Compare commits
3 Commits
0707d2d51e
...
c84be34a37
Author | SHA1 | Date | |
---|---|---|---|
c84be34a37 | |||
3959096c95 | |||
76daa71217 |
@ -1 +1,4 @@
|
|||||||
<svg fill="#000000" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 30 30" width="30px" height="30px"><path d="M 3 7 A 1.0001 1.0001 0 1 0 3 9 L 27 9 A 1.0001 1.0001 0 1 0 27 7 L 3 7 z M 3 14 A 1.0001 1.0001 0 1 0 3 16 L 27 16 A 1.0001 1.0001 0 1 0 27 14 L 3 14 z M 3 21 A 1.0001 1.0001 0 1 0 3 23 L 27 23 A 1.0001 1.0001 0 1 0 27 21 L 3 21 z"/></svg>
|
<svg fill="#000000" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 30 30" width="30px" height="30px">
|
||||||
|
<path
|
||||||
|
d="M 3 7 A 1.0001 1.0001 0 1 0 3 9 L 27 9 A 1.0001 1.0001 0 1 0 27 7 L 3 7 z M 3 14 A 1.0001 1.0001 0 1 0 3 16 L 27 16 A 1.0001 1.0001 0 1 0 27 14 L 3 14 z M 3 21 A 1.0001 1.0001 0 1 0 3 23 L 27 23 A 1.0001 1.0001 0 1 0 27 21 L 3 21 z" />
|
||||||
|
</svg>
|
Before Width: | Height: | Size: 351 B After Width: | Height: | Size: 358 B |
@ -62,7 +62,7 @@
|
|||||||
<span class="LP-Text">{{photo_album.label}}</span>
|
<span class="LP-Text">{{photo_album.label}}</span>
|
||||||
</a>
|
</a>
|
||||||
{% if user == photo_album.submitted_by or user == place.submitted_by %}
|
{% if user == photo_album.submitted_by or user == place.submitted_by %}
|
||||||
<a href="google.com" class="LP-Link LP-LinkList__ItemHover" title="Delete Photo Album">
|
<a href="{% url 'photo_album_delete' pk=photo_album.pk%}" class="LP-Link LP-LinkList__ItemHover" title="Delete Photo Album">
|
||||||
<div class="RV-Iconized__Container RV-Iconized__Container--small">
|
<div class="RV-Iconized__Container RV-Iconized__Container--small">
|
||||||
{% icon 'trash' className="RV-Iconized__Icon" %}
|
{% icon 'trash' className="RV-Iconized__Icon" %}
|
||||||
</div>
|
</div>
|
||||||
|
@ -7,7 +7,8 @@ from .views import (
|
|||||||
PlaceCreateView,
|
PlaceCreateView,
|
||||||
PlaceUpdateView,
|
PlaceUpdateView,
|
||||||
PlaceDeleteView,
|
PlaceDeleteView,
|
||||||
PhotoAlbumCreateView
|
PhotoAlbumCreateView,
|
||||||
|
PhotoAlbumDeleteView
|
||||||
)
|
)
|
||||||
|
|
||||||
urlpatterns = [
|
urlpatterns = [
|
||||||
@ -16,6 +17,7 @@ urlpatterns = [
|
|||||||
path('place/<int:pk>/', PlaceDetailView.as_view(), name='place_detail'),
|
path('place/<int:pk>/', PlaceDetailView.as_view(), name='place_detail'),
|
||||||
path('place/create/', PlaceCreateView.as_view(), name='place_create'),
|
path('place/create/', PlaceCreateView.as_view(), name='place_create'),
|
||||||
path('photo_album/create/<int:place_id>', PhotoAlbumCreateView.as_view(), name='photo_album_create'),
|
path('photo_album/create/<int:place_id>', PhotoAlbumCreateView.as_view(), name='photo_album_create'),
|
||||||
|
path('photo_album/delete/<int:pk>', PhotoAlbumDeleteView.as_view(), name='photo_album_delete'),
|
||||||
path('place/update/<int:pk>/', PlaceUpdateView.as_view(), name='place_edit'),
|
path('place/update/<int:pk>/', PlaceUpdateView.as_view(), name='place_edit'),
|
||||||
path('place/delete/<int:pk>/', PlaceDeleteView.as_view(), name='place_delete'),
|
path('place/delete/<int:pk>/', PlaceDeleteView.as_view(), name='place_delete'),
|
||||||
path('place/', PlaceListView.as_view(), name='place_list')
|
path('place/', PlaceListView.as_view(), name='place_list')
