# frozen_string_literal: true

module Api
  # CardsController
  # Or, the payment method's controller.
  class CardsController < AuthenticatedController
    def index
      @cards = current_user_account.cards

      render json: serialized_collection.serializable_hash, status: :ok
    end

    def create
      @card = current_user_account.cards.new(permitted_params)

      if @card.save
        render json: serialized_object.serializable_hash, status: :ok
      else
        render json: { errors: @card.errors.as_json }, status: :unprocessable_entity
      end
    end

    def update
      @card = Card.find_by(id: params[:id])

      render status: :not_found and return if @card.nil?

      if @card.update(permitted_params)
        render json: serialized_object.serializable_hash, status: :ok
      else
        render json: { errors: @card.errors.as_json }, status: :unprocessable_entity
      end
    end

    def destroy
      @card = Card.find_by(id: params[:id])

      render status: :not_found and return if @card.nil?

      @card.destroy

      render status: :no_content
    end

    private

    def serialized_collection
      CardSerializer.new(@cards)
    end

    def serialized_object
      CardSerializer.new(@card)
    end

    def permitted_params
      params.permit(:number, :expiration_year, :expiration_month, :expiration_day, :security_code)
    end
  end
end