Validate email address. Stolen from Mailman.
"""
email = email.lower()
- invalid_email = PLCInvalidArgument("Invalid e-mail address")
+ invalid_email = PLCInvalidArgument("Invalid e-mail address %s"%email)
if not email:
raise invalid_email
if 'pi' in self['roles']:
if set(self['site_ids']).intersection(person['site_ids']):
- # Can update person is neither a PI or ADMIN
- return (not (('pi' in person['roles']) or ('admin' in person['roles'])))
+ # non-admin users cannot update a person who is neither a PI or ADMIN
+ return (not set(['pi','admin']).intersection(person['roles']))
return False
if self.can_update(person):
return True
- if 'pi' in self['roles'] or 'tech' in self['roles']:
+ # pis and techs can see all people on their site
+ if set(['pi','tech']).intersection(self['roles']):
if set(self['site_ids']).intersection(person['site_ids']):
- # Can view people with equal or higher role IDs
- return 'admin' not in person['roles']
+ return True
return False
person_filter = Filter(Person.fields, {'person_id': ints, 'email': strs})
sql += " AND (%s) %s" % person_filter.sql(api, "OR")
elif isinstance(person_filter, dict):
- person_filter = Filter(Person.fields, person_filter)
+ allowed_fields = dict(Person.fields.items() + Person.tags.items())
+ person_filter = Filter(allowed_fields, person_filter)
sql += " AND (%s) %s" % person_filter.sql(api, "AND")
elif isinstance (person_filter, StringTypes):
- person_filter = Filter(Person.fields, {'email':person_filter})
+ person_filter = Filter(Person.fields, {'email' : person_filter})
sql += " AND (%s) %s" % person_filter.sql(api, "AND")
elif isinstance (person_filter, (int, long)):
person_filter = Filter(Person.fields, {'person_id':person_filter})