From ba8fc0f0352a39bb829602c1c53ff03573a47fb4 Mon Sep 17 00:00:00 2001 From: Sander Roosendaal Date: Sat, 10 Feb 2018 16:37:14 +0100 Subject: [PATCH] bug fix --- rowers/views.py | 361 ++++++++++++++---------------------------------- 1 file changed, 102 insertions(+), 259 deletions(-) diff --git a/rowers/views.py b/rowers/views.py index 32cf2fb6..8dfe64dc 100644 --- a/rowers/views.py +++ b/rowers/views.py @@ -166,6 +166,8 @@ class JSONResponse(HttpResponse): super(JSONResponse, self).__init__(content, **kwargs) + + def getrower(user): try: r = Rower.objects.get(user=user) @@ -176,8 +178,21 @@ def getrower(user): return r +def get_workout(id): + try: + w = Workout.objects.get(id=id) + except Workout.DoesNotExist: + raise Http404("Workout doesn't exist") + return w +def get_workout_permitted(user,id): + w = get_workout(id) + + if (checkworkoutuser(user,w)==False): + raise PermissionDenied("Access denied") + + return w def getvalue(data): perc = 0 @@ -513,12 +528,8 @@ def get_stored_tasks_status(request): @login_required() def get_thumbnails(request,id): - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") - if (checkworkoutuser(request.user,row)==False): - raise PermissionDenied("Access denied") + row = get_workout_permitted(request.user,id) + r = getrower(request.user) result = request.user.is_authenticated() and ispromember(request.user) @@ -557,13 +568,7 @@ def get_thumbnails(request,id): @login_required() def get_testscript(request,id): - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") - if (checkworkoutuser(request.user,row)==False): - raise PermissionDenied("Access denied") - + row = get_workout_permitted(request.user,id) r = getrower(request.user) object = { @@ -780,17 +785,6 @@ def hasplannedsessions(user): return result -def getrower(user): - try: - r = Rower.objects.get(user=user) - except Rower.DoesNotExist: - r = Rower(user=user) - r.save() - - return r - - - # Check if a user is a Pro member def ispromember(user): if not user.is_anonymous(): @@ -1627,10 +1621,7 @@ def workout_tcxemail_view(request,id=0): message = "" successmessage = "" r = getrower(request.user) - try: - w = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + w = get_workout(id) if (checkworkoutuser(request.user,w)): tcxfile,tcxmessg = stravastuff.createstravaworkoutdata(w,dozip=False) if tcxfile == 0: @@ -1674,10 +1665,8 @@ def workout_gpxemail_view(request,id=0): message = "" successmessage = "" r = Rower.objects.get(user=request.user) - try: - w = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + w = get_workout(id) + if (checkworkoutuser(request.user,w)): filename = w.csvfilename row = rdata(filename) @@ -1714,10 +1703,8 @@ def workout_gpxemail_view(request,id=0): def workout_csvemail_view(request,id=0): message = "" r = getrower(request.user) - try: - w = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + w = get_workout(id) + if (checkworkoutuser(request.user,w)): csvfile = w.csvfilename res = myqueue(queuehigh,handle_sendemailcsv,r.user.first_name, @@ -1748,10 +1735,8 @@ def workout_csvemail_view(request,id=0): def workout_csvtoadmin_view(request,id=0): message = "" r = getrower(request.user) - try: - w = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + w = get_workout(id) + csvfile = w.csvfilename res = myqueue(queuehigh, @@ -1784,11 +1769,9 @@ def workout_tp_upload_view(request,id=0): return HttpResponseRedirect("/rowers/me/tpauthorize/") # ready to upload. Hurray - try: - w = Workout.objects.get(id=id) - r = w.user - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + w = get_workout_permitted(request.user,id) + r = w.user + if (checkworkoutuser(request.user,w)): tcxfile = tpstuff.createtpworkoutdata(w) if tcxfile: @@ -1841,11 +1824,8 @@ def workout_strava_upload_view(request,id=0): return HttpResponseRedirect("/rowers/me/stravaauthorize/") else: # ready to upload. Hurray - try: - w = Workout.objects.get(id=id) - r = w.user - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + w = get_workout_permitted(request.user,id) + r = w.user if (checkworkoutuser(request.user,w)): try: tcxfile,tcxmessg = stravastuff.createstravaworkoutdata(w) @@ -1931,11 +1911,9 @@ def workout_strava_upload_view(request,id=0): def