diff --git a/rowers/tests/mocks.py b/rowers/tests/mocks.py index 7acce340..d725b8b5 100644 --- a/rowers/tests/mocks.py +++ b/rowers/tests/mocks.py @@ -69,6 +69,10 @@ def mocked_myqueue(*args, **kwargs): return Job() +def mock_c2open(*args, **kwargs): + print('mock') + return('aap') + def mocked_sqlalchemy(*args, **kwargs): # return object with method diff --git a/rowers/tests/test_permissions2.py b/rowers/tests/test_permissions2.py index f9ebb810..4fc84ad7 100644 --- a/rowers/tests/test_permissions2.py +++ b/rowers/tests/test_permissions2.py @@ -214,6 +214,8 @@ class PermissionsViewTests(TestCase): # Test access for anonymous users @parameterized.expand(viewstotest) + @patch('rowers.c2stuff.Session', side_effect=mocked_requests) + @patch('rowers.c2stuff.c2_open') @patch('rowers.dataprep.create_engine') @patch('rowers.dataprep.read_df_sql') @patch('rowers.dataprep.getsmallrowdata_db') @@ -222,6 +224,8 @@ class PermissionsViewTests(TestCase): @patch('rowers.dataprep.get_video_data',side_effect=mocked_get_video_data) def test_permissions_anonymous( self,view,permissions, + mock_Session, + mock_c2open, mocked_sqlalchemy, mocked_read_df_sql, mocked_getsmallrowdata_db, @@ -251,6 +255,8 @@ class PermissionsViewTests(TestCase): # Test access for logged in users - accessing own objects @parameterized.expand(viewstotest) + @patch('rowers.c2stuff.Session', side_effect=mocked_requests) + @patch('rowers.c2stuff.c2_open') @patch('rowers.dataprep.create_engine') @patch('rowers.dataprep.read_df_sql') @patch('rowers.dataprep.getsmallrowdata_db') @@ -259,6 +265,8 @@ class PermissionsViewTests(TestCase): @patch('rowers.dataprep.get_video_data',side_effect=mocked_get_video_data) def test_permissions_own( self,view,permissions, + mock_Session, + mock_c2open, mocked_sqlalchemy, mocked_read_df_sql, mocked_getsmallrowdata_db, @@ -337,6 +345,8 @@ class PermissionsViewTests(TestCase): # Test access for logged in users - accessing team member objects @parameterized.expand(viewstotest) + @patch('rowers.c2stuff.Session', side_effect=mocked_requests) + @patch('rowers.c2stuff.c2_open') @patch('rowers.dataprep.create_engine') @patch('rowers.dataprep.read_df_sql') @patch('rowers.dataprep.getsmallrowdata_db') @@ -345,6 +355,8 @@ class PermissionsViewTests(TestCase): @patch('rowers.dataprep.get_video_data',side_effect=mocked_get_video_data) def test_permissions_member( self,view,permissions, + mock_Session, + mock_c2open, mocked_sqlalchemy, mocked_read_df_sql, mocked_getsmallrowdata_db, @@ -424,6 +436,8 @@ class PermissionsViewTests(TestCase): # Test access for logged in users - accessing coachee @parameterized.expand(viewstotest) + @patch('rowers.c2stuff.Session', side_effect=mocked_requests) + @patch('rowers.c2stuff.c2_open') @patch('rowers.dataprep.create_engine') @patch('rowers.dataprep.read_df_sql') @patch('rowers.dataprep.getsmallrowdata_db') @@ -432,6 +446,8 @@ class PermissionsViewTests(TestCase): @patch('rowers.dataprep.get_video_data',side_effect=mocked_get_video_data) def test_permissions_coachee( self,view,permissions, + mock_Session, + mock_c2open, mocked_sqlalchemy, mocked_read_df_sql, mocked_getsmallrowdata_db, diff --git a/rowers/tests/viewnames.csv b/rowers/tests/viewnames.csv index 0d67bacc..825bf77c 100644 --- a/rowers/tests/viewnames.csv +++ b/rowers/tests/viewnames.csv @@ -92,28 +92,28 @@ 90,96,video_selectworkout,select workout to create video,TRUE,302,pro,200,302,pro,403,403,coach,200,302,FALSE,TRUE,FALSE,FALSE,TRUE 91,98,workout_fusion_view,needs to workouts,TRUE,403,pro,200,302,pro,200,302,coach,200,302,FALSE,FALSE,FALSE,FALSE,FALSE 92,99,workout_fusion_list,list workouts to fuse with,TRUE,302,pro,200,302,pro,403,302,coach,200,302,FALSE,FALSE,TRUE,FALSE,TRUE -94,103,workout_add_chart_view,add chart,TRUE,403,basic,302,403,basic,403,403,coach,302,403,FALSE,FALSE,TRUE,TRUE,FALSE -95,112,WorkoutDelete,,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,FALSE,FALSE,FALSE,FALSE -96,113,workout_smoothenpace_view,,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,FALSE,TRUE,FALSE,FALSE -97,114,workout_undo_smoothenpace_view,,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,FALSE,TRUE,FALSE,FALSE -98,115,workout_c2import_view,,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,TRUE,FALSE,FALSE,FALSE -99,120,workout_stravaimport_view,,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,TRUE,FALSE,FALSE,FALSE -100,122,workout_getc2workout_all,,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,FALSE,FALSE,FALSE,FALSE -101,124,workout_getimportview,,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,FALSE,FALSE,FALSE,FALSE -102,125,workout_getstravaworkout_all,,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,FALSE,FALSE,FALSE,FALSE -103,126,workout_getstravaworkout_next,,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,FALSE,FALSE,FALSE,FALSE -104,127,workout_sporttracksimport_view,,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,TRUE,FALSE,FALSE,FALSE -105,129,workout_getsporttracksworkout_all,,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,FALSE,FALSE,FALSE,FALSE -106,130,workout_polarimport_view,,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,TRUE,FALSE,FALSE,FALSE -107,132,workout_runkeeperimport_view,,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,TRUE,FALSE,FALSE,FALSE -108,134,workout_underarmourimport_view,,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,FALSE,FALSE,FALSE,FALSE -109,135,workout_c2_upload_view,,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,FALSE,TRUE,FALSE,FALSE -110,136,workout_strava_upload_view,,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,FALSE,TRUE,FALSE,FALSE -111,137,workout_recalcsummary_view,,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,FALSE,TRUE,FALSE,FALSE -112,138,workout_sporttracks_upload_view,,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,FALSE,TRUE,FALSE,FALSE -113,139,workout_runkeeper_upload_view,,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,FALSE,TRUE,FALSE,FALSE -114,140,workout_underarmour_upload_view,,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,FALSE,TRUE,FALSE,FALSE -115,141,workout_tp_upload_view,,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,FALSE,TRUE,FALSE,FALSE +94,103,workout_add_chart_view,add chart,TRUE,403,basic,302,403,basic,403,403,coach,302,403,FALSE,FALSE,TRUE,FALSE,FALSE +95,112,WorkoutDelete,delete workout,TRUE,403,basic,200,302,basic,403,403,coach,403,403,FALSE,FALSE,TRUE,FALSE,TRUE +96,113,workout_smoothenpace_view,smoothen pace,TRUE,403,pro,302,302,pro,403,403,coach,302,403,FALSE,FALSE,TRUE,FALSE,TRUE +97,114,workout_undo_smoothenpace_view,unsmoothen pace,TRUE,403,pro,302,302,pro,403,403,coach,302,403,FALSE,FALSE,TRUE,FALSE,TRUE +98,115,workout_c2import_view,list workouts to be imported (test stops at notokenerror),TRUE,302,basic,302,302,basic,403,403,coach,302,403,FALSE,TRUE,FALSE,FALSE,TRUE +99,120,workout_stravaimport_view,list workouts to be imported (test stops at notokenerror),TRUE,302,basic,302,302,basic,403,403,coach,302,403,FALSE,TRUE,FALSE,FALSE,TRUE +100,122,workout_getc2workout_all,gets all C2 workouts (now redirects due to NoTokenError,TRUE,302,basic,302,302,FALSE,302,302,FALSE,302,302,FALSE,FALSE,FALSE,FALSE,TRUE +101,124,workout_getimportview,imports a workout from third party,TRUE,200,basic,200,302,FALSE,200,302,FALSE,200,302,FALSE,FALSE,FALSE,FALSE,FALSE +102,125,workout_getstravaworkout_all,gets all C2 workouts (now redirects due to NoTokenError,TRUE,302,basic,302,302,FALSE,302,302,FALSE,302,302,FALSE,FALSE,FALSE,FALSE,TRUE +103,126,workout_getstravaworkout_next,gets all strava workouts,TRUE,302,basic,302,302,FALSE,200,302,FALSE,200,302,FALSE,FALSE,FALSE,FALSE,FALSE +104,127,workout_sporttracksimport_view,list workouts to be imported (test stops at notokenerror),TRUE,302,basic,302,302,basic,403,403,coach,302,403,FALSE,TRUE,FALSE,FALSE,TRUE +105,129,workout_getsporttracksworkout_all,gets all C2 workouts (now redirects due to NoTokenError,TRUE,302,basic,302,302,FALSE,302,302,FALSE,302,302,FALSE,FALSE,FALSE,FALSE,TRUE +106,130,workout_polarimport_view,list workouts to be imported (test stops at notokenerror),TRUE,302,basic,302,302,basic,403,403,coach,302,403,FALSE,TRUE,FALSE,FALSE,TRUE +107,132,workout_runkeeperimport_view,list workouts to be imported (test stops at notokenerror),TRUE,302,basic,302,302,basic,403,403,coach,302,403,FALSE,TRUE,FALSE,FALSE,TRUE +108,134,workout_underarmourimport_view,list workouts to be imported (test stops at notokenerror),TRUE,302,basic,302,302,basic,403,403,coach,302,403,FALSE,TRUE,FALSE,FALSE,TRUE +109,135,workout_c2_upload_view,uploads workout to C2,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,FALSE,TRUE,FALSE,FALSE +110,136,workout_strava_upload_view,uploads workout to C2,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,FALSE,TRUE,FALSE,FALSE +111,137,workout_recalcsummary_view,recalculates workout summary,TRUE,403,basic,302,403,basic,403,403,coach,302,403,FALSE,FALSE,TRUE,TRUE,FALSE +112,138,workout_sporttracks_upload_view,uploads workout to C2,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,FALSE,TRUE,FALSE,FALSE +113,139,workout_runkeeper_upload_view,uploads workout to C2,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,FALSE,TRUE,FALSE,FALSE +114,140,workout_underarmour_upload_view,uploads workout to C2,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,FALSE,TRUE,FALSE,FALSE +115,141,workout_tp_upload_view,uploads workout to C2,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,FALSE,TRUE,FALSE,FALSE 116,142,multi_compare_view,,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,FALSE,TRUE,FALSE,FALSE 117,145,alerts_view,,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,TRUE,FALSE,FALSE,FALSE 118,147,AlertDelete,,TRUE,200,basic,200,302,basic,200,302,coach,200,302,FALSE,FALSE,FALSE,FALSE,FALSE diff --git a/rowers/urls.py b/rowers/urls.py index d07c68e9..7735e0b6 100644 --- a/rowers/urls.py +++ b/rowers/urls.py @@ -421,6 +421,7 @@ urlpatterns = [ re_path(r'^workout/polarimport/user/(?P\d+)/',views.workout_polarimport_view,name='workout_polarimport_view'), re_path(r'^workout/runkeeperimport/$',views.workout_runkeeperimport_view,name='workout_runkeeperimport_view'), re_path(r'^workout/runkeeperimport/user/(?P\d+)/$',views.workout_runkeeperimport_view,name='workout_runkeeperimport_view'), + re_path(r'^workout/underarmourimport/user/(?P\d+)/$',views.workout_underarmourimport_view,name='workout_underarmourimport_view'), re_path(r'^workout/underarmourimport/$',views.workout_underarmourimport_view,name='workout_underarmourimport_view'), # re_path(r'^workout/(?P\b[0-9A-Fa-f]+\b)/deleteconfirm/$',views.workout_delete_confirm_view), re_path(r'^workout/(?P\b[0-9A-Fa-f]+\b)/c2uploadw/$',views.workout_c2_upload_view,name='workout_c2_upload_view'), diff --git a/rowers/views/importviews.py b/rowers/views/importviews.py index a823c788..8e9ecec4 100644 --- a/rowers/views/importviews.py +++ b/rowers/views/importviews.py @@ -886,10 +886,11 @@ def rower_process_testcallback(request): # The page where you select which Strava workout to import @login_required() +@permission_required('rower.is_coach',fn=get_user_by_userid,raise_exception=True) def workout_stravaimport_view(request,message="",userid=0): r = getrequestrower(request,userid=userid) - if r.user != request.user: - messages.info(request,"You cannot import other people's workouts from Strava") + #if r.user != request.user: + # messages.info(request,"You cannot import other people's workouts from Strava") try: thetoken = strava_open(request.user) @@ -985,6 +986,7 @@ def workout_stravaimport_view(request,message="",userid=0): # The page where you select which RunKeeper workout to import @login_required() +@permission_required('rower.is_coach',fn=get_user_by_userid,raise_exception=True) def workout_runkeeperimport_view(request,message="",userid=0): res = runkeeperstuff.get_runkeeper_workout_list(request.user) if (res.status_code != 200): @@ -1040,6 +1042,7 @@ def workout_runkeeperimport_view(request,message="",userid=0): # The page where you select which RunKeeper workout to import @login_required() +@permission_required('rower.is_coach',fn=get_user_by_userid,raise_exception=True) def workout_underarmourimport_view(request,message="",userid=0): res = underarmourstuff.get_underarmour_workout_list(request.user) if (res.status_code != 200): @@ -1090,6 +1093,7 @@ def workout_underarmourimport_view(request,message="",userid=0): # the page where you select which Polar workout to Import @login_required() +@permission_required('rower.is_coach',fn=get_user_by_userid,raise_exception=True) def workout_polarimport_view(request,userid=0): exercises = polarstuff.get_polar_workouts(request.user) workouts = [] @@ -1147,6 +1151,7 @@ def workout_polarimport_view(request,userid=0): # The page where you select which SportTracks workout to import @login_required() +@permission_required('rower.is_coach',fn=get_user_by_userid,raise_exception=True) def workout_sporttracksimport_view(request,message="",userid=0): @@ -1291,14 +1296,15 @@ def workout_getc2workout_all(request,page=1,message=""): # List of workouts available on Concept2 logbook - for import @login_required() +@permission_required('rower.is_coach',fn=get_user_by_userid,raise_exception=True) def workout_c2import_view(request,page=1,userid=0,message=""): r = getrequestrower(request,userid=userid) - if r.user != request.user: - messages.info(request,"You cannot import other people's workouts from Concept2") + # if r.user != request.user: + # messages.info(request,"You cannot import other people's workouts from Concept2") - r = getrower(request.user) + # r = getrower(request.user) try: thetoken = c2_open(request.user)