sander/rowsandall
Private
Public Access
1
0
Fork 0
Code Activity

commit

Browse Source
This commit is contained in:
Sander Roosendaal
2022-02-15 08:05:12 +01:00
parent 5b3d7fcf2c
commit 8af7ac8af4
71 changed files with 19992 additions and 19476 deletions
Download Patch File Download Diff File Expand all files Collapse all files

344
rowers/rower_rules.py
View File

@@ -74,58 +74,68 @@ USER permissions
"""
# used in can_plan_user
@rules.predicate
def user_is_not_basic(user):
if user.rower.rowerplan != 'basic':
return True
if user.rower.protrialexpires >= timezone.now().date():
return True # pragma: no cover
return True # pragma: no cover
return False
@rules.predicate
def user_is_basic(user):
return not user_is_not_basic(user)
@rules.predicate
def can_start_trial(user):
if user.is_anonymous: # pragma: no cover
if user.is_anonymous: # pragma: no cover
return False
return user.rower.protrialexpires == datetime.date(1970, 1, 1)
return user.rower.protrialexpires == datetime.date(1970,1,1)
@rules.predicate
def can_start_plantrial(user):
if user.is_anonymous: # pragma: no cover
if user.is_anonymous: # pragma: no cover
return False
return user.rower.plantrialexpires == datetime.date(1970,1,1)
return user.rower.plantrialexpires == datetime.date(1970, 1, 1)
@rules.predicate
def is_staff(user): # pragma: no cover
def is_staff(user): # pragma: no cover
return user.is_staff
@rules.predicate
def is_coach(user):
return user.rower.rowerplan in ['coach','freecoach']
return user.rower.rowerplan in ['coach', 'freecoach']
@rules.predicate
def is_not_freecoach(user):
return user.rower.rowerplan != 'freecoach'
def is_paid_coach(user):
return user.rower.rowerplan == 'coach'
@rules.predicate
def is_planmember(user):
try:
r = user.rower
except AttributeError: # pragma: no cover
except AttributeError: # pragma: no cover
return False
return r.rowerplan in ['coach','plan'] # freecoach?
return r.rowerplan in ['coach', 'plan'] # freecoach?
@rules.predicate
def is_promember(user):
@@ -134,7 +144,8 @@ def is_promember(user):
except AttributeError:
return False
return r.rowerplan in ['pro','coach','plan'] # freecoach?
return r.rowerplan in ['pro', 'coach', 'plan'] # freecoach?
@rules.predicate
def is_protrial(user):
@@ -147,10 +158,9 @@ def is_protrial(user):
return r.protrialexpires >= timezone.now().date()
if r.rowerplan == 'freecoach':
if r.mycoachgroup is not None:
return len(r.mycoachgroup)>=4
return False # pragma: no cover
return len(r.mycoachgroup) >= 4
return False # pragma: no cover
ispromember = is_promember | is_protrial
@@ -158,6 +168,7 @@ ispromember = is_promember | is_protrial
can_have_teams = ispromember | is_coach
@rules.predicate
def can_add_team(user):
if is_coach(user):
@@ -170,56 +181,63 @@ def can_add_team(user):
return False
@rules.predicate
def can_add_plan(user):
return isplanmember(user) or is_coach(user)
@rules.predicate
def can_add_workout(user):
if user.is_anonymous: # pragma: no cover
if user.is_anonymous: # pragma: no cover
return False
return user.rower.rowerplan != 'freecoach'
@rules.predicate
def is_plantrial(user):
try:
r = user.rower
except AttributeError: # pragma: no cover
except AttributeError: # pragma: no cover
return False
if r.rowerplan in ['basic','pro']:
if r.rowerplan in ['basic', 'pro']:
return r.plantrialexpires >= timezone.now().date()
if r.rowerplan == 'freecoach':
if r.mycoachgroup is not None:
return len(r.mycoachgroup)>=4
return len(r.mycoachgroup) >= 4
return False # pragma: no cover
return False # pragma: no cover
isplanmember = is_planmember | is_plantrial
@rules.predicate
def can_add_session(user):
return isplanmember(user) or is_coach(user)
# User / Coach relationships (Rower object)
@rules.predicate
def can_plan(user):
if user.is_anonymous: # pragma: no cover
if user.is_anonymous: # pragma: no cover
return False
