liquid_feedback_frontend: app/main/api/member.lua annotate

liquid_feedback_frontend

annotate app/main/api/member.lua @ 1517:4f182720a2ec

Automatically fix inconsistent session cookies

author	bsw
date	Thu Aug 20 14:25:34 2020 +0200 (2020-08-20)
parents	103ed34037ed
children	1e5c1edf7388

rev	line source
bsw/jbe@1309	1 slot.set_layout(nil, "application/json")
bsw/jbe@1309	2
bsw/jbe@1309	3 local r = json.object{
bsw/jbe@1309	4 result = json.array()
bsw/jbe@1309	5 }
bsw/jbe@1309	6
bsw/jbe@1309	7 local selector = Member:new_selector()
bsw/jbe@1309	8 :add_where("activated NOTNULL")
bsw/jbe@1309	9 :add_order_by("id")
bsw/jbe@1309	10
bsw/jbe@1309	11 if param.get("id") then
bsw/jbe@1309	12 selector:add_where{ "id = ?", param.get("id") }
bsw/jbe@1309	13 end
bsw/jbe@1309	14
bsw@1507	15 local role = param.get("role")
bsw@1507	16 if role then
bsw@1507	17 local units = Unit:new_selector()
bsw@1507	18 :add_where{ "attr->>'role' = ?", role }
bsw@1507	19 :exec()
bsw@1507	20 if #units ~= 1 then
bsw@1507	21 request.set_status("400 Bad Request")
bsw@1507	22 slot.put_into("data", json.export{
bsw@1507	23 error = "invalid_role",
bsw@1507	24 error_description = "role not available"
bsw@1507	25 })
bsw@1507	26 return
bsw@1507	27 end
bsw@1507	28 local unit = units[1]
bsw@1507	29 if unit.attr.only_visible_for_role
bsw@1507	30 and (
bsw@1507	31 not app.access_token
bsw@1507	32 or not app.access_token.member:has_role(unit.attr.only_visible_for_role)
bsw@1507	33 )
bsw@1507	34 then
bsw@1507	35 request.set_status("400 Bad Request")
bsw@1507	36 slot.put_into("data", json.export{
bsw@1507	37 error = "no_priv",
bsw@1507	38 error_description = "no privileges to access this role"
bsw@1507	39 })
bsw@1507	40 return
bsw@1507	41 end
bsw@1507	42 selector:join("privilege", nil, "privilege.member_id = member.id")
bsw@1507	43 selector:join("unit", nil, { "unit.id = privilege.unit_id AND unit.attr->>'role' = ?", role })
bsw@1507	44 end
bsw@1507	45
bsw/jbe@1309	46 local members = selector:exec()
bsw@1504	47 local r = json.object()
bsw@1504	48 r.result = execute.chunk{ module = "api", chunk = "_member", params = {
bsw@1504	49 members = members,
bsw@1504	50 include_unit_ids = param.get("include_unit_ids") and true or false,
bsw@1504	51 include_units = param.get("include_units") and true or false,
bsw@1504	52 include_roles = param.get("include_roles") and true or false
bsw@1504	53 } }
bsw/jbe@1309	54
bsw/jbe@1309	55
bsw/jbe@1309	56 slot.put_into("data", json.export(r))
bsw/jbe@1309	57 slot.put_into("data", "\n")