update object write permissions

commit: cf29cfaeba8698bb7f0bd68f84c119886f199404 [log] [tgz]
author: Tony Mack <tmack@tux.cs.princeton.edu> Thu Feb 05 06:13:04 2015 -0500
committer: Tony Mack <tmack@tux.cs.princeton.edu> Thu Feb 05 06:13:45 2015 -0500
tree: f68d9d3f355d2136d29eece38660d68205a078a8
parent: 201ae3fd0b3d5a27ef5786615fec5dc127765075 [diff] [blame]
diff --git a/planetstack/core/models/slice.py b/planetstack/core/models/slice.py
index 8dfde4c..476cf8e 100644
--- a/planetstack/core/models/slice.py
+++ b/planetstack/core/models/slice.py

@@ -85,16 +85,16 @@
             return False
         if user.is_admin:
             return True
+        if user == self.creator:
+            return True    
         # slice admins can update
-        slice_privs = SlicePrivilege.objects.filter(user=user, slice=self)
-        for slice_priv in slice_privs:
-            if slice_priv.role.role == 'admin':
-                return True
+        if SlicePrivilege.objects.filter(
+            user=user, slice=self, role__role='admin'):
+            return True
         # site pis can update
-        site_privs = SitePrivilege.objects.filter(user=user, site=self.site)
-        for site_priv in site_privs:
-            if site_priv.role.role == 'pi':
-                return True
+        if SitePrivilege.objects.filter(
+            user=user, site=self.site, role__role__in=['admin', 'pi']):
+            return True
  
         return False
commit	cf29cfaeba8698bb7f0bd68f84c119886f199404	[log] [tgz]
author	Tony Mack <tmack@tux.cs.princeton.edu>	Thu Feb 05 06:13:04 2015 -0500
committer	Tony Mack <tmack@tux.cs.princeton.edu>	Thu Feb 05 06:13:45 2015 -0500
tree	f68d9d3f355d2136d29eece38660d68205a078a8
parent	201ae3fd0b3d5a27ef5786615fec5dc127765075 [diff] [blame]