bsw/jbe@1309: slot.set_layout(nil, "application/json") bsw/jbe@1309: bsw/jbe@1309: if not app.access_token then bsw/jbe@1309: return util.api_error(400, "Forbidden", "insufficient_scope", "Scope 'settings' required") bsw/jbe@1309: end bsw/jbe@1309: bsw/jbe@1309: local r = json.object{} bsw/jbe@1309: bsw/jbe@1309: if request.is_post() then bsw/jbe@1309: if not app.scopes.update_settings then bsw/jbe@1309: return util.api_error(403, "Forbidden", "insufficient_scope", "Scope update_settings required") bsw/jbe@1309: end bsw/jbe@1309: local settings = app.access_token.member.settings bsw/jbe@1309: if not settings then bsw/jbe@1309: settings = MemberSettings:new() bsw/jbe@1309: settings.member_id = app.access_token.member_id bsw/jbe@1309: settings.settings = json.object() bsw/jbe@1309: end bsw/jbe@1309: local fields = json.import(param.get("update")) bsw/jbe@1309: if not fields then bsw/jbe@1309: return util.api_error(400, "Bad Request", "settings_data_expected", "JSON object with updated settings data expected") bsw/jbe@1309: end bsw/jbe@1309: for i, field in ipairs(config.member_settings_fields) do bsw/jbe@1309: if json.type(fields, field.id) ~= "nil" then bsw/jbe@1309: local value = fields[field.id] bsw/jbe@1309: if value ~= nil then bsw/jbe@1309: if (field.type == "string" or field.type == "text") and json.type(value) ~= "string" then bsw/jbe@1309: return util.api_error(400, "Bad Request", "string_expected", "JSON encoded string value expected") bsw/jbe@1309: end bsw/jbe@1309: if (field.type == "boolean") and json.type(value) ~= "boolean" then bsw/jbe@1309: return util.api_error(400, "Bad Request", "boolean_expected", "JSON encoded boolean value expected") bsw/jbe@1309: end bsw/jbe@1309: end bsw/jbe@1309: settings.settings[field.id] = value bsw/jbe@1309: end bsw/jbe@1309: end bsw/jbe@1309: settings:save() bsw/jbe@1309: r.status = 'ok' bsw/jbe@1309: slot.put_into("data", json.export(r)) bsw/jbe@1309: slot.put_into("data", "\n") bsw/jbe@1309: else bsw/jbe@1309: if not app.scopes.settings then bsw/jbe@1309: return util.api_error(403, "Forbidden", "insufficient_scope", "Scope 'settings' required") bsw/jbe@1309: end bsw/jbe@1309: local settings = app.access_token.member.settings or json.object() bsw/jbe@1309: r = execute.chunk{ module = "api", chunk = "_settings", params = { settings = settings } } bsw/jbe@1309: slot.put_into("data", json.export(json.object{ result = r })) bsw/jbe@1309: slot.put_into("data", "\n") bsw/jbe@1309: end bsw/jbe@1309: