From c88cae4ddb465aa576d7c36d59b2d96b18100282 Mon Sep 17 00:00:00 2001
From: Keith Holliday <krh121791@gmail.com>
Date: Fri, 6 May 2016 09:45:04 -0500
Subject: [PATCH] Added mark pms read route. Fixed error checking and extra
 code.

---
 common/script/ops/clearPMs.js              |  2 +-
 website/public/js/controllers/rootCtrl.js  |  3 +-
 website/public/js/services/userServices.js | 62 ++++++++++++----------
 website/src/controllers/api-v3/user.js     | 20 +++++++
 4 files changed, 56 insertions(+), 31 deletions(-)

diff --git a/common/script/ops/clearPMs.js b/common/script/ops/clearPMs.js
index 537ef26348..765ecc3b56 100644
--- a/common/script/ops/clearPMs.js
+++ b/common/script/ops/clearPMs.js
@@ -1,6 +1,6 @@
 module.exports = function clearPMs (user) {
   user.inbox.messages = {};
-  // user.markModified('inbox.messages');
+  user.markModified('inbox.messages');
   return [
     user.inbox.messages,
   ];
diff --git a/website/public/js/controllers/rootCtrl.js b/website/public/js/controllers/rootCtrl.js
index a4025ad23c..0c841ee677 100644
--- a/website/public/js/controllers/rootCtrl.js
+++ b/website/public/js/controllers/rootCtrl.js
@@ -21,8 +21,7 @@ habitrpg.controller("RootCtrl", ['$scope', '$rootScope', '$location', 'User', '$
         if (!!fromState.name) Analytics.track({'hitType':'pageview','eventCategory':'navigation','eventAction':'navigate','page':'/#/'+toState.name});
         // clear inbox when entering or exiting inbox tab
         if (fromState.name=='options.social.inbox' || toState.name=='options.social.inbox') {
-          //@TODO: Protected path. We need a url
-          User.set({'inbox.newMessages': 0});
+          User.clearNewMessages();
         }
       });
 
diff --git a/website/public/js/services/userServices.js b/website/public/js/services/userServices.js
index ea0f706d2e..bf2466c9a0 100644
--- a/website/public/js/services/userServices.js
+++ b/website/public/js/services/userServices.js
@@ -14,8 +14,8 @@ angular.module('habitrpg')
 /**
  * Services that persists and retrieves user from localStorage.
  */
-  .factory('User', ['$rootScope', '$http', '$location', '$window', 'STORAGE_USER_ID', 'STORAGE_SETTINGS_ID', 'MOBILE_APP', 'Notification', 'ApiUrl',
-    function($rootScope, $http, $location, $window, STORAGE_USER_ID, STORAGE_SETTINGS_ID, MOBILE_APP, Notification, ApiUrl) {
+  .factory('User', ['$rootScope', '$http', '$location', '$window', 'STORAGE_USER_ID', 'STORAGE_SETTINGS_ID', 'Notification', 'ApiUrl',
+    function($rootScope, $http, $location, $window, STORAGE_USER_ID, STORAGE_SETTINGS_ID, Notification, ApiUrl) {
       var authenticated = false;
       var defaultSettings = {
         auth: { apiId: '', apiToken: ''},
@@ -51,7 +51,7 @@ angular.module('habitrpg')
           url: 'api/v3/user/',
         })
         .then(function (response) {
-          Notification.text(response.data.message);
+          if (response.data.message) Notification.text(response.data.message);
 
           _.extend(user, response.data.data);
 
@@ -70,8 +70,7 @@ angular.module('habitrpg')
                   }
                   if (err) {
                     var message = err.code ? err.message : err;
-                    if (MOBILE_APP) Notification.push({type:'text',text:message});
-                    else Notification.text(message);
+                    Notification.text(message);
                     // In the case of 200s, they're friendly alert messages like "Your pet has hatched!" - still send the op
                     if ((err.code && err.code >= 400) || !err.code) return;
                   }
@@ -113,7 +112,7 @@ angular.module('habitrpg')
           body: body,
         })
         .then(function (response) {
-          Notification.text(response.data.message);
+          if (response.data.message) Notification.text(response.data.message);
           save();
         })
       }
@@ -122,8 +121,6 @@ angular.module('habitrpg')
         for (var key in updates) {
           user[key] = updates[key];
         }
-
-        sync();
       }
 
       var userServices = {
@@ -201,6 +198,16 @@ angular.module('habitrpg')
           })
         },
 
