class InvitesController < ApplicationController

  skip_before_filter :check_xhr, :check_restricted_access
  before_filter :ensure_logged_in, only: [:destroy]

  def show
    invite = Invite.where(invite_key: params[:id]).first

    if invite.present?
      user = invite.redeem
      if user.present?
        log_on_user(user)

        # Send a welcome message if required
        user.enqueue_welcome_message('welcome_invite') if user.send_welcome_message

        # We skip the access password if we come in via an invite link
        cookies.permanent['_access'] = SiteSetting.access_password if SiteSetting.access_password.present?

        topic = invite.topics.first
        if topic.present?
          redirect_to "#{Discourse.base_uri}#{topic.relative_url}"
          return
        end
      end
    end

    redirect_to root_path
  end

  def destroy
    requires_parameter(:email)

    invite = Invite.where(invited_by_id: current_user.id, email: params[:email]).first
    raise Discourse::InvalidParameters.new(:email) if invite.blank?
    invite.destroy

    render nothing: true
  end

end