1 files changed, 35 insertions, 15 deletions

diff --git a/app/views/request/_incoming_correspondence.html.erb b/app/views/request/_incoming_correspondence.html.erb
index 7c9a8f551..f4cf3b2ab 100644
--- a/app/views/request/_incoming_correspondence.html.erb
+++ b/app/views/request/_incoming_correspondence.html.erb
@@ -1,21 +1,41 @@
-<div class="incoming correspondence" id="incoming-<%=incoming_message.id.to_s%>">
-  <h2>
-    <% if incoming_message.safe_mail_from && incoming_message.safe_mail_from.strip != @info_request.public_body.name.strip %>
-      <%= _("From:") %> <%= incoming_message.safe_mail_from %><br>
+<div class="incoming correspondence <%= incoming_message.prominence %>" id="incoming-<%=incoming_message.id.to_s%>">
+  <%- if not incoming_message.user_can_view?(@user) %>
+      <p id="hidden_message">
+        <%= _('This message has been hidden. There are various reasons why we might have done this, sorry we can\'t be more specific here. Please <a href="{{url}}">contact us</a> if you have any questions.', :url => help_contact_path.html_safe) %>
+
+        <% if incoming_message.prominence == 'requester_only' %>
+          <%= _('If you are the requester, then you may <a href="{{url}}">sign in</a> to view the message.', :url => signin_url(:r => request.fullpath).html_safe) %>
+        <% end %>
+      </p>
+  <%- else %>
+    <% if incoming_message.prominence == 'hidden' %>
+        <p id="hidden_message">
+        <%= _('This message has prominence \'hidden\'. You can only see it because you are logged in as a super user.') %>
+        </p>
     <% end %>
-    <% if incoming_message.safe_mail_from.nil? || (incoming_message.mail_from_domain == @info_request.public_body.request_email_domain) %>
-      <%= @info_request.public_body.name %><br>
+    <% if incoming_message.prominence == 'requester_only' %>
+        <p id="hidden_message">
+        <%= _('This message is hidden, so that only you, the requester, can see it. Please <a href="{{url}}">contact us</a> if you are not sure why.', :url => help_requesting_path.html_safe) %>
+        </p>
     <% end %>
-    <br><%= simple_date(incoming_message.sent_at) %>
-  </h2>
+    <h2>
+      <% if incoming_message.safe_mail_from && incoming_message.safe_mail_from.strip != @info_request.public_body.name.strip %>
+        <%= _("From:") %> <%= incoming_message.safe_mail_from %><br>
+      <% end %>
+      <% if incoming_message.safe_mail_from.nil? || (incoming_message.mail_from_domain == @info_request.public_body.request_email_domain) %>
+        <%= @info_request.public_body.name %><br>
+      <% end %>
+      <br><%= simple_date(incoming_message.sent_at) %>
+    </h2>
 
-  <%= render :partial => 'bubble', :locals => { :incoming_message => incoming_message, :body => incoming_message.get_body_for_html_display(@collapse_quotes), :attachments => incoming_message.get_attachments_for_display }  %>
+    <%= render :partial => 'bubble', :locals => { :incoming_message => incoming_message, :body => incoming_message.get_body_for_html_display(@collapse_quotes), :attachments => incoming_message.get_attachments_for_display }  %>
 
-  <p class="event_actions">
-    <% if !@user.nil? && @user.admin_page_links? %>
-      <%= link_to "Admin", admin_request_show_raw_email_path(incoming_message.raw_email_id) %> |
-    <% end %>
-    <%= link_to _("Link to this"), incoming_message_path(incoming_message), :class => "link_to_this" %>
-  </p>
+    <p class="event_actions">
+      <% if !@user.nil? && @user.admin_page_links? %>
+        <%= link_to "Admin", admin_request_show_raw_email_path(incoming_message.raw_email_id) %> |
+      <% end %>
+      <%= link_to _("Link to this"), incoming_message_path(incoming_message), :class => "link_to_this" %>
+    </p>
+  <%- end %>
 </div>