chore: Prevent i18n config bleeding across requests (#1214)

app/controllers/api/v1/accounts/base_controller.rb

@@ -15,7 +15,6 @@ class Api::V1::Accounts::BaseController < Api::BaseController
     elsif @resource&.is_a?(AgentBot)
       account_accessible_for_bot?(account)
     end
-    switch_locale account
     account
   end
 

app/controllers/api/v1/widget/base_controller.rb

@@ -20,8 +20,7 @@ class Api::V1::Widget::BaseController < ApplicationController
 
   def set_web_widget
     @web_widget = ::Channel::WebWidget.find_by!(website_token: permitted_params[:website_token])
-    @account = @web_widget.account
+    @current_account = @web_widget.account
-    switch_locale @account
   end
 
   def set_contact

app/controllers/api/v1/widget/labels_controller.rb

@@ -20,7 +20,7 @@ class Api::V1::Widget::LabelsController < Api::V1::Widget::BaseController
   private
 
   def label_defined_in_account?
-    label = @account.labels.find_by(title: permitted_params[:label])
+    label = @current_account.labels&.find_by(title: permitted_params[:label])
     label.present?
   end
 

app/controllers/api/v1/widget/messages_controller.rb

@@ -89,10 +89,10 @@ class Api::V1::Widget::MessagesController < Api::V1::Widget::BaseController
   end
 
   def update_contact(email)
-    contact_with_email = @account.contacts.find_by(email: email)
+    contact_with_email = @current_account.contacts.find_by(email: email)
     if contact_with_email
       @contact = ::ContactMergeAction.new(
-        account: @account,
+        account: @current_account,
         base_contact: contact_with_email,
         mergee_contact: @contact
       ).perform

app/controllers/application_controller.rb

@@ -5,6 +5,7 @@ class ApplicationController < ActionController::Base
   protect_from_forgery with: :null_session
 
   before_action :set_current_user, unless: :devise_controller?
+  around_action :switch_locale
   around_action :handle_with_exception, unless: :devise_controller?
 
   # after_action :verify_authorized
@@ -64,15 +65,21 @@ class ApplicationController < ActionController::Base
   end
 
   def locale_from_account(account)
+    return unless account
+
     I18n.available_locales.map(&:to_s).include?(account.locale) ? account.locale : nil
   end
 
-  def switch_locale(account)
+  def switch_locale(&action)
     # priority is for locale set in query string (mostly for widget/from js sdk)
     locale ||= locale_from_params
     # if local is not set in param, lets try account
-    locale ||= locale_from_account(account)
+    locale ||= locale_from_account(@current_account)
-    I18n.locale = locale || I18n.default_locale
+    # if nothing works we rely on default locale
+    locale ||= I18n.default_locale
+    # ensure locale won't bleed into other requests
+    # https://guides.rubyonrails.org/i18n.html#managing-the-locale-across-requests
+    I18n.with_locale(locale, &action)
   end
 
   def pundit_user

app/mailers/application_mailer.rb

@@ -3,6 +3,7 @@ class ApplicationMailer < ActionMailer::Base
 
   default from: ENV.fetch('MAILER_SENDER_EMAIL', 'accounts@chatwoot.com')
   before_action { ensure_current_account(params.try(:[], :account)) }
+  around_action :switch_locale
   layout 'mailer/base'
   # Fetch template from Database if available
   # Order: Account Specific > Installation Specific > Fallback to file
@@ -51,12 +52,20 @@ class ApplicationMailer < ActionMailer::Base
   end
 
   def locale_from_account(account)
+    return unless account
+
     I18n.available_locales.map(&:to_s).include?(account.locale) ? account.locale : nil
   end
 
   def ensure_current_account(account)
     Current.account = account if account.present?
-    locale ||= locale_from_account(account) if account.present?
+  end
-    I18n.locale = locale || I18n.default_locale
+
+  def switch_locale(&action)
+    locale ||= locale_from_account(Current.account)
+    locale ||= I18n.default_locale
+    # ensure locale won't bleed into other requests
+    # https://guides.rubyonrails.org/i18n.html#managing-the-locale-across-requests
+    I18n.with_locale(locale, &action)
   end
 end