the ajax is working

2022-04-05 17:50:01 +02:00
parent 22d5ee5e3f
commit a1e907a090
3 changed files with 88 additions and 4 deletions
--- a/rowers/views/planviews.py
+++ b/rowers/views/planviews.py
@@ -6,6 +6,7 @@ from rowers.views.statements import *

 import rowers.garmin_stuff as gs
 from rowers import credits
+from json.decoder import JSONDecodeError


@login_required
@@ -2959,10 +2960,53 @@ def rower_create_trainingplan(request, id=0):
                      'old_targets': old_targets,
                  })

+@user_passes_test(can_plan, login_url="/rowers/paidplans",
+                  message="This functionality requires a Coach or Self-Coach plan",
+                  redirect_field_name=None)
+def stepadder(request, id=0):
+    is_ajax = request.META.get('HTTP_X_REQUESTED_WITH') == 'XMLHttpRequest'
+    if not is_ajax:
+        return JSONResponse(
+            status=403, data={
+                'status': 'false',
+                'message': 'this view cannot be accessed directly'
+                }
+            )
+    ps = get_object_or_404(PlannedSession, pk=id)
+
+    print(request.method,'aap')
+
+    if request.method != 'POST':
+        message = {'status': 'false',
+                   'message': 'this view cannot be accessed through GET'}
+        return JSONResponse(status=403, data=message)
+
+    try:
+        json_data = json.loads(request.body)
+        post_data = json_data
+    except (KeyError, JSONDecodeError):
+        q = request.POST
+        post_data = {k: q.getlist(k) if len(
+            q.getlist(k)) > 1 else v for k, v in q.items()}
+
+    # only allow local host
+    hostt = request.get_host().split(':')
+    if hostt[0] not in ['localhost', '127.0.0.1', 'dev.rowsandall.com', 'rowsandall.com']:
+        message = {'status': 'false',
+                   'message': 'permission denied for host '+hostt[0]}
+        return JSONResponse(status=403, data=message)
+
+    print(post_data)
+
+    return JSONResponse(status=200,data=post_data)
+
@user_passes_test(can_plan, login_url="/rowers/paidplans",
                  message="This functionality requires a Coach or Self-Coach plan",
                  redirect_field_name=None)
 def stepeditor(request, id=0):
+    ps = get_object_or_404(PlannedSession, pk=id)
+    ps.steps = {}
+

    form = StepEditorForm()

@@ -2980,6 +3024,7 @@ def stepeditor(request, id=0):
                  {
                      'steps':steps,
                      'form':form,
+                      'ps':ps,
                  })

@user_passes_test(can_plan, login_url="/rowers/paidplans",