class AccountLocksController < ApplicationController
  before_action :set_account

  def create
    authorize :account_lock, :create?
    @account.update(locked: true)
    redirect_to admin_accounts_path, notice: 'Account locked'
  end

  def destroy
    authorize :account_lock, :destroy?
    @account.update(locked: false)
    redirect_to admin_accounts_path, notice: 'Account unlocked'
  end

  private

  def set_account
    if params[:id].present?
      @account = Account.find(params[:id])
    else
      failure_redirect
    end
  rescue ActiveRecord::RecordNotFound
    failure_redirect
  end

  def failure_redirect
    redirect_to admin_accounts_path, alert: 'Failed to find the account'
  end
end