From: Tony Mack <tmack@paris.CS.Princeton.EDU>
Date: Wed, 10 Nov 2010 20:42:22 +0000 (-0500)
Subject: Use PLC.Person.can_update() to authorize. fix name error.
X-Git-Tag: plcapi-5.0-19~62
X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=f11e32d0b50a7ff1d43e85a2833cb66e6e7b5c9a;p=plcapi.git

Use PLC.Person.can_update() to authorize. fix name error.
---

diff --git a/PLC/Methods/UpdatePersonTag.py b/PLC/Methods/UpdatePersonTag.py
index e07f873c..1cfc6ac7 100644
--- a/PLC/Methods/UpdatePersonTag.py
+++ b/PLC/Methods/UpdatePersonTag.py
@@ -53,10 +53,10 @@ class UpdatePersonTag(Method):
         # check permission : it not admin, is the user affiliated with the right person
         if 'admin' not in self.caller['roles']:
             # check caller is affiliated with this person's person
-            if len(set(person['person_ids']) & set(self.caller['person_ids'])) == 0:
+            if not self.call.can_update(person):
                 raise PLCPermissionDenied, "Not a member of the person's persons: %s"%person['person_ids']
 
-            required_min_role = tag_type ['min_role_id']
+            required_min_role = person_tag['min_role_id']
             if required_min_role is not None and \
                     min(self.caller['role_ids']) > required_min_role:
                 raise PLCPermissionDenied, "Not allowed to modify the specified person setting, requires role %d",required_min_role