before_action :authorize_web
before_action :set_locale
- before_action :require_user
+
+ authorize_resource
+
before_action :lookup_user, :only => [:new, :create]
before_action :check_database_readable
before_action :check_database_writable, :only => [:new, :create, :reply, :mark, :destroy]
render :action => "new"
elsif @message.save
flash[:notice] = t ".message_sent"
- Notifier.message_notification(@message).deliver_now
+ Notifier.message_notification(@message).deliver_later
redirect_to :action => :inbox
else
render :action => "new"
# Destroy the message.
def destroy
- @message = Message.where("to_user_id = ? OR from_user_id = ?", current_user.id, current_user.id).find(params[:message_id])
+ @message = Message.where("to_user_id = ? OR from_user_id = ?", current_user.id, current_user.id).find(params[:id])
@message.from_user_visible = false if @message.sender == current_user
@message.to_user_visible = false if @message.recipient == current_user
if @message.save && !request.xhr?