diff --git a/rowers/decorators.py b/rowers/decorators.py
index f9d03ed7..4bd1c7a3 100644
--- a/rowers/decorators.py
+++ b/rowers/decorators.py
@@ -48,4 +48,3 @@ def login_required_message(function=None, message=default_message):
     if function:
         return actual_decorator(function)
     return actual_decorator
-
diff --git a/rowers/models.py b/rowers/models.py
index c0c9c520..b1f9065d 100644
--- a/rowers/models.py
+++ b/rowers/models.py
@@ -907,6 +907,9 @@ class Rower(models.Model):
 
         super(Rower, self).save(*args, **kwargs)
 
+    def get_managed_teams(self):
+        return Team.objects.filter(manager=self.user)
+
 class DeactivateUserForm(forms.ModelForm):
     class Meta:
         model = User
diff --git a/rowers/rower_rules.py b/rowers/rower_rules.py
index d60b3682..40c63499 100644
--- a/rowers/rower_rules.py
+++ b/rowers/rower_rules.py
@@ -159,7 +159,7 @@ def can_plan_user(user,rower):
 
 rules.add_perm('rower.can_plan',can_plan_user) # replaces checkaccessplanuser
 rules.add_perm('rower.is_coach',is_coach_user) # replaces checkaccessuser
-
+rules.add_perm('rower.is_pro',ispromember)
 
 # WORKOUT permissions
 
@@ -240,6 +240,26 @@ rules.add_perm('workout.view_workout',can_view_workout) # replaces checkworkoutu
 
 """
 
+# check if user has view access to session
+@rules.predicate
+def can_view_session(user,session):
+    # session manager can view session
+    if user == session.manager:
+        return True
+    # if you're a rower in the session you can view it
+    if user.rower in session.rower.all():
+        return True
+    # coach users can view sessions created by their team members
+    if is_coach(user):
+        teams = user.rower.get_managed_teams()
+        teamusers = [member.u for member in t.rower.all()]
+        if session.manager in teamusers:
+            return True
+
+    return False
+
+rules.add_perm('plannedsession.view_session',can_view_session)
+
 # checkaccessplanuser (models.py)
 # getrequestrower, getrequestplanrower
 
diff --git a/rowers/views/statements.py b/rowers/views/statements.py
index b61f1d20..5d3a969d 100644
--- a/rowers/views/statements.py
+++ b/rowers/views/statements.py
@@ -282,11 +282,17 @@ def getfavorites(r,row):
 
     return favorites,maxfav
 
+def get_promember(request,*args,**kwargs):
+    return request.user
+
 def get_workout_by_opaqueid(request,id,**kwargs):
     pk = encoder.decode_hex(id)
     return get_object_or_404(Workout,pk=pk)
 
 
+def get_session_by_pk(request,id):
+    return get_object_or_404(PlannedSession,pk=id)
+
 def get_workout_default_page(request,id):
     if request.user.is_anonymous:
         return reverse('workout_view',kwargs={'id':id})
diff --git a/rowers/views/teamviews.py b/rowers/views/teamviews.py
index 3e9d942e..0667b472 100644
--- a/rowers/views/teamviews.py
+++ b/rowers/views/teamviews.py
@@ -10,6 +10,8 @@ from rowers.rower_rules import *
 def get_team_by_pk(request,team_id):
     return get_object_or_404(Team,pk=team_id)
 
+
+
 #@login_required()
 @permission_required('teams.view_team',fn=get_team_by_pk,raise_exception=True)
 def team_view(request,team_id=0,userid=0):
diff --git a/rowers/views/workoutviews.py b/rowers/views/workoutviews.py
index 4d70bfa3..a8628322 100644
--- a/rowers/views/workoutviews.py
+++ b/rowers/views/workoutviews.py
@@ -1129,9 +1129,6 @@ def workouts_join_select(request,
     except Team.DoesNotExist:
         theteam = 0
 
-    if r.rowerplan == 'basic' and theteam==0:
-        raise PermissionDenied("Access denied")
-
     if theteam and (theteam.viewing == 'allmembers' or theteam.manager == request.user):
         workouts = Workout.objects.filter(team=theteam,
                                           startdatetime__gte=startdate,
@@ -1564,7 +1561,8 @@ def virtualevent_compare_view(request,id=0):
                    })
 
 
-@login_required()
+@permission_required('plannedsession.view_session',
+                     fn=get_session_by_pk,raise_exception=True)
 def plannedsession_compare_view(request,id=0,userid=0):
     r = getrequestrower(request,userid=userid)
 
@@ -1573,18 +1571,6 @@ def plannedsession_compare_view(request,id=0,userid=0):
     except PlannedSession.DoesNotExist:
         raise Http404("Planned session does not exist")
 
-    m = ps.manager
-    mm = m.rower
-
-    if ps.manager != request.user:
-        if r.rowerplan == 'coach':
-            teams = Team.objects.filter(manager=request.user)
-            members = Rower.objects.filter(team__in=teams).distinct()
-            teamusers = [m.user for m in members]
-            if ps.manager not in teamusers:
-                raise PermissionDenied("You do not have access to this session")
-            elif r not in ps.rower.all():
-                raise PermissionDenied("You do not have access to this session")
 
     workouts = Workout.objects.filter(plannedsession=ps)
 
@@ -5876,7 +5862,7 @@ class VideoDelete(DeleteView):
 
     def get_object(self, *args, **kwargs):
         obj = super(VideoDelete, self).get_object(*args, **kwargs)
-        if not is_coach_user(obj.workout.user,self.request.user):
+        if not is_coach_user(self.request.user,obj.workout.user):
             raise PermissionDenied('You are not allowed to delete this analysis')
 
         return obj