class NeopetsConnectionsController < ApplicationController
  def create
    connection = authorized_user.neopets_connections.build
    connection.neopets_username = params[:neopets_connection][:neopets_username]
    if connection.save
      render text: 'success'
    else
      render text: 'failure'
    end
  end

  def destroy
    connection = authorized_user.neopets_connections.find_by_neopets_username(params[:id])
    if connection
      if connection.destroy
        render text: 'success'
      else
        render text: 'failure'
      end
    else
      render text: 'not found'
    end
  end

  def authorized_user
    if user_signed_in? && current_user.id == params[:user_id].to_i
      current_user
    else
      raise AccessDenied
    end
  end
end