workout_c2_upload_view(request,id=0): message = "" # ready to upload. Hurray - try: - w = Workout.objects.get(id=id) - r = w.user - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + w = get_workout(id) + r = w.user + try: message,c2id = c2stuff.workout_c2_upload(request.user,w) @@ -1959,11 +1937,8 @@ def workout_c2_upload_view(request,id=0): @login_required() def workout_runkeeper_upload_view(request,id=0): message = "" - try: - w = Workout.objects.get(id=id) - r = w.user - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + w = get_workout(id) + r = w.user try: thetoken = runkeeper_open(r.user) @@ -2024,11 +1999,8 @@ def workout_runkeeper_upload_view(request,id=0): @login_required() def workout_underarmour_upload_view(request,id=0): message = "" - try: - w = Workout.objects.get(id=id) - r = w.user - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + w = get_workout(id) + r = w.user try: thetoken = underarmour_open(r.user) @@ -2091,11 +2063,8 @@ def workout_underarmour_upload_view(request,id=0): def workout_sporttracks_upload_view(request,id=0): message = "" # ready to upload. Hurray - try: - w = Workout.objects.get(id=id) - r = w.user - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + w = get_workout(id) + r = w.user try: thetoken = sporttracks_open(r.user) @@ -2932,10 +2901,7 @@ def cum_flex(request,theuser=0, # Show the EMpower Oarlock generated Stroke Profile @user_passes_test(ispromember,login_url="/",redirect_field_name=None) def workout_forcecurve_view(request,id=0,workstrokesonly=False): - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout(id) promember=0 mayedit=0 @@ -2989,10 +2955,7 @@ def workout_test_task_view(request,id=0): # Show Stroke power histogram for a workout @login_required() def workout_histo_view(request,id=0): - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout(id) promember=0 mayedit=0 @@ -4081,10 +4044,7 @@ def rankings_view2(request,theuser=0, @user_passes_test(ispromember,login_url="/",redirect_field_name=None) def workout_update_cp_view(request,id=0): - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout(id) if (checkworkoutuser(request.user,row)==False): message = "You are not allowed to edit this workout" @@ -4691,10 +4651,7 @@ def oterankings_view(request,theuser=0, # Reload the workout and calculate the summary from the stroke data (lapIDx) @login_required() def workout_recalcsummary_view(request,id=0): - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout(id) if (checkworkoutuser(request.user,row)==False): message = "You are not allowed to edit this workout" @@ -4728,10 +4685,8 @@ def workout_recalcsummary_view(request,id=0): def workout_makepublic_view(request,id, message='', successmessage=''): - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + + row = get_workout(id) if (checkworkoutuser(request.user,row)==False): message = "You are not allowed to edit this workout" @@ -4762,10 +4717,7 @@ def workout_makepublic_view(request,id, def workout_setprivate_view(request,id, message='', successmessage=''): - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout(id) if (checkworkoutuser(request.user,row)==False): message = "You are not allowed to edit this workout" @@ -5498,10 +5450,18 @@ def multiflex_data(request,userid=0, datadf['days ago'] = map(lambda x : x.days, datadf.date - today) if groupby != 'date': - bins = np.arange(datadf[groupby].min()-binsize, - datadf[groupby].max()+binsize, - binsize) - groups = datadf.groupby(pd.cut(datadf[groupby],bins,labels=False)) + try: + bins = np.arange(datadf[groupby].min()-binsize, + datadf[groupby].max()+binsize, + binsize) + groups = datadf.groupby(pd.cut(datadf[groupby],bins,labels=False)) + except ValueError: + messages.error( + request, + "Unable to compete. Probably not enough data selected" + ) + url = reverse(user_multiflex_select) + return HttpResponseRedirect(url) else: bins = np.arange(datadf['days ago'].min()-binsize, datadf['days ago'].max()+binsize, @@ -6291,10 +6251,8 @@ def workout_comparison_list(request,id=0,message='',successmessage='', workouts = paginator.page(1) except EmptyPage: workouts = paginator.page(paginator.num_pages) - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + + row = get_workout(id) messages.error(request,message) messages.info(request,successmessage) @@ -6371,11 +6329,7 @@ def workout_fusion_list(request,id=0,message='',successmessage='', workouts = paginator.page(1) except EmptyPage: workouts = paginator.page(paginator.num_pages) - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") - + row = get_workout(id) messages.info(request,successmessage) messages.error(request,message) @@ -6490,11 +6444,10 @@ def workout_view(request,id=0): # Resets stroke data to raw data (pace) @user_passes_test(ispromember,login_url="/",redirect_field_name=None) -def workout_undo_smoothenpace_view(request,id=0,message="",successmessage=""): - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") +def workout_undo_smoothenpace_view( + request,id=0,message="",successmessage="" +): + row = get_workout(id) if (checkworkoutuser(request.user,row)==False): message = "You are not allowed to edit this workout" @@ -6523,10 +6476,7 @@ def workout_undo_smoothenpace_view(request,id=0,message="",successmessage=""): # Data smoothing of pace data @user_passes_test(ispromember,login_url="/",redirect_field_name=None) def workout_smoothenpace_view(request,id=0,message="",successmessage=""): - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout(id) if (checkworkoutuser(request.user,row)==False): message = "You are not allowed to edit this workout" @@ -6564,10 +6514,7 @@ def workout_smoothenpace_view(request,id=0,message="",successmessage=""): # Process CrewNerd Summary CSV and update summary @user_passes_test(ispromember,login_url="/",redirect_field_name=None) def workout_crewnerd_summary_view(request,id=0,message="",successmessage=""): - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout(id) if request.method == 'POST': form = CNsummaryForm(request.POST,request.FILES) @@ -6620,10 +6567,7 @@ def workout_crewnerd_summary_view(request,id=0,message="",successmessage=""): def workout_downloadwind_view(request,id=0, airportcode=None, message="",successmessage=""): - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout(id) f1 = row.csvfilename if (checkworkoutuser(request.user,row)==False): @@ -6689,10 +6633,7 @@ def workout_downloadwind_view(request,id=0, def workout_downloadmetar_view(request,id=0, airportcode=None, message="",successmessage=""): - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout(id) f1 = row.csvfilename if (checkworkoutuser(request.user,row)==False): @@ -6757,10 +6698,7 @@ def workout_downloadmetar_view(request,id=0, # Show form to update wind data @user_passes_test(ispromember,login_url="/",redirect_field_name=None) def workout_wind_view(request,id=0,message="",successmessage=""): - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout(id) if (checkworkoutuser(request.user,row)==False): message = "You are not allowed to edit this workout" @@ -6877,10 +6815,7 @@ def workout_wind_view(request,id=0,message="",successmessage=""): # Show form to update River stream data (for river dwellers) @user_passes_test(ispromember,login_url="/",redirect_field_name=None) def workout_stream_view(request,id=0,message="",successmessage=""): - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout(id) if (checkworkoutuser(request.user,row)==False): message = "You are not allowed to edit this workout" @@ -6946,10 +6881,7 @@ def workout_stream_view(request,id=0,message="",successmessage=""): # Form to set average crew weight and boat type, then run power calcs @user_passes_test(ispromember, login_url="/",redirect_field_name=None) def workout_otwsetpower_view(request,id=0,message="",successmessage=""): - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout(id) if (checkworkoutuser(request.user,row)==False): message = "You are not allowed to edit this workout" @@ -7052,10 +6984,7 @@ def workout_otwsetpower_view(request,id=0,message="",successmessage=""): @login_required() def instroke_view(request,id=0): - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout(id) form = WorkoutForm(instance=row) g = GraphImage.objects.filter(workout=row).order_by("-creationdatetime") @@ -7085,10 +7014,7 @@ def instroke_view(request,id=0): # A special Edit page with all