sander/rowsandall
Private
Public Access
1
0
Fork 0
Code Activity

bug fixes in permissions

Browse Source
This commit is contained in:
Sander Roosendaal
2020-07-26 10:57:59 +02:00
parent 2dcab19905
commit d6e95b7f6c
2 changed files with 50 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
rowers/views/statements.py
View File

@@ -490,6 +490,52 @@ def getrequestrower(request,rowerid=0,userid=0,notpermanent=False):
request.session['rowerid'] = r.id
return r
def getrequestrowercoachee(request,rowerid=0,userid=0,notpermanent=False):
userid = int(userid)
rowerid = int(rowerid)
#if userid == 0:
# userid = request.user.id
if notpermanent == False:
if rowerid == 0 and 'rowerid' in request.session:
rowerid = request.session['rowerid']
if userid != 0:
rowerid = 0
try:
if rowerid != 0:
r = Rower.objects.get(id=rowerid)
u = r.user
elif userid != 0:
u = User.objects.get(id=userid)
r = getrower(u)
elif request.user.is_anonymous:
return None
else:
r = getrower(request.user)
u = r.user
except Rower.DoesNotExist:
raise Http404("Rower doesn't exist")
if r.user == request.user:
request.session['rowerid'] = r.id
return r
if userid != 0 and not is_coach_user(request.user,u):
request.session['rowerid'] = request.user.rower.id
raise PermissionDenied("You have no access to this user")
if notpermanent == False:
request.session['rowerid'] = r.id
request.session['rowerid'] = r.id
return r
def getrequestplanrower(request,rowerid=0,userid=0,notpermanent=False):
userid = int(userid)