admin/WerkoutAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Codebase hardening: 102 fixes across 35+ files

Browse Source 
Deep audit identified 106 findings; 102 fixed, 4 deferred. Covers 8 areas:

- Settings & deploy: env-gated DEBUG/SECRET_KEY, HTTPS headers, gunicorn, celery worker
- Auth (registered_user): password write_only, request.data fixes, transaction safety, proper HTTP status codes
- Workout app: IDOR protection, get_object_or_404, prefetch_related N+1 fixes, transaction.atomic
- Video/scripts: path traversal sanitization, HLS trigger guard, auth on cache wipe
- Models (exercise/equipment/muscle/superset): null-safe __str__, stable IDs, prefetch support
- Generator views: helper for registered_user lookup, logger.exception, bulk_update, transaction wrapping
- Generator core (rules/selector/generator): push-pull ratio, type affinity normalization, modality checks, side-pair exact match, word-boundary regex, equipment cache clearing
- Generator services (plan_builder/analyzer/normalizer): transaction.atomic, muscle cache, bulk_update, glutes classification fix

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Trey t
2026-02-27 22:29:14 -06:00
parent 63b57a83ab
commit c80c66c2e5
58 changed files with 3363 additions and 1049 deletions
Download Patch File Download Diff File Expand all files Collapse all files

83
generator/tests/test_rules_engine.py
View File

@@ -548,6 +548,89 @@ class TestValidateWorkout(TestCase):
f"Expected superset focus repetition error, got {[v.rule_id for v in violations]}",
)
def test_working_set_rejects_recovery_stretch_movements(self):
stretch_ex = _make_exercise(
name='Supine Pec Stretch - T',
movement_patterns='mobility - static, mobility, cool down',
is_reps=False,
is_duration=True,
)
push_ex = _make_exercise(
name='Single-Arm Dumbbell Push Press',
movement_patterns='upper push - vertical, upper push',
is_reps=True,
is_duration=False,
is_compound=True,
is_weight=True,
exercise_tier='secondary',
)
workout_spec = {
'supersets': [
_make_superset(name='Warm Up', exercises=[
_make_entry(exercise=_make_exercise(is_reps=False), duration=30),
], rounds=1),
_make_superset(
name='Working Set 1',
exercises=[
_make_entry(exercise=push_ex, reps=8, order=1),
_make_entry(exercise=stretch_ex, duration=30, order=2),
],
rounds=4,
),
_make_superset(name='Cool Down', exercises=[
_make_entry(exercise=_make_exercise(is_reps=False), duration=30),
], rounds=1),
],
}
violations = validate_workout(
workout_spec, 'functional_strength_training', 'general_fitness',
)
stretch_errors = [
v for v in violations
if v.rule_id == 'working_contains_recovery' and v.severity == 'error'
]
self.assertTrue(stretch_errors, 'Expected recovery/stretch error in working set.')
def test_working_set_requires_positive_rest_between_rounds(self):
workout_spec = {
'supersets': [
_make_superset(name='Warm Up', exercises=[
_make_entry(exercise=_make_exercise(is_reps=False), duration=30),
], rounds=1),
{
'name': 'Working Set 1',
'rounds': 4,
'rest_between_rounds': 0,
'exercises': [
_make_entry(
exercise=_make_exercise(
name='Barbell Push Press',
movement_patterns='upper push',
is_compound=True,
is_weight=True,
exercise_tier='primary',
),
reps=5,
order=1,
),
],
},
_make_superset(name='Cool Down', exercises=[
_make_entry(exercise=_make_exercise(is_reps=False), duration=30),
], rounds=1),
],
}
violations = validate_workout(
workout_spec, 'functional_strength_training', 'general_fitness',
)
rest_warnings = [
v for v in violations
if v.rule_id == 'working_rest_missing' and v.severity == 'warning'
]
self.assertTrue(rest_warnings, 'Expected warning for missing/zero working rest.')
def test_adjacent_focus_repetition_info(self):
"""Adjacent working supersets with same focus profile should be advisory."""
pull_a = _make_exercise(name='Bicep Curl', movement_patterns='upper pull')