Disallow email addresses in closet list descriptions

Just another attempt to communicate the rules!

app/assets/javascripts/closet_lists/form.js

@@ -0,0 +1,7 @@
+document.addEventListener("change", ({ target }) => {
+	if (target.matches('select[name="closet_list[visibility]"]')) {
+		target
+			.closest("form")
+			.setAttribute("data-list-visibility", target.value);
+	}
+});

app/assets/stylesheets/closet_lists/_form.sass

@@ -1,4 +1,5 @@
 @import "../partials/secondary_nav"
+@import "../partials/clean/mixins"
 
 body.closet_lists-new, body.closet_lists-create, body.closet_lists-edit, body.closet_lists-update
   +secondary-nav
@@ -30,3 +31,15 @@ body.closet_lists-new, body.closet_lists-create, body.closet_lists-edit, body.cl
       font:
         size: 85%
 
+    .trade-warning
+      +warning
+      margin-bottom: 1em
+      padding: .75em .5em
+      text-align: center
+
+      p:last-of-type
+        margin-bottom: 0
+
+  // Only show the trade warning when the list is marked as Trading!
+  form:not([data-list-visibility="2"]) .trade-warning
+    display: none

app/controllers/closet_lists_controller.rb

@@ -8,7 +8,7 @@ class ClosetListsController < ApplicationController
       save_successful!
     else
       save_failed!
-      render :action => :new
+      render action: :new, status: :unprocessable_entity
     end
   end
 
@@ -28,7 +28,7 @@ class ClosetListsController < ApplicationController
       save_successful!
     else
       save_failed!
-      render :action => :edit
+      render action: :edit, status: :unprocessable_entity
     end
   end
 

app/models/closet_list.rb

@@ -5,6 +5,12 @@ class ClosetList < ApplicationRecord
   validates :name, :presence => true, :uniqueness => {:scope => :user_id}
   validates :user, :presence => true
   validates :hangers_owned, :inclusion => {:in => [true, false], :message => "can't be blank"}
+  validates :description, format: {
+    # This isn't a very careful email filter! It's easy to avoid. But the
+    # purpose is to communicate the rules, more than actual prevention.
+    without: /\b([\w+\-].?)+@[a-z\d\-]+(\.[a-z]+)*\.[a-z]+\b/i, # from emailregex.com
+    message: "must not contain email addresses"
+  }
 
   delegate :log_trade_activity, to: :user
 

app/views/closet_lists/_form.html.haml

@@ -1,7 +1,8 @@
 - secondary_nav do
   = link_to t('.your_items_link'), user_closet_hangers_path(current_user), :class => 'button'
 
-= form_for [@closet_list.user, @closet_list] do |f|
+= form_for [@closet_list.user, @closet_list],
+  html: {data: {"list-visibility" => @closet_list.visibility}} do |f|
   %ul.fields
     %li
       = f.label :name
@@ -18,5 +19,16 @@
       %span.hint= t '.description.hint'
       = f.text_area :description
       %span.hint= t '.description.markup_hint_html'
+    %li.trade-warning
+      :markdown
+        Please use these lists *only* for real NC trades, negotiated on
+        Neopets.com! We need to keep users safe, so we'll delete *any* list
+        that seems suspicious.
+
+        If you're doing something more creative, please do so in another
+        setting, where traders can better manage reputation and trust. Thank
+        you!
   = f.submit t('.submit')
 
+- content_for :javascripts do
+  = javascript_include_tag "closet_lists/form"