class MessagesController < ApplicationController include CompletionsConcern skip_before_action :verify_authenticity_token, only: %i[ create cors_preflight_check ] skip_before_action :require_authentication, only: %i[ create cors_preflight_check ] before_action :cors_set_access_control_headers, only: %i[ create cors_preflight_check ] before_action :set_contest, only: %i[ convert destroy ] before_action :set_data, only: %i[ convert ] def self.local_prefixes super + [ "completions" ] end def cors_set_access_control_headers response.set_header("Access-Control-Allow-Origin", "https://meet.google.com") response.set_header("Access-Control-Allow-Credentials", "true") response.set_header("Access-Control-Allow-Methods", "POST") response.set_header("Access-Control-Allow-Headers", "*") response.set_header("Access-Control-Max-Age", "86400") end def cors_preflight_check skip_authorization end def create skip_authorization begin @contest = Contest.find_by_token_for(:token, params[:token]) @message = Message.new(text: params[:text], author: params[:author], time_seconds: params[:time_seconds], display_time: display_time(params[:time_seconds]), contest: @contest) if @contest && @message.save respond_to do |format| format.json { render json: {}, status: 200 } end else respond_to do |format| format.json { render json: { error: "invalid contest token" }, status: 400 } end end rescue respond_to do |format| format.json { render json: { error: "invalid contest token" }, status: 400 } end end end def convert authorize @contest @message = Message.find(params[:message_id]) @completion = Completion.new() @completion.display_time_from_start = @message.display_time render "completions/new" end def destroy authorize @contest @message = Message.find(params[:id]) @message.destroy redirect_to contest_path(@contest) end private def set_contest @contest = Contest.find(params[:contest_id]) end def set_data @contestants = @contest.contestants @puzzles = @contest.puzzles end end