rev |
line source |
bsw/jbe@1309
|
1 slot.set_layout(nil, "application/json")
|
bsw/jbe@1309
|
2
|
bsw/jbe@1309
|
3 local r = json.object{
|
bsw/jbe@1309
|
4 result = json.array()
|
bsw/jbe@1309
|
5 }
|
bsw/jbe@1309
|
6
|
bsw/jbe@1309
|
7 local selector = Member:new_selector()
|
bsw/jbe@1309
|
8 :add_where("activated NOTNULL")
|
bsw/jbe@1309
|
9 :add_order_by("id")
|
bsw/jbe@1309
|
10
|
bsw@1574
|
11 local id = param.get("id")
|
bsw@1574
|
12 if id then
|
bsw@1574
|
13 local ids = { sep = ", " }
|
bsw@1574
|
14 for match in string.gmatch(id, "[^,]+") do
|
bsw@1574
|
15 table.insert(ids, { "?", match })
|
bsw@1574
|
16 end
|
bsw@1574
|
17 selector:add_where{ "id IN ($)", ids }
|
bsw/jbe@1309
|
18 end
|
bsw/jbe@1309
|
19
|
bsw@1507
|
20 local role = param.get("role")
|
bsw@1507
|
21 if role then
|
bsw@1507
|
22 local units = Unit:new_selector()
|
bsw@1507
|
23 :add_where{ "attr->>'role' = ?", role }
|
bsw@1507
|
24 :exec()
|
bsw@1507
|
25 if #units ~= 1 then
|
bsw@1507
|
26 request.set_status("400 Bad Request")
|
bsw@1507
|
27 slot.put_into("data", json.export{
|
bsw@1507
|
28 error = "invalid_role",
|
bsw@1507
|
29 error_description = "role not available"
|
bsw@1507
|
30 })
|
bsw@1507
|
31 return
|
bsw@1507
|
32 end
|
bsw@1507
|
33 local unit = units[1]
|
bsw@1507
|
34 if unit.attr.only_visible_for_role
|
bsw@1507
|
35 and (
|
bsw@1507
|
36 not app.access_token
|
bsw@1507
|
37 or not app.access_token.member:has_role(unit.attr.only_visible_for_role)
|
bsw@1507
|
38 )
|
bsw@1507
|
39 then
|
bsw@1507
|
40 request.set_status("400 Bad Request")
|
bsw@1507
|
41 slot.put_into("data", json.export{
|
bsw@1507
|
42 error = "no_priv",
|
bsw@1507
|
43 error_description = "no privileges to access this role"
|
bsw@1507
|
44 })
|
bsw@1507
|
45 return
|
bsw@1507
|
46 end
|
bsw@1507
|
47 selector:join("privilege", nil, "privilege.member_id = member.id")
|
bsw@1507
|
48 selector:join("unit", nil, { "unit.id = privilege.unit_id AND unit.attr->>'role' = ?", role })
|
bsw@1507
|
49 end
|
bsw@1507
|
50
|
bsw@1537
|
51 local search = param.get("q")
|
bsw@1537
|
52 if app.scopes.read_identities and search then
|
bsw@1537
|
53 search = "%" .. search .. "%"
|
bsw@1537
|
54 selector:add_where{ "name ILIKE ? OR identification ILIKE ?", search, search }
|
bsw@1537
|
55 end
|
bsw@1537
|
56
|
bsw/jbe@1309
|
57 local members = selector:exec()
|
bsw@1504
|
58 local r = json.object()
|
bsw@1504
|
59 r.result = execute.chunk{ module = "api", chunk = "_member", params = {
|
bsw@1504
|
60 members = members,
|
bsw@1504
|
61 include_unit_ids = param.get("include_unit_ids") and true or false,
|
bsw@1504
|
62 include_units = param.get("include_units") and true or false,
|
bsw@1504
|
63 include_roles = param.get("include_roles") and true or false
|
bsw@1504
|
64 } }
|
bsw/jbe@1309
|
65
|
bsw/jbe@1309
|
66
|
bsw/jbe@1309
|
67 slot.put_into("data", json.export(r))
|
bsw/jbe@1309
|
68 slot.put_into("data", "\n")
|