1 slot.set_layout(nil, "application/json")

2

3 if not app.access_token then

4 return util.api_error(400, "Forbidden", "insufficient_scope", "Scope 'settings' required")

5 end

6

7 local r = json.object{}

8

9 if request.is_post() then

10 if not app.scopes.update_settings then

11 return util.api_error(403, "Forbidden", "insufficient_scope", "Scope update_settings required")

12 end

13 local settings = app.access_token.member.settings

14 if not settings then

15 settings = MemberSettings:new()

16 settings.member_id = app.access_token.member_id

17 settings.settings = json.object()

18 end

19 local fields = json.import(param.get("update"))

20 if not fields then

21 return util.api_error(400, "Bad Request", "settings_data_expected", "JSON object with updated settings data expected")

22 end

23 for i, field in ipairs(config.member_settings_fields) do

24 if json.type(fields, field.id) ~= "nil" then

25 local value = fields[field.id]

26 if value ~= nil then

27 if (field.type == "string" or field.type == "text") and json.type(value) ~= "string" then

28 return util.api_error(400, "Bad Request", "string_expected", "JSON encoded string value expected")

29 end

30 if (field.type == "boolean") and json.type(value) ~= "boolean" then

31 return util.api_error(400, "Bad Request", "boolean_expected", "JSON encoded boolean value expected")

32 end

33 end

34 settings.settings[field.id] = value

35 end

36 end

37 settings:save()

38 r.status = 'ok'

39 slot.put_into("data", json.export(r))

40 slot.put_into("data", "\n")

41 else

42 if not app.scopes.settings then

43 return util.api_error(403, "Forbidden", "insufficient_scope", "Scope 'settings' required")

44 end

45 local settings = app.access_token.member.settings or json.object()

46 r = execute.chunk{ module = "api", chunk = "_settings", params = { settings = settings } }

47 slot.put_into("data", json.export(json.object{ result = r }))

48 slot.put_into("data", "\n")

49 end

50