Purpose
The Messaging API describes the endpoints used to manage communication between customers, vendors, and system administrators.
π¬ Messaging and Communication API
The Rentiva messaging system is built on an asynchronous "Thread" architecture. All endpoints use the Messages service class and MessageFormatter helpers.
ποΈ 1. Module Architectureβ
Registration point: MHMRentiva\Admin\Messages\REST\Messages::register()
The system serves through two main namespaces:
- Admin Endpoints:
/v1/admin/messages/* - Customer/Vendor Endpoints:
/v1/portal/messages/*
π¨βπΌ 2. Admin Endpointsβ
The section where system administrators monitor and respond to all communication traffic.
| Endpoint | Method | Function |
|---|---|---|
/admin/messages | GET | Lists all message threads. |
/admin/messages/{id} | GET | Returns the full message history for a specific thread. |
/admin/messages/{id}/reply | POST | Sends a reply to the thread on behalf of the administrator. |
/admin/messages/{id}/status | PUT | Marks the thread as "Closed" or "Resolved". |
π€ 3. Customer and Vendor Endpointsβ
The section where users communicate with each other or with the support team.
| Endpoint | Method | Function |
|---|---|---|
/portal/messages/create | POST | Starts a new message thread. |
/portal/messages/threads | GET | Lists active threads the user is part of. |
/portal/messages/reply | POST | Adds a new message to an existing thread. |
π‘οΈ 4. Permission and Security (Ownership)β
The messaging system applies Ownership control beyond authentication:
- Ownership Check: Before fetching a thread's messages,
Messages::verify_access()verifies that the requesting user is a party to that thread (Sender or Recipient). - Role Verification: Admin endpoints are only accessible to users with the
manage_optionscapability. - Content Sanitization: All message content is sanitized with
wp_kses()to remove harmful HTML tags before being saved.
π€ 5. Response Example (Formatted Message)β
{
"success": true,
"data": {
"thread_id": 45,
"subject": "Regarding Vehicle Booking",
"messages": [
{
"author_name": "Ahmet Y.",
"content": "Is a child seat available in the vehicle?",
"created_at": "2026-03-19 14:30:00",
"is_read": true
}
]
}
}
Section Summaryβ
- The Messaging API provides a thread-based communication model.
- Admin and portal/customer responsibilities are separated by clear boundaries.
- Data security and privacy are maintained at the highest level via the
verify_access()layer.
Changelogβ
| Date | Version | Note |
|---|---|---|
| 23.04.2026 | 4.27.2 | English translation added. |
| 19.03.2026 | 4.21.2 | Thread architecture, Ownership control, and formatted response structure added. |