+def refreshMachine(m):
+ people = set()
+ people.update(expandLocker(m.owner))
+ people.update(expandName(m.administrator))
+ old_people = set(a.user for a in m.acl)
+ for removed in old_people - people:
+ ma = [x for x in m.acl if x.user == removed][0]
+ ctx.current.delete(ma)
+ for p in people - old_people:
+ ma = MachineAccess(machine_id=m.machine_id, user=p)
+ ctx.current.save(ma)