moved user and workout permission checks to rules
updated workoutviews, rest of views not done doesn't pass tests
This commit is contained in:
Sander Roosendaal
@@ -1,18 +1,17 @@
|
||||
from rowers.views.statements import *
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
# Export workout to TCX and send to user's email address
|
||||
@login_required()
|
||||
@permission_required('workout.change_workout',fn=objectgetter(Workout, 'id'))
|
||||
def workout_tcxemail_view(request,id=0):
|
||||
r = getrower(request.user)
|
||||
w = get_workout(id)
|
||||
|
||||
if not checkworkoutuser(request.user,w):
|
||||
raise PermissionDenied("Access denied")
|
||||
|
||||
|
||||
|
||||
row = rdata(w.csvfilename)
|
||||
@@ -31,8 +30,8 @@ def workout_tcxemail_view(request,id=0):
|
||||
return response
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@login_required()
|
||||
def plannedsessions_icsemail_view(request,userid=0):
|
||||
@@ -66,7 +65,7 @@ def plannedsessions_icsemail_view(request,userid=0):
|
||||
d1 = startdate.strftime("%Y%m%d"),
|
||||
d2 = enddate.strftime("%Y%m%d"),
|
||||
)
|
||||
|
||||
|
||||
response['Content-Type'] = 'application/octet-stream'
|
||||
|
||||
return response
|
||||
@@ -96,7 +95,7 @@ def plannedsessions_coach_icsemail_view(request,userid=0):
|
||||
rowers += ps.rower.filter(team__in=rteams).exclude(rowerplan='freecoach')
|
||||
|
||||
rowers = list(set(rowers))
|
||||
|
||||
|
||||
cal = Calendar()
|
||||
cal.add('prodid','rowsandall')
|
||||
cal.add('version','1.0')
|
||||
@@ -169,13 +168,12 @@ def course_kmldownload_view(request,id=0):
|
||||
|
||||
|
||||
# Export workout to GPX and send to user's email address
|
||||
@login_required()
|
||||
@permission_required('workout.change_workout',fn=objectgetter(Workout, 'id'))
|
||||
def workout_gpxemail_view(request,id=0):
|
||||
r = getrower(request.user)
|
||||
w = get_workout(id)
|
||||
|
||||
if not checkworkoutuser(request.user,w):
|
||||
raise PermissionDenied("Access denied")
|
||||
|
||||
|
||||
|
||||
row = rdata(w.csvfilename)
|
||||
@@ -233,17 +231,16 @@ def workouts_summaries_email_view(request):
|
||||
{
|
||||
'form':form
|
||||
})
|
||||
|
||||
|
||||
|
||||
# Get Workout CSV file and send it to user's email address
|
||||
@login_required()
|
||||
@permission_required('workout.change_workout',fn=objectgetter(Workout, 'id'))
|
||||
def workout_csvemail_view(request,id=0):
|
||||
r = getrower(request.user)
|
||||
|
||||
w = get_workout(id)
|
||||
|
||||
if not checkworkoutuser(request.user,w):
|
||||
raise PermissionDenied("Access denied")
|
||||
|
||||
|
||||
rowdata = rdata(w.csvfilename)
|
||||
code = str(uuid4())
|
||||
@@ -254,13 +251,13 @@ def workout_csvemail_view(request,id=0):
|
||||
df = rowdata.df
|
||||
df[' ElapsedTime (sec)'] = df['TimeStamp (sec)']
|
||||
df['TimeStamp (sec)'] = df['TimeStamp (sec)'] + starttimeunix
|
||||
|
||||
|
||||
response = HttpResponse(df.to_csv())
|
||||
response['Content-Disposition'] = 'attachment; filename="%s"' % filename
|
||||
response['Content-Type'] = 'application/octet-stream'
|
||||
|
||||
return response
|
||||
|
||||
|
||||
|
||||
# Get Workout CSV file and send it to user's email address
|
||||
@login_required()
|
||||
|
||||
Reference in New Issue
Block a user