more fixes
This commit is contained in:
Sander Roosendaal
@@ -1351,7 +1351,7 @@ class TrainingPlan(models.Model):
|
||||
|
||||
def save(self, *args, **kwargs):
|
||||
manager = self.manager
|
||||
if not can_add_plan(manager):
|
||||
if not can_add_plan(manager.user):
|
||||
raise ValidationError(
|
||||
"Basic user cannot have a training plan"
|
||||
)
|
||||
|
||||
@@ -86,7 +86,7 @@ def user_is_not_basic(user):
|
||||
def is_coach(user):
|
||||
return user.rower.rowerplan in ['coach','freecoach']
|
||||
|
||||
def is_paidcoach(user):
|
||||
def is_paid_coach(user):
|
||||
return user.rower.rowerplan == 'coach'
|
||||
|
||||
@rules.predicate
|
||||
@@ -228,6 +228,9 @@ def can_add_workout_member(user,rower):
|
||||
# check if user can plan for the rower
|
||||
@rules.predicate
|
||||
def can_plan_user(user,rower):
|
||||
if not isplanmember(user):
|
||||
return False
|
||||
|
||||
try:
|
||||
r = user.rower
|
||||
except AttributeError:
|
||||
@@ -243,7 +246,7 @@ def can_plan_user(user,rower):
|
||||
|
||||
return False
|
||||
|
||||
rules.add_perm('rower.can_plan',can_plan_user) # replaces checkaccessplanuser
|
||||
rules.add_perm('rower.add_plan',can_plan_user) # replaces checkaccessplanuser
|
||||
rules.add_perm('rower.is_coach',is_coach_user) # replaces checkaccessuser
|
||||
rules.add_perm('rower.is_pro',ispromember)
|
||||
|
||||
|
||||
@@ -173,12 +173,15 @@ def rower_get_coaches(rower):
|
||||
|
||||
|
||||
def coach_getcoachees(coach):
|
||||
rowers = []
|
||||
if coach.mycoachgroup and is_coach(coach.user):
|
||||
return Rower.objects.filter(
|
||||
rs = Rower.objects.filter(
|
||||
coachinggroups__in=[coach.mycoachgroup]
|
||||
).distinct().order_by("user__last_name","user__first_name")
|
||||
else:
|
||||
return []
|
||||
for r in rs:
|
||||
rowers.append(r)
|
||||
|
||||
return rowers
|
||||
|
||||
def coach_remove_athlete(coach,rower):
|
||||
try:
|
||||
|
||||
@@ -14,7 +14,7 @@
|
||||
{% else %}
|
||||
<a href="/rowers/team-compare-select/team/0/"><i class="fas fa-balance-scale fa-fw"></i> Compare</a>
|
||||
{% endif %}
|
||||
</li>
|
||||
</li>
|
||||
<li>
|
||||
<a href="/rowers/workout/upload/"><i class="fas fa-file-upload fa-fw"></i> Upload</a>
|
||||
</li>
|
||||
@@ -33,7 +33,7 @@
|
||||
<li class="has-children" id="imports">
|
||||
<input type="checkbox" name ="group-1" id="group-1">
|
||||
<label for="group-1"><i class="fas fa-cloud-download fa-fw"></i> Import</label>
|
||||
|
||||
|
||||
<ul>
|
||||
<li id="concept2"><a href="/rowers/workout/c2list/">Concept2</a></li>
|
||||
<li id="strava"><a href="/rowers/workout/stravaimport/">Strava</a></li>
|
||||
@@ -46,6 +46,4 @@
|
||||
</ul> <!-- cd-accordion-menu -->
|
||||
|
||||
|
||||
|
||||
|
||||
{% include 'menuscript.html' %}
|
||||
|
||||
@@ -44,13 +44,13 @@
|
||||
|
||||
{% if user.is_authenticated and user|is_manager and rower %}
|
||||
<p> </p>
|
||||
{% if user|coach_rowers %}
|
||||
{% if request.user|coach_rowers %}
|
||||
<ul class="cd-accordion-menu animated">
|
||||
<li class="has-children" id="athletes">
|
||||
<input type="checkbox" name="athlete-selector" id="athlete-selector">
|
||||
<label for="athlete-selector"><i class="fas fa-users fa-fw"></i> Athletes</label>
|
||||
<ul>
|
||||
{% for member in user|coach_rowers %}
|
||||
{% for member in request.user|coach_rowers %}
|
||||
<a href={{ request.path|userurl:member.user }}>
|
||||
<i class="fas fa-user fa-fw"></i>
|
||||
{% if member.user == rower.user %}
|
||||
|
||||
@@ -1909,7 +1909,6 @@ class PlannedSessionDelete(DeleteView):
|
||||
@user_passes_test(isplanmember,login_url="/rowers/paidplans",
|
||||
message="This functionality requires a Coach or Self-Coach plan",
|
||||
redirect_field_name=None)
|
||||
@permission_required('rower.add_plan',fn=get_rower_by_userid,raise_exception=True)
|
||||
def rower_create_trainingplan(request,id=0):
|
||||
therower = getrequestrower(request,userid=id)
