if @theme
          @answers = @theme.answers.where(plan_id: @user.plans.pluck(:id))
          admin_answers = []
          org_answers = []

          if params[:admin_visible].present? && params[:admin_visible]
            admin_answers =  @theme.answers.where(plan_id: @user.org.plans.privately_visible)
          end

          if params[:org_visible].present? && params[:org_visible]
            org_answers =  @theme.answers.where(plan_id: @user.org.plans.organisationally_visible)
          end

          if params[:template_id].present? && params[:template_id]
            @answers =  @answers.where(plan_id: @user.plans.where(template_id: params[:template_id]).pluck(:id))
          end

          if params[:question_id].present? && params[:question_id]
            @answers =  @answers.where(question_id: params[:question_id])
          end

          if params[:start_date].present? && params[:start_date]
            @answers =  @answers.where('answers.created_at >=?', params[:start_date])
          end

          if params[:end_date].present? && params[:end_date]
            @answers =  @answers.where('answers.created_at <=?', params[:end_date])
          end

        else
          render json: _("Theme not found"), status: 404
        end
      end

      def extract_params
        params.permit(:slug, :template_id, :question_id, :start_date, :end_date, :admin_visible, :org_visible)
      end

      def extract_filtering_params
        extract_params.slice(:template_id, :question_id, :start_date, :end_date, :admin_visible, :org_visible)
      end
    end
  end
end