Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- class MessagesController < ApplicationController
- before_action :set_message, except: %i(index create)
- before_action :set_sender, except: :index
- # before_action :set_receiverable, only: :create
- before_action :autorize_action, only: %i(update destroy)
- before_action :authenticate_role, only: %i(create update)
- def index
- messages = Message.where(status: params[:status]).recent if params[:status]&.in?(Message::statuses.keys)
- messages ||= Message.recent
- render json: messages
- end
- def create
- p "params[:message][:receiverable]: #{params[:message][:receiverable]}"
- invalidate(params[:message][:receiverable])
- receiverables = []
- params[:message][:receiverable].each do |object|
- klass = object.keys.join.to_s.remove('_id').classify.constantize
- id = object.values.join.to_i
- receiverables << klass.find(id)
- end
- create_errors = []
- receiverables.each do |receiver|
- message = @sender.sended_messages.build(message_params)
- message.receiverable = receiver
- unless message.save
- create_errors << { message: "An error occurred: #{message.errors.full_messages.join('; ')}" }
- end
- end
- render json: { errors: create_errors }, status: 422 if create_errors.any?
- end
- def update
- if @message.update(message_params)
- render json: @message, status: :ok
- else
- render json: { message: "An error occurred: #{@message.errors.full_messages.join('; ')}" }, status: 422
- end
- end
- def destroy
- @message.destroy
- render json: { status: :ok }
- end
- private
- def authenticate_role
- # authenticate_customer! || authenticate_respondent! || authenticate_admin!
- current_admin || current_customer || current_respondent
- end
- def set_message
- @message = Message.find_by_id(params[:id])
- end
- def set_sender
- @sender = current_admin || current_customer || current_respondent
- p "@sender: #{@sender}"
- end
- def message_params
- params.require(:message).permit(:customer_id,
- :admin_id,
- :respondent_id,
- :receiverable_id,
- :receiverable_type,
- :status,
- :subject,
- :text)
- end
- def autorize_action
- unless current_customer == @message.senderable || current_respondent == @message.senderable || current_admin # admin_signed_in?
- return render json: { error: 'An unauthorized!' }, status: 401
- end
- end
- def invalidate(params)
- errors = []
- errors << 'invalid type params' if params.blank? || !params.is_a?(Array) # || !params.all?(Hash)
- params.each do |entry|
- errors << "Incorrect params object: #{entry}" unless entry.keys.join.in?(['customer_id', 'respondent_id', 'admin_id'])
- end
- return render json: { error: errors }, status: 422 if errors.any?
- end
- end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement