sander/rowsandall
Private
Public Access
1
0
Fork 0
Code Activity

moved user and workout permission checks to rules

Browse Source 
updated workoutviews, rest of views not done
doesn't pass tests
This commit is contained in:
Sander Roosendaal
2020-01-12 17:58:55 +01:00
parent 892b6c0e60
commit c82a60f02e
23 changed files with 618 additions and 711 deletions
Download Patch File Download Diff File Expand all files Collapse all files

148
rowers/rower_rules.py
View File

@@ -19,6 +19,154 @@ def user_is_not_basic(user):
def is_coach(user):
return user.rower.rowerplan in ['coach','freecoach']
@rules.predicate
def is_promember(user):
try:
r = user.rower
except AttributeError:
return False
return r.rowerplan in ['pro','coach','plan']
@rules.predicate
def is_protrial(user):
try:
r = user.rower
except AttributeError:
return False
if r.rowerplan == 'basic':
return r.protrialexpires >= datetime.date.today()
if r.rowerplan == 'freecoach':
if r.mycoachgroup is not None:
return len(r.mycoachgroup)>=4
return False
ispromember = is_promember | is_protrial
# User / Coach relationships (Rower object)
@rules.predicate
def can_plan(user):
return user.rower.rowerplan in ['plan','coach','freecoach']
@rules.predicate
def is_coach_user(user,rower):
try:
r = user.rower
except AttributeError:
return False
if rower == r:
return True
coaches = []
for group in r.coachinggroups.all():
newcoaches = group.get_coaches()
for coach in newcoaches:
coaches.append(coach)
print(coaches)
for coach in coaches:
if rower == coach:
return True
return False
@rules.predicate
def is_rower_team_member(user,rower):
if user.rower == rower:
return True
teams = user.rower.team.all()
for team in teams:
if team.private == 'open':
if team in rower.team.all():
return True
if team.manager == rower.user:
return True
return False
@rules.predicate
def can_plan_user(user,rower):
try:
r = user.rower
except AttributeError:
return False
if rower == r:
return True
# below
team_managers = [t.manager for t in rower.team.all() and can_plan(t.manager)]
if user_is_not_basic(user):
return user in team_managers
return False
rules.add_perm('rower.can_plan',can_plan_user) # replaces checkaccessplanuser
rules.add_perm('rower.is_coach',is_coach_user) # replaces checkaccessuser
# WORKOUT permissions
@rules.predicate
def is_workout_user(user,workout):
if user.is_anonymous:
return False
try:
r = user.rower
except AttributeError:
return False
if workout.user == r:
return True
coaches = []
for group in workout.user.coachinggroups.all():
coach = group.coachingrole
coaches.append(coach)
for coach in coaches:
if r == coach and workout.privacy == 'visible':
return True
return False
@rules.predicate
def can_view_workout(user,workout):
if user.is_anonymous:
if workout.privacy != 'private':
return True
return False
try:
r = user.rower
except AttributeError:
return False
teams = workout.user.team.all()
for team in teams:
if team in r.team.all():
return True
return False
rules.add_perm('workout.change_workout',is_workout_user) # replaces checkworkoutuser
rules.add_perm('workout.view_workout',can_view_workout) # replaces checkworkoutuserview
# checkviewworkouts
# PLANNING permissions
# checkaccessplanuser (models.py)
# TEAM permissions
@rules.predicate