From 0ee393725edbed448512ba8458a1e6047e0cb75f Mon Sep 17 00:00:00 2001
From: FreneticScribbler <aj@aronajones.com>
Date: Sat, 11 Jan 2020 20:24:37 +0000
Subject: [PATCH] FIX: Require login on events and event embeds again

Little too far to the open side there Arona... Whooooooops!
---
 RIGS/forms.py | 5 +++--
 RIGS/urls.py  | 2 +-
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/RIGS/forms.py b/RIGS/forms.py
index be9e440c..92a6e60e 100644
--- a/RIGS/forms.py
+++ b/RIGS/forms.py
@@ -36,9 +36,10 @@ class ProfileRegistrationFormUniqueEmail(RegistrationFormUniqueEmail):
 
 class CheckApprovedForm(AuthenticationForm):
     def confirm_login_allowed(self, user):
-        if not user.is_approved and not user.is_superuser:
+        if user.is_approved or user.is_superuser:
+            return AuthenticationForm.confirm_login_allowed(self, user)
+        else:
             raise forms.ValidationError("Your account hasn't been approved by an administrator yet. Please check back in a few minutes!")
-        return AuthenticationForm.confirm_login_allowed(self, user)
 
 
 # Embedded Login form - remove the autofocus
diff --git a/RIGS/urls.py b/RIGS/urls.py
index e4e3908d..054f4b16 100644
--- a/RIGS/urls.py
+++ b/RIGS/urls.py
@@ -87,7 +87,7 @@ urlpatterns = [
         login_required()(versioning.ActivityFeed.as_view()),
         name='activity_feed'),
 
-    url(r'^event/(?P<pk>\d+)/$', (
+    url(r'^event/(?P<pk>\d+)/$', permission_required_with_403('', oembed_view="event_oembed")(
             rigboard.EventDetail.as_view()),
         name='event_detail'),
     url(r'^event/(?P<pk>\d+)/embed/$',