- added logging variable 'object_type'

[plcapi.git] / PLC / Methods / UpdatePerson.py

diff --git a/PLC/Methods/UpdatePerson.py b/PLC/Methods/UpdatePerson.py
index d45a604..594f1ff 100644 (file)
--- a/PLC/Methods/UpdatePerson.py
+++ b/PLC/Methods/UpdatePerson.py
@@ -2,17 +2,17 @@ from PLC.Faults import *
 from PLC.Method import Method
 from PLC.Parameter import Parameter, Mixed
 from PLC.Persons import Person, Persons
-from PLC.Auth import PasswordAuth
+from PLC.Auth import Auth
+
+can_update = lambda (field, value): field in \
+             ['first_name', 'last_name', 'title', 'email',
+              'password', 'phone', 'url', 'bio', 'accepted_aup',
+              'enabled']
 
 class UpdatePerson(Method):
     """
-    Updates a person. Only the fields specified in update_fields are
+    Updates a person. Only the fields specified in person_fields are
     updated, all other fields are left untouched.
-
-    To remove a value without setting a new one in its place (for
-    example, to remove an address from the person), specify -1 for int
-    and double fields and 'null' for string fields. first_name and
-    last_name cannot be unset.
     
     Users and techs can only update themselves. PIs can only update
     themselves and other non-PIs at their sites.
@@ -22,37 +22,30 @@ class UpdatePerson(Method):
 
     roles = ['admin', 'pi', 'user', 'tech']
 
-    can_update = lambda (field, value): field in \
-                 ['first_name', 'last_name', 'title', 'email',
-                  'password', 'phone', 'url', 'bio', 'accepted_aup',
-                 'enabled']
-    update_fields = dict(filter(can_update, Person.fields.items()))
+    person_fields = dict(filter(can_update, Person.fields.items()))
 
     accepts = [
-        PasswordAuth(),
+        Auth(),
         Mixed(Person.fields['person_id'],
               Person.fields['email']),
-        update_fields
+        person_fields
         ]
 
     returns = Parameter(int, '1 if successful')
 
-    def call(self, auth, person_id_or_email, update_fields):
-        valid_fields = self.update_fields
-       # Remove admin only fields
-       if 'admin' not in self.caller['roles']:
-                for key in ['enabled']:
-                        valid_fields.remove(key)
+    object_type = 'Person'
 
-       if filter(lambda field: field not in valid_fields, update_fields):
-            raise PLCInvalidArgument, "Invalid field specified"
+    def call(self, auth, person_id_or_email, person_fields):
+        person_fields = dict(filter(can_update, person_fields.items()))
 
         # Get account information
         persons = Persons(self.api, [person_id_or_email])
         if not persons:
             raise PLCInvalidArgument, "No such account"
+        person = persons[0]
 
-        person = persons.values()[0]
+        if person['peer_id'] is not None:
+            raise PLCInvalidArgument, "Not a local account"
 
         # Authenticated function
         assert self.caller is not None
@@ -61,7 +54,18 @@ class UpdatePerson(Method):
         if not self.caller.can_update(person):
             raise PLCPermissionDenied, "Not allowed to update specified account"
 
-        person.update(update_fields)
+        person.update(person_fields)
         person.sync()
+       
+       # Logging variables
+       self.object_ids = [person['person_id']]
+
+        # Redact password
+        if 'password' in person_fields:
+            person_fields['password'] = "Removed by API"
+        self.message = 'Person %d updated: %s.' % \
+                       (person['person_id'], person_fields.keys())
+       if 'enabled' in person_fields:
+            self.message += ' Person enabled'  
 
         return 1