class Settings::EmployeesController < ApplicationController
  load_and_authorize_resource
  before_action :set_employee, only: [:show, :edit, :update, :destroy]


  # GET /employees
  # GET /employees.json
  def index
    @employees = Employee.all
  end

  # GET /employees/1
  # GET /employees/1.json
  def show
  end

  # GET /employees/new
  def new
    @employee = Employee.new
  end

  # GET /employees/1/edit
  def edit
  end

  # POST /employees
  # POST /employees.json
  def create
    @employee = Employee.new(employee_params)

    respond_to do |format|
      if @employee.save
        format.html { redirect_to settings_employees_path, notice: 'Employee was successfully created.' }
      else
        format.html { render :new }
      end
    end
  end

  # PATCH/PUT /employees/1
  # PATCH/PUT /employees/1.json
  def update
    respond_to do |format|
      if @employee.update(employee_params)
        format.html { redirect_to settings_employee_path(@employee), notice: 'Employee was successfully updated.' }
      else
        format.html { render :edit }
      end
    end
  end

  # DELETE /employees/1
  # DELETE /employees/1.json
  def destroy
    @employee.destroy
    flash[:notice] = 'Employee was successfully destroyed.'
    render :json => {:status=> "Success", :url => settings_employees_url }.to_json
    # respond_to do |format|
    #   format.html { redirect_to settings_employees_url, notice: 'Employee was successfully destroyed.' }
    # end
  end

  private
    # Use callbacks to share common setup or constraints between actions.
    def set_employee
      @employee = Employee.find(params[:id])
    end

    # Never trust parameters from the scary internet, only allow the white list through.
    def employee_params
      params.require(:employee).permit(:name, :role, :emp_id, :password, :image_path)
    end
end