if 'pi' in self['roles']:
if set(self['site_ids']).intersection(person['site_ids']):
- # Can update person is neither a PI or ADMIN
- return (not (('pi' in person['roles']) or ('admin' in person['roles'])))
+ # non-admin users cannot update a person who is neither a PI or ADMIN
+ return (not set(['pi','admin']).intersection(person['roles']))
return False
if self.can_update(person):
return True
- if 'pi' in self['roles'] or 'tech' in self['roles']:
+ # pis and techs can see all people on their site
+ if set(['pi','tech']).intersection(self['roles']):
if set(self['site_ids']).intersection(person['site_ids']):
- # Can view people with equal or higher role IDs
- return 'admin' not in person['roles']
+ return True
return False
%define name PLCAPI
%define version 5.0
-%define taglevel 33
+%define taglevel 34
%define release %{taglevel}%{?pldistro:.%{pldistro}}%{?date:.%{date}}
%changelog
+* Wed Aug 31 2011 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - plcapi-5.0-34
+- GetSession has support for more than one day sessions
+- reset_xmpp_pubsub_nodes is much more efficient
+- reset_xmpp_pubsub_nodes uses the config instead of localhost:5053
+- bugfix - deleting a person in the middle of the signup process
+
* Tue Jun 07 2011 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - plcapi-5.0-33
- ratelimit aspects
- cache getslivers per node if PLC_GET_SIVERS_CACHE is enabled