sander/rowsandall
Private
Public Access
1
0
Fork 0
Code Activity

Merge branch 'release/v13.74'

Browse Source
This commit is contained in:
Sander Roosendaal
2020-08-05 21:33:40 +02:00
parent 7a3ef4d960 9ae75437d2
commit a04e7300fe
2 changed files with 12 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
rowers/views/apiviews.py
View File

@@ -81,6 +81,7 @@ from rest_framework_swagger.renderers import OpenAPIRenderer, SwaggerUIRenderer
@csrf_exempt @csrf_exempt
@login_required() @login_required()
@api_view(["GET","POST"]) @api_view(["GET","POST"])
@permission_classes([IsAuthenticated])
def strokedatajson_v2(request,id): def strokedatajson_v2(request,id):
""" """
POST: Add Stroke data to workout POST: Add Stroke data to workout
@@ -91,12 +92,12 @@ def strokedatajson_v2(request,id):
row = get_object_or_404(Workout,pk=id) row = get_object_or_404(Workout,pk=id)
if row.user != request.user.rower: if row.user != request.user.rower:
raise PermissionDenied("You have no access to this workout") return HttpResponse("You do not have permission to perform this action",status=403)
try: try:
id = int(id) id = int(id)
except ValueError: except ValueError:
return HttpResponse("Not a valid workout number",status=400) return HttpResponse("Not a valid workout number",status=404)
if request.method == 'GET': if request.method == 'GET':
columns = ['spm','time','hr','pace','power','distance'] columns = ['spm','time','hr','pace','power','distance']
@@ -112,19 +113,19 @@ def strokedatajson_v2(request,id):
if request.method == 'POST': if request.method == 'POST':
checkdata, r = dataprep.getrowdata_db(id=row.id) checkdata, r = dataprep.getrowdata_db(id=row.id)
if not checkdata.empty: if not checkdata.empty:
return HttpResponse("Duplicate Error",status=400) return HttpResponse("Duplicate Error",status=409)
df = pd.DataFrame() df = pd.DataFrame()
print(request.POST)
try: try:
df = pd.read_json(request.POST['data'],orient='split') df = pd.DataFrame(request.data['data'])
except KeyError: except KeyError:
try: try:
df = pd.read_json(request.POST['strokedata'],orient='split') df = pd.DataFrame(request.data['strokedata'])
except: except:
return HttpResponse("No JSON object could be decoded",status=400) return HttpResponse("No JSON object could be decoded",status=400)
df.index = df.index.astype(int) df.index = df.index.astype(int)
df.sort_index(inplace=True) df.sort_index(inplace=True)
@@ -294,6 +295,7 @@ def strokedatajson_v2(request,id):
@csrf_exempt @csrf_exempt
@login_required() @login_required()
@api_view(['GET','POST']) @api_view(['GET','POST'])
@permission_classes([IsAuthenticated])
def strokedatajson(request,id): def strokedatajson(request,id):
""" """
POST: Add Stroke data to workout POST: Add Stroke data to workout
@@ -306,7 +308,7 @@ def strokedatajson(request,id):
try: try:
id = int(id) id = int(id)
except ValueError: except ValueError:
return HttpResponse("Not a valid workout number",status=400) return HttpResponse("Not a valid workout number",status=403)
if request.method == 'GET': if request.method == 'GET':
@@ -325,7 +327,7 @@ def strokedatajson(request,id):
# strokedata = request.POST['strokedata'] # strokedata = request.POST['strokedata']
# checking/validating and cleaning # checking/validating and cleaning
try: try:
strokedata = json.loads(request.POST['strokedata']) strokedata = json.loads(request.data['strokedata'])
except: except:
return HttpResponse("No JSON object could be decoded",status=400) return HttpResponse("No JSON object could be decoded",status=400)

3
rowers/views/statements.py
View File

@@ -686,7 +686,8 @@ try:
except ImportError: except ImportError:
pass pass
from rest_framework.decorators import api_view, renderer_classes from rest_framework.decorators import api_view, renderer_classes, permission_classes
from rest_framework.permissions import IsAuthenticated
from rowers.permissions import IsOwnerOrNot, IsCompetitorOrNot from rowers.permissions import IsOwnerOrNot, IsCompetitorOrNot