git://git.onelab.eu / plcapi.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
trash our own brew of xmlrpc, that was all about supporting <nil/>
[plcapi.git] / PLC / Methods / GetPersons.py
diff --git a/PLC/Methods/GetPersons.py b/PLC/Methods/GetPersons.py
index 5228933..263c663 100644 (file)
--- a/PLC/Methods/GetPersons.py
+++ b/PLC/Methods/GetPersons.py
@@ -5,6 +5,7 @@ from PLC.Filter import Filter
 from PLC.Persons import Person, Persons
 from PLC.Sites import Site, Sites
 from PLC.Auth import Auth
 from PLC.Persons import Person, Persons
 from PLC.Sites import Site, Sites
 from PLC.Auth import Auth
+from PLC.Logger import logger
 
 hidden_fields = ['password', 'verification_key', 'verification_expires']
 
 
 hidden_fields = ['password', 'verification_key', 'verification_expires']
 
@@ -27,8 +28,8 @@ class GetPersons(Method):
         Auth(),
         Mixed([Mixed(Person.fields['person_id'],
                      Person.fields['email'])],
         Auth(),
         Mixed([Mixed(Person.fields['person_id'],
                      Person.fields['email'])],
-             Parameter(str,"email"),
-              Parameter(int,"person_id"), 
+              Parameter(str,"email"),
+              Parameter(int,"person_id"),
               Filter(Person.fields)),
         Parameter([str], "List of fields to return", nullok = True)
         ]
               Filter(Person.fields)),
         Parameter([str], "List of fields to return", nullok = True)
         ]
@@ -37,21 +38,30 @@ class GetPersons(Method):
     return_fields = dict(filter(lambda (field, value): field not in hidden_fields,
                                 Person.fields.items()))
     returns = [return_fields]
     return_fields = dict(filter(lambda (field, value): field not in hidden_fields,
                                 Person.fields.items()))
     returns = [return_fields]
-    
+
     def call(self, auth, person_filter = None, return_fields = None):
     def call(self, auth, person_filter = None, return_fields = None):
-       # If we are not admin, make sure to only return viewable accounts
+
+        logger.info("incoming GetPersons, filter={}, return fields={}"
+                    .format(person_filter, return_fields))
+
+        # If we are not admin, make sure to only return viewable accounts
         if isinstance(self.caller, Person) and \
            'admin' not in self.caller['roles']:
             # Get accounts that we are able to view
             valid_person_ids = [self.caller['person_id']]
         if isinstance(self.caller, Person) and \
            'admin' not in self.caller['roles']:
             # Get accounts that we are able to view
             valid_person_ids = [self.caller['person_id']]
-            if 'pi' in self.caller['roles'] and self.caller['site_ids']:
+            if ('pi' in self.caller['roles'] or 'tech' in self.caller['roles']) \
+               and self.caller['site_ids']:
                 sites = Sites(self.api, self.caller['site_ids'])
                 for site in sites:
                     valid_person_ids += site['person_ids']
                 sites = Sites(self.api, self.caller['site_ids'])
                 for site in sites:
                     valid_person_ids += site['person_ids']
-
             if not valid_person_ids:
                 return []
 
             if not valid_person_ids:
                 return []
 
+            # this may look suspicious; what if person_filter is not None ?
+            # turns out the results are getting filtered again below, so we're safe
+            # although this part of the code does not always trigger, it's probably 
+            # a sensible performance enhancement for all the times 
+            # when GetPersons() gets called without an argument
             if person_filter is None:
                 person_filter = valid_person_ids
 
             if person_filter is None:
                 person_filter = valid_person_ids
 
@@ -59,13 +69,13 @@ class GetPersons(Method):
         if return_fields:
             return_fields = filter(lambda field: field not in hidden_fields,
                                    return_fields)
         if return_fields:
             return_fields = filter(lambda field: field not in hidden_fields,
                                    return_fields)
-       else:
-           return_fields = self.return_fields.keys()
+        else:
+            return_fields = self.return_fields.keys()
 
         # Must query at least person_id, site_ids, and role_ids (see
         # Person.can_view() and below).
         if return_fields is not None:
 
         # Must query at least person_id, site_ids, and role_ids (see
         # Person.can_view() and below).
         if return_fields is not None:
-            added_fields = set(['person_id', 'site_ids', 'role_ids']).difference(return_fields)
+            added_fields = set(['person_id', 'site_ids', 'role_ids','roles']).difference(return_fields)
             return_fields += added_fields
         else:
             added_fields = []
             return_fields += added_fields
         else:
             added_fields = []
@@ -81,7 +91,7 @@ class GetPersons(Method):
         if added_fields:
             for person in persons:
                 for field in added_fields:
         if added_fields:
             for person in persons:
                 for field in added_fields:
-                   if field in person:
-                       del person[field]
+                    if field in person:
+                        del person[field]
 
         return persons
 
         return persons
plcapi