git://git.onelab.eu / plcapi.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
techs can view all the users at their site
[plcapi.git] / PLC / Methods / GetPersons.py
diff --git a/PLC/Methods/GetPersons.py b/PLC/Methods/GetPersons.py
index 6302765..06da9f5 100644 (file)
--- a/PLC/Methods/GetPersons.py
+++ b/PLC/Methods/GetPersons.py
@@ -44,14 +44,19 @@ class GetPersons(Method):
            'admin' not in self.caller['roles']:
             # Get accounts that we are able to view
             valid_person_ids = [self.caller['person_id']]
-            if 'pi' in self.caller['roles'] and self.caller['site_ids']:
+            if ('pi' in self.caller['roles'] or 'tech' in self.caller['roles']) \
+               and self.caller['site_ids']:
                 sites = Sites(self.api, self.caller['site_ids'])
                 for site in sites:
                     valid_person_ids += site['person_ids']
-
             if not valid_person_ids:
                 return []
 
+            # this may look suspicious; what if person_filter is not None ?
+            # turns out the results are getting filtered again below, so we're safe
+            # although this part of the code does not always trigger, it's probably 
+            # a sensible performance enhancement for all the times 
+            # when GetPersons() gets called without an argument
             if person_filter is None:
                 person_filter = valid_person_ids
 
plcapi