From 24cc4b427272f362628d3b5317acfe500418343e Mon Sep 17 00:00:00 2001
From: Lance Edgar <lance@edbob.org>
Date: Wed, 23 Sep 2020 16:39:44 -0500
Subject: [PATCH] Change how we protect certain person, employee records

---
 tailbone/views/employees.py | 18 ++++++++++++------
 tailbone/views/people.py    | 18 ++++++++++++------
 2 files changed, 24 insertions(+), 12 deletions(-)

diff --git a/tailbone/views/employees.py b/tailbone/views/employees.py
index dac93e67..d7cad068 100644
--- a/tailbone/views/employees.py
+++ b/tailbone/views/employees.py
@@ -164,15 +164,21 @@ class EmployeesView(MasterView):
         if employee.status == self.enum.EMPLOYEE_STATUS_FORMER:
             return 'warning'
 
+    def is_employee_protected(self, employee):
+        for user in employee.person.users:
+            if self.user_is_protected(user):
+                return True
+        return False
+
     def editable_instance(self, employee):
-        if self.rattail_config.demo():
-            return not bool(employee.user and employee.user.username == 'chuck')
-        return True
+        if self.request.is_root:
+            return True
+        return not self.is_employee_protected(employee)
 
     def deletable_instance(self, employee):
-        if self.rattail_config.demo():
-            return not bool(employee.user and employee.user.username == 'chuck')
-        return True
+        if self.request.is_root:
+            return True
+        return not self.is_employee_protected(employee)
 
     def configure_form(self, f):
         super(EmployeesView, self).configure_form(f)
diff --git a/tailbone/views/people.py b/tailbone/views/people.py
index f21a88b6..17f7fb67 100644
--- a/tailbone/views/people.py
+++ b/tailbone/views/people.py
@@ -145,15 +145,21 @@ class PeopleView(MasterView):
             return instance.person
         raise HTTPNotFound
 
+    def is_person_protected(self, person):
+        for user in person.users:
+            if self.user_is_protected(user):
+                return True
+        return False
+
     def editable_instance(self, person):
-        if self.rattail_config.demo():
-            return not bool(person.user and person.user.username == 'chuck')
-        return True
+        if self.request.is_root:
+            return True
+        return not self.is_person_protected(person)
 
     def deletable_instance(self, person):
-        if self.rattail_config.demo():
-            return not bool(person.user and person.user.username == 'chuck')
-        return True
+        if self.request.is_root:
+            return True
+        return not self.is_person_protected(person)
 
     def delete_instance(self, person):
         """