|
||||
theuser = therower.user
|
||||
@@ -1977,7 +1976,8 @@ def rower_create_trainingplan(request,id=0):
|
||||
p.save()
|
||||
|
||||
for athlete in athletes:
|
||||
p.rowers.add(athlete)
|
||||
if can_plan_user(request.user,athlete):
|
||||
p.rowers.add(athlete)
|
||||
|
||||
|
||||
targets = TrainingTarget.objects.filter(
|
||||
@@ -2012,7 +2012,7 @@ def rower_create_trainingplan(request,id=0):
|
||||
breadcrumbs = [
|
||||
{
|
||||
'url':reverse(plannedsessions_view,
|
||||
kwargs={'userid':userid}),
|
||||
kwargs={'userid':id}),
|
||||
'name': 'Plan'
|
||||
},
|
||||
{
|
||||
|
||||
@@ -44,7 +44,7 @@ from rowers.rower_rules import (
|
||||
can_view_target,can_change_target,can_delete_target,
|
||||
can_view_plan,can_change_plan,can_delete_plan,
|
||||
can_view_cycle,can_change_cycle,can_delete_cycle,
|
||||
can_add_workout_member,
|
||||
can_add_workout_member,can_plan_user,is_paid_coach
|
||||
)
|
||||
|
||||
from django.shortcuts import render
|
||||
@@ -348,9 +348,8 @@ def get_user_by_id(*args,**kwargs):
|
||||
|
||||
return get_object_or_404(User,pk=id)
|
||||
|
||||
def get_rower_by_userid(*args,**kwargs):
|
||||
userid = kwargs['id']
|
||||
u = User.objects.get(id=userid)
|
||||
def get_rower_by_userid(request,id):
|
||||
u = User.objects.get(id=id)
|
||||
return u.rower
|
||||
|
||||
def getrequestrower(request,rowerid=0,userid=0,notpermanent=False):
|
||||
@@ -381,6 +380,7 @@ def getrequestrower(request,rowerid=0,userid=0,notpermanent=False):
|
||||
raise Http404("Rower doesn't exist")
|
||||
|
||||
if userid != 0 and not is_coach_user(request.user,u):
|
||||
request.session['rowerid'] = request.user.rower.id
|
||||
raise PermissionDenied("You have no access to this user")
|
||||
|
||||
if notpermanent == False:
|
||||
@@ -414,6 +414,7 @@ def getrequestplanrower(request,rowerid=0,userid=0,notpermanent=False):
|
||||
raise Http404("Rower doesn't exist")
|
||||
|
||||
if not is_coach_user(request.user,r.user):
|
||||
request.session['rowerid'] = r.id
|
||||
raise PermissionDenied("You have no access to this user")
|
||||
|
||||
if notpermanent == False:
|
||||
@@ -1038,23 +1039,6 @@ def iscoachmember(user):
|
||||
|
||||
return result
|
||||
|
||||
def cancreateteam(user):
|
||||
if user.is_anonymous:
|
||||
return False
|
||||
|
||||
try:
|
||||
r = Rower.objects.get(user=user)
|
||||
except Rower.DoesNotExist:
|
||||
r = Rower(user=user)
|
||||
r.save()
|
||||
|
||||
if user.is_authenticated and ('coach' in r.rowerplan):
|
||||
return True
|
||||
elif user.is_athenticated() and r.rowerplan in ['plan','pro']:
|
||||
ts = Team.objects.filter(manager=user)
|
||||
if len(otherteams) >= 1:
|
||||
return False
|
||||
|
||||
|
||||
from rowers.utils import ProcessorCustomerError
|
||||
|
||||
|
||||
@@ -648,15 +648,10 @@ def team_edit_view(request, team_id=0):
|
||||
'team':t,
|
||||
})
|
||||
|
||||
#@user_passes_test(cancreateteam,login_url="/rowers/paidplans",redirect_field_name=None)
|
||||
@user_passes_test(can_add_team,login_url="/rowers/paidplans",redirect_field_name=None)
|
||||
def team_create_view(request):
|
||||
r = getrequestrower(request)
|
||||
|
||||
if not user_is_not_basic(request.user):
|
||||
messages.error(request,"You must upgrade to Pro or higher to create teams/training groups")
|
||||
url = reverse('paidplans')
|
||||
return HttpResponseRedirect(url)
|
||||
|
||||
if request.method == 'POST':
|
||||
teamcreateform = TeamForm(request.POST)
|
||||
if teamcreateform.is_valid():
|
||||
|
||||
@@ -1760,7 +1760,9 @@ def workouts_view(request,message='',successmessage='',
|
||||
|
||||
# check if access is allowed
|
||||
if not is_rower_team_member(request.user,r):
|
||||
raise PermissionDenied("Access denied")
|
||||
request.session['rowerid'] = request.user.rower.id
|
||||
|
||||
raise PermissionDenied("Access denied")
|
||||
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user