saucy/app/controllers/members_controller.rb

class MembersController < ApplicationController
  before_action :require_login
  before_action :set_member, only: %i[ show edit update delete destroy ]
  helper_method :sort_params

  include MemberFilter

  # GET /members
  def index
    @members = filtered_members
  end

  # GET /members/1
  def show
  end

  # GET /members/new
  def new
    @member = Member.new(get_params)
  end

  # GET /members/1/edit
  def edit
  end

  # POST /members
  def create
    @member = Member.new(member_params.merge(number: (Member.maximum(:number) || 0) + 1))

    if @member.save
      @member.generate_missing_ifthenpay_links!
      @member.reset_status!
      NotificationMailer.with(member: @member).registration.deliver_now!

      redirect_to @member, notice: "Member was successfully created."
    else
      render :new, status: :unprocessable_entity
    end
  end

  # PATCH/PUT /members/1
  def update
    if @member.update(member_params)
      @member.reload.reset_status!
      redirect_to @member, notice: "Member was successfully updated."
    else
      render :edit, status: :unprocessable_entity
    end
  end

  # GET /members/1/delete
  def delete
  end

  # DELETE /members/1
  def destroy
    @member.remove_personal_information!

    redirect_to members_path, notice: "Member personal data permanently removed."
  end

  private
    # Use callbacks to share common setup or constraints between actions.
    def set_member
      @member = Member.find(params[:id])
    end

    # Only allow a list of trusted parameters through.
    def member_params
      params.fetch(:member, {}).permit(:display_name, :legal_name, :pronouns, :email, :identification_number, :category, :address, :joined_on, :expires_on, :wants_mailing_list, :prefers_postal)
    end

    def get_params
      params.permit(:display_name, :legal_name, :pronouns, :email, :identification_number, :category, :address, :joined_on, :expires_on, :wants_mailing_list, :prefers_postal)
    end
end