fixed rights
This commit is contained in:
Sander Roosendaal
@@ -474,6 +474,17 @@ def get_workout(id):
|
||||
|
||||
return w
|
||||
|
||||
def get_workoutuser(id,request):
|
||||
try:
|
||||
id = encoder.decode_hex(id)
|
||||
w = Workout.objects.get(id=id)
|
||||
except Workout.DoesNotExist:
|
||||
raise Http404("Workout doesn't exist")
|
||||
|
||||
if not is_workout_user(request.user,w):
|
||||
raise PermissionDenied
|
||||
|
||||
return w
|
||||
|
||||
def getvalue(data):
|
||||
perc = 0
|
||||
|
||||
@@ -394,7 +394,7 @@ def workout_video_create_view(request,id=0):
|
||||
redirect_field_name=None)
|
||||
@permission_required('workout.change_workout',fn=get_workout_by_opaqueid,raise_exception=True)
|
||||
def workout_forcecurve_view(request,id=0,workstrokesonly=False):
|
||||
row = get_workout(id)
|
||||
row = get_workoutuser(id, request)
|
||||
|
||||
promember=0
|
||||
mayedit=0
|
||||
@@ -462,7 +462,7 @@ def workout_forcecurve_view(request,id=0,workstrokesonly=False):
|
||||
# Switch from GPS to Impeller (only for SpeedCoach 2, if impeller data)
|
||||
@permission_required('workout.change_workout',fn=get_workout_by_opaqueid,raise_exception=True)
|
||||
def otw_use_impeller(request,id=0):
|
||||
w = get_workout(id)
|
||||
w = get_workoutuser(id, request)
|
||||
|
||||
|
||||
row = rdata(w.csvfilename)
|
||||
@@ -484,7 +484,7 @@ def otw_use_impeller(request,id=0):
|
||||
# Switch from Impeller to GPS (only for SpeedCoach 2, if impeller data)
|
||||
@permission_required('workout.change_workout',fn=get_workout_by_opaqueid,raise_exception=True)
|
||||
def otw_use_gps(request,id=0):
|
||||
w = get_workout(id)
|
||||
w = get_workoutuser(id, request)
|
||||
|
||||
|
||||
row = rdata(w.csvfilename)
|
||||
@@ -508,7 +508,7 @@ def otw_use_gps(request,id=0):
|
||||
@login_required()
|
||||
@permission_required('workout.change_workout',fn=get_workout_by_opaqueid,raise_exception=True)
|
||||
def workout_histo_view(request,id=0):
|
||||
w = get_workout(id)
|
||||
w = get_workoutuser(id, request)
|
||||
r = getrequestrower(request)
|
||||
promember = 1
|
||||
|
||||
@@ -747,7 +747,7 @@ def fitness_metric_view(request,mode='rower',days=42):
|
||||
message="This functionality requires a Pro plan or higher. If you are already a Pro user, please log in to access this functionality. If you are already a Pro user, please log in to access this functionality",
|
||||
redirect_field_name=None)
|
||||
def workout_update_cp_view(request,id=0):
|
||||
row = get_workout(id)
|
||||
row = get_workoutuser(id, request)
|
||||
|
||||
row.rankingpiece = True
|
||||
row.save()
|
||||
@@ -767,7 +767,7 @@ def workout_update_cp_view(request,id=0):
|
||||
# Reload the workout and calculate the summary from the stroke data (lapIDx)
|
||||
@permission_required('workout.change_workout',fn=get_workout_by_opaqueid,raise_exception=True)
|
||||
def workout_recalcsummary_view(request,id=0):
|
||||
row = get_workout(id)
|
||||
row = get_workoutuser(id, request)
|
||||
|
||||
filename = row.csvfilename
|
||||
rowdata = rdata(filename)
|
||||
@@ -2005,7 +2005,7 @@ def workout_fusion_list(request,id=0,
|
||||
|
||||
if id:
|
||||
theid = encoder.decode_hex(id)
|
||||
w = get_workout(id)
|
||||
w = get_workoutuser(id, request)
|
||||
