class StudentsController < ApplicationController
  before_action :set_institution
  before_action :set_student, only: %i[ show edit update destroy ]

  # GET /students or /students.json
  def index
    @students = @institution.students
  end

  # GET /students/1 or /students/1.json
  def show
  end

  # GET /students/new
  def new
    @student = @institution.students.build
  end

  # GET /students/1/edit
  def edit
  end

  # POST /students or /students.json
  def create
    @student = @institution.students.build(student_params)
    if @student.save
      redirect_to institution_students_path(@institution), notice: 'Student was successfully created.'
    else
      render :new, status: :unprocessable_entity
    end
  end

  # PATCH/PUT /students/1 or /students/1.json
  def update
    if @student.update(student_params)
      redirect_to institution_students_path(@institution), notice: 'Student was successfully updated.'
    else
      render :edit, status: :unprocessable_entity
    end
  end

  # DELETE /students/1 or /students/1.json
  def destroy
    @student.destroy
    redirect_to institution_students_path(@institution), notice: 'Student was successfully destroyed.'
  end

  private
    # Use callbacks to share common setup or constraints between actions.
    def set_institution
      @institution = Institution.find(params[:institution_id])
    end

    def set_student
      @student = @institution.students.find(params[:id])
    end

    # Only allow a list of trusted parameters through.
    def student_params
      params.require(:student).permit(:first_name, :last_name, :email, :institution_id)
    end
end