the Geeky functionality for the workout @login_required() def workout_geeky_view(request,id=0,message="",successmessage=""): - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout(id) form = WorkoutForm(instance=row) g = GraphImage.objects.filter(workout=row).order_by("-creationdatetime") @@ -7150,10 +7076,7 @@ def workout_geeky_view(request,id=0,message="",successmessage=""): # generate instroke chart @login_required() def instroke_chart(request,id=0,metric=''): - try: - w = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + w = get_workout(id) if (checkworkoutuser(request.user,w)==False): message = "You are not allowed to edit this workout" @@ -7475,10 +7398,7 @@ def cumstats(request,theuser=0, def workout_stats_view(request,id=0,message="",successmessage=""): r = getrower(request.user) - try: - w = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + w = get_workout(id) workstrokesonly = True if request.method == 'POST' and 'workstrokesonly' in request.POST: @@ -7624,10 +7544,8 @@ def workout_stats_view(request,id=0,message="",successmessage=""): # The Advanced edit page @login_required() def workout_advanced_view(request,id=0,message="",successmessage=""): - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout(id) + form = WorkoutForm(instance=row) g = GraphImage.objects.filter(workout=row).order_by("-creationdatetime") for i in g: @@ -7909,12 +7827,7 @@ def workout_workflow_view(request,id): request.session['referer'] = absolute(request)['PATH'] request.session['lastworkout'] = id request.session[translation.LANGUAGE_SESSION_KEY] = USER_LANGUAGE - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") - if (checkworkoutuser(request.user,row)==False): - raise PermissionDenied("Access denied") + row = get_workout_permitted(request.user,id) r = getrower(request.user) result = request.user.is_authenticated() and ispromember(request.user) @@ -8005,11 +7918,7 @@ def workout_flexchart3_view(request,*args,**kwargs): except: favoritenr = -1 - - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout(id) promember=0 mayedit=0 @@ -8228,10 +8137,7 @@ def workout_flexchart3_view(request,*args,**kwargs): # The interactive plot with the colored Heart rate zones def workout_biginteractive_view(request,id=0,message="",successmessage=""): - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout(id) # check if user is owner of this workout @@ -8272,10 +8178,7 @@ def workout_biginteractive_view(request,id=0,message="",successmessage=""): # The interactive plot with wind corrected pace for OTW outings def workout_otwpowerplot_view(request,id=0,message="",successmessage=""): - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout(id) # check if user is owner of this workout @@ -8315,10 +8218,7 @@ def workout_otwpowerplot_view(request,id=0,message="",successmessage=""): @login_required() def workout_export_view(request,id=0, message="", successmessage=""): request.session[translation.LANGUAGE_SESSION_KEY] = USER_LANGUAGE - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout(id) try: thetoken = c2_open(request.user) @@ -8375,10 +8275,7 @@ def workout_export_view(request,id=0, message="", successmessage=""): # @login_required() def workout_unsubscribe_view(request,id=0): - try: - w = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + w = get_workout(id) if w.privacy == 'private' and w.user.user != request.user: return HttpResponseForbidden("Permission error") @@ -8408,10 +8305,7 @@ def workout_unsubscribe_view(request,id=0): # list of comments to a workout @login_required() def workout_comment_view(request,id=0): - try: - w = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + w = get_workout(id) if w.privacy == 'private' and w.user.user != request.user: return HttpResponseForbidden("Permission error") @@ -8511,12 +8405,9 @@ def workout_edit_view(request,id=0,message="",successmessage=""): request.session['referer'] = absolute(request)['PATH'] - try: - # check if valid ID exists (workout exists) - row = Workout.objects.get(id=id) - form = WorkoutForm(instance=row) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout(id) + + form = WorkoutForm(instance=row) if request.method == 'POST': # Form was submitted @@ -8598,11 +8489,7 @@ def workout_edit_view(request,id=0,message="",successmessage=""): #else: # form not POSTed form = WorkoutForm(instance=row) - - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout(id) g = GraphImage.objects.filter(workout=row).order_by("-creationdatetime") for i in g: @@ -8690,12 +8577,7 @@ def workout_map_view(request,id=0): request.session[translation.LANGUAGE_SESSION_KEY] = USER_LANGUAGE request.session['referer'] = absolute(request)['PATH'] - - try: - # check if valid ID exists (workout exists) - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout(id) # create interactive plot f1 = row.csvfilename @@ -8745,13 +8627,8 @@ def workout_edit_view_navionics(request,id=0,message="",successmessage=""): request.session[translation.LANGUAGE_SESSION_KEY] = USER_LANGUAGE request.session['referer'] = absolute(request)['PATH'] - - try: - # check if valid ID exists (workout exists) - row = Workout.objects.get(id=id) - form = WorkoutForm(instance=row) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout(id) + form = WorkoutForm(instance=row) if request.method == 'POST': # Form was submitted @@ -8829,11 +8706,7 @@ def workout_edit_view_navionics(request,id=0,message="",successmessage=""): #else: # form not POSTed form = WorkoutForm(instance=row) - - try: - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout(id) g = GraphImage.objects.filter(workout=row).order_by("-creationdatetime") for i in g: @@ -8918,10 +8791,7 @@ def workout_uploadimage_view(request,id): r = getrower(request.user) - try: - w = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + w = get_workout(id) if not checkworkoutuser(request.user,w): raise PermissionDenied("You are not allowed to edit this workout") @@ -9002,10 +8872,8 @@ def workout_uploadimage_view(request,id): # Generic chart creation @login_required() def workout_add_chart_view(request,id,plotnr=1): - try: - w = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + + w = get_workout(id) plotnr = int(plotnr) @@ -9360,10 +9228,7 @@ def workout_getstravaworkout_view(request,stravaid): id,message = add_workout_from_strokedata(request.user,stravaid,data,strokedata, source='strava', workoutsource='strava') - try: - w = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + w = get_workout(id) w.uploadedtostrava=stravaid w.save() @@ -9664,16 +9529,8 @@ def workout_toggle_ranking(request,id=0): if request.is_ajax(): is_ajax = True - try: - # check if valid ID exists (workout exists) - row = Workout.objects.get(id=id) - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout_permitted(request.user,id) - if not checkworkoutuser(request.user,row): - raise PermissionDenied("You are not allowed to change this workout") - - # we are still here - we own the workout row.rankingpiece = not row.rankingpiece row.save() @@ -10398,12 +10255,7 @@ def workout_summary_restore_view(request,id,message="",successmessage=""): # Split a workout @user_passes_test(ispromember,login_url="/",redirect_field_name=None) def workout_split_view(request,id=id): - try: - row = Workout.objects.get(id=id) - if (checkworkoutuser(request.user,row)==False): - raise PermissionDenied("You are not allowed to edit this workout") - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout_permitted(request.user,id) r = row.user @@ -10533,12 +10385,7 @@ def workout_fusion_view(request,id1=0,id2=1): @login_required() def workout_summary_edit_view(request,id,message="",successmessage="" ): - try: - row = Workout.objects.get(id=id) - if (checkworkoutuser(request.user,row)==False): - raise PermissionDenied("You are not allowed to edit this workout") - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout_permitted(request.user,id) s = "" # still here - this is a workout we may edit @@ -11175,12 +11022,8 @@ def strokedatajson(request,id): POST: Add Stroke data to workout GET: Get stroke data of workout """ - try: - row = Workout.objects.get(id=id) - if (checkworkoutuser(request.user,row)==False): - return HttpResponseForbidden("Permission error") - except Workout.DoesNotExist: - raise Http404("Workout doesn't exist") + row = get_workout_permitted(request.user,id) + try: id = int(id) except ValueError: