diff --git a/rowers/urls.py b/rowers/urls.py
index c46a3ae1..f5f9f183 100644
--- a/rowers/urls.py
+++ b/rowers/urls.py
@@ -1,7 +1,7 @@
 from django.conf import settings
 from django.conf.urls import url, include
 from django.contrib.auth.models import User
-
+from django.contrib.auth.decorators import login_required, permission_required
 from models import Workout,Rower,StrokeData,FavoriteChart
 
 from rest_framework import routers, serializers, viewsets,permissions
@@ -311,7 +311,9 @@ urlpatterns = [
     url(r'^workout/(?P<id>\d+)/addstatic/(?P<plotnr>\d+)$',
         views.workout_add_chart_view),
     url(r'^workout/(?P<id>\d+)/addstatic$',views.workout_add_chart_view),
-    url(r'^workout/(?P<pk>\d+)/delete$',views.WorkoutDelete.as_view(),name='workout_delete'),
+    url(r'^workout/(?P<pk>\d+)/delete$',login_required(
+        views.WorkoutDelete.as_view()),
+        name='workout_delete'),
     url(r'^workout/(?P<id>\d+)/smoothenpace$',views.workout_smoothenpace_view),
     url(r'^workout/(?P<id>\d+)/undosmoothenpace$',views.workout_undo_smoothenpace_view),
     url(r'^workout/c2import/$',views.workout_c2import_view),
@@ -434,10 +436,14 @@ urlpatterns = [
     url(r'^test\_callback',views.rower_process_testcallback),
     url(r'^createplan/$',views.rower_create_trainingplan),
     url(r'^createplan/user/(?P<userid>\d+)/$',views.rower_create_trainingplan),
-    url(r'^deleteplan/(?P<pk>\d+)$',views.TrainingPlanDelete.as_view()),
-    url(r'^deletemicrocycle/(?P<pk>\d+)/$',views.MicroCycleDelete.as_view()),
-    url(r'^deletemesocycle/(?P<pk>\d+)/$',views.MesoCycleDelete.as_view()),
-    url(r'^deletemacrocycle/(?P<pk>\d+)/$',views.MacroCycleDelete.as_view()),
+    url(r'^deleteplan/(?P<pk>\d+)$',login_required(
+        views.TrainingPlanDelete.as_view())),
+    url(r'^deletemicrocycle/(?P<pk>\d+)/$',login_required(
+        views.MicroCycleDelete.as_view())),
+    url(r'^deletemesocycle/(?P<pk>\d+)/$',login_required(
+        views.MesoCycleDelete.as_view())),
+    url(r'^deletemacrocycle/(?P<pk>\d+)/$',login_required(
+        views.MacroCycleDelete.as_view())),
 #    url(r'^deleteplan/(?P<id>\d+)$',views.rower_delete_trainingplan),
     url(r'^plan/(?P<id>\d+)/$',views.rower_trainingplan_view),
     url(r'^plan/(?P<id>\d+)/user/(?P<userid>\d+)/$',views.rower_trainingplan_view),
@@ -447,20 +453,26 @@ urlpatterns = [
     url(r'^plan/(?P<id>\d+)/meso/(?P<thismesoid>\d+)/user/(?P<userid>\d+)/$',views.rower_trainingplan_view),
     url(r'^plan/(?P<id>\d+)/macro/(?P<thismacroid>\d+)/$',views.rower_trainingplan_view),
     url(r'^plan/(?P<id>\d+)/macro/(?P<thismacroid>\d+)/user/(?P<userid>\d+)/$',views.rower_trainingplan_view),
-    url(r'^macrocycle/(?P<pk>\d+)/$',views.TrainingMacroCycleUpdate.as_view(),
+    url(r'^macrocycle/(?P<pk>\d+)/$',login_required(
+        views.TrainingMacroCycleUpdate.as_view()),
         name='macrocycle_update_view'),
-    url(r'^mesocycle/(?P<pk>\d+)/$',views.TrainingMesoCycleUpdate.as_view(),
+    url(r'^mesocycle/(?P<pk>\d+)/$',login_required(
+        views.TrainingMesoCycleUpdate.as_view()),
         name='mesocycle_update_view'),
-    url(r'^macrocycle/(?P<id>\d+)/planbymonths/$',views.planmacrocyclebymonth),
+    url(r'^macrocycle/(?P<id>\d+)/planbymonths/$',login_required(
+        views.planmacrocyclebymonth)),
     url(r'^macrocycle/(?P<id>\d+)/planbymonths/user/(?P<userid>\d+)/$',views.planmacrocyclebymonth),
     url(r'^mesocycle/(?P<id>\d+)/planbyweeks/$',views.planmesocyclebyweek),
     url(r'^mesocycle/(?P<id>\d+)/planbyweeks/user/(?P<userid>\d+)/$',views.planmesocyclebyweek),
-    url(r'^microcycle/(?P<pk>\d+)/$',views.TrainingMicroCycleUpdate.as_view(),
+    url(r'^microcycle/(?P<pk>\d+)/$',login_required(
+        views.TrainingMicroCycleUpdate.as_view()),
         name='microcycle_update_view'),
     url(r'^deletetarget/(?P<id>\d+)/$',views.rower_delete_trainingtarget),
-    url(r'^editplan/(?P<pk>\d+)$',views.TrainingPlanUpdate.as_view(),
+    url(r'^editplan/(?P<pk>\d+)$',login_required(
+        views.TrainingPlanUpdate.as_view()),
         name='trainingplan_update_view'),
-    url(r'^edittarget/(?P<pk>\d+)/$',views.TrainingTargetUpdate.as_view(),
+    url(r'^edittarget/(?P<pk>\d+)/$',login_required(
+        views.TrainingTargetUpdate.as_view()),
         name='trainingtarget_update_view'),
     url(r'^workout/(?P<id>\d+)/test\_strokedata$',views.strokedataform),
     url(r'^sessions/teamcreate/user/(?P<userid>\d+)/$',views.plannedsession_teamcreate_view),
@@ -498,8 +510,10 @@ urlpatterns = [
         name='plannedsession_view'),
     url(r'^sessions/(?P<id>\d+)/user/(?P<userid>\d+)/$',views.plannedsession_view,
         name='plannedsession_view'),
-    url(r'^sessions/(?P<pk>\d+)/deleteconfirm$',views.PlannedSessionDelete.as_view()),
-    url(r'^sessions/(?P<pk>\d+)/delete$',views.PlannedSessionDelete.as_view(),
+    url(r'^sessions/(?P<pk>\d+)/deleteconfirm$',login_required(
+        views.PlannedSessionDelete.as_view())),
+    url(r'^sessions/(?P<pk>\d+)/delete$',login_required(
+        views.PlannedSessionDelete.as_view()),
         name='plannedsession_delete_view'),
     url(r'^sessions/manage/session/(?P<initialsession>\d+)/$',
         views.plannedsessions_manage_view),
diff --git a/rowers/views.py b/rowers/views.py
index e288989c..a1454f3e 100644
--- a/rowers/views.py
+++ b/rowers/views.py
@@ -5630,7 +5630,12 @@ def multi_compare_view(request,id=0,userid=0):
             teamid = chartform.cleaned_data['teamid']
             ids = request.session['ids']
             request.session['ids'] = ids
-            workouts = [Workout.objects.get(id=id) for id in ids]
+            workouts = []
+            for id in ids:
+                try:
+                    workouts.append(Workout.objects.get(id=id))
+                except Workout.DoesNotExist:
+                    pass
 
