- required_min_role = tag_type ['min_role_id']
-
- # check permission : it not admin, is the user affiliated with the right site<S>
- if 'admin' not in self.caller['roles']:
- for key in ['src_interface_id','dst_interface_id']:
- # locate interface
- interface_id=ilink[key]
- interface = Interfaces (self.api,interface_id)[0]
- node_id=interface['node_id']
- node = Nodes (self.api,node_id) [0]
- # locate site
- site_id = node['site_id']
- site = Sites (self.api, [site_id]) [0]
- # check caller is affiliated with this site
- if self.caller['person_id'] not in site['person_ids']:
- raise PLCPermissionDenied, "Not a member of the hosting site %s"%site['abbreviated_site']
-
- if required_min_role is not None and \
- min(self.caller['role_ids']) > required_min_role:
- raise PLCPermissionDenied, "Not allowed to modify the specified ilink, requires role %d",required_min_role