1 from PLC.Faults import *
2 from PLC.Method import Method
3 from PLC.Parameter import Parameter, Mixed
4 from PLC.Persons import Person, Persons
5 from PLC.Auth import PasswordAuth
7 can_update = lambda (field, value): field in \
8 ['first_name', 'last_name', 'title', 'email',
9 'password', 'phone', 'url', 'bio', 'accepted_aup',
12 class UpdatePerson(Method):
14 Updates a person. Only the fields specified in person_fields are
15 updated, all other fields are left untouched.
17 To remove a value without setting a new one in its place (for
18 example, to remove an address from the person), specify -1 for int
19 and double fields and 'null' for string fields. first_name and
20 last_name cannot be unset.
22 Users and techs can only update themselves. PIs can only update
23 themselves and other non-PIs at their sites.
25 Returns 1 if successful, faults otherwise.
28 roles = ['admin', 'pi', 'user', 'tech']
30 update_fields = dict(filter(can_update, Person.fields.items()))
34 Mixed(Person.fields['person_id'],
35 Person.fields['email']),
39 returns = Parameter(int, '1 if successful')
41 def call(self, auth, person_id_or_email, person_fields):
42 person_fields = dict(filter(can_update, person_fields.items()))
44 # Remove admin only fields
45 if 'admin' not in self.caller['roles']:
46 for key in ['enabled']:
47 del person_fields[key]
49 # Get account information
50 persons = Persons(self.api, [person_id_or_email])
52 raise PLCInvalidArgument, "No such account"
54 person = persons.values()[0]
56 # Authenticated function
57 assert self.caller is not None
59 # Check if we can update this account
60 if not self.caller.can_update(person):
61 raise PLCPermissionDenied, "Not allowed to update specified account"
63 person.update(person_fields)