X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=PLC%2FMethods%2FGetPersons.py;h=53143e0c30bd6e91861528aa3f4e183f4d034c5d;hb=e81fb1f3d2c89f2e3951b3c0df975e174ed6545d;hp=458fdacd9891f11abe6a2ae3656a0999ef243c68;hpb=c292f0b768fcaa05218cf5ffdda5672e6ea9ffe6;p=plcapi.git

diff --git a/PLC/Methods/GetPersons.py b/PLC/Methods/GetPersons.py
index 458fdac..53143e0 100644
--- a/PLC/Methods/GetPersons.py
+++ b/PLC/Methods/GetPersons.py
@@ -27,6 +27,8 @@ class GetPersons(Method):
         Auth(),
         Mixed([Mixed(Person.fields['person_id'],
                      Person.fields['email'])],
+              Parameter(str,"email"),
+              Parameter(int,"person_id"),
               Filter(Person.fields)),
         Parameter([str], "List of fields to return", nullok = True)
         ]
@@ -35,21 +37,26 @@ class GetPersons(Method):
     return_fields = dict(filter(lambda (field, value): field not in hidden_fields,
                                 Person.fields.items()))
     returns = [return_fields]
-    
+
     def call(self, auth, person_filter = None, return_fields = None):
-	# If we are not admin, make sure to only return viewable accounts
+        # If we are not admin, make sure to only return viewable accounts
         if isinstance(self.caller, Person) and \
            'admin' not in self.caller['roles']:
             # Get accounts that we are able to view
             valid_person_ids = [self.caller['person_id']]
-            if 'pi' in self.caller['roles'] and self.caller['site_ids']:
+            if ('pi' in self.caller['roles'] or 'tech' in self.caller['roles']) \
+               and self.caller['site_ids']:
                 sites = Sites(self.api, self.caller['site_ids'])
                 for site in sites:
                     valid_person_ids += site['person_ids']
-
             if not valid_person_ids:
-                return []
+                return[]
 
+            # this may look suspicious; what if person_filter is not None ?
+            # turns out the results are getting filtered again below, so we're safe
+            # although this part of the code does not always trigger, it's probably 
+            # a sensible performance enhancement for all the times 
+            # when GetPersons() gets called without an argument
             if person_filter is None:
                 person_filter = valid_person_ids
 
@@ -57,8 +64,16 @@ class GetPersons(Method):
         if return_fields:
             return_fields = filter(lambda field: field not in hidden_fields,
                                    return_fields)
-	else:
-	    return_fields = self.return_fields.keys()
+        else:
+            return_fields = self.return_fields.keys()
+
+        # Must query at least person_id, site_ids, and role_ids (see
+        # Person.can_view() and below).
+        if return_fields is not None:
+            added_fields = set(['person_id', 'site_ids', 'role_ids', 'roles']).difference(return_fields)
+            return_fields += added_fields
+        else:
+            added_fields = []
 
         persons = Persons(self.api, person_filter, return_fields)
 
@@ -67,4 +82,11 @@ class GetPersons(Method):
            'admin' not in self.caller['roles']:
             persons = filter(self.caller.can_view, persons)
 
+        # Remove added fields if not specified
+        if added_fields:
+            for person in persons:
+                for field in added_fields:
+                    if field in person:
+                        del person[field]
+
         return persons