from PLC.Parameter import Parameter, Mixed
from PLC.Auth import Auth
-from PLC.PersonTags import PersonTag, PersonTags
from PLC.Persons import Person, Persons
+from PLC.TagTypes import TagType, TagTypes
+from PLC.PersonTags import PersonTag, PersonTags
+# need to import so the core classes get decorated with caller_may_write_tag
from PLC.AuthorizeHelpers import AuthorizeHelpers
class DeletePersonTag(Method):
raise PLCInvalidArgument, "No such person tag %r"%person_tag_id
person_tag = person_tags[0]
- person = Persons (self.api, person_tag['person_id'])[0]
+ tag_type_id = person_tag['tag_type_id']
+ tag_type = TagTypes (self.api,[tag_type_id])[0]
+
+ persons = Persons (self.api, person_tag['person_id'])
+ if not persons:
+ raise PLCInvalidArgument, "No such person %d"%person_tag['person_id']
+ person=persons[0]
# check authorizations
- if 'admin' in self.caller['roles']:
- pass
- # user can change tags on self
- elif AuthorizeHelpers.person_may_access_person (self.api, self.caller, person):
- pass
- else:
- raise PLCPermissionDenied, "%s: you can only change your own tags"%self.name
+ person.caller_may_write_tag(self.api,self.caller,tag_type)
person_tag.delete()
self.object_ids = [person_tag['person_tag_id']]