             labeldict = {
                 int(w.id): w.__unicode__() for w in workouts
@@ -5641,7 +5646,13 @@ def multi_compare_view(request,id=0,userid=0):
         plottype = request.session['plottype']
         teamid = 0
         ids = request.session['ids']
-        workouts = [Workout.objects.get(id=id) for id in ids]
+        workouts = []
+        for id in ids:
+            try:
+                workouts.append(Workout.objects.get(id=id))
+            except Workout.DoesNotExist:
+                pass
+
         labeldict = {
             int(w.id): w.__unicode__() for w in workouts
             }
@@ -5988,8 +5999,15 @@ def multiflex_data(request,userid=0,
     workmin = options['workmin']
     workmax = options['workmax']
     ids = options['ids']
-        
-    workouts = [Workout.objects.get(id=id) for id in ids]
+
+    workouts = []
+    
+    for id in ids:
+        try:
+            workouts.append(Workout.objects.get(id=id))
+        except Workout.DoesNotExist:
+            pass
+
     labeldict = {
         int(w.id): w.__unicode__() for w in workouts
     }
@@ -6581,7 +6599,15 @@ def boxplot_view_data(request,userid=0,
     if userid==0:
         userid = request.user.id
 
-    workouts = [Workout.objects.get(id=id) for id in ids]
+    workouts = []
+
+
+    for id in ids:
+        try:
+            workouts.append(Workout.objects.get(id=id))
+        except Workout.DoesNotExist:
+            pass
+            
     labeldict = {
         int(w.id): w.__unicode__() for w in workouts
     }
@@ -16879,6 +16905,9 @@ class MacroCycleDelete(DeleteView):
         return obj
 
 
+@user_passes_test(hasplannedsessions,login_url="/rowers/promembership",
+                  message="This functionality requires a Coach or Self-Coach plan",
+                  redirect_field_name=None)
 def rower_trainingplan_view(request,
                             id=0,
                             userid=0,