class UsersController < ApplicationController
  before_action :set_user, only: %i[ destroy edit show update ]

  def index
    authorize :user

    @users = User.all
  end

  def edit
    authorize @user
  end

  def update
    authorize @user

    if @user.update(user_params)
      redirect_to contests_path
    else
      render :edit, status: :unprocessable_entity
    end
  end

  def show
    authorize @user

    redirect_to edit_user_path(@user)
  end

  def new
    authorize :user

    @user = User.new()
  end

  def create
    authorize :user

    @user = User.new(user_params)
    if @user.save
      redirect_to users_path
    else
      render :new, status: :unprocessable_entity
    end
  end

  def destroy
    authorize @user
  end

  private

  def set_user
    @user = User.find(params[:id])
  end

  def user_params
    params.expect(user: [ :username, :email_address, :lang, :password ])
  end
end