sander/rowsandall
Private
Public Access
1
0
Fork 0
Code Activity

needs some work on plan page

Browse Source
This commit is contained in:
Sander Roosendaal
2019-02-18 18:17:56 +01:00
parent 7814f1cdf9
commit 409f725caa
6 changed files with 46 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
rowers/models.py
View File

@@ -1023,6 +1023,17 @@ def checkworkoutuser(user,workout):
except Rower.DoesNotExist:
return False
def checkviewworkouts(user,rower):
try:
r = user.rower
if rower == r:
return True
teams = Team.objects.filter(manager=user)
print Rower.objects.filter(team__in=teams)
if rower in Rower.objects.filter(team__in=teams):
return True
except Rower.DoesNotExist:
return False
# Check if user is coach or rower
def checkaccessuser(user,rower):

29
rowers/templates/menu_plan.html
View File

@@ -82,27 +82,26 @@
<p>&nbsp;</p>
{% if user.is_authenticated and user|is_manager %}
<p>&nbsp;</p>
{% if user|coach_rowers %}
{% if user|team_members %}
<ul class="cd-accordion-menu animated">
<li class="has-children" id="athletes">
<input type="checkbox" name="athlete-selector" id="athlete-selector">
<label for="athlete-selector"><i class="fas fa-users fa-fw"></i>&nbsp;Athletes</label>
<label for="athlete-selector"><i class="fas fa-users fa-fw"></i>&nbsp;Group Members</label>
<ul>
{% for member in user|coach_rowers %}
<a href={{ request.path|userurl:member.user }}?when={{ timeperiod }}>
<i class="fas fa-user fa-fw"></i>
{% if member.user == rower.user %}
&bull;
{% else %}
&nbsp;
{% endif %}
{{ member.user.first_name }} {{ member.user.last_name }}
</a>
{% for member in user|team_members %}
<li>
<a href={{ request.path|userurl:member }}>
<i class="fas fa-user fa-fw"></i>
{% if member == rower.user and not team %}
&bull;
{% else %}
&nbsp;
{% endif %}
{{ member.first_name }} {{ member.last_name }}
</a>
</li>
{% endfor %}
</ul>
</li>

23
rowers/templates/menu_workouts.html
View File

@@ -45,8 +45,11 @@
</li>
</ul> <!-- cd-accordion-menu -->
{% if user.is_authenticated and user|is_manager %}
<p>&nbsp;</p>
{% if user|coach_rowers %}
<ul class="cd-accordion-menu animated">
<li class="has-children" id="athletes">
@@ -54,17 +57,15 @@
<label for="athlete-selector"><i class="fas fa-users fa-fw"></i>&nbsp;Athletes</label>
<ul>
{% for member in user|coach_rowers %}
<li>
<a href={{ request.path|userurl:member.user }}>
<i class="fas fa-user fa-fw"></i>
{% if member.user == rower.user and not team %}
&bull;
{% else %}
&nbsp;
{% endif %}
{{ member.user.first_name }} {{ member.user.last_name }}
</a>
</li>
<a href={{ request.path|userurl:member.user }}?when={{ timeperiod }}>
<i class="fas fa-user fa-fw"></i>
{% if member == rower.user %}
&bull;
{% else %}
&nbsp;
{% endif %}
{{ member.user.first_name }} {{ member.user.last_name }}
</a>
{% endfor %}
</ul>
</li>

7
rowers/tests/test_permissions.py
View File

@@ -1414,3 +1414,10 @@ class PermissionsCoachingTests(TestCase):
## Basic and Pro users can create races
## Basic users can subscribe to any race
# group related
## group members can see but not edit each other's workouts and charts
## group members can see but not edit each other's plans

2
rowers/views/statements.py
View File

@@ -911,7 +911,7 @@ from rowers.utils import (
import rowers.datautils as datautils
from rowers.models import checkworkoutuser,checkaccessuser
from rowers.models import checkworkoutuser,checkaccessuser,checkviewworkouts
# Check if a user is a Coach member
def iscoachmember(user):

2
rowers/views/workoutviews.py
View File

@@ -1157,7 +1157,7 @@ def workouts_view(request,message='',successmessage='',
r = getrequestrower(request,rowerid=rowerid,userid=userid)
# check if access is allowed
if not checkaccessuser(request.user,r):
if not checkviewworkouts(request.user,r):
raise PermissionDenied("Access denied")
if startdatestring: