if user.is_admin:
qs = Slice.objects.all()
else:
+ # users can see slices they belong to
slice_ids = [sp.slice.id for sp in SlicePrivilege.objects.filter(user=user)]
+ # pis can see slices at their sites
+ sites = [sp.site for sp in SitePrivilege.objects.filter(user=user)\
+ if sp.role.role == 'pi']
+ slice_ids.extend([s.id for s in Slice.objects.filter(site__in=sites)])
qs = Slice.objects.filter(id__in=slice_ids)
return qs