liquid_feedback_frontend: app/main/api/member.lua annotate

liquid_feedback_frontend

annotate app/main/api/member.lua @ 1538:25ea15b4bd5e

Reworked cookie session control, exceptions for API

author	bsw
date	Tue Oct 20 17:48:49 2020 +0200 (2020-10-20)
parents	1e5c1edf7388
children	be96623e575a

rev	line source
bsw/jbe@1309	1 slot.set_layout(nil, "application/json")
bsw/jbe@1309	2
bsw/jbe@1309	3 local r = json.object{
bsw/jbe@1309	4 result = json.array()
bsw/jbe@1309	5 }
bsw/jbe@1309	6
bsw/jbe@1309	7 local selector = Member:new_selector()
bsw/jbe@1309	8 :add_where("activated NOTNULL")
bsw/jbe@1309	9 :add_order_by("id")
bsw/jbe@1309	10
bsw/jbe@1309	11 if param.get("id") then
bsw/jbe@1309	12 selector:add_where{ "id = ?", param.get("id") }
bsw/jbe@1309	13 end
bsw/jbe@1309	14
bsw@1507	15 local role = param.get("role")
bsw@1507	16 if role then
bsw@1507	17 local units = Unit:new_selector()
bsw@1507	18 :add_where{ "attr->>'role' = ?", role }
bsw@1507	19 :exec()
bsw@1507	20 if #units ~= 1 then
bsw@1507	21 request.set_status("400 Bad Request")
bsw@1507	22 slot.put_into("data", json.export{
bsw@1507	23 error = "invalid_role",
bsw@1507	24 error_description = "role not available"
bsw@1507	25 })
bsw@1507	26 return
bsw@1507	27 end
bsw@1507	28 local unit = units[1]
bsw@1507	29 if unit.attr.only_visible_for_role
bsw@1507	30 and (
bsw@1507	31 not app.access_token
bsw@1507	32 or not app.access_token.member:has_role(unit.attr.only_visible_for_role)
bsw@1507	33 )
bsw@1507	34 then
bsw@1507	35 request.set_status("400 Bad Request")
bsw@1507	36 slot.put_into("data", json.export{
bsw@1507	37 error = "no_priv",
bsw@1507	38 error_description = "no privileges to access this role"
bsw@1507	39 })
bsw@1507	40 return
bsw@1507	41 end
bsw@1507	42 selector:join("privilege", nil, "privilege.member_id = member.id")
bsw@1507	43 selector:join("unit", nil, { "unit.id = privilege.unit_id AND unit.attr->>'role' = ?", role })
bsw@1507	44 end
bsw@1507	45
bsw@1537	46 local search = param.get("q")
bsw@1537	47 if app.scopes.read_identities and search then
bsw@1537	48 search = "%" .. search .. "%"
bsw@1537	49 selector:add_where{ "name ILIKE ? OR identification ILIKE ?", search, search }
bsw@1537	50 end
bsw@1537	51
bsw/jbe@1309	52 local members = selector:exec()
bsw@1504	53 local r = json.object()
bsw@1504	54 r.result = execute.chunk{ module = "api", chunk = "_member", params = {
bsw@1504	55 members = members,
bsw@1504	56 include_unit_ids = param.get("include_unit_ids") and true or false,
bsw@1504	57 include_units = param.get("include_units") and true or false,
bsw@1504	58 include_roles = param.get("include_roles") and true or false
bsw@1504	59 } }
bsw/jbe@1309	60
bsw/jbe@1309	61
bsw/jbe@1309	62 slot.put_into("data", json.export(r))
bsw/jbe@1309	63 slot.put_into("data", "\n")