1. class MessagesController < ApplicationController
  2.   before_action :authenticate_role
  3.   before_action :set_message, except: %i(index create)
  4.   before_action :set_sender, except: :index
  5.   # before_action :set_receiverable, only: :create
  6.   before_action :autorize_action, only: %i(update destroy)
  7.  
  8.   def index
  9.     messages = Message.where(status: params[:status]).recent if params[:status]&.in?(Message::statuses.keys)
  10.     messages ||= Message.recent
  11.  
  12.     render json: messages
  13.   end
  14.  
  15.   def create
  16.     # return if params[:receiverable].blank? || !params[:receiverable].is_a?(Array) || params[:receiverable].any?(Hash)
  17.     # receiverables = @sender.find_by_resource_id_and_resource_type(params[:receiverable_id], params[:receiverable_type])
  18.     if params[:message][:receiverable_type].blank? || params[:message][:receiverable_id].blank?
  19.       return
  20.     else
  21.       receiverable_type = params[:message][:receiverable_type]
  22.       receiverable_id = params[:message][:receiverable_id]
  23.     end
  24.  
  25.     receiverables = receiverable_type.classify.constantize.where(id: receiverable_id)
  26.     create_errors = []
  27.     receiverables.each do |receiver|
  28.       message = @sender.sended_messages.build(message_params)
  29.       message.receiverable = receiver
  30.  
  31.       unless message.save
  32.         create_errors << { message: "An error occurred: #{message.errors.full_messages.join('; ')}" }
  33.       end
  34.     end
  35.  
  36.     render json: { errors: create_errors }, status: 422 if create_errors.any?
  37.   end
  38.  
  39.  
  40.   def update
  41.     if @message.update(message_params)
  42.       render json: @message, status: :ok
  43.     else
  44.       render json: { message: "An error occurred: #{@message.errors.full_messages.join('; ')}" }, status: 422
  45.     end
  46.   end
  47.  
  48.   def destroy
  49.     @message.destroy
  50.     render json: { status: :ok }
  51.   end
  52.  
  53.   private
  54.  
  55.   def authenticate_role
  56.     current_admin || current_customer || current_respondent
  57.   end
  58.  
  59.   def set_message
  60.     @message = Message.find_by_id(params[:id])
  61.   end
  62.  
  63.   def set_sender
  64.     @sender = current_admin || current_customer || current_respondent
  65.     p "@sender: #{@sender}"
  66.   end
  67.  
  68.   def message_params
  69.     params.require(:message).permit(:receiverable_id,
  70.                                     :receiverable_type,
  71.                                     :status,
  72.                                     :subject,
  73.                                     :text)
  74.   end
  75.  
  76.   def autorize_action
  77.     unless current_customer == @message.senderable || current_respondent == @message.senderable || current_admin # admin_signed_in?
  78.       return render json: { error: 'An unauthorized!' }, status: 401
  79.     end
  80.   end
  81. end
  82.