if user.rower.rowerplan in ['plan','coach']:
if user.rower.rowerplan in ['plan', 'coach']:
return True
if user.rower.rowerplan in ['basic','pro']:
if user.rower.rowerplan in ['basic', 'pro']:
return user.rower.plantrialexpires >= timezone.now().date()
if user.rower.rowerplan == 'freecoach': # pragma: no cover
if user.rower.rowerplan == 'freecoach': # pragma: no cover
if user.rower.mycoachgroup is not None:
return len(user.rower.mycoachgroup)>=4
return len(user.rower.mycoachgroup) >= 4
# checks if rower is coach of user (or is user himself)
@rules.predicate
def is_coach_user(usercoach,userrower):
def is_coach_user(usercoach, userrower):
if usercoach == userrower:
return True
@@ -242,8 +260,10 @@ def is_coach_user(usercoach,userrower):
return False
# checks if rower is coach of user (or is user himself)
@rules.predicate
def is_anonymous_or_coach(usercoach,userrower): # pragma: no cover
def is_anonymous_or_coach(usercoach, userrower): # pragma: no cover
if usercoach == userrower:
return True
@@ -269,12 +289,14 @@ def is_anonymous_or_coach(usercoach,userrower): # pragma: no cover
return False
# check if rower and user are members of the same team
@rules.predicate
def is_rower_team_member(user,rower):
if user.rower == rower: # pragma: no cover
def is_rower_team_member(user, rower):
if user.rower == rower: # pragma: no cover
return True
if is_coach_user(user,rower.user):
if is_coach_user(user, rower.user):
return True
teams = rower.team.all()
@@ -288,20 +310,23 @@ def is_rower_team_member(user,rower):
return False
@rules.predicate
def can_add_workout_member(user,rower):
if not user: # pragma: no cover
def can_add_workout_member(user, rower):
if not user: # pragma: no cover
return False
if user.is_anonymous: # pragma: no cover
if user.is_anonymous: # pragma: no cover
return False
if user == rower.user: # pragma: no cover
if user == rower.user: # pragma: no cover
return True
# only below tested - need test user == rower.user
return is_coach(user) and user.rower in rower.get_coaches()
# check if user can plan for the rower
@rules.predicate
def can_plan_user(user,rower):
def can_plan_user(user, rower):
# user must have planning permission
if not can_plan(user):
return False
@@ -314,7 +339,7 @@ def can_plan_user(user,rower):
# free coach, plan etc cannot plan for basic
if not is_paid_coach(user) and user_is_not_basic(user):
for t in teams:
if rower in t.rower.all(): # pragma: no cover
if rower in t.rower.all(): # pragma: no cover
return True
# paying coach can plan for all kinds of rowers
@@ -325,11 +350,12 @@ def can_plan_user(user,rower):
return False
rules.add_perm('rower.add_plan',can_plan_user) # replaces checkaccessplanuser
rules.add_perm('rower.is_coach',is_coach_user) # replaces checkaccessuser
rules.add_perm('rower.is_pro',ispromember)
rules.add_perm('rower.is_staff',is_staff)
rules.add_perm('rower.is_not_freecoach',is_not_freecoach)
rules.add_perm('rower.add_plan', can_plan_user) # replaces checkaccessplanuser
rules.add_perm('rower.is_coach', is_coach_user) # replaces checkaccessuser
rules.add_perm('rower.is_pro', ispromember)
rules.add_perm('rower.is_staff', is_staff)
rules.add_perm('rower.is_not_freecoach', is_not_freecoach)
# WORKOUT permissions
@@ -360,51 +386,59 @@ WORKOUT permissions
"""
# check if user is owner or coach of owner of workout
@rules.predicate
def is_workout_user(user,workout):
def is_workout_user(user, workout):
if user.is_anonymous:
return False
try:
r = user.rower
except AttributeError: # pragma: no cover
except AttributeError: # pragma: no cover
return False
if workout.user == r:
return True
return is_coach_user(user,workout.user.user)
return is_coach_user(user, workout.user.user)
# check if user is in same team as owner of workout
@rules.predicate
def is_workout_team(user,workout):
if user.is_anonymous: # pragma: no cover
