bug fixing - bugs detected by manually poking around on the site

need additional testing suite to systematically go through all permissions need additional permissions check at Model level - models.py
2020-01-17 14:33:56 +01:00
parent c186895e7a
commit 1c9bdc24b5
6 changed files with 19 additions and 18 deletions
--- a/rowers/views/planviews.py
+++ b/rowers/views/planviews.py
@@ -2343,9 +2343,10 @@ def rower_trainingplan_execution_view(request,
                  )


-@user_passes_test(can_plan,login_url="/rowers/paidplans",
-                  message="This functionality requires a Coach or Self-Coach plan",
-                  redirect_field_name=None)
+#@user_passes_test(can_plan,login_url="/rowers/paidplans",
+#                  message="This functionality requires a Coach or Self-Coach plan",
+#                  redirect_field_name=None)
+@login_required()
@permission_required('plan.view_plan',fn=get_plan_by_pk,raise_exception=True)
 def rower_trainingplan_view(request,
                            id=0,