sander/rowsandall
Private
Public Access
1
0
Fork 0
Code Activity

the ajax is working

Browse Source
This commit is contained in:
Sander Roosendaal
2022-04-05 17:50:01 +02:00
parent 22d5ee5e3f
commit a1e907a090
3 changed files with 88 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
rowers/templates/stepeditor.html
View File

@@ -18,7 +18,7 @@
</p> </p>
<div class="stepcontainer" id="list"> <div class="stepcontainer" id="list">
<section class="drop-zone"> <section class="drop-zone">
<h2>Training</h2> <h2>Training Steps for {{ ps.name }}</h2>
</section> </section>
<section class="library"> <section class="library">
<h2>Library</h2> <h2>Library</h2>
@@ -48,6 +48,23 @@
src='https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js'> src='https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js'>
</script> </script>
<script> <script>
let csrftoken;
$(document).ready(function() {
csrftoken = jQuery("[name=csrfmiddlewaretoken]").val();
console.log("CSRF token",csrftoken);
});
function csrfSafeMethod(method) {
// these HTTP methods do not require CSRF protection
return (/^(GET|HEAD|OPTIONS|TRACE)$/.test(method));
}
$.ajaxSetup({
beforeSend: function(xhr, settings) {
if (!csrfSafeMethod(settings.type) && !this.crossDomain) {
xhr.setRequestHeader("X-CSRFToken", csrftoken);
}
}
});
let dragged; let dragged;
let origcolor; let origcolor;
@@ -56,12 +73,30 @@
steps = document.querySelector('.drop-zone'); steps = document.querySelector('.drop-zone');
steps.childNodes.forEach(function(item) { steps.childNodes.forEach(function(item) {
if (item.className && item.className.includes("trainingstep")) { if (item.className && item.className.includes("trainingstep")) {
console.log(item); item.childNodes.forEach(function(child) {
console.log(child.id);
if (child.id) {
list.push(child.id);
}
})
} }
}); });
console.log(list); console.log(list);
} $.ajax({
data: JSON.stringify(list),
type: 'POST',
url: '/rowers/plans/stepadder/{{ ps.id }}/',
error: function(result) {
$("#id_waiting").replaceWith(
'<div id="id_failed" class="grid_12 alpha message">Your upload failed</div>'
);
},
success: function(result) {
console.log('got something back');
console.log(result);
}
})
};
function handleDragStart(event) { function handleDragStart(event) {
let target = event.target; let target = event.target;

4
rowers/urls.py
View File

@@ -877,6 +877,10 @@ urlpatterns = [
name='rower_select_instantplan'), name='rower_select_instantplan'),
re_path(r'^plans/stepeditor/$', re_path(r'^plans/stepeditor/$',
views.stepeditor, name='stepeditor'), views.stepeditor, name='stepeditor'),
re_path(r'^plans/stepeditor/(?P<id>\d+)/$',
views.stepeditor, name='stepeditor'),
re_path(r'^plans/stepadder/(?P<id>\d+)/$',
views.stepadder, name='stepadder'),
re_path(r'^plans/(?P<id>[0-9a-fA-F]{8}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{12})/$', re_path(r'^plans/(?P<id>[0-9a-fA-F]{8}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{12})/$',
views.rower_view_instantplan, name='rower_view_instantplan'), views.rower_view_instantplan, name='rower_view_instantplan'),
re_path(r'^buyplan/(?P<id>\d+)/$', views.buy_trainingplan_view, re_path(r'^buyplan/(?P<id>\d+)/$', views.buy_trainingplan_view,

45
rowers/views/planviews.py
View File

@@ -6,6 +6,7 @@ from rowers.views.statements import *
import rowers.garmin_stuff as gs import rowers.garmin_stuff as gs
from rowers import credits from rowers import credits
from json.decoder import JSONDecodeError
@login_required @login_required
@@ -2959,10 +2960,53 @@ def rower_create_trainingplan(request, id=0):
'old_targets': old_targets, 'old_targets': old_targets,
}) })
@user_passes_test(can_plan, login_url="/rowers/paidplans",
message="This functionality requires a Coach or Self-Coach plan",
redirect_field_name=None)
def stepadder(request, id=0):
is_ajax = request.META.get('HTTP_X_REQUESTED_WITH') == 'XMLHttpRequest'
if not is_ajax:
return JSONResponse(
status=403, data={
'status': 'false',
'message': 'this view cannot be accessed directly'
}
)
ps = get_object_or_404(PlannedSession, pk=id)
print(request.method,'aap')
if request.method != 'POST':
message = {'status': 'false',
'message': 'this view cannot be accessed through GET'}
return JSONResponse(status=403, data=message)
try:
json_data = json.loads(request.body)
post_data = json_data
except (KeyError, JSONDecodeError):
q = request.POST
post_data = {k: q.getlist(k) if len(
q.getlist(k)) > 1 else v for k, v in q.items()}
# only allow local host
hostt = request.get_host().split(':')
if hostt[0] not in ['localhost', '127.0.0.1', 'dev.rowsandall.com', 'rowsandall.com']:
message = {'status': 'false',
'message': 'permission denied for host '+hostt[0]}
return JSONResponse(status=403, data=message)
print(post_data)
return JSONResponse(status=200,data=post_data)
@user_passes_test(can_plan, login_url="/rowers/paidplans", @user_passes_test(can_plan, login_url="/rowers/paidplans",
message="This functionality requires a Coach or Self-Coach plan", message="This functionality requires a Coach or Self-Coach plan",
redirect_field_name=None) redirect_field_name=None)
def stepeditor(request, id=0): def stepeditor(request, id=0):
ps = get_object_or_404(PlannedSession, pk=id)
ps.steps = {}
form = StepEditorForm() form = StepEditorForm()
@@ -2980,6 +3024,7 @@ def stepeditor(request, id=0):
{ {
'steps':steps, 'steps':steps,
'form':form, 'form':form,
'ps':ps,
}) })
@user_passes_test(can_plan, login_url="/rowers/paidplans", @user_passes_test(can_plan, login_url="/rowers/paidplans",