From bf1ea191e780952e3807492b46eeddaecd65d438 Mon Sep 17 00:00:00 2001 From: Sander Roosendaal Date: Mon, 13 Jan 2020 15:33:50 +0100 Subject: [PATCH] added annotations to rules on rules to add --- rowers/rower_rules.py | 108 +++++++++++++++++++++++++++++++++++++++++- 1 file changed, 106 insertions(+), 2 deletions(-) diff --git a/rowers/rower_rules.py b/rowers/rower_rules.py index 1ad9d6f0..f55cbc61 100644 --- a/rowers/rower_rules.py +++ b/rowers/rower_rules.py @@ -5,6 +5,30 @@ import datetime # USER permissions +""" +USER permissions +- There are 5 types of user: basic, pro, plan, coach, freecoach +- These methods exist on user + - user.rower + - user.is_anonymous + - user.is_staff + +- These methods exist on rower + - rower.rowerplan + - rower.protrialexpires + - rower.plantrialexpires + - rower.mycoachgroup + - rower.coachinggroups + - rower.team + +- These Rules apply to Rowers + - Free Coach user cannot have workouts + - Coach can edit athlete settings (if in coachinggroup) + - Coach can run analytics for athlete + - Pro and Plan user cannot run analysis for members of their groups + +""" + @rules.predicate def user_is_not_basic(user): if user.rower.rowerplan != 'basic': @@ -114,6 +138,25 @@ rules.add_perm('rower.is_coach',is_coach_user) # replaces checkaccessuser # WORKOUT permissions +""" +WORKOUT permissions +- These methods exist on Workout + - workout.privacy + +- These rules apply to workouts + - User can add, delete and change their own workouts + - Coach can add and change workouts for their athletes, but not delete + - Pro and Plan user cannot add or change an athlete's workout + - Pro, Basic users can view team members' workout + - Anonymous users can view team members' workout (but not see list of workouts) + + - Rules for Workouts are transferred to objects related to the Workout, + - Charts + - Video Analysis + - WorkoutComment? + +""" + @rules.predicate def is_workout_user(user,workout): if user.is_anonymous: @@ -128,7 +171,7 @@ def is_workout_user(user,workout): return True return is_coach_user(workout.user.user,user.rower) - + @rules.predicate def can_view_workout(user,workout): @@ -146,10 +189,52 @@ rules.add_perm('workout.view_workout',can_view_workout) # replaces checkworkoutu # PLANNING permissions +""" +- These rules apply to planning + - Free coach can create planned sessions and team planned sessions + - Self coach and higher can create planned sessions and team planned sessions + - Coach can create planned sessions and team planned sessions + - Self Coach and higher can create planned sessions and team planned sessions + - Pro or Basic cannot create planned sessions or team planned sessions + - WHO can comment (plannedsession_comment_view) + - Only Session manager can change session + - Strict View rules (stricter than workouts) + + - TrainingTarget + - rules for view, add, change, delete + - TrainingPlan + - rules for view, add, change, delete + - Cycle + - inherits rules from TrainingPlan + - PlannedSession + - rules for view, add, change, delete, clone, save as template + - check team + + - Special rules for Race (cannot be edited ex post) + +""" + # checkaccessplanuser (models.py) # getrequestrower, getrequestplanrower -# TEAM permissions +# TEAM (group) permissions + +""" +- These methods exist on team + - team.manager + - team.private + +- These rules apply to a team + - A Pro rower can be manager of only 1 team (as manager) + - A coach can have any number of teams (as manager) + - Basic user cannot manage a group + - Basic user cannot join groups led by Free Coach or Pro + - Basic athletes can be member of Coach led group + - Plan user can create 1 group (as manager) and not more + - Pro users (and higher) can join team led by other Pro (or higher) user + - On downgrade, Coach users lose all but their oldest team (add test!) + +""" @rules.predicate def is_team_manager(user,team): @@ -177,3 +262,22 @@ rules.add_perm('teams.view_team',can_view_team) rules.add_perm('teams.add_team',user_is_not_basic) rules.add_perm('teams.change_team',is_team_manager) rules.add_perm('teams.delete_team',is_team_manager) + +# RACING permissions + +""" + - VirtualRace + - rules to add, view, delete, change + - GeoCourse + - rules to add, view, delete, change +""" + + +# ANALYSIS permissions + +""" + - Conditions + - Alerts + - rules to add, view, delete, change + - cpdata +"""