sander/rowsandall
Private
Public Access
1
0
Fork 0
Code Activity

half way through planviews, added can_change_session

Browse Source
This commit is contained in:
Sander Roosendaal
2020-01-14 15:59:53 +01:00
parent a436308561
commit f627b5e925
6 changed files with 57 additions and 115 deletions
Download Patch File Download Diff File Expand all files Collapse all files

122
rowers/views/planviews.py
View File

@@ -5,27 +5,11 @@ from __future__ import unicode_literals
from rowers.views.statements import *
@login_required()
@login_required
@permission_required('plannedsession.view_session',fn=get_session_by_pk,raise_exception=True)
def plannedsession_comment_view(request,id=0,userid=0):
r = getrequestplanrower(request,userid=userid)
try:
ps = PlannedSession.objects.get(id=id)
except PlannedSession.DoesNotExist:
raise Http404("Planned Session does not exist")
m = ps.manager
mm = Rower.objects.get(user=m)
if ps.manager != request.user and ps.sessiontype not in ['race','indoorrace']:
if r.rowerplan == 'coach' and r not in ps.rower.all():
teams = Team.objects.filter(manager=request.user)
members = Rower.objects.filter(team__in=teams).distinct()
teamusers = [m.user for m in members]
if ps.manager not in teamusers:
raise PermissionDenied("You do not have access to this session")
elif r not in ps.rower.all():
raise PermissionDenied("You do not have access to this session")
ps = get_object_or_404(PlannedSession,pk=id)
comments = PlannedSessionComment.objects.filter(plannedsession=ps).order_by("created")
@@ -171,7 +155,7 @@ def plannedsession_comment_view(request,id=0,userid=0):
})
# Cloning sessions
@user_passes_test(hasplannedsessions,login_url="/rowers/paidplans/",
@user_passes_test(isplanmember,login_url="/rowers/paidplans/",
message="This functionality requires a Coach or Self-Coach plan",
redirect_field_name=None)
def plannedsession_multiclone_view(
@@ -322,7 +306,7 @@ def plannedsession_multiclone_view(
)
# Individual user creates training for himself
@user_passes_test(hasplannedsessions,login_url="/rowers/paidplans/",
@user_passes_test(isplanmember,login_url="/rowers/paidplans/",
message="This functionality requires a Coach or Self-Coach plan",
redirect_field_name=None)
def plannedsession_create_view(request,
@@ -477,7 +461,7 @@ def plannedsession_create_view(request,
'timeperiod':timeperiod,
})
@user_passes_test(hasplannedsessions,login_url="/rowers/paidplans/",
@user_passes_test(isplanmember,login_url="/rowers/paidplans/",
message="This functionality requires a Coach or Self-Coach plan",
redirect_field_name=None)
def plannedsession_multicreate_view(request,
@@ -613,7 +597,7 @@ def plannedsession_multicreate_view(request,
return render(request,'plannedsession_multicreate.html',context)
# Manager creates sessions for entire team
@user_passes_test(hasplannedsessions,login_url="/rowers/paidplans/",
@user_passes_test(isplanmember,login_url="/rowers/paidplans/",
message="This functionality requires a Coach or Self-Coach plan",
redirect_field_name=None)
def plannedsession_teamcreate_view(request,
@@ -786,21 +770,16 @@ def plannedsession_teamcreate_view(request,
})
# Manager edits sessions for entire team
@user_passes_test(hasplannedsessions,login_url="/rowers/paidplans/",
@user_passes_test(isplanmember,login_url="/rowers/paidplans/",
message="This functionality requires a Coach or Self-Coach plan",
redirect_field_name=None)
@permission_required('plannedsession.change_session',fn=get_session_by_pk,raise_exception=True)
def plannedsession_teamedit_view(request,
sessionid=0,userid=0):
id=0,userid=0):
r = getrequestplanrower(request,userid=userid)
try:
ps = PlannedSession.objects.get(id=sessionid)
except PlannedSession.DoesNotExist:
raise Http404("This session doesn't exist")
if not ps.manager == request.user:
raise PermissionDenied("You are not the manager of this session")
ps = get_object_or_404(PlannedSession,pk=id)
