feat: integrate FontAwesome and enhance scene permissions

- Added FontAwesome for enriched UI iconography.
- Implemented permission checks in scene edit view to prevent
unauthorized edits.
- Adjusted scene links in the category template for direct edit access,
streamlining the user workflow.

These changes aim at both enhancing the visual elements of the interface
and strengthening the security model by ensuring that only authorized
users can edit scenes. The direct edit links in the category view
further simplify navigation, making the system more intuitive for users.

assets/js/frontend.js

@@ -1 +1 @@
-import '../scss/frontend.scss';
+import '../scss/frontend.scss';

package-lock.json

@@ -9,6 +9,7 @@
       "version": "0.0.1",
       "license": "MIT",
       "dependencies": {
+        "@fortawesome/fontawesome-free": "^6.5.1",
         "@popperjs/core": "^2.11.8",
         "aframe": "^1.5.0",
         "bootstrap": "^5.3.3",
@@ -1719,6 +1720,15 @@
         "node": ">=10.0.0"
       }
     },
+    "node_modules/@fortawesome/fontawesome-free": {
+      "version": "6.5.1",
+      "resolved": "https://registry.npmjs.org/@fortawesome/fontawesome-free/-/fontawesome-free-6.5.1.tgz",
+      "integrity": "sha512-CNy5vSwN3fsUStPRLX7fUYojyuzoEMSXPl7zSLJ8TgtRfjv24LOnOWKT2zYwaHZCJGkdyRnTmstR0P+Ah503Gw==",
+      "hasInstallScript": true,
+      "engines": {
+        "node": ">=6"
+      }
+    },
     "node_modules/@jridgewell/gen-mapping": {
       "version": "0.3.5",
       "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz",

package.json

@@ -27,6 +27,7 @@
     "webpack-cli": "^5.1.4"
   },
   "dependencies": {
+    "@fortawesome/fontawesome-free": "^6.5.1",
     "@popperjs/core": "^2.11.8",
     "aframe": "^1.5.0",
     "bootstrap": "^5.3.3",

quackscape/tours/views.py

@@ -64,6 +64,14 @@ class SceneEditView(UserPermissionMixin, DetailView):
     context_object_name = "scene"
     template_name = "tours/scene_edit.html"
 
+    def get_object(self, queryset=None):
+        obj = super().get_object(queryset)
+
+        if not obj.user_has_permission(self.request.user):
+            raise PermissionDenied()
+
+        return obj
+
 
 @method_decorator(xframe_options_exempt, name="dispatch")
 class SceneEmbedView(SceneView):

quackscape/users/templates/users/category.html

@@ -54,13 +54,15 @@
         {% for scene in category.scenes.all %}
         <tr>
           <td>
-            <a href="/tours/scene/{{ scene.id }}/"
+            <a href="/tours/scene/{{ scene.id }}/edit/"
               ><img
                 src="{{ scene.thumbnail.file.url }}"
                 alt="{{ scene.title }}"
             /></a>
           </td>
-          <td><a href="/tours/scene/{{ scene.id }}/">{{ scene.title }}</a></td>
+          <td>
+            <a href="/tours/scene/{{ scene.id }}/edit/">{{ scene.title }}</a>
+          </td>
           <td>
             <!-- TODO: Actions like Edit/Delete will go here -->
           </td>