0db47f3f76
as discussed in [Issue #4509](https://wiki.openstreetmap.org/w/index.php?title=Messaging_API_proposal) and documented in [Messaging API reference](https://wiki.openstreetmap.org/w/index.php?title=Messaging_API_proposal)
149 lines
4.7 KiB
Ruby
149 lines
4.7 KiB
Ruby
# The MessagesController is the RESTful interface to Message objects
|
|
|
|
module Api
|
|
class MessagesController < ApiController
|
|
before_action :authorize
|
|
|
|
before_action :check_api_writable, :only => [:create, :update, :destroy]
|
|
before_action :check_api_readable, :except => [:create, :update, :destroy]
|
|
|
|
authorize_resource
|
|
|
|
around_action :api_call_handle_error, :api_call_timeout
|
|
|
|
before_action :set_request_formats
|
|
|
|
def inbox
|
|
@skip_body = true
|
|
@messages = Message.includes(:sender, :recipient).where(:to_user_id => current_user.id)
|
|
|
|
show_messages
|
|
end
|
|
|
|
def outbox
|
|
@skip_body = true
|
|
@messages = Message.includes(:sender, :recipient).where(:from_user_id => current_user.id)
|
|
|
|
show_messages
|
|
end
|
|
|
|
# Dump the details on a message given in params[:id]
|
|
def show
|
|
@message = Message.includes(:sender, :recipient).find(params[:id])
|
|
|
|
raise OSM::APIAccessDenied if current_user.id != @message.from_user_id && current_user.id != @message.to_user_id
|
|
|
|
# Render the result
|
|
respond_to do |format|
|
|
format.xml
|
|
format.json
|
|
end
|
|
end
|
|
|
|
# Create a new message from current user
|
|
def create
|
|
# Check the arguments are sane
|
|
raise OSM::APIBadUserInput, "No title was given" if params[:title].blank?
|
|
raise OSM::APIBadUserInput, "No body was given" if params[:body].blank?
|
|
|
|
# Extract the arguments
|
|
if params[:recipient_id]
|
|
recipient_id = params[:recipient_id].to_i
|
|
recipient = User.find(recipient_id)
|
|
elsif params[:recipient]
|
|
recipient_display_name = params[:recipient]
|
|
recipient = User.find_by(:display_name => recipient_display_name)
|
|
else
|
|
raise OSM::APIBadUserInput, "No recipient was given"
|
|
end
|
|
|
|
raise OSM::APIRateLimitExceeded if current_user.sent_messages.where(:sent_on => Time.now.utc - 1.hour..).count >= current_user.max_messages_per_hour
|
|
|
|
@message = Message.new(:sender => current_user,
|
|
:recipient => recipient,
|
|
:sent_on => Time.now.utc,
|
|
:title => params[:title],
|
|
:body => params[:body],
|
|
:body_format => "markdown")
|
|
@message.save!
|
|
|
|
UserMailer.message_notification(@message).deliver_later if @message.notify_recipient?
|
|
|
|
# Return a copy of the new message
|
|
respond_to do |format|
|
|
format.xml { render :action => :show }
|
|
format.json { render :action => :show }
|
|
end
|
|
end
|
|
|
|
# Update read status of a message
|
|
def update
|
|
@message = Message.find(params[:id])
|
|
read_status_idx = %w[true false].index params[:read_status]
|
|
|
|
raise OSM::APIBadUserInput, "Invalid value of `read_status` was given" if read_status_idx.nil?
|
|
raise OSM::APIAccessDenied unless current_user.id == @message.to_user_id
|
|
|
|
@message.message_read = read_status_idx.zero?
|
|
@message.save!
|
|
|
|
# Return a copy of the message
|
|
respond_to do |format|
|
|
format.xml { render :action => :show }
|
|
format.json { render :action => :show }
|
|
end
|
|
end
|
|
|
|
# Delete message by marking it as not visible for the current user
|
|
def destroy
|
|
@message = Message.find(params[:id])
|
|
if current_user.id == @message.from_user_id
|
|
@message.from_user_visible = false
|
|
elsif current_user.id == @message.to_user_id
|
|
@message.to_user_visible = false
|
|
else
|
|
raise OSM::APIAccessDenied
|
|
end
|
|
|
|
@message.save!
|
|
|
|
# Return a copy of the message
|
|
respond_to do |format|
|
|
format.xml { render :action => :show }
|
|
format.json { render :action => :show }
|
|
end
|
|
end
|
|
|
|
private
|
|
|
|
def show_messages
|
|
@messages = @messages.where(:muted => false)
|
|
if params[:order].nil? || params[:order] == "newest"
|
|
@messages = @messages.where(:id => ..params[:from_id]) unless params[:from_id].nil?
|
|
@messages = @messages.order(:id => :desc)
|
|
elsif params[:order] == "oldest"
|
|
@messages = @messages.where(:id => params[:from_id]..) unless params[:from_id].nil?
|
|
@messages = @messages.order(:id => :asc)
|
|
else
|
|
raise OSM::APIBadUserInput, "Invalid order specified"
|
|
end
|
|
|
|
limit = params[:limit]
|
|
if !limit
|
|
limit = Settings.default_message_query_limit
|
|
elsif !limit.to_i.positive? || limit.to_i > Settings.max_message_query_limit
|
|
raise OSM::APIBadUserInput, "Messages limit must be between 1 and #{Settings.max_message_query_limit}"
|
|
else
|
|
limit = limit.to_i
|
|
end
|
|
|
|
@messages = @messages.limit(limit)
|
|
|
|
# Render the result
|
|
respond_to do |format|
|
|
format.xml
|
|
format.json
|
|
end
|
|
end
|
|
end
|
|
end
|