|
||||||
|
@ -5,6 +5,7 @@
|
|||||||
from django.shortcuts import render, redirect, get_object_or_404
|
from django.shortcuts import render, redirect, get_object_or_404
|
||||||
from django.urls import reverse_lazy
|
from django.urls import reverse_lazy
|
||||||
from django.views.generic.edit import CreateView, UpdateView, DeleteView
|
from django.views.generic.edit import CreateView, UpdateView, DeleteView
|
||||||
|
from django.views.generic.detail import SingleObjectMixin
|
||||||
from django.views.generic import ListView
|
from django.views.generic import ListView
|
||||||
from django.views import View
|
from django.views import View
|
||||||
from django.http import Http404
|
from django.http import Http404
|
||||||
@ -25,22 +26,36 @@ from .models import Place, PlaceImage, Voucher, PhotoAlbum
|
|||||||
# BaseView that checks if user is logged in.
|
# BaseView that checks if user is logged in.
|
||||||
class IsAuthenticated(LoginRequiredMixin, View):
|
class IsAuthenticated(LoginRequiredMixin, View):
|
||||||
redirect_field_name = 'redirect_to'
|
redirect_field_name = 'redirect_to'
|
||||||
|
permission_denied_message = 'Please login to proceed'
|
||||||
|
|
||||||
|
def handle_no_permission(self):
|
||||||
|
messages.error(self.request, self.permission_denied_message)
|
||||||
|
return super().handle_no_permission()
|
||||||
|
|
||||||
# BaseView that checks if logged in user is submitter of place.
|
# BaseView that checks if logged in user is submitter of place.
|
||||||
class IsSubmitter(UserPassesTestMixin, View):
|
class IsPlaceSubmitter(UserPassesTestMixin, View):
|
||||||
|
place_submitter_error_message = None
|
||||||
|
|
||||||
|
def get_place(self):
|
||||||
|
pass
|
||||||
|
|
||||||
def test_func(self):
|
def test_func(self):
|
||||||
""" Check if user is eligible to modify place. """
|
""" Check if user is eligible to modify place. """
|
||||||
|
|
||||||
|
if not hasattr(self.request, 'user'):
|
||||||
|
return False
|
||||||
|
|
||||||
if self.request.user.is_superuser:
|
if self.request.user.is_superuser:
|
||||||
return True
|
return True
|
||||||
|
|
||||||
# Check if currently logged in user was the submitter
|
# Check if currently logged in user was the submitter
|
||||||
place_obj = self.get_object()
|
place_obj = self.get_place()
|
||||||
|
|
||||||
if self.request.user == place_obj.submitted_by:
|
if place_obj and hasattr(place_obj, 'submitted_by') and self.request.user == place_obj.submitted_by:
|
||||||
return True
|
return True
|
||||||
|
|
||||||
messages.error(
|
if self.place_submitter_error_message:
|
||||||
self.request, 'You do not have permission to do this.')
|
messages.error(self.request, self.place_submitter_error_message)
|
||||||
return False
|
return False
|
||||||
|
|
||||||
class SignUpView(SuccessMessageMixin, CreateView):
|
class SignUpView(SuccessMessageMixin, CreateView):
|
||||||
@ -80,15 +95,19 @@ class HomeView(View):
|
|||||||
}
|
}
|
||||||
return render(request, 'home.html', context)
|
return render(request, 'home.html', context)
|
||||||
|
|
||||||
class PlaceUpdateView(IsAuthenticated, IsSubmitter, SuccessMessageMixin, UpdateView):
|
class PlaceUpdateView(IsAuthenticated, IsPlaceSubmitter, SuccessMessageMixin, UpdateView):
|
||||||
template_name = 'place/place_update.html'
|
template_name = 'place/place_update.html'
|
||||||
model = Place
|
model = Place
|
||||||
form_class = PlaceForm
|
form_class = PlaceForm
|
||||||
success_message = 'Successfully updated place.'
|
success_message = 'Successfully updated place.'
|
||||||
|
place_submitter_error_message = 'You do no have permissions to alter this place'
|
||||||
|
|
||||||
def get_success_url(self):
|
def get_success_url(self):
|
||||||
return reverse_lazy('place_detail', kwargs={'pk':self.get_object().pk})
|
return reverse_lazy('place_detail', kwargs={'pk':self.get_object().pk})
|
||||||
|
|
||||||
|
def get_place(self):
|
||||||
|
return self.get_object()
|
||||||
|
|
||||||
class PlaceCreateView(IsAuthenticated, View):
|
class PlaceCreateView(IsAuthenticated, View):
|
||||||
|
|
||||||
def get(self, request, *args, **kwargs):
|
def get(self, request, *args, **kwargs):
|
||||||
@ -145,17 +164,21 @@ class PlaceCreateView(IsAuthenticated, View):
|
|||||||
)
|
)
|
||||||
place_image.save()
|
place_image.save()
|
||||||
|
|
||||||
class PlaceDeleteView(IsAuthenticated, IsSubmitter, DeleteView):
|
class PlaceDeleteView(IsAuthenticated, IsPlaceSubmitter, DeleteView):
|
||||||
template_name = 'place/place_delete.html'
|
template_name = 'place/place_delete.html'
|
||||||
model = Place
|
model = Place
|
||||||
success_message = 'Successfully deleted place.'
|
success_message = 'Successfully deleted place.'
