- def can_update_field(self, user, fieldName):
- from core.models import SitePrivilege
- if (user.is_admin):
- # admin can update anything
- return True
-
- # fields that a site PI can update
- if fieldName in ["is_active", "is_readonly"]:
- site_privs = SitePrivilege.objects.filter(user=user, site=self.site)
- for site_priv in site_privs:
- if site_priv.role.role == 'pi':
- return True
-
- # fields that a user cannot update in his/her own record
- if fieldName in ["is_admin", "is_active", "site", "is_staff", "is_readonly"]:
- return False
-
- return True
-