include vicci accessors for advanced mode

[plcapi.git] / PLC / Persons.py

diff --git a/PLC/Persons.py b/PLC/Persons.py
index 8da70ef..d4a3f57 100644 (file)
--- a/PLC/Persons.py
+++ b/PLC/Persons.py
@@ -143,8 +143,8 @@ class Person(Row):
 
         if 'pi' in self['roles']:
             if set(self['site_ids']).intersection(person['site_ids']):
-                # Can update person is neither a PI or ADMIN
-                return (not (('pi' in person['roles']) or ('admin' in person['roles'])))
+                # non-admin users cannot update a person who is neither a PI or ADMIN
+                return (not set(['pi','admin']).intersection(person['roles']))
 
         return False
 
@@ -163,10 +163,10 @@ class Person(Row):
         if self.can_update(person):
             return True
 
-        if 'pi' in self['roles'] or 'tech' in self['roles']:
+        # pis and techs can see all people on their site
+        if set(['pi','tech']).intersection(self['roles']):
             if set(self['site_ids']).intersection(person['site_ids']):
-                # Can view people with equal or higher role IDs
-                return 'admin' not in person['roles']
+                return True
 
         return False
 
@@ -360,10 +360,10 @@ class Person(Row):
         # Mark as deleted
         self['deleted'] = True
 
-        # delete will fail if verification_expires exists and isn't validated
-        if 'verification_expires' in self:
-            self['verification_expires'] = \
-            self.validate_verification_expires(self['verification_expires'])
+        # delete will fail if timestamp fields aren't validated, so lets remove them
+        for field in ['verification_expires', 'date_created', 'last_updated']:
+            if field in self:
+                self.pop(field)
 
         # don't validate, so duplicates can be consistently removed
         self.sync(commit, validate=False)