liquid_feedback_frontend: app/main/api/settings.lua annotate

liquid_feedback_frontend

annotate app/main/api/settings.lua @ 1858:3d1f0464a3ea

Handle missing ldap.member.allowed function

author	bsw
date	Tue Sep 20 17:35:29 2022 +0200 (20 months ago)
parents	32cc544d5a5b
children

rev	line source
bsw/jbe@1309	1 slot.set_layout(nil, "application/json")
bsw/jbe@1309	2
bsw/jbe@1309	3 if not app.access_token then
bsw/jbe@1309	4 return util.api_error(400, "Forbidden", "insufficient_scope", "Scope 'settings' required")
bsw/jbe@1309	5 end
bsw/jbe@1309	6
bsw/jbe@1309	7 local r = json.object{}
bsw/jbe@1309	8
bsw/jbe@1309	9 if request.is_post() then
bsw/jbe@1309	10 if not app.scopes.update_settings then
bsw/jbe@1309	11 return util.api_error(403, "Forbidden", "insufficient_scope", "Scope update_settings required")
bsw/jbe@1309	12 end
bsw/jbe@1309	13 local settings = app.access_token.member.settings
bsw/jbe@1309	14 if not settings then
bsw/jbe@1309	15 settings = MemberSettings:new()
bsw/jbe@1309	16 settings.member_id = app.access_token.member_id
bsw/jbe@1309	17 settings.settings = json.object()
bsw/jbe@1309	18 end
bsw/jbe@1309	19 local fields = json.import(param.get("update"))
bsw/jbe@1309	20 if not fields then
bsw/jbe@1309	21 return util.api_error(400, "Bad Request", "settings_data_expected", "JSON object with updated settings data expected")
bsw/jbe@1309	22 end
bsw/jbe@1309	23 for i, field in ipairs(config.member_settings_fields) do
bsw/jbe@1309	24 if json.type(fields, field.id) ~= "nil" then
bsw/jbe@1309	25 local value = fields[field.id]
bsw/jbe@1309	26 if value ~= nil then
bsw/jbe@1309	27 if (field.type == "string" or field.type == "text") and json.type(value) ~= "string" then
bsw/jbe@1309	28 return util.api_error(400, "Bad Request", "string_expected", "JSON encoded string value expected")
bsw/jbe@1309	29 end
bsw/jbe@1309	30 if (field.type == "boolean") and json.type(value) ~= "boolean" then
bsw/jbe@1309	31 return util.api_error(400, "Bad Request", "boolean_expected", "JSON encoded boolean value expected")
bsw/jbe@1309	32 end
bsw/jbe@1309	33 end
bsw/jbe@1309	34 settings.settings[field.id] = value
bsw/jbe@1309	35 end
bsw/jbe@1309	36 end
bsw/jbe@1309	37 settings:save()
bsw/jbe@1309	38 r.status = 'ok'
bsw/jbe@1309	39 slot.put_into("data", json.export(r))
bsw/jbe@1309	40 slot.put_into("data", "\n")
bsw/jbe@1309	41 else
bsw/jbe@1309	42 if not app.scopes.settings then
bsw/jbe@1309	43 return util.api_error(403, "Forbidden", "insufficient_scope", "Scope 'settings' required")
bsw/jbe@1309	44 end
bsw/jbe@1309	45 local settings = app.access_token.member.settings or json.object()
bsw/jbe@1309	46 r = execute.chunk{ module = "api", chunk = "_settings", params = { settings = settings } }
bsw/jbe@1309	47 slot.put_into("data", json.export(json.object{ result = r }))
bsw/jbe@1309	48 slot.put_into("data", "\n")
bsw/jbe@1309	49 end
bsw/jbe@1309	50