liquid_feedback_frontend

diff app/main/api/profile.lua @ 1309:32cc544d5a5b

Cumulative patch for upcoming frontend version 4
author bsw/jbe
date Sun Jul 15 14:07:29 2018 +0200 (2018-07-15)
parents
children 757a87af4c83
line diff
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/app/main/api/profile.lua	Sun Jul 15 14:07:29 2018 +0200
     1.3 @@ -0,0 +1,53 @@
     1.4 +slot.set_layout(nil, "application/json")
     1.5 +
     1.6 +local r = json.object{}
     1.7 +
     1.8 +if request.is_post() then
     1.9 +  if not app.scopes.update_profile then
    1.10 +    return util.api_error(403, "Forbidden", "insufficient_scope", "Scope update_profile required")
    1.11 +  end
    1.12 +  local profile = app.access_token.member.profile
    1.13 +  local fields = json.import(param.get("update"))
    1.14 +  if not fields then
    1.15 +    return util.api_error(400, "Bad Request", "profile_data_expected", "JSON object with updated profile data expected")
    1.16 +  end
    1.17 +  for i, field in ipairs(config.member_profile_fields) do
    1.18 +    if json.type(fields, field.id) ~= "nil" then
    1.19 +      local value = fields[field.id]
    1.20 +      if value ~= nil and (field.type == "string" or field.type == "text") and json.type(value) ~= "string" then
    1.21 +        return util.api_error(400, "Bad Request", "string_expected", "JSON encoded string value expected")
    1.22 +      end
    1.23 +      profile.profile[field.id] = value
    1.24 +    end
    1.25 +  end
    1.26 +  profile:save()
    1.27 +  r.status = 'ok'
    1.28 +  slot.put_into("data", json.export(r))
    1.29 +  slot.put_into("data", "\n")
    1.30 +else
    1.31 +  local member_id = tonumber(param.get("member_id"))
    1.32 +  local profile
    1.33 +  if member_id then
    1.34 +    if not app.scopes.read_profiles then
    1.35 +      return util.api_error(403, "Forbidden", "insufficient_scope", "Scope profile required")
    1.36 +    end
    1.37 +    local member = Member:by_id(member_id)
    1.38 +    if not member then
    1.39 +      return util.api_error(400, "Bad Request", "member_not_found", "No member with requested member_id")
    1.40 +    end
    1.41 +    profile = member.profile
    1.42 +  elseif app.access_token then
    1.43 +    if not app.scopes.profile and not app.scopes.read_profiles then
    1.44 +      return util.api_error(403, "Forbidden", "insufficient_scope", "Scope profile required")
    1.45 +    end
    1.46 +    profile = app.access_token.member.profile
    1.47 +  else
    1.48 +    return util.api_error(400, "Bad Request", "no_member_id", "No member_id requested")
    1.49 +  end
    1.50 +  if profile then
    1.51 +    r = execute.chunk{ module = "api", chunk = "_profile", params = { profile = profile } }
    1.52 +  end
    1.53 +  slot.put_into("data", json.export(json.object{ result = r }))
    1.54 +  slot.put_into("data", "\n")
    1.55 +end
    1.56 +

Impressum / About Us