techs can view all the users at their site

diff --git a/PLC/Methods/GetPersons.py b/PLC/Methods/GetPersons.py
index 9439420..06da9f5 100644 (file)
--- a/PLC/Methods/GetPersons.py
+++ b/PLC/Methods/GetPersons.py
@@ -44,11 +44,11 @@ class GetPersons(Method):
            'admin' not in self.caller['roles']:
             # Get accounts that we are able to view
             valid_person_ids = [self.caller['person_id']]
-            if 'pi' in self.caller['roles'] and self.caller['site_ids']:
+            if ('pi' in self.caller['roles'] or 'tech' in self.caller['roles']) \
+               and self.caller['site_ids']:
                 sites = Sites(self.api, self.caller['site_ids'])
                 for site in sites:
                     valid_person_ids += site['person_ids']
-
             if not valid_person_ids:
                 return []
 

diff --git a/PLC/Persons.py b/PLC/Persons.py
index 060a46f..d5f1533 100644 (file)
--- a/PLC/Persons.py
+++ b/PLC/Persons.py
@@ -155,7 +155,7 @@ class Person(Row):
 
         1. We are the person.
         2. We are an admin.
-        3. We are a PI and the person is at one of our sites.
+        3. We are a PI or Tech and the person is at one of our sites.
         """
 
         assert isinstance(person, Person)
@@ -163,7 +163,7 @@ class Person(Row):
         if self.can_update(person):
             return True
 
-        if 'pi' in self['roles']:
+        if 'pi' in self['roles'] or 'tech' in self['roles']:
             if set(self['site_ids']).intersection(person['site_ids']):
                 # Can view people with equal or higher role IDs
                 return 'admin' not in person['roles']