+        clearNewMessages: function () {
+          $http({
+            method: "POST",
+            url: 'api/v3/user/mark-pms-read',
+          })
+          .then(function (response) {
+            sync();
+          })
+        },
+
         clearPMs: function () {
           callOpsFunctionAndRequest('clearPMs', 'messages', "DELETE");
         },
@@ -259,12 +266,19 @@ angular.module('habitrpg')
         },
 
         unlock: function (data) {
-          $window.habitrpgShared.ops['unlock'](user, data);
           callOpsFunctionAndRequest('unlock', 'unlock', "POST", '', data);
         },
 
         set: function(updates) {
           setUser(updates);
+          $http({
+            method: "PUT",
+            url: 'api/v3/user',
+            data: updates,
+          })
+          .then(function (response) {
+            sync();
+          })
         },
 
         reroll: function () {
@@ -358,11 +372,9 @@ angular.module('habitrpg')
           }
 
           save();
-          // syncQueue(cb);
         },
 
         sync: function(){
-          user._v--;
           userServices.log({});
           sync();
         },
@@ -387,26 +399,20 @@ angular.module('habitrpg')
 
       //If user does not have ApiID that forward him to settings.
       if (!settings.auth.apiId || !settings.auth.apiToken) {
-
-        if (MOBILE_APP) {
-          $location.path("/login");
+        //var search = $location.search(); // FIXME this should be working, but it's returning an empty object when at a root url /?_id=...
+        var search = $location.search($window.location.search.substring(1)).$$search; // so we use this fugly hack instead
+        if (search.err) return alert(search.err);
+        if (search._id && search.apiToken) {
+          userServices.authenticate(search._id, search.apiToken, function(){
+            $window.location.href='/';
+          });
         } else {
-          //var search = $location.search(); // FIXME this should be working, but it's returning an empty object when at a root url /?_id=...
-          var search = $location.search($window.location.search.substring(1)).$$search; // so we use this fugly hack instead
-          if (search.err) return alert(search.err);
-          if (search._id && search.apiToken) {
-            userServices.authenticate(search._id, search.apiToken, function(){
-              $window.location.href='/';
-            });
-          } else {
-            var isStaticOrSocial = $window.location.pathname.match(/^\/(static|social)/);
-            if (!isStaticOrSocial){
-              localStorage.clear();
-              $window.location.href = '/logout';
-            }
+          var isStaticOrSocial = $window.location.pathname.match(/^\/(static|social)/);
+          if (!isStaticOrSocial){
+            localStorage.clear();
+            $window.location.href = '/logout';
           }
         }
-
       } else {
         userServices.authenticate(settings.auth.apiId, settings.auth.apiToken)
       }
diff --git a/website/src/controllers/api-v3/user.js b/website/src/controllers/api-v3/user.js
index a1e34ad435..fc375687ae 100644
--- a/website/src/controllers/api-v3/user.js
+++ b/website/src/controllers/api-v3/user.js
@@ -1175,6 +1175,26 @@ api.clearMessages = {
   },
 };
 
+/**
+ * @api {post} /api/v3/user/mark-pms-read Marks Private Messages as read
+ * @apiVersion 3.0.0
+ * @apiName markPmsRead
+ * @apiGroup User
+ *
+ * @apiSuccess {object} data user.inbox.messages
+**/
+api.markPmsRead = {
+  method: 'POST',
+  middlewares: [authWithHeaders()],
+  url: '/user/mark-pms-read',
+  async handler (req, res) {
+    let user = res.locals.user;
+    user.inbox.newMessages = 0;
+    await user.save();
+    res.respond(200, user.inbox.newMessages);
+  },
+};
+
 /*
 * @api {post} /api/v3/user/reroll Rerolls a user.
 * @apiVersion 3.0.0