Forum Discussion

heavenerp's avatar
heavenerp
Leader
11 years ago

Change users language preference with REST API

I found this article:

http://lithosphere.lithium.com/t5/support-knowledge-base/Changing-quot-uneditable-quot-profile-settings/ta-p/104911

But the first step in this article says to login to a user account which has “Make REST API calls with modify access” permissions set to GRANT or ALLOW GRANT.

In order for this to work, would this require all users to have this permission turned on? And wouldn't this allow any user to set any value to any users profile, and perhaps have the ability to do anything with the REST API? I’m concerned this will open a huge security risk.

I found another article that allows language switching for non-logged in users, and this is working great. I just need a solution to do the same thing for users that are logged in.

http://lithosphere.lithium.com/t5/product-support-board/How-to-sett-the-correct-language-option-for-Lithium-s-help-for/m-p/63048/highlight/true#M3052

Any help would be appreciated. Let me know your thoughts, thanks!

5 Replies

  • PaoloT's avatar
    PaoloT
    Lithium Alumni (Retired)
    11 years ago

    Hi heavenerp 

     

    is this for a front-end custom component? If so - have you considered using an Endpoint which uses an elevated privilege rest call (using restadmin) and then sets to the desired value?

     

    Of course - you would want to make sure that you do appropriate checks (such as for example, is the endpoint trying to set the profile language for the same user currently logged in? or is the language value a valid one? etc...) because of the usage of restadmin - which requires extra care.

     

    Thanks,

     

  • PaoloT's avatar
    PaoloT
    Lithium Alumni (Retired)
    11 years ago

    Hi,

     

    in this case - the approach I have outlined should do the trick for you. Let us know how do you get on with that!

     

    Thanks,

     

  • HaidongG's avatar
    HaidongG
    Lithium Alumni (Retired)
    11 years ago

    Hi heavenerp,

     

    I had completed a similar function weeks ago with Endpoint (like what PaoloT  mentioned). more details can be found with http://lithosphere.lithium.com/t5/developers-discussion/Get-language-setting-of-current-node/m-p/128715#M4922

     

    this week, I realised that there could be a simpler approach with "Page Initalization" (more details with Page Initalization can be found with http://lithosphere.lithium.com/t5/developers-discussion/Is-it-possible-to-make-a-redirect-with-REST-or-Freemarker/m-p/123591#M4666), after some simple test, I found that it works.

     

    in short, we can just use the same hyperlink as you did for non-logged in users.

     

    <a href="/t5/help/faqpage?profile.language=de">Click here to read this page in German</a>

     

    and in "Page Initalization", you can have something like this

    <#assign lang = http.request.parameters.name.get("profile.language", "")?trim />
    <#if user.registered && lang?has_content && (lang?length > 0) >
        <#assign cur_lang = settings.name.get("profile.language", "") />
        <#if cur_lang != lang >
            <#assign update_lang_setting = rest("/users/self/profiles/name/language/set?value=${lang}") />
            ${http.response.setRedirectUrl(http.request.url)}
            <#-- Refresh the URL -->
        </#if>
    </#if>

     

    note: http.response.setRedirectUrl is necessary as we need to re-load the language in user session.

     

    I hope that this helps.

     

  • Hello heavenerp ,

    With JavaScript, able to change the user's language preference using the REST API. Below is the code that demonstrates how to do this:

    <script>
    const options = {
        method: 'PUT',
        headers: {accept: 'application/json', 'content-type': 'application/json'},
        body: JSON.stringify({
            data: {
                type: 'user',
                personal_data: {
                    list_item_type: 'personal_datum',
                    items: [
                        {type: 'personal_datum', id: 'language', value: 'en'}
                    ]
                },
            }
        })
    };

    fetch('https://community-domain/api/2.0/users/user-id', options)
    .then(response => response.json())
    .then(response => console.log(response))
    .catch(err => console.error(err));

    </script>

    Reference Links:
    Update user (khoros.com)
    GDPR support (khoros.com)

    If my response helped you, please give kudo and accept as solution.
    Thank you!