sorted permissions for workouts-list
This commit is contained in:
Sander Roosendaal
@@ -16,6 +16,7 @@ class IsOwnerOrReadOnly(permissions.BasePermission):
|
|||||||
return obj.user == request.user
|
return obj.user == request.user
|
||||||
|
|
||||||
class IsOwnerOrNot(permissions.BasePermission):
|
class IsOwnerOrNot(permissions.BasePermission):
|
||||||
|
|
||||||
def has_object_permission(self, request, view, obj):
|
def has_object_permission(self, request, view, obj):
|
||||||
r = Rower.objects.get(user=request.user)
|
r = Rower.objects.get(user=request.user)
|
||||||
return (obj.user == r)
|
return (obj.user == r)
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
from rest_framework import serializers
|
from rest_framework import serializers
|
||||||
from rowers.models import Workout,Rower
|
from rowers.models import Workout,Rower,StrokeData
|
||||||
|
|
||||||
import datetime
|
import datetime
|
||||||
|
|
||||||
@@ -93,8 +93,8 @@ class WorkoutSerializer(serializers.ModelSerializer):
|
|||||||
class StrokeDataSerializer(serializers.Serializer):
|
class StrokeDataSerializer(serializers.Serializer):
|
||||||
workoutid = serializers.IntegerField
|
workoutid = serializers.IntegerField
|
||||||
strokedata = serializers.JSONField
|
strokedata = serializers.JSONField
|
||||||
|
|
||||||
def create(self, validated_data):
|
def create(self, workoutid, strokedata):
|
||||||
"""
|
"""
|
||||||
Create and enter a new set of stroke data into the DB
|
Create and enter a new set of stroke data into the DB
|
||||||
"""
|
"""
|
||||||
@@ -103,3 +103,5 @@ class StrokeDataSerializer(serializers.Serializer):
|
|||||||
print "fake serializer"
|
print "fake serializer"
|
||||||
return 1
|
return 1
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -17,7 +17,6 @@
|
|||||||
<link rel="stylesheet" href="/static/css/text.css" />
|
<link rel="stylesheet" href="/static/css/text.css" />
|
||||||
<link rel="stylesheet" href="/static/css/960_12_col.css" />
|
<link rel="stylesheet" href="/static/css/960_12_col.css" />
|
||||||
<link rel="stylesheet" href="/static/css/rowsandall.css" />
|
<link rel="stylesheet" href="/static/css/rowsandall.css" />
|
||||||
<link rel="stylesheet" href="static/css/cookiecuttr.css" />
|
|
||||||
{% block meta %} {% endblock %}
|
{% block meta %} {% endblock %}
|
||||||
{% analytical_head_bottom %}
|
{% analytical_head_bottom %}
|
||||||
</head>
|
</head>
|
||||||
|
|||||||
@@ -2,11 +2,11 @@ from django.conf import settings
|
|||||||
from django.conf.urls import url, include
|
from django.conf.urls import url, include
|
||||||
from django.contrib.auth.models import User
|
from django.contrib.auth.models import User
|
||||||
|
|
||||||
from models import Workout,Rower
|
from models import Workout,Rower,StrokeData
|
||||||
|
|
||||||
from rest_framework import routers, serializers, viewsets,permissions
|
from rest_framework import routers, serializers, viewsets,permissions
|
||||||
from rest_framework.urlpatterns import format_suffix_patterns
|
from rest_framework.urlpatterns import format_suffix_patterns
|
||||||
|
from rest_framework.permissions import *
|
||||||
from . import views
|
from . import views
|
||||||
from django.contrib.auth import views as auth_views
|
from django.contrib.auth import views as auth_views
|
||||||
from django.views.generic.base import TemplateView
|
from django.views.generic.base import TemplateView
|
||||||
@@ -15,18 +15,34 @@ from django.conf.urls import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
from rowers.permissions import IsOwnerOrNot,IsOwnerOrReadOnly
|
from rowers.permissions import IsOwnerOrNot,IsOwnerOrReadOnly
|
||||||
from rowers.serializers import WorkoutSerializer,RowerSerializer
|
from rowers.serializers import (
|
||||||
|
WorkoutSerializer,
|
||||||
|
RowerSerializer,
|
||||||
|
StrokeDataSerializer,
|
||||||
|
)
|
||||||
|
|
||||||
class WorkoutViewSet(viewsets.ModelViewSet):
|
class WorkoutViewSet(viewsets.ModelViewSet):
|
||||||
queryset = Workout.objects.all().order_by("-date", "-starttime")
|
model = Workout
|
||||||
|
#queryset = Workout.objects.all().order_by("-date", "-starttime")
|
||||||
serializer_class = WorkoutSerializer
|
serializer_class = WorkoutSerializer
|
||||||
permission_classes = (IsOwnerOrNot,)
|
|
||||||
|
|
||||||
|
def get_queryset(self):
|
||||||
|
r = Rower.objects.get(user=self.request.user)
|
||||||
|
return Workout.objects.filter(user=r).order_by("-date","-starttime")
|
||||||
|
|
||||||
|
|
||||||
|
permission_classes = (
|
||||||
|
#DjangoModelPermissions,
|
||||||
|
IsOwnerOrNot,
|
||||||
|
)
|
||||||
|
|
||||||
|
class StrokeDataViewSet(viewsets.ModelViewSet):
