MessagesController

1. class MessagesController < ApplicationController
2.   before_action :authenticate_role
3.   before_action :set_message, except: %i(index create)
4.   before_action :set_sender, except: :index
5.   # before_action :set_receiverable, only: :create
6.   before_action :autorize_action, only: %i(update destroy)
7.  
8.   def index
9.     messages = Message.where(status: params[:status]).recent if params[:status]&.in?(Message::statuses.keys)
10.     messages ||= Message.recent
11.  
12.     render json: messages
13.   end
14.  
15.   def create
16.     # return if params[:receiverable].blank? || !params[:receiverable].is_a?(Array) || params[:receiverable].any?(Hash)
17.     # receiverables = @sender.find_by_resource_id_and_resource_type(params[:receiverable_id], params[:receiverable_type])
18.     if params[:message][:receiverable_type].blank? || params[:message][:receiverable_id].blank?
19.       return
20.     else
21.       receiverable_type = params[:message][:receiverable_type]
22.       receiverable_id = params[:message][:receiverable_id]
23.     end
24.  
25.     receiverables = receiverable_type.classify.constantize.where(id: receiverable_id)
26.     create_errors = []
27.     receiverables.each do |receiver|
28.       message = @sender.sended_messages.build(message_params)
29.       message.receiverable = receiver
30.  
31.       unless message.save
32.         create_errors << { message: "An error occurred: #{message.errors.full_messages.join('; ')}" }
33.       end
34.     end
35.  
36.     render json: { errors: create_errors }, status: 422 if create_errors.any?
37.   end
38.  
39.  
40.   def update
41.     if @message.update(message_params)
42.       render json: @message, status: :ok
43.     else
44.       render json: { message: "An error occurred: #{@message.errors.full_messages.join('; ')}" }, status: 422
45.     end
46.   end
47.  
48.   def destroy
49.     @message.destroy
50.     render json: { status: :ok }
51.   end
52.  
53.   private
54.  
55.   def authenticate_role
56.     current_admin || current_customer || current_respondent
57.   end
58.  
59.   def set_message
60.     @message = Message.find_by_id(params[:id])
61.   end
62.  
63.   def set_sender
64.     @sender = current_admin || current_customer || current_respondent
65.     p "@sender: #{@sender}"
66.   end
67.  
68.   def message_params
69.     params.require(:message).permit(:receiverable_id,
70.                                     :receiverable_type,
71.                                     :status,
72.                                     :subject,
73.                                     :text)
74.   end
75.  
76.   def autorize_action
77.     unless current_customer == @message.senderable || current_respondent == @message.senderable || current_admin # admin_signed_in?
78.       return render json: { error: 'An unauthorized!' }, status: 401
79.     end
80.   end
81. end
82.