liquid_feedback_frontend
changeset 1817:757a87af4c83
Added validation hook for profile updates
author | bsw |
---|---|
date | Mon Dec 13 11:57:35 2021 +0100 (2021-12-13) |
parents | baa87c3780ad |
children | 2d4136357989 |
files | app/main/api/profile.lua app/main/member/_action/update.lua app/main/member/edit.lua |
line diff
1.1 --- a/app/main/api/profile.lua Fri Dec 03 10:31:51 2021 +0100 1.2 +++ b/app/main/api/profile.lua Mon Dec 13 11:57:35 2021 +0100 1.3 @@ -17,6 +17,12 @@ 1.4 if value ~= nil and (field.type == "string" or field.type == "text") and json.type(value) ~= "string" then 1.5 return util.api_error(400, "Bad Request", "string_expected", "JSON encoded string value expected") 1.6 end 1.7 + if field.validate_func then 1.8 + local success = field.validate_func(field, fields) 1.9 + if not success then 1.10 + return util.api_error(403, "Forbidden", "validation_failure", "Request could not be validated") 1.11 + end 1.12 + end 1.13 profile.profile[field.id] = value 1.14 end 1.15 end
2.1 --- a/app/main/member/_action/update.lua Fri Dec 03 10:31:51 2021 +0100 2.2 +++ b/app/main/member/_action/update.lua Mon Dec 13 11:57:35 2021 +0100 2.3 @@ -1,7 +1,7 @@ 2.4 local profile = app.session.member.profile 2.5 2.6 for i, field in ipairs(config.member_profile_fields) do 2.7 - if not util.is_profile_field_locked(app.session.member, field.id) then 2.8 + if not util.is_profile_field_locked(app.session.member, field.id) and not field.validate_func then 2.9 local value = param.get(field.id) 2.10 if value == "" then 2.11 value = null
3.1 --- a/app/main/member/edit.lua Fri Dec 03 10:31:51 2021 +0100 3.2 +++ b/app/main/member/edit.lua Mon Dec 13 11:57:35 2021 +0100 3.3 @@ -32,7 +32,7 @@ 3.4 ui.container{ 3.5 attr = { class = "mdl-textfield mdl-js-textfield mdl-textfield--floating-label" }, 3.6 content = function() 3.7 - ui.tag{ tag = "input", attr = { class = "mdl-textfield__input", name = field.id, id = "input_" .. field.id, readonly = config.locked_profile_fields[field.id], value = profile and profile.profile and profile.profile[field.id] or nil } } 3.8 + ui.tag{ tag = "input", attr = { class = "mdl-textfield__input", name = field.id, id = "input_" .. field.id, readonly = field.validate_func and "readonly" or nil, value = profile and profile.profile and profile.profile[field.id] or nil } } 3.9 ui.tag{ tag = "label", attr = { class = "mdl-textfield__label", ["for"] = "input_" .. field.id }, content = field.name } 3.10 end } 3.11 slot.put("<br />")