class NotesController < ApplicationController
  before_action :set_releasable
  before_action :set_note, except: :index

  def index
    @notes = policy_scope(@releasable.notes)
  end

  def new
  end

  def create
    @note.attributes = note_params_with_user
    @note.save
  end

  private

  def releasable_param
    @releasable_param ||= ReleasableParam.new(params.to_unsafe_h)
  end

  def set_releasable
    @releasable = policy_scope(releasable_param.type).find(releasable_param.id)
  end

  def set_note
    @note = authorize @releasable.notes.build
  end

  def note_params_with_user
    note_params.merge(user: current_user, email: current_user.email)
  end

  def note_params
    params.require(:note).permit(:content)
  end
end