liquid_feedback_frontend: app/main/oauth2/_action/accept

liquid_feedback_frontend

annotate app/main/oauth2/_action/accept_scope.lua @ 1513:895d327a3cb1

Limit issues to single unit if single unit mode is configured

author	bsw
date	Thu Aug 20 13:50:03 2020 +0200 (2020-08-20)
parents	32cc544d5a5b
children

rev	line source
bsw/jbe@1309	1 local system_application_id = param.get("system_application_id", atom.integer)
bsw/jbe@1309	2 local domain = param.get("domain")
bsw/jbe@1309	3 local response_type = param.get("response_type")
bsw/jbe@1309	4
bsw/jbe@1309	5 if domain then
bsw/jbe@1309	6 domain = string.lower(domain)
bsw/jbe@1309	7 end
bsw/jbe@1309	8 local scopes = {}
bsw/jbe@1309	9 for i = 0, math.huge do
bsw/jbe@1309	10 scopes[i] = param.get("scope" .. i)
bsw/jbe@1309	11 if not scopes[i] then
bsw/jbe@1309	12 break
bsw/jbe@1309	13 end
bsw/jbe@1309	14 end
bsw/jbe@1309	15
bsw/jbe@1309	16 local redirect_uri = param.get("redirect_uri")
bsw/jbe@1309	17 local redirect_uri_explicit = param.get("redirect_uri_explicit", atom.boolean)
bsw/jbe@1309	18 local state = param.get("state")
bsw/jbe@1309	19
bsw/jbe@1309	20 local selector
bsw/jbe@1309	21
bsw/jbe@1309	22 if system_application_id then
bsw/jbe@1309	23 selector = MemberApplication:get_selector_by_member_id_and_system_application_id(app.session.member_id, system_application_id)
bsw/jbe@1309	24 else
bsw/jbe@1309	25 selector = MemberApplication:get_selector_by_member_id_and_domain(app.session.member_id, domain)
bsw/jbe@1309	26 end
bsw/jbe@1309	27 selector:for_update()
bsw/jbe@1309	28
bsw/jbe@1309	29 local member_application = selector:exec()
bsw/jbe@1309	30
bsw/jbe@1309	31 if not member_application then
bsw/jbe@1309	32 member_application = MemberApplication:new()
bsw/jbe@1309	33 member_application.member_id = app.session.member_id
bsw/jbe@1309	34 member_application.system_application_id = system_application_id
bsw/jbe@1309	35 member_application.domain = domain
bsw/jbe@1309	36 end
bsw/jbe@1309	37
bsw/jbe@1309	38 local new_scopes = {}
bsw/jbe@1309	39
bsw/jbe@1309	40 for i = 0, #scopes do
bsw/jbe@1309	41 if scopes[i] then
bsw/jbe@1309	42 for scope in string.gmatch(scopes[i], "[^ ]+") do
bsw/jbe@1309	43 new_scopes[scope] = true
bsw/jbe@1309	44 end
bsw/jbe@1309	45 end
bsw/jbe@1309	46 end
bsw/jbe@1309	47
bsw/jbe@1309	48 if member_application.scopes then
bsw/jbe@1309	49 for scope in string.gmatch(member_application.scopes, "[^ ]+") do
bsw/jbe@1309	50 new_scopes[scope] = true
bsw/jbe@1309	51 end
bsw/jbe@1309	52 end
bsw/jbe@1309	53
bsw/jbe@1309	54 local new_scopes_list = {}
bsw/jbe@1309	55
bsw/jbe@1309	56 for k, v in pairs(new_scopes) do
bsw/jbe@1309	57 new_scopes_list[#new_scopes_list+1] = k
bsw/jbe@1309	58 end
bsw/jbe@1309	59
bsw/jbe@1309	60 local new_scopes_string = table.concat(new_scopes_list, " ")
bsw/jbe@1309	61
bsw/jbe@1309	62 member_application.scope = new_scopes_string
bsw/jbe@1309	63
bsw/jbe@1309	64 member_application:save()
bsw/jbe@1309	65
bsw/jbe@1309	66 execute.chunk{ module = "oauth2", chunk = "_authorization", params = {
bsw/jbe@1309	67 member_id = app.session.member_id,
bsw/jbe@1309	68 system_application_id = system_application_id,
bsw/jbe@1309	69 domain = domain,
bsw/jbe@1309	70 session_id = app.session.id,
bsw/jbe@1309	71 redirect_uri = redirect_uri,
bsw/jbe@1309	72 redirect_uri_explicit = redirect_uri_explicit,
bsw/jbe@1309	73 scopes = scopes,
bsw/jbe@1309	74 state = state,
bsw/jbe@1309	75 response_type = response_type
bsw/jbe@1309	76 } }