From 37e2d36e8b1fcd2174e410dc68fe63f6ad4dc2d7 Mon Sep 17 00:00:00 2001
From: albert <r888888888@gmail.com>
Date: Fri, 6 Jan 2012 19:24:20 -0500
Subject: [PATCH] fix for #219

---
 app/controllers/dmails_controller.rb | 3 +--
 app/models/dmail.rb                  | 1 +
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/controllers/dmails_controller.rb b/app/controllers/dmails_controller.rb
index a17905ac5..6021cdd11 100644
--- a/app/controllers/dmails_controller.rb
+++ b/app/controllers/dmails_controller.rb
@@ -14,9 +14,8 @@ class DmailsController < ApplicationController
   end
   
   def index
-    @search = Dmail.search(params[:search])
+    @search = Dmail.visible.search(params[:search])
     @dmails = @search.paginate(params[:page]).order("dmails.created_at desc")
-    @dmails.each {|x| check_privilege(x)}
     respond_with(@dmails)
   end
   
diff --git a/app/models/dmail.rb b/app/models/dmail.rb
index 3cf7879c0..edd9e9c0f 100644
--- a/app/models/dmail.rb
+++ b/app/models/dmail.rb
@@ -17,6 +17,7 @@ class Dmail < ActiveRecord::Base
   scope :deleted, where(["is_deleted = ?", true])
   scope :search_message, lambda {|query| where(["message_index @@ plainto_tsquery(?)", query])}
   scope :unread, where("is_read = false and is_deleted = false")
+  scope :visible, lambda {where("(to_id = ? or from_id = ?)", CurrentUser.id, CurrentUser.id)}
   
   module AddressMethods
     def to_name