diff --git a/app/controllers/messages_controller.rb b/app/controllers/messages_controller.rb
index 54850d403..cf3995b2b 100644
--- a/app/controllers/messages_controller.rb
+++ b/app/controllers/messages_controller.rb
@@ -110,7 +110,7 @@ class MessagesController < ApplicationController
# Destroy the message.
def destroy
- @message = Message.where("to_user_id = ? OR from_user_id = ?", current_user.id, current_user.id).find(params[:message_id])
+ @message = Message.where("to_user_id = ? OR from_user_id = ?", current_user.id, current_user.id).find(params[:id])
@message.from_user_visible = false if @message.sender == current_user
@message.to_user_visible = false if @message.recipient == current_user
if @message.save && !request.xhr?
diff --git a/app/views/messages/_message_summary.html.erb b/app/views/messages/_message_summary.html.erb
index 1e4cd8934..b31b5c526 100644
--- a/app/views/messages/_message_summary.html.erb
+++ b/app/views/messages/_message_summary.html.erb
@@ -4,5 +4,5 @@
| <%= l message_summary.sent_on, :format => :friendly %> |
<%= button_to t('.unread_button'), mark_message_path(message_summary, :mark => 'unread'), { :remote => true } %> |
<%= button_to t('.read_button'), mark_message_path(message_summary, :mark => 'read'), { :remote => true } %> |
- <%= button_to t('.destroy_button'), destroy_message_path(message_summary, :referer => request.fullpath), { :remote => true } %> |
+ <%= button_to t('.destroy_button'), message_path(message_summary, :referer => request.fullpath), { :method => :delete, :remote => true } %> |
diff --git a/app/views/messages/_sent_message_summary.html.erb b/app/views/messages/_sent_message_summary.html.erb
index a9346fb5e..028ab135b 100644
--- a/app/views/messages/_sent_message_summary.html.erb
+++ b/app/views/messages/_sent_message_summary.html.erb
@@ -2,5 +2,5 @@
<%= link_to h(sent_message_summary.recipient.display_name), user_path(sent_message_summary.recipient) %> |
<%= link_to h(sent_message_summary.title), message_path(sent_message_summary) %> |
<%= l sent_message_summary.sent_on, :format => :friendly %> |
- <%= button_to t('.destroy_button'), destroy_message_path(sent_message_summary, :referer => request.fullpath), { :remote => true } %> |
+ <%= button_to t('.destroy_button'), message_path(sent_message_summary, :referer => request.fullpath), { :method => :delete, :remote => true } %> |
diff --git a/app/views/messages/show.html.erb b/app/views/messages/show.html.erb
index 934cfb99a..90744466b 100644
--- a/app/views/messages/show.html.erb
+++ b/app/views/messages/show.html.erb
@@ -16,7 +16,7 @@
<%= button_to t('.reply_button'), reply_message_path(@message), :class => 'reply-button' %>
<%= button_to t('.unread_button'), mark_message_path(@message, :mark => 'unread'), :class => 'mark-unread-button' %>
- <%= button_to t('.destroy_button'), destroy_message_path(@message), :class => 'destroy-button' %>
+ <%= button_to t('.destroy_button'), message_path(@message), :method => 'delete', :class => 'destroy-button' %>
<% else %>
diff --git a/config/routes.rb b/config/routes.rb
index 286a53274..db6b9989a 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -264,7 +264,7 @@ OpenStreetMap::Application.routes.draw do
get "/export/embed" => "export#embed"
# messages
- resources :messages, :only => [:create, :show] do
+ resources :messages, :only => [:create, :show, :destroy] do
collection do
get :inbox
get :outbox
@@ -276,7 +276,6 @@ OpenStreetMap::Application.routes.draw do
get "/message/read/:message_id", :to => redirect(:path => "/messages/%{message_id}")
post "/message/mark/:message_id" => "messages#mark", :as => "mark_message"
match "/message/reply/:message_id" => "messages#reply", :via => [:get, :post], :as => "reply_message"
- post "/message/delete/:message_id" => "messages#destroy", :as => "destroy_message"
# oauth admin pages (i.e: for setting up new clients, etc...)
scope "/user/:display_name" do
diff --git a/test/controllers/messages_controller_test.rb b/test/controllers/messages_controller_test.rb
index c5a117bcc..a5043a3f3 100644
--- a/test/controllers/messages_controller_test.rb
+++ b/test/controllers/messages_controller_test.rb
@@ -37,8 +37,8 @@ class MessagesControllerTest < ActionController::TestCase
{ :controller => "messages", :action => "reply", :message_id => "1" }
)
assert_routing(
- { :path => "/message/delete/1", :method => :post },
- { :controller => "messages", :action => "destroy", :message_id => "1" }
+ { :path => "/messages/1", :method => :delete },
+ { :controller => "messages", :action => "destroy", :id => "1" }
)
end
@@ -429,14 +429,14 @@ class MessagesControllerTest < ActionController::TestCase
sent_message = create(:message, :unread, :recipient => second_user, :sender => user)
# Check that destroying a message requires us to login
- post :destroy, :params => { :message_id => read_message.id }
+ delete :destroy, :params => { :id => read_message.id }
assert_response :forbidden
# Login as a user with no messages
session[:user] = other_user.id
# Check that destroying a message we didn't send or receive fails
- post :destroy, :params => { :message_id => read_message.id }
+ delete :destroy, :params => { :id => read_message.id }
assert_response :not_found
assert_template "no_such_message"
@@ -444,7 +444,7 @@ class MessagesControllerTest < ActionController::TestCase
session[:user] = user.id
# Check that the destroy a received message works
- post :destroy, :params => { :message_id => read_message.id }
+ delete :destroy, :params => { :id => read_message.id }
assert_redirected_to inbox_messages_path
assert_equal "Message deleted", flash[:notice]
m = Message.find(read_message.id)
@@ -452,7 +452,7 @@ class MessagesControllerTest < ActionController::TestCase
assert_equal false, m.to_user_visible
# Check that the destroying a sent message works
- post :destroy, :params => { :message_id => sent_message.id, :referer => outbox_messages_path }
+ delete :destroy, :params => { :id => sent_message.id, :referer => outbox_messages_path }
assert_redirected_to outbox_messages_path
assert_equal "Message deleted", flash[:notice]
m = Message.find(sent_message.id)
@@ -465,7 +465,7 @@ class MessagesControllerTest < ActionController::TestCase
end
# Asking to destroy a message with a bogus ID should fail
- post :destroy, :params => { :message_id => 99999 }
+ delete :destroy, :params => { :id => 99999 }
assert_response :not_found
assert_template "no_such_message"
end