teams = Team.objects.filter(manager=request.user)
teamchoices = [(team.id, team.name) for team in teams]
@@ -1402,7 +1381,8 @@ def plannedsessions_manage_view(request,userid=0,
# Clone an existing planned session
# need clarity on cloning behavior time shift
@user_passes_test(hasplannedsessions,login_url="/rowers/paidplans/",
@permission_required('plannedsession.change_session',fn=get_session_by_pk,raise_exception=True)
@user_passes_test(isplanmember,login_url="/rowers/paidplans/",
message="This functionality requires a Coach or Self-Coach plan",
redirect_field_name=None)
def plannedsession_clone_view(request,id=0,userid=0):
@@ -1420,13 +1400,7 @@ def plannedsession_clone_view(request,id=0,userid=0):
except IndexError:
trainingplan = None
try:
ps = PlannedSession.objects.get(id=id)
except PlannedSession.DoesNotExist:
raise Http404("Planned Session does not exist")
if ps.manager != request.user:
raise PermissionDenied("You are not allowed to clone this planned session")
ps = get_object_or_404(PlannedSession,pk=id)
rowers = ps.rower.all()
teams = ps.team.all()
@@ -1470,7 +1444,8 @@ def plannedsession_clone_view(request,id=0,userid=0):
# Clone an existing planned session
# need clarity on cloning behavior time shift
@user_passes_test(hasplannedsessions,login_url="/rowers/paidplans/",
@permission_required('plannedsession.change_session',fn=get_session_by_pk,raise_exception=True)
@user_passes_test(isplanmember,login_url="/rowers/paidplans/",
message="This functionality requires a Coach or Self-Coach plan",
redirect_field_name=None)
def plannedsession_teamclone_view(request,id=0):
@@ -1497,13 +1472,7 @@ def plannedsession_teamclone_view(request,id=0):
except IndexError:
trainingplan = None
try:
ps = PlannedSession.objects.get(id=id)
except PlannedSession.DoesNotExist:
raise Http404("Planned Session does not exist")
if ps.manager != request.user:
raise PermissionDenied("You are not allowed to clone this planned session")
ps = get_object_or_404(PlannedSession,pk=id)
ps.pk = None
@@ -1534,7 +1503,8 @@ def plannedsession_teamclone_view(request,id=0):
return HttpResponseRedirect(url)
@user_passes_test(hasplannedsessions, login_url="/rowers/paidplans/",
@permission_required('plannedsession.change_session',fn=get_session_by_pk,raise_exception=True)
@user_passes_test(isplanmember, login_url="/rowers/paidplans/",
message="This functionality requires a Coach or Self-Coach plan",
redirect_field_name=None)
def plannedsession_totemplate_view(request,id=0):
@@ -1543,13 +1513,7 @@ def plannedsession_totemplate_view(request,id=0):
startdate, enddate = get_dates_timeperiod(request)
try:
ps = PlannedSession.objects.get(id=id)
except PlannedSession.DoesNotExist:
raise Http404("Planned Session does not exist")
if ps.manager != request.user:
raise PermissionDenied("You can only store your own sessions as a template")
ps = get_object_or_404(PlannedSession,pk=id)
ps.pk = None
ps.id = None
@@ -1567,7 +1531,8 @@ def plannedsession_totemplate_view(request,id=0):
return HttpResponseRedirect(url)
# Edit an existing planned session
@user_passes_test(hasplannedsessions,login_url="/rowers/paidplans/",
@permission_required('plannedsession.change_session',fn=get_session_by_pk,raise_exception=True)
@user_passes_test(isplanmember,login_url="/rowers/paidplans/",
message="This functionality requires a Coach or Self-Coach plan",
redirect_field_name=None)
def plannedsession_edit_view(request,id=0,userid=0):
@@ -1587,16 +1552,7 @@ def plannedsession_edit_view(request,id=0,userid=0):
except IndexError:
trainingplan = None
try:
ps = PlannedSession.objects.get(id=id)
except PlannedSession.DoesNotExist:
raise Http404("Planned Session does not exist")
if ps.manager != request.user:
raise PermissionDenied("You are not allowed to edit this planned session")
if ps.sessiontype in ['race','indoorrace']:
raise PermissionDenied("You are not allowed to edit this planned session because it is a race")