|
||||||
|
serializer_class = StrokeDataSerializer
|
||||||
|
|
||||||
# Routers provide an easy way of automatically determining the URL conf.
|
# Routers provide an easy way of automatically determining the URL conf.
|
||||||
router = routers.DefaultRouter()
|
router = routers.DefaultRouter()
|
||||||
router.register(r'api/workouts',WorkoutViewSet)
|
router.register(r'api/workouts',WorkoutViewSet, 'workout')
|
||||||
#router.register(r'api/rower',RowerViewSet)
|
|
||||||
|
|
||||||
handler500 = 'views.error500_view'
|
handler500 = 'views.error500_view'
|
||||||
handler404 = 'views.error404_view'
|
handler404 = 'views.error404_view'
|
||||||
@@ -40,7 +56,7 @@ urlpatterns = [
|
|||||||
url(r'^', include(router.urls)),
|
url(r'^', include(router.urls)),
|
||||||
url(r'^api-docs$', views.schema_view),
|
url(r'^api-docs$', views.schema_view),
|
||||||
url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework')),
|
url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework')),
|
||||||
url(r'^api/workouts/(\d+)/strokedata$',views.strokedatajson),
|
url(r'^api/workouts/(?P<id>\d+)/strokedata$',views.strokedatajson),
|
||||||
url(r'^testbokeh$',views.testbokeh),
|
url(r'^testbokeh$',views.testbokeh),
|
||||||
url(r'^500/$', TemplateView.as_view(template_name='500.html'),name='500'),
|
url(r'^500/$', TemplateView.as_view(template_name='500.html'),name='500'),
|
||||||
url(r'^404/$', TemplateView.as_view(template_name='404.html'),name='404'),
|
url(r'^404/$', TemplateView.as_view(template_name='404.html'),name='404'),
|
||||||
|
|||||||
@@ -86,7 +86,7 @@ from rest_framework.parsers import JSONParser
|
|||||||
from rest_framework.response import Response
|
from rest_framework.response import Response
|
||||||
from rowers.serializers import RowerSerializer,WorkoutSerializer
|
from rowers.serializers import RowerSerializer,WorkoutSerializer
|
||||||
from rest_framework import status,permissions,generics
|
from rest_framework import status,permissions,generics
|
||||||
from rest_framework.decorators import api_view
|
from rest_framework.decorators import api_view, renderer_classes
|
||||||
|
|
||||||
from permissions import IsOwnerOrNot
|
from permissions import IsOwnerOrNot
|
||||||
|
|
||||||
@@ -105,8 +105,6 @@ from interactiveplots import *
|
|||||||
|
|
||||||
schema_view = get_swagger_view(title='Rowsandall API (Unstable)')
|
schema_view = get_swagger_view(title='Rowsandall API (Unstable)')
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
def error500_view(request):
|
def error500_view(request):
|
||||||
response = render_to_response('500.html', {},
|
response = render_to_response('500.html', {},
|
||||||
context_instance = RequestContext(request))
|
context_instance = RequestContext(request))
|
||||||
@@ -4813,10 +4811,16 @@ def strokedataform(request,id=0):
|
|||||||
})
|
})
|
||||||
|
|
||||||
|
|
||||||
|
from rest_framework_swagger.renderers import OpenAPIRenderer, SwaggerUIRenderer
|
||||||
from django.views.decorators.csrf import csrf_exempt
|
from django.views.decorators.csrf import csrf_exempt
|
||||||
@csrf_exempt
|
@csrf_exempt
|
||||||
@login_required()
|
@login_required()
|
||||||
|
@api_view(['GET','POST'])
|
||||||
def strokedatajson(request,id):
