git://git.onelab.eu / plcapi.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | compact (merge: 77742e8 94ce428)
Merge branch 'master' of ssh://git.onelab.eu/git/plcapi
authorThierry Parmentelat <thierry.parmentelat@sophia.inria.fr>
Tue, 6 Sep 2011 15:09:21 +0000 (17:09 +0200)
committerThierry Parmentelat <thierry.parmentelat@sophia.inria.fr>
Tue, 6 Sep 2011 15:09:21 +0000 (17:09 +0200)
1  2 
PLC/Persons.py patch | diff1 | diff2 | blob | history

diff --combined PLC/Persons.py
index 0faa3f8,1b66b4f..616cc5a
--- 1/PLC/Persons.py
--- 2/PLC/Persons.py
+++ b/PLC/Persons.py
@@@ -143,8 -143,8 +143,8 @@@ class Person(Row)
  
          if 'pi' in self['roles']:
              if set(self['site_ids']).intersection(person['site_ids']):
 -                # Can update person is neither a PI or ADMIN
 -                return (not (('pi' in person['roles']) or ('admin' in person['roles'])))
 +                # non-admin users cannot update a person who is neither a PI or ADMIN
 +                return (not set(['pi','admin']).intersection(person['roles']))
  
          return False
  
@@@ -163,10 -163,10 +163,10 @@@
          if self.can_update(person):
              return True
  
 -        if 'pi' in self['roles'] or 'tech' in self['roles']:
 +        # pis and techs can see all people on their site
 +        if set(['pi','tech']).intersection(self['roles']):
              if set(self['site_ids']).intersection(person['site_ids']):
 -                # Can view people with equal or higher role IDs
 -                return 'admin' not in person['roles']
 +                return True
  
          return False
  
@@@ -359,6 -359,13 +359,13 @@@
  
          # Mark as deleted
          self['deleted'] = True
+         # delete will fail if verification_expires exists and isn't validated
+         if 'verification_expires' in self:
+             #self['verification_expires'] = \
+             #self.validate_verification_expires(self['verification_expires'])
+             self.pop('verification_expires')
          # don't validate, so duplicates can be consistently removed
          self.sync(commit, validate=False)
  
plcapi