+ if not isinstance(self.caller, Person) or \
+ 'admin' not in self.caller['roles']:
+ slice_ids = set()
+ site_ids = set()
+
+ if self.caller:
+ slice_ids.update(self.caller['slice_ids'])
+ if isinstance(self.caller, Node):
+ site_ids.update([self.caller['site_id']])
+ else:
+ site_ids.update(self.caller['site_ids'])
+
+ # if node has whitelist, only return it if users is at
+ # the same site or user has a slice on the whitelist
+ for node in nodes[:]:
+ if 'site_id' in node and \
+ site_ids.intersection([node['site_id']]):
+ continue
+ if 'slice_ids_whitelist' in node and \
+ node['slice_ids_whitelist'] and \
+ not slice_ids.intersection(node['slice_ids_whitelist']):
+ nodes.remove(node)
+
+ # remove remaining admin only fields