# Allow the user to reply to another message.
def reply
- message = Message.find(params[:message_id], :conditions => ["to_user_id = ? or from_user_id = ?", @user.id, @user.id ])
- @body = "On #{message.sent_on} #{message.sender.display_name} wrote:\n\n#{message.body.gsub(/^/, '> ')}"
- @title = @subject = "Re: #{message.title.sub(/^Re:\s*/, '')}"
- @to_user = User.find(message.from_user_id)
- render :action => 'new'
+ message = Message.find(params[:message_id])
+
+ if message.to_user_id == @user.id then
+ @body = "On #{message.sent_on} #{message.sender.display_name} wrote:\n\n#{message.body.gsub(/^/, '> ')}"
+ @title = @subject = "Re: #{message.title.sub(/^Re:\s*/, '')}"
+ @to_user = User.find(message.from_user_id)
+
+ render :action => 'new'
+ else
+ flash[:notice] = t 'message.reply.wrong_user', :user => @user.display_name
+ redirect_to :controller => "user", :action => "login", :referer => request.request_uri
+ end
rescue ActiveRecord::RecordNotFound
- @title = t'message.no_such_user.title'
- render :action => 'no_such_user', :status => :not_found
+ @title = t'message.no_such_message.title'
+ render :action => 'no_such_message', :status => :not_found
end
# Show a message
def read
@title = t 'message.read.title'
- @message = Message.find(params[:message_id], :conditions => ["to_user_id = ? or from_user_id = ?", @user.id, @user.id ])
- @message.message_read = true if @message.to_user_id == @user.id
- @message.save
+ @message = Message.find(params[:message_id])
+
+ if @message.to_user_id == @user.id or @message.from_user_id == @user.id then
+ @message.message_read = true if @message.to_user_id == @user.id
+ @message.save
+ else
+ flash[:notice] = t 'message.read.wrong_user', :user => @user.display_name
+ redirect_to :controller => "user", :action => "login", :referer => request.request_uri
+ end
rescue ActiveRecord::RecordNotFound
- @title = t'message.no_such_user.title'
- render :action => 'no_such_user', :status => :not_found
+ @title = t'message.no_such_message.title'
+ render :action => 'no_such_message', :status => :not_found
end
# Display the list of messages that have been sent to the user.
def mark
if params[:message_id]
id = params[:message_id]
- message = Message.find_by_id(id)
+ message = Message.find_by_id(id, :conditions => ["to_user_id = ? or from_user_id = ?", @user.id, @user.id])
if params[:mark] == 'unread'
message_read = false
notice = t 'message.mark.as_unread'
end
end
rescue ActiveRecord::RecordNotFound
- @title = t'message.no_such_user.title'
- render :action => 'no_such_user', :status => :not_found
+ @title = t'message.no_such_message.title'
+ render :action => 'no_such_message', :status => :not_found
end
# Delete the message.
def delete
if params[:message_id]
id = params[:message_id]
- message = Message.find_by_id(id)
+ message = Message.find_by_id(id => ["to_user_id = ? or from_user_id = ?", @user.id, @user.id])
message.from_user_visible = false if message.sender == @user
message.to_user_visible = false if message.recipient == @user
if message.save
end
end
rescue ActiveRecord::RecordNotFound
- @title = t'message.no_such_user.title'
- render :action => 'no_such_user', :status => :not_found
+ @title = t'message.no_such_message.title'
+ render :action => 'no_such_message', :status => :not_found
end
end
message_sent: "Message sent"
limit_exceeded: "You have sent a lot of messages recently. Please wait a while before trying to send any more."
no_such_user:
- title: "No such user or message"
- heading: "No such user or message"
- body: "Sorry there is no user or message with that name or id"
+ title: "No such user"
+ heading: "No such user"
+ body: "Sorry there is no user owith that name."
+ no_such_message:
+ title: "No such message"
+ heading: "No such message"
+ body: "Sorry there is no message with that id."
outbox:
title: "Outbox"
my_inbox: "My {{inbox_link}}"
date: "Date"
no_sent_messages: "You have no sent messages yet. Why not get in touch with some of the {{people_mapping_nearby_link}}?"
people_mapping_nearby: "people mapping nearby"
+ reply:
+ wrong_user: "You are logged in as `{{user}}' but the message you have asked to reply to was not sent to that user. Please login as the correct user in order to reply."
read:
title: "Read message"
reading_your_messages: "Reading your messages"
reading_your_sent_messages: "Reading your sent messages"
to: "To"
back_to_outbox: "Back to outbox"
+ wrong_user: "You are logged in as `{{user}}' but the message you have asked to read to was not sent by or to that user. Please login as the correct user in order to read it."
sent_message_summary:
delete_button: "Delete"
mark:
projects / rails.git / commitdiff