1 class MessagesController < ApplicationController
6 before_action :authorize_web
7 before_action :set_locale
11 before_action :lookup_user, :only => [:new, :create]
12 before_action :check_database_readable
13 before_action :check_database_writable, :only => [:new, :create, :reply, :mark, :destroy]
14 before_action :allow_thirdparty_images, :only => [:new, :create, :show]
19 @message = Message.find(params[:id])
21 if @message.recipient == current_user || @message.sender == current_user
22 @message.message_read = true if @message.recipient == current_user
25 flash[:notice] = t ".wrong_user", :user => current_user.display_name
26 redirect_to login_path(:referer => request.fullpath)
28 rescue ActiveRecord::RecordNotFound
29 @title = t "messages.no_such_message.title"
30 render :action => "no_such_message", :status => :not_found
33 # Allow the user to write a new message to another user.
35 @message = Message.new(message_params.merge(:recipient => @user))
40 @message = Message.new(message_params)
41 @message.recipient = @user
42 @message.sender = current_user
43 @message.sent_on = Time.now.utc
45 if current_user.sent_messages.where(:sent_on => Time.now.utc - 1.hour..).count >= current_user.max_messages_per_hour
46 flash.now[:error] = t ".limit_exceeded"
47 render :action => "new"
49 flash[:notice] = t ".message_sent"
50 UserMailer.message_notification(@message).deliver_later if @message.notify_recipient?
51 redirect_to :action => :inbox
53 @title = t "messages.new.title"
54 render :action => "new"
58 # Destroy the message.
60 @message = Message.where(:recipient => current_user).or(Message.where(:sender => current_user.id)).find(params[:id])
61 @message.from_user_visible = false if @message.sender == current_user
62 @message.to_user_visible = false if @message.recipient == current_user
64 flash[:notice] = t ".destroyed"
66 referer = safe_referer(params[:referer]) if params[:referer]
68 redirect_to referer || { :action => :inbox }, :status => :see_other
70 rescue ActiveRecord::RecordNotFound
71 @title = t "messages.no_such_message.title"
72 render :action => "no_such_message", :status => :not_found
75 # Allow the user to reply to another message.
77 message = Message.find(params[:message_id])
79 if message.recipient == current_user
80 message.update(:message_read => true)
82 @message = Message.new(
83 :recipient => message.sender,
84 :title => "Re: #{message.title.sub(/^Re:\s*/, '')}",
85 :body => "On #{message.sent_on} #{message.sender.display_name} wrote:\n\n#{message.body.gsub(/^/, '> ')}"
88 @title = @message.title
90 render :action => "new"
92 flash[:notice] = t ".wrong_user", :user => current_user.display_name
93 redirect_to login_path(:referer => request.fullpath)
95 rescue ActiveRecord::RecordNotFound
96 @title = t "messages.no_such_message.title"
97 render :action => "no_such_message", :status => :not_found
100 # Display the list of messages that have been sent to the user.
105 # Display the list of messages that the user has sent to other users.
110 # Display the list of muted messages received by the user.
114 redirect_to inbox_messages_path if current_user.muted_messages.none?
117 # Set the message as being read or unread.
119 @message = Message.where(:recipient => current_user).or(Message.where(:sender => current_user)).find(params[:message_id])
120 if params[:mark] == "unread"
122 notice = t ".as_unread"
125 notice = t ".as_read"
127 @message.message_read = message_read
129 flash[:notice] = notice
130 redirect_to inbox_messages_path, :status => :see_other
132 rescue ActiveRecord::RecordNotFound
133 @title = t "messages.no_such_message.title"
134 render :action => "no_such_message", :status => :not_found
137 # Moves message into Inbox by unsetting the muted-flag
139 message = current_user.muted_messages.find(params[:message_id])
142 flash[:notice] = t(".notice")
144 flash[:error] = t(".error")
147 if current_user.muted_messages.none?
148 redirect_to inbox_messages_path
150 redirect_to muted_messages_path
157 # return permitted message parameters
159 params.require(:message).permit(:title, :body)
160 rescue ActionController::ParameterMissing
161 ActionController::Parameters.new.permit(:title, :body)