ps = get_object_or_404(PlannedSession,pk=id)
if ps.team.all() or ps.rower.all().count()>1:
url = reverse(plannedsession_teamedit_view,
@@ -1714,16 +1670,12 @@ def plannedsession_detach_view(request,id=0,psid=0):
return HttpResponseRedirect(url)
@login_required()
@permission_required('plannedsession.view_session',fn=get_session_by_pk,raise_exception=True)
def plannedsession_view(request,id=0,userid=0):
r = getrequestplanrower(request,userid=userid)
try:
ps = PlannedSession.objects.get(id=id)
except PlannedSession.DoesNotExist:
raise Http404("Planned Session does not exist")
ps = get_object_or_404(PlannedSession,pk=id)
if ps.sessiontype in ['race','indoorrace']:
url = reverse('virtualevent_view',
@@ -1740,16 +1692,6 @@ def plannedsession_view(request,id=0,userid=0):
m = ps.manager
mm = Rower.objects.get(user=m)
if ps.manager != request.user:
if 'coach' in r.rowerplan and r not in ps.rower.all():
teams = Team.objects.filter(manager=request.user)
members = Rower.objects.filter(team__in=teams).distinct()
teamusers = [m.user for m in members]
if ps.manager not in teamusers:
raise PermissionDenied("You do not have access to this session")
elif r not in ps.rower.all():
raise PermissionDenied("You do not have access to this session")
resultsdict = get_session_metrics(ps)
resultsdict = pd.DataFrame(resultsdict).transpose().to_dict()
@@ -1965,7 +1907,7 @@ class PlannedSessionDelete(DeleteView):
return obj
@user_passes_test(hasplannedsessions,login_url="/rowers/paidplans",
@user_passes_test(isplanmember,login_url="/rowers/paidplans",
message="This functionality requires a Coach or Self-Coach plan",
redirect_field_name=None)
def rower_create_trainingplan(request,userid=0):
@@ -2094,7 +2036,7 @@ def rower_create_trainingplan(request,userid=0):
'old_targets':old_targets,
})
@user_passes_test(hasplannedsessions,login_url="/rowers/paidplans",
@user_passes_test(isplanmember,login_url="/rowers/paidplans",
message="This functionality requires a Coach or Self-Coach plan",
redirect_field_name=None)
def rower_delete_trainingtarget(request,id=0):
@@ -2114,7 +2056,7 @@ def rower_delete_trainingtarget(request,id=0):
return HttpResponseRedirect(url)
@user_passes_test(hasplannedsessions,login_url="/rowers/paidplans",
@user_passes_test(isplanmember,login_url="/rowers/paidplans",
message="This functionality requires a Coach or Self-Coach plan",
redirect_field_name=None)
def rower_delete_trainingplan(request,id=0):
@@ -2328,7 +2270,7 @@ class MacroCycleDelete(DeleteView):
return obj
@user_passes_test(hasplannedsessions,login_url="/rowers/paidplans",
@user_passes_test(isplanmember,login_url="/rowers/paidplans",
message="This functionality requires a Coach or Self-Coach plan",
redirect_field_name=None)
def rower_trainingplan_execution_view(request,
@@ -2418,7 +2360,7 @@ def rower_trainingplan_execution_view(request,
)
@user_passes_test(hasplannedsessions,login_url="/rowers/paidplans",
@user_passes_test(isplanmember,login_url="/rowers/paidplans",
message="This functionality requires a Coach or Self-Coach plan",
redirect_field_name=None)
def rower_trainingplan_view(request,
@@ -2841,7 +2783,7 @@ class TrainingTargetUpdate(UpdateView):
from rowers.utils import allsundays
@user_passes_test(hasplannedsessions,login_url="/rowers/paidplans",
@user_passes_test(isplanmember,login_url="/rowers/paidplans",
message="This functionality requires a Coach or Self-Coach plan",
redirect_field_name=None)
def planmesocyclebyweek(request,id=0,userid=0):
@@ -2896,7 +2838,7 @@ def planmesocyclebyweek(request,id=0,userid=0):
from rowers.utils import allmonths
@user_passes_test(hasplannedsessions,login_url="/rowers/paidplans",
@user_passes_test(isplanmember,login_url="/rowers/paidplans",
message="This functionality requires a Coach or Self-Coach plan",
redirect_field_name=None)
def planmacrocyclebymonth(request,id=0,userid=0):