feat: integrate FontAwesome and enhance scene permissions

- Added FontAwesome for enriched UI iconography.
- Implemented permission checks in scene edit view to prevent
unauthorized edits.
- Adjusted scene links in the category template for direct edit access,
streamlining the user workflow.

These changes aim at both enhancing the visual elements of the interface
and strengthening the security model by ensuring that only authorized
users can edit scenes. The direct edit links in the category view
further simplify navigation, making the system more intuitive for users.
This commit is contained in:
Kumi 2024-03-15 09:36:44 +01:00
parent 8c3ea535e5
commit 4779f89513
Signed by: kumi
GPG key ID: ECBCC9082395383F
5 changed files with 24 additions and 3 deletions

View file

@ -1 +1 @@
import '../scss/frontend.scss';
import '../scss/frontend.scss';

10
package-lock.json generated
View file

@ -9,6 +9,7 @@
"version": "0.0.1",
"license": "MIT",
"dependencies": {
"@fortawesome/fontawesome-free": "^6.5.1",
"@popperjs/core": "^2.11.8",
"aframe": "^1.5.0",
"bootstrap": "^5.3.3",
@ -1719,6 +1720,15 @@
"node": ">=10.0.0"
}
},
"node_modules/@fortawesome/fontawesome-free": {
"version": "6.5.1",
"resolved": "https://registry.npmjs.org/@fortawesome/fontawesome-free/-/fontawesome-free-6.5.1.tgz",
"integrity": "sha512-CNy5vSwN3fsUStPRLX7fUYojyuzoEMSXPl7zSLJ8TgtRfjv24LOnOWKT2zYwaHZCJGkdyRnTmstR0P+Ah503Gw==",
"hasInstallScript": true,
"engines": {
"node": ">=6"
}
},
"node_modules/@jridgewell/gen-mapping": {
"version": "0.3.5",
"resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz",

View file

@ -27,6 +27,7 @@
"webpack-cli": "^5.1.4"
},
"dependencies": {
"@fortawesome/fontawesome-free": "^6.5.1",
"@popperjs/core": "^2.11.8",
"aframe": "^1.5.0",
"bootstrap": "^5.3.3",

View file

@ -64,6 +64,14 @@ class SceneEditView(UserPermissionMixin, DetailView):
context_object_name = "scene"
template_name = "tours/scene_edit.html"
def get_object(self, queryset=None):
obj = super().get_object(queryset)
if not obj.user_has_permission(self.request.user):
raise PermissionDenied()
return obj
@method_decorator(xframe_options_exempt, name="dispatch")
class SceneEmbedView(SceneView):

View file

@ -54,13 +54,15 @@
{% for scene in category.scenes.all %}
<tr>
<td>
<a href="/tours/scene/{{ scene.id }}/"
<a href="/tours/scene/{{ scene.id }}/edit/"
><img
src="{{ scene.thumbnail.file.url }}"
alt="{{ scene.title }}"
/></a>
</td>
<td><a href="/tours/scene/{{ scene.id }}/">{{ scene.title }}</a></td>
<td>
<a href="/tours/scene/{{ scene.id }}/edit/">{{ scene.title }}</a>
</td>
<td>
<!-- TODO: Actions like Edit/Delete will go here -->
</td>