if 'pi' in self['roles']:
if set(self['site_ids']).intersection(person['site_ids']):
- # Can update person is neither a PI or ADMIN
- return (not (('pi' in person['roles']) or ('admin' in person['roles'])))
+ # non-admin users cannot update a person who is neither a PI or ADMIN
+ return (not set(['pi','admin']).intersection(person['roles']))
return False
if self.can_update(person):
return True
- if 'pi' in self['roles'] or 'tech' in self['roles']:
+ # pis and techs can see all people on their site
+ if set(['pi','tech']).intersection(self['roles']):
if set(self['site_ids']).intersection(person['site_ids']):
- # Can view people with equal or higher role IDs
- return 'admin' not in person['roles']
+ return True
return False
# Mark as deleted
self['deleted'] = True
- # delete will fail if verification_expires exists and isn't validated
- if 'verification_expires' in self:
- self['verification_expires'] = \
- self.validate_verification_expires(self['verification_expires'])
+ # delete will fail if timestamp fields aren't validated, so lets remove them
+ for field in ['verification_expires', 'date_created', 'last_updated']:
+ if field in self:
+ self.pop(field)
# don't validate, so duplicates can be consistently removed
self.sync(commit, validate=False)