bsw/jbe@1309: slot.set_layout(nil, "application/json") bsw/jbe@1309: bsw/jbe@1309: local r = json.object{ bsw/jbe@1309: result = json.array() bsw/jbe@1309: } bsw/jbe@1309: bsw/jbe@1309: local selector = Member:new_selector() bsw/jbe@1309: :add_where("activated NOTNULL") bsw/jbe@1309: :add_order_by("id") bsw/jbe@1309: bsw@1574: local id = param.get("id") bsw@1574: if id then bsw@1574: local ids = { sep = ", " } bsw@1574: for match in string.gmatch(id, "[^,]+") do bsw@1574: table.insert(ids, { "?", match }) bsw@1574: end bsw@1574: selector:add_where{ "id IN ($)", ids } bsw/jbe@1309: end bsw/jbe@1309: bsw@1507: local role = param.get("role") bsw@1507: if role then bsw@1507: local units = Unit:new_selector() bsw@1507: :add_where{ "attr->>'role' = ?", role } bsw@1507: :exec() bsw@1507: if #units ~= 1 then bsw@1507: request.set_status("400 Bad Request") bsw@1507: slot.put_into("data", json.export{ bsw@1507: error = "invalid_role", bsw@1507: error_description = "role not available" bsw@1507: }) bsw@1507: return bsw@1507: end bsw@1507: local unit = units[1] bsw@1507: if unit.attr.only_visible_for_role bsw@1507: and ( bsw@1507: not app.access_token bsw@1507: or not app.access_token.member:has_role(unit.attr.only_visible_for_role) bsw@1507: ) bsw@1507: then bsw@1507: request.set_status("400 Bad Request") bsw@1507: slot.put_into("data", json.export{ bsw@1507: error = "no_priv", bsw@1507: error_description = "no privileges to access this role" bsw@1507: }) bsw@1507: return bsw@1507: end bsw@1507: selector:join("privilege", nil, "privilege.member_id = member.id") bsw@1507: selector:join("unit", nil, { "unit.id = privilege.unit_id AND unit.attr->>'role' = ?", role }) bsw@1507: end bsw@1507: bsw@1537: local search = param.get("q") bsw@1537: if app.scopes.read_identities and search then bsw@1537: search = "%" .. search .. "%" bsw@1537: selector:add_where{ "name ILIKE ? OR identification ILIKE ?", search, search } bsw@1537: end bsw@1537: bsw@1751: if app.scopes.read_profiles then bsw@1751: local profile_lookups = false bsw@1751: for i, field in ipairs(config.member_profile_fields) do bsw@1751: if field.api_lookup then bsw@1751: local value = param.get("profile_" .. field.id) bsw@1751: if value then bsw@1751: selector:add_where{ "member_profile.profile->>? = ?", field.id, value } bsw@1751: profile_lookups = true bsw@1751: end bsw@1751: end bsw@1751: end bsw@1751: if profile_lookups then bsw@1751: selector:join("member_profile", nil, "member_profile.member_id = member.id") bsw@1751: end bsw@1751: end bsw@1751: bsw@1751: bsw/jbe@1309: local members = selector:exec() bsw@1504: local r = json.object() bsw@1504: r.result = execute.chunk{ module = "api", chunk = "_member", params = { bsw@1504: members = members, bsw@1504: include_unit_ids = param.get("include_unit_ids") and true or false, bsw@1504: include_units = param.get("include_units") and true or false, bsw@1504: include_roles = param.get("include_roles") and true or false bsw@1504: } } bsw/jbe@1309: bsw/jbe@1309: bsw/jbe@1309: slot.put_into("data", json.export(r)) bsw/jbe@1309: slot.put_into("data", "\n")