Merge branch 'release/v13.71'

2020-07-29 14:49:51 +02:00
parent 1a504b8035 b2c2a16fdd
commit 4bc29cc061
3 changed files with 6 additions and 3 deletions
--- a/rowers/serializers.py
+++ b/rowers/serializers.py
@@ -170,7 +170,10 @@ class WorkoutSerializer(serializers.ModelSerializer):

    def create(self, validated_data):
        print(validated_data)
-        r = Rower.objects.get(user=self.context['request'].user)
+        if self.context['request'].user.is_authenticated:
+            r = Rower.objects.get(user=self.context['request'].user)
+        else:
+            raise PermissionDenied("Not allowed")
        d = validated_data['date']
        t = validated_data['starttime']
        rowdatetime = datetime.datetime(d.year,
--- a/rowers/views/racesviews.py
+++ b/rowers/views/racesviews.py
@@ -3127,7 +3127,7 @@ def virtualevent_submit_result_view(request,id=0,workoutid=0):
        workouttype__in=mytypes.rowtypes,
        startdatetime__gte=startdatetime,
        startdatetime__lte=enddatetime,
-        ).order_by("date","startdatetime","id")
+        ).order_by("-date","-startdatetime","id")

    if not ws:
        messages.info(
--- a/rowsandall_app/settings.py
+++ b/rowsandall_app/settings.py
@@ -416,7 +416,7 @@ OAUTH2_PROVIDER = {
    'ACCESS_TOKEN_MODEL': 'oauth2_provider.AccessToken',
    'APPLICATION_MODEL': 'oauth2_provider.Application',
    'REFRESH_TOKEN_MODEL': 'oauth2_provider.RefreshToken',
-    'ACCESS_TOKEN_EXPIRE_SECONDS': 3600,
+    'ACCESS_TOKEN_EXPIRE_SECONDS': 36000,
    #'OAUTH2_BACKEND_CLASS': 'oauth2_provider.oauth2_backends.JSONOAuthLibCore'
 }