|
def strokedatajson(request,id):
|
||||||
|
"""
|
||||||
|
POST: Add Stroke data to workout
|
||||||
|
GET: Get stroke data of workout
|
||||||
|
"""
|
||||||
try:
|
try:
|
||||||
row = Workout.objects.get(id=id)
|
row = Workout.objects.get(id=id)
|
||||||
if (checkworkoutuser(request.user,row)==False):
|
if (checkworkoutuser(request.user,row)==False):
|
||||||
@@ -4839,11 +4843,9 @@ def strokedatajson(request,id):
|
|||||||
if not checkdata.empty:
|
if not checkdata.empty:
|
||||||
return HttpResponse("Duplicate Error",409)
|
return HttpResponse("Duplicate Error",409)
|
||||||
# strokedata = request.POST['strokedata']
|
# strokedata = request.POST['strokedata']
|
||||||
print request.body
|
|
||||||
received_json_data = json.loads(request.body)
|
|
||||||
# checking/validating and cleaning
|
# checking/validating and cleaning
|
||||||
try:
|
try:
|
||||||
strokedata = json.loads(received_json_data['strokedata'])
|
strokedata = json.loads(request.POST['strokedata'])
|
||||||
except:
|
except:
|
||||||
return HttpResponse("No JSON object could be decoded",400)
|
return HttpResponse("No JSON object could be decoded",400)
|
||||||
|
|
||||||
@@ -4851,9 +4853,9 @@ def strokedatajson(request,id):
|
|||||||
df.index = df.index.astype(int)
|
df.index = df.index.astype(int)
|
||||||
df.sort_index(inplace=True)
|
df.sort_index(inplace=True)
|
||||||
# time, hr, pace, spm, power, drivelength, distance, drivespeed, dragfactor, strokerecoverytime, averagedriveforce, peakdriveforce, lapidx
|
# time, hr, pace, spm, power, drivelength, distance, drivespeed, dragfactor, strokerecoverytime, averagedriveforce, peakdriveforce, lapidx
|
||||||
time = df['timesecs']
|
time = df['time']/1.e3
|
||||||
aantal = len(time)
|
aantal = len(time)
|
||||||
pace = df['pseconds']
|
pace = df['pace']/1.e3
|
||||||
if len(pace) != aantal:
|
if len(pace) != aantal:
|
||||||
return HttpResponse("Pace array has incorrect length",status=400)
|
return HttpResponse("Pace array has incorrect length",status=400)
|
||||||
distance = df['distance']
|
distance = df['distance']
|
||||||
|
|||||||
@@ -273,6 +273,7 @@ REST_FRAMEWORK = {
|
|||||||
# or allow read-only access for unauthenticated users.
|
# or allow read-only access for unauthenticated users.
|
||||||
'DEFAULT_PERMISSION_CLASSES': [
|
'DEFAULT_PERMISSION_CLASSES': [
|
||||||
'rest_framework.permissions.IsAuthenticated'
|
'rest_framework.permissions.IsAuthenticated'
|
||||||
|
# 'rest_framework.permissions.DjangoModelPermissions'
|
||||||
],
|
],
|
||||||
'DEFAULT_AUTHENTICATION_CLASSES': (
|
'DEFAULT_AUTHENTICATION_CLASSES': (
|
||||||
'rest_framework.authentication.BasicAuthentication',
|
'rest_framework.authentication.BasicAuthentication',
|
||||||
@@ -286,6 +287,11 @@ SWAGGER_SETTINGS = {
|
|||||||
'SECURITY_DEFINITION': {
|
'SECURITY_DEFINITION': {
|
||||||
'basic': {
|
'basic': {
|
||||||
'type':'basic'
|
'type':'basic'
|
||||||
|
},
|
||||||
|
'oauth2': {
|
||||||
|
'type':'oauth2',
|
||||||
|
'authorizationUrl':'/rowers/o/authorize',
|
||||||
|
'flow': 'implicit',
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
'SHOW_REQUEST_HEADERS': True,
|
'SHOW_REQUEST_HEADERS': True,
|
||||||
|
|||||||
Reference in New Issue
Block a user