r = w.user
|
||||
|
||||
workouts = Workout.objects.filter(user=r,
|
||||
@@ -2034,7 +2034,7 @@ def workout_fusion_list(request,id=0,
|
||||
workouts = paginator.page(1)
|
||||
except EmptyPage:
|
||||
workouts = paginator.page(paginator.num_pages)
|
||||
row = get_workout(id)
|
||||
row = get_workoutuser(id, request)
|
||||
|
||||
|
||||
breadcrumbs = [
|
||||
@@ -2172,7 +2172,7 @@ def workout_view(request,id=0):
|
||||
def workout_undo_smoothenpace_view(
|
||||
request,id=0,message="",successmessage=""
|
||||
):
|
||||
row = get_workout(id)
|
||||
row = get_workoutuser(id, request)
|
||||
r = getrower(request.user)
|
||||
|
||||
filename = row.csvfilename
|
||||
@@ -2203,7 +2203,7 @@ def workout_undo_smoothenpace_view(
|
||||
message="This functionality requires a Pro plan or higher. If you are already a Pro user, please log in to access this functionality. If you are already a Pro user, please log in to access this functionality",
|
||||
redirect_field_name=None)
|
||||
def workout_smoothenpace_view(request,id=0,message="",successmessage=""):
|
||||
row = get_workout(id)
|
||||
row = get_workoutuser(id, request)
|
||||
|
||||
previousurl = request.META.get('HTTP_REFERER')
|
||||
|
||||
@@ -2263,7 +2263,7 @@ def workout_smoothenpace_view(request,id=0,message="",successmessage=""):
|
||||
message="This functionality requires a Pro plan or higher. If you are already a Pro user, please log in to access this functionality. If you are already a Pro user, please log in to access this functionality",
|
||||
redirect_field_name=None)
|
||||
def workout_crewnerd_summary_view(request,id=0,message="",successmessage=""):
|
||||
row = get_workout(id)
|
||||
row = get_workoutuser(id, request)
|
||||
r = getrower(request.user)
|
||||
breadcrumbs = [
|
||||
{
|
||||
@@ -2343,7 +2343,7 @@ def workout_crewnerd_summary_view(request,id=0,message="",successmessage=""):
|
||||
def workout_downloadwind_view(request,id=0,
|
||||
airportcode=None,
|
||||
message="",successmessage=""):
|
||||
row = get_workout(id)
|
||||
row = get_workoutuser(id, request)
|
||||
|
||||
f1 = row.csvfilename
|
||||
|
||||
@@ -2411,7 +2411,7 @@ def workout_downloadwind_view(request,id=0,
|
||||
def workout_downloadmetar_view(request,id=0,
|
||||
airportcode=None,
|
||||
message="",successmessage=""):
|
||||
row = get_workout(id)
|
||||
row = get_workoutuser(id, request)
|
||||
|
||||
f1 = row.csvfilename
|
||||
|
||||
@@ -2480,7 +2480,7 @@ def workout_downloadmetar_view(request,id=0,
|
||||
@permission_required('workout.change_workout',fn=get_workout_by_opaqueid,raise_exception=True)
|
||||
@user_passes_test(ispromember,login_url="/rowers/paidplans",message="This functionality requires a Pro plan or higher. If you are already a Pro user, please log in to access this functionality",redirect_field_name=None)
|
||||
def workout_wind_view(request,id=0,message="",successmessage=""):
|
||||
row = get_workout(id)
|
||||
row = get_workoutuser(id, request)
|
||||
r = getrower(request.user)
|
||||
breadcrumbs = [
|
||||
{
|
||||
@@ -2610,7 +2610,7 @@ def workout_wind_view(request,id=0,message="",successmessage=""):
|
||||
@permission_required('workout.change_workout',fn=get_workout_by_opaqueid,raise_exception=True)
|
||||