def is_workout_team(user, workout):
if user.is_anonymous: # pragma: no cover
return False
try:
r = user.rower
except AttributeError: # pragma: no cover
except AttributeError: # pragma: no cover
return False
if workout.user == r:
return True
return is_rower_team_member(user,workout.user)
return is_rower_team_member(user, workout.user)
# check if user can see workout
@rules.predicate
def can_view_workout(user,workout):
def can_view_workout(user, workout):
if workout.privacy != 'private':
return True
if user.is_anonymous: # pragma: no cover
if user.is_anonymous: # pragma: no cover
return False
return user == workout.user.user # pragma: no cover
return user == workout.user.user # pragma: no cover
can_change_workout = is_workout_user
rules.add_perm('workout.change_workout',can_change_workout) # replaces checkworkoutuser
rules.add_perm('workout.view_workout',can_view_workout) # replaces checkworkoutuserview
# replaces checkworkoutuser
rules.add_perm('workout.change_workout', can_change_workout)
# replaces checkworkoutuserview
rules.add_perm('workout.view_workout', can_view_workout)
# checkviewworkouts
@@ -448,151 +482,164 @@ rules.add_perm('workout.view_workout',can_view_workout) # replaces checkworkoutu
# Training Target rules
# untested can_view_target to can_delete_target
@rules.predicate
def can_view_target(user,target): # pragma: no cover
def can_view_target(user, target): # pragma: no cover
if user.is_anonymous:
return False
if user == target.manager.user:
return True
# a target's coach can view as well
if is_coach_user(user,target.manager.user):
if is_coach_user(user, target.manager.user):
return True
# the object can view as well
if user.rower in target.rowers.all():
return True
@rules.predicate
def can_change_target(user,target): # pragma: no cover
def can_change_target(user, target): # pragma: no cover
if user.is_anonymous:
return False
return user == target.manager.user
@rules.predicate
def can_delete_target(user,target):
if user.is_anonymous: # pragma: no cover
def can_delete_target(user, target):
if user.is_anonymous: # pragma: no cover
return False
return user == target.manager.user
rules.add_perm('target.view_target',can_view_target)
rules.add_perm('target.change_target',can_change_target)
rules.add_perm('target.delete_target',can_delete_target)
rules.add_perm('target.view_target', can_view_target)
rules.add_perm('target.change_target', can_change_target)
rules.add_perm('target.delete_target', can_delete_target)
@rules.predicate
def can_view_plan(user,plan):
if user.is_anonymous: # pragma: no cover
def can_view_plan(user, plan):
if user.is_anonymous: # pragma: no cover
return False
if user == plan.manager.user:
return True
# a plan's coach can view as well
# below untested
if is_coach_user(user,plan.manager.user): # pragma: no cover
if is_coach_user(user, plan.manager.user): # pragma: no cover
return True
# the object can view as well
if user.rower in plan.rowers.all(): # pragma: no cover
if user.rower in plan.rowers.all(): # pragma: no cover
return True
@rules.predicate
def can_change_plan(user,plan):
if user.is_anonymous: # pragma: no cover
def can_change_plan(user, plan):
if user.is_anonymous: # pragma: no cover
return False
return user == plan.manager.user # pragma: no cover
return user == plan.manager.user # pragma: no cover
# below untested
@rules.predicate
def can_delete_plan(user,plan):
if user.is_anonymous: # pragma: no cover
def can_delete_plan(user, plan):
if user.is_anonymous: # pragma: no cover
return False
return user == plan.manager.user
rules.add_perm('plan.view_plan',can_view_plan)
rules.add_perm('plan.change_plan',can_change_plan)
rules.add_perm('plan.delete_plan',can_delete_plan)
rules.add_perm('plan.can_add_plan',can_add_plan)
rules.add_perm('plan.view_plan', can_view_plan)
rules.add_perm('plan.change_plan', can_change_plan)
