update object write permissions
diff --git a/planetstack/core/models/slice.py b/planetstack/core/models/slice.py
index 8dfde4c..476cf8e 100644
--- a/planetstack/core/models/slice.py
+++ b/planetstack/core/models/slice.py
@@ -85,16 +85,16 @@
return False
if user.is_admin:
return True
+ if user == self.creator:
+ return True
# slice admins can update
- slice_privs = SlicePrivilege.objects.filter(user=user, slice=self)
- for slice_priv in slice_privs:
- if slice_priv.role.role == 'admin':
- return True
+ if SlicePrivilege.objects.filter(
+ user=user, slice=self, role__role='admin'):
+ return True
# site pis can update
- site_privs = SitePrivilege.objects.filter(user=user, site=self.site)
- for site_priv in site_privs:
- if site_priv.role.role == 'pi':
- return True
+ if SitePrivilege.objects.filter(
+ user=user, site=self.site, role__role__in=['admin', 'pi']):
+ return True
return False