@user_passes_test(ispromember,login_url="/rowers/paidplans",message="This functionality requires a Pro plan or higher. If you are already a Pro user, please log in to access this functionality",redirect_field_name=None)
|
||||
def workout_stream_view(request,id=0,message="",successmessage=""):
|
||||
row = get_workout(id)
|
||||
row = get_workoutuser(id, request)
|
||||
r = getrower(request.user)
|
||||
|
||||
|
||||
@@ -2694,7 +2694,7 @@ def workout_stream_view(request,id=0,message="",successmessage=""):
|
||||
@permission_required('workout.change_workout',fn=get_workout_by_opaqueid,raise_exception=True)
|
||||
@user_passes_test(ispromember, login_url="/rowers/paidplans",redirect_field_name=None)
|
||||
def workout_otwsetpower_view(request,id=0,message="",successmessage=""):
|
||||
w = get_workout(id)
|
||||
w = get_workoutuser(id, request)
|
||||
r = getrower(request.user)
|
||||
|
||||
mayedit = 1
|
||||
@@ -2819,7 +2819,7 @@ def workout_otwsetpower_view(request,id=0,message="",successmessage=""):
|
||||
|
||||
@permission_required('workout.change_workout',fn=get_workout_by_opaqueid,raise_exception=True)
|
||||
def instroke_view(request,id=0):
|
||||
w = get_workout(id)
|
||||
w = get_workoutuser(id, request)
|
||||
r = getrower(request.user)
|
||||
mayedit = 1
|
||||
|
||||
@@ -2868,7 +2868,7 @@ def instroke_view(request,id=0):
|
||||
# generate instroke chart
|
||||
@permission_required('workout.change_workout',fn=get_workout_by_opaqueid,raise_exception=True)
|
||||
def instroke_chart(request,id=0,metric=''):
|
||||
w = get_workout(id)
|
||||
w = get_workoutuser(id, request)
|
||||
|
||||
|
||||
|
||||
@@ -2923,7 +2923,7 @@ def instroke_chart(request,id=0,metric=''):
|
||||
def workout_data_view(request, id=0):
|
||||
|
||||
r = getrower(request.user)
|
||||
w = get_workout(id)
|
||||
w = get_workoutuser(id, request)
|
||||
|
||||
|
||||
breadcrumbs = [
|
||||
@@ -3905,16 +3905,14 @@ def workout_comment_view(request,id=0):
|
||||
|
||||
|
||||
# The basic edit page
|
||||
@login_required()
|
||||
@permission_required('workout.change_workout',fn=get_workout_by_opaqueid,raise_exception=True)
|
||||
def workout_edit_view(request,id=0,message="",successmessage=""):
|
||||
request.session[translation.LANGUAGE_SESSION_KEY] = USER_LANGUAGE
|
||||
request.session['referer'] = absolute(request)['PATH']
|
||||
|
||||
|
||||
row = get_workout(id)
|
||||
|
||||
|
||||
|
||||
row = get_workoutuser(id,request)
|
||||
|
||||
if request.user.rower.rowerplan == 'basic' and 'speedcoach2' in row.workoutsource:
|
||||
data = getsmallrowdata_db(['wash'],ids=[encoder.decode_hex(id)])
|
||||
@@ -4230,7 +4228,7 @@ def workout_uploadimage_view(request,id):
|
||||
|
||||
r = getrower(request.user)
|
||||
|
||||
w = get_workout(id)
|
||||
w = get_workoutuser(id, request)
|
||||
|
||||
breadcrumbs = [
|
||||
{
|
||||
@@ -4329,7 +4327,7 @@ def workout_uploadimage_view(request,id):
|
||||
@permission_required('workout.change_workout',fn=get_workout_by_opaqueid,raise_exception=True)
|
||||
def workout_add_chart_view(request,id,plotnr=1):
|
||||
|
||||
w = get_workout(id)
|
||||
w = get_workoutuser(id, request)
|
||||
r = getrower(request.user)
|
||||
|
||||
plotnr = int(plotnr)
|
||||
|
||||
Reference in New Issue
Block a user