rather than use the relative values of role_ids. The code now
functions even when a person has no roles whatsoever, which under
certain error conditions can occur.
if 'pi' in self['roles']:
if set(self['site_ids']).intersection(person['site_ids']):
- # Can update people with higher role IDs
- return min(self['role_ids']) < min(person['role_ids'])
+ # Can update person is neither a PI or ADMIN
+ return (not (('pi' in person['roles']) or ('admin' in person['roles'])))
return False
if 'pi' in self['roles']:
if set(self['site_ids']).intersection(person['site_ids']):
# Can view people with equal or higher role IDs
- return min(self['role_ids']) <= min(person['role_ids'])
+ return 'admin' not in person['roles']
return False