rules.add_perm('plan.delete_plan', can_delete_plan)
rules.add_perm('plan.can_add_plan', can_add_plan)
# untested
@rules.predicate
def can_view_cycle(user,cycle): # pragma: no cover
try:
return can_view_cycle(user,cycle.plan)
except AttributeError:
return can_view_plan(user,cycle.plan)
return False
@rules.predicate
def can_change_cycle(user,cycle): # pragma: no cover
def can_view_cycle(user, cycle): # pragma: no cover
try:
return can_change_cycle(user,cycle.plan)
return can_view_cycle(user, cycle.plan)
except AttributeError:
return can_change_plan(user,cycle.plan)
return False
@rules.predicate
def can_delete_cycle(user,cycle): # pragma: no cover
try:
return can_delete_cycle(user,cycle.plan)
except AttributeError:
return can_delete_plan(user,cycle.plan)
return can_view_plan(user, cycle.plan)
return False
rules.add_perm('cycle.view_cycle',can_view_cycle)
rules.add_perm('cycle.change_cycle',can_change_cycle)
rules.add_perm('cycle.delete_cycle',can_delete_cycle)
@rules.predicate
def can_change_cycle(user, cycle): # pragma: no cover
try:
return can_change_cycle(user, cycle.plan)
except AttributeError:
return can_change_plan(user, cycle.plan)
return False
@rules.predicate
def can_delete_cycle(user, cycle): # pragma: no cover
try:
return can_delete_cycle(user, cycle.plan)
except AttributeError:
return can_delete_plan(user, cycle.plan)
return False
rules.add_perm('cycle.view_cycle', can_view_cycle)
rules.add_perm('cycle.change_cycle', can_change_cycle)
rules.add_perm('cycle.delete_cycle', can_delete_cycle)
# check if user has view access to session
@rules.predicate
def can_view_session(user,session):
if session.sessiontype in ['race','indoorrace']: # pragma: no cover
def can_view_session(user, session):
if session.sessiontype in ['race', 'indoorrace']: # pragma: no cover
return True
if user.is_anonymous: # pragma: no cover
if user.is_anonymous: # pragma: no cover
return False
# session manager can view session
if user == session.manager:
return True
# if you're a rower in the session you can view it
# below untested
if user.rower in session.rower.all(): # pragma: no cover
if user.rower in session.rower.all(): # pragma: no cover
return True
# coach users can view sessions created by their team members
# below untested
if is_coach(user): # pragma: no cover
if is_coach(user): # pragma: no cover
teams = user.rower.get_managed_teams()
for t in teams:
teamusers = [member.u for member in t.rower.all()]
if session.manager in teamusers:
return True
return False # pragma: no cover
return False # pragma: no cover
@rules.predicate
def can_change_session(user,session):
if user.is_anonymous: # pragma: no cover
def can_change_session(user, session):
if user.is_anonymous: # pragma: no cover
return False
# session part of a race should not be changed through the session interface
if session.sessiontype in ['race','indoorrace']: # pragma: no cover
if session.sessiontype in ['race', 'indoorrace']: # pragma: no cover
return False
if user == session.manager:
return True
return False # pragma: no cover
return False # pragma: no cover
@rules.predicate
def can_delete_session(user,session): # pragma: no cover
def can_delete_session(user, session): # pragma: no cover
if user.is_anonymous:
return False
if session.sessiontype in ['race','indoorrace']:
if session.sessiontype in ['race', 'indoorrace']:
return False
if user == session.manager:
@@ -601,11 +648,10 @@ def can_delete_session(user,session): # pragma: no cover
return False
rules.add_perm('plannedsession.add_session',can_add_session)
rules.add_perm('plannedsession.view_session',can_view_session)
rules.add_perm('plannedsession.change_session',can_change_session)
rules.add_perm('plannedsession.delete_session',can_delete_session)
rules.add_perm('plannedsession.add_session', can_add_session)
rules.add_perm('plannedsession.view_session', can_view_session)
rules.add_perm('plannedsession.change_session', can_change_session)
rules.add_perm('plannedsession.delete_session', can_delete_session)
# TEAM (group) permissions
@@ -635,45 +681,55 @@ rules.add_perm('plannedsession.delete_session',can_delete_session)
"""
# check if user is manager of the team
@rules.predicate
def is_team_manager(user,team):
def is_team_manager(user, team):
return team.manager == user
# check is user is member of team - untested
@rules.predicate
def is_team_member(user,team): # pragma: no cover
def is_team_member(user, team): # pragma: no cover
members = team.rower.all()
return user in [member.user for member in members]
# check if user can view team
@rules.predicate
def can_view_team(user,team):
def can_view_team(user, team):
# user based - below untested
if user.rower.rowerplan == 'basic' and team.manager.rower.rowerplan != 'coach': # pragma: no cover
if user.rower.rowerplan == 'basic' and team.manager.rower.rowerplan != 'coach': # pragma: no cover
return is_plantrial(user) or is_protrial(user)
# team is public
if team.private == 'open':
return True
# team is private - below untested
return is_team_member(user,team) | is_team_manager(user,team) # pragma: no cover
return is_team_member(user, team) | is_team_manager(user, team) # pragma: no cover
@rules.predicate
def can_change_team(user,team):
return is_team_manager(user,team)
def can_change_team(user, team):
return is_team_manager(user, team)
@rules.predicate
def can_delete_team(user,team):
return is_team_manager(user,team)
def can_delete_team(user, team):
return is_team_manager(user, team)
@rules.predicate
def can_join_team(user,team):
def can_join_team(user, team):
return is_paid_coach(team.manager) or ispromember(user)
# For Team functionality
rules.add_perm('teams.view_team',can_view_team)
rules.add_perm('teams.add_team',user_is_not_basic)
rules.add_perm('teams.change_team',can_change_team)
rules.add_perm('teams.delete_team',can_delete_team)
rules.add_perm('teams.view_team', can_view_team)
rules.add_perm('teams.add_team', user_is_not_basic)
rules.add_perm('teams.change_team', can_change_team)
rules.add_perm('teams.delete_team', can_delete_team)
# RACING permissions
@@ -685,43 +741,49 @@ rules.add_perm('teams.delete_team',can_delete_team)
- RaceLogo
"""
@rules.predicate
def can_change_course(user,course):
if user.is_anonymous: # pragma: no cover
def can_change_course(user, course):
if user.is_anonymous: # pragma: no cover
return False
return course.manager == user.rower
# untested
@rules.predicate
def can_delete_course(user,course):
if user.is_anonymous: # pragma: no cover
def can_delete_course(user, course):
if user.is_anonymous: # pragma: no cover
return False
return course.manager == user.rower
@rules.predicate
def can_delete_logo(user,logo):
if user.is_anonymous: # pragma: no cover
def can_delete_logo(user, logo):
if user.is_anonymous: # pragma: no cover
return False
return logo.user == user # pragma: no cover
return logo.user == user # pragma: no cover
@rules.predicate
def can_change_race(user,race):
if user.is_anonymous: # pragma: no cover
def can_change_race(user, race):
if user.is_anonymous: # pragma: no cover
return False
return race.manager == user
# everybody can view or add a course
rules.add_perm('course.change_course',can_change_course)
rules.add_perm('course.delete_course',can_delete_course)
rules.add_perm('racelogo.delete_logo',can_delete_logo)
# everybody can view or add a course
rules.add_perm('course.change_course', can_change_course)
rules.add_perm('course.delete_course', can_delete_course)
rules.add_perm('racelogo.delete_logo', can_delete_logo)
# everybody can view a race
rules.add_perm('virtualevent.change_race',can_change_race)
rules.add_perm('virtualevent.change_race', can_change_race)
# can races be deleted?