|
||||||
success_url = reverse_lazy('place_list')
|
success_url = reverse_lazy('place_list')
|
||||||
success_message = 'Place deleted'
|
success_message = 'Place deleted'
|
||||||
|
place_submitter_error_message = 'You do no have permission to delete this place'
|
||||||
|
|
||||||
def delete(self, request, *args, **kwargs):
|
def delete(self, request, *args, **kwargs):
|
||||||
messages.success(self.request, self.success_message)
|
messages.success(self.request, self.success_message)
|
||||||
return super().delete(request, *args, **kwargs)
|
return super().delete(request, *args, **kwargs)
|
||||||
|
|
||||||
|
def get_place(self):
|
||||||
|
return self.get_object()
|
||||||
|
|
||||||
class AlbumCreateView(IsAuthenticated, View):
|
class AlbumCreateView(IsAuthenticated, View):
|
||||||
def get(self, request, *args, **kwargs):
|
def get(self, request, *args, **kwargs):
|
||||||
url = request.GET['url']
|
url = request.GET['url']
|
||||||
@ -169,11 +192,11 @@ class AlbumCreateView(IsAuthenticated, View):
|
|||||||
print(photo_album)
|
print(photo_album)
|
||||||
return redirect(reverse_lazy('place_detail', kwargs={'pk': place_id}))
|
return redirect(reverse_lazy('place_detail', kwargs={'pk': place_id}))
|
||||||
|
|
||||||
class PhotoAlbumCreateView(IsAuthenticated, CreateView):
|
class PhotoAlbumCreateView(IsAuthenticated, SuccessMessageMixin, CreateView):
|
||||||
model = PhotoAlbum
|
model = PhotoAlbum
|
||||||
fields = ['url', 'label']
|
fields = ['url', 'label']
|
||||||
template_name = 'photo_album/photo_album_create.html'
|
template_name = 'photo_album/photo_album_create.html'
|
||||||
success_message = 'Photo album submitted'
|
success_message = 'Photo Album submitted'
|
||||||
|
|
||||||
def get(self, request, place_id, *args, **kwargs):
|
def get(self, request, place_id, *args, **kwargs):
|
||||||
self.place = Place.objects.get(pk=place_id)
|
self.place = Place.objects.get(pk=place_id)
|
||||||
@ -193,4 +216,30 @@ class PhotoAlbumCreateView(IsAuthenticated, CreateView):
|
|||||||
return context
|
return context
|
||||||
|
|
||||||
def get_success_url(self):
|
def get_success_url(self):
|
||||||
return reverse_lazy('place_detail', kwargs={'pk': self.place.id})
|
return reverse_lazy('place_detail', kwargs={'pk': self.place.id})
|
||||||
|
|
||||||
|
class PhotoAlbumDeleteView(IsAuthenticated, IsPlaceSubmitter, SingleObjectMixin, View):
|
||||||
|
model = PhotoAlbum
|
||||||
|
pk_url_kwarg = 'pk'
|
||||||
|
success_message = 'Photo Album deleted'
|
||||||
|
|
||||||
|
def get_place(self):
|
||||||
|
place_id = self.get_object().place.id
|
||||||
|
return Place.objects.get(pk=place_id)
|
||||||
|
|
||||||
|
def test_func(self):
|
||||||
|
can_edit_place = super().test_func()
|
||||||
|
if can_edit_place:
|
||||||
|
return True
|
||||||
|
|
||||||
|
if self.get_object().submitted_by == self.request.user:
|
||||||
|
return True
|
||||||
|
|
||||||
|
messages.error(self.request, 'You do not have permissions to alter this photo album')
|
||||||
|
return False
|
||||||
|
|
||||||
|
def get(self, request, *args, **kwargs):
|
||||||
|
place_id = self.get_object().place.id
|
||||||
|
self.get_object().delete()
|
||||||
|
messages.success(self.request, self.success_message)
|
||||||
|
return redirect(reverse_lazy('place_detail', kwargs={'pk': place_id}))
|
||||||
|
@ -16,16 +16,16 @@
|
|||||||
<div class="LP-Form__Field">
|
<div class="LP-Form__Field">
|
||||||
{% include 'partials/form/inputField.html' with field=form.password %}
|
{% include 'partials/form/inputField.html' with field=form.password %}
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div class="LP-Form__Composition LP-Form__Composition--buttons">
|
<div class="LP-Form__Composition LP-Form__Composition--buttons">
|
||||||
<div class="LP-Form__Field LP-Form__Button LP-Input">
|
<div class="LP-Form__Field LP-Form__Button LP-Input">
|
||||||
<button class="LP-Button">Login</button>
|
<button class="LP-Button">Login</button>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
|
||||||
</fieldset>
|
</fieldset>
|
||||||
|
|
||||||
</form>
|
</form>
|
||||||
|
|
||||||
|
<p class="LP-Headline">No account? <a class="LP-Link" href="{% url 'signup' %}"><span class="LP-Link__Text">Sign up here</span></a></p>
|
||||||
|
|
||||||
{% endblock maincontent %}
|
{% endblock maincontent %}
|
Loading…
Reference in New Issue
Block a user