X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=PLC%2FMethods%2FUpdatePerson.py;h=20436049315acace47a909df05ef7f390d4b612b;hb=1821fd360bd501c72728c47dc71ee96bb595acaa;hp=66392fe24e9790c627baa20050cab5e7cd34a211;hpb=ed7fa1ebf97ec2f88f18f8fa538e46c6ae9525c4;p=plcapi.git diff --git a/PLC/Methods/UpdatePerson.py b/PLC/Methods/UpdatePerson.py index 66392fe..2043604 100644 --- a/PLC/Methods/UpdatePerson.py +++ b/PLC/Methods/UpdatePerson.py @@ -2,22 +2,19 @@ from PLC.Faults import * from PLC.Method import Method from PLC.Parameter import Parameter, Mixed from PLC.Persons import Person, Persons -from PLC.Auth import PasswordAuth +from PLC.Auth import Auth +from PLC.sendmail import sendmail +related_fields = Person.related_fields.keys() can_update = lambda (field, value): field in \ ['first_name', 'last_name', 'title', 'email', 'password', 'phone', 'url', 'bio', 'accepted_aup', - 'enabled'] + 'enabled'] + related_fields class UpdatePerson(Method): """ Updates a person. Only the fields specified in person_fields are updated, all other fields are left untouched. - - To remove a value without setting a new one in its place (for - example, to remove an address from the person), specify -1 for int - and double fields and 'null' for string fields. first_name and - last_name cannot be unset. Users and techs can only update themselves. PIs can only update themselves and other non-PIs at their sites. @@ -27,12 +24,10 @@ class UpdatePerson(Method): roles = ['admin', 'pi', 'user', 'tech'] - person_fields = dict(filter(can_update, Person.fields.items())) - for field in person_fields.values(): - field.optional = True + person_fields = dict(filter(can_update, Person.fields.items() + Person.related_fields.items())) accepts = [ - PasswordAuth(), + Auth(), Mixed(Person.fields['person_id'], Person.fields['email']), person_fields @@ -47,8 +42,10 @@ class UpdatePerson(Method): persons = Persons(self.api, [person_id_or_email]) if not persons: raise PLCInvalidArgument, "No such account" + person = persons[0] - person = persons.values()[0] + if person['peer_id'] is not None: + raise PLCInvalidArgument, "Not a local account" # Authenticated function assert self.caller is not None @@ -56,8 +53,38 @@ class UpdatePerson(Method): # Check if we can update this account if not self.caller.can_update(person): raise PLCPermissionDenied, "Not allowed to update specified account" + + # Make requested associations + for field in related_fields: + if field in person_fields: + person.associate(auth, field, person_fields[field]) + person_fields.pop(field) person.update(person_fields) + person.update_last_updated(False) person.sync() + if 'enabled' in person_fields: + To = [("%s %s" % (person['first_name'], person['last_name']), person['email'])] + Cc = [] + if person['enabled']: + Subject = "%s account enabled" % (self.api.config.PLC_NAME) + Body = "Your %s account has been enabled. Please visit %s to access your account." % (self.api.config.PLC_NAME, self.api.config.PLC_WWW_HOST) + else: + Subject = "%s account disabled" % (self.api.config.PLC_NAME) + Body = "Your %s account has been disabled. Please contact your PI or PlanetLab support for more information" % (self.api.config.PLC_NAME) + sendmail(self.api, To = To, Cc = Cc, Subject = Subject, Body = Body) + + + # Logging variables + self.event_objects = {'Person': [person['person_id']]} + + # Redact password + if 'password' in person_fields: + person_fields['password'] = "Removed by API" + self.message = 'Person %d updated: %s.' % \ + (person['person_id'], person_fields.keys()) + if 'enabled' in person_fields: + self.message += ' Person enabled' + return 1