Add authorisation process for sign ups and allow access to EventDetail for basic users (#399)

* CHANGE: First pass at opening up RIGS #233 Whilst it makes it something of a misnomer, the intent is to make the 'view_event' perm a permission to view event details like client/price. I don't see the point in giving everyone 'view_event' and adding a new 'view_event_detail'...Open to arguments the other way. * CHANGE: New user signups now require admin approval Given that I intend to reveal much more data to new users this seems necessary... * CHORE: Fix CI * FIX: Legacy Profiles are now auto-approved correctly * Add testing of approval mechanism This fixes the other functional tests failing because the user cannot login without being approved. * Superusers bypass approval check This should fix the remainder of the tests * Prevent unapproved users logging in through embeds Test suite doing its job...! * FIX: Require login on events and event embeds again Little too far to the open side there Arona... Whooooooops! * FIX: Use has_oembed decorator for events * FIX: Re-prevent basic seeing reversion This is to prevent financials/client data leaking when changed. Hopefully can show them a filtered version in future. * FIX: Remove mitigation for #264 Someone quietly fixed it, it appears * FEAT: Add admin email notif when an account is activated and awaiting approval No async or time-since shenanigans yet! * FIX: Whoops, undo accidental whitespace change * FEAT: Add a fifteen min cooldown between emails to admins Probably not the right way to go about it...but it does work! TODO: How to handle cooldown-emailing shared mailbox addresses? * FIX: Remove event modal history deadlink for basic users Also removes some links on the RIGS homepage that will deadlink for them * FIX: Wrong perms syntax for history pages * CHORE: Squash migrations * FIX: Use a setting for cooldown * FIX: Minor code improvements
2026-02-14 10:39:41 +00:00 · 2020-02-29 11:34:50 +00:00
parent ae151ed45e
commit 4a4d4a5cf3
19 changed files with 196 additions and 30 deletions
--- a/RIGS/templates/RIGS/index.html
+++ b/RIGS/templates/RIGS/index.html
@@ -11,7 +11,7 @@
    </div>
    <div class="row">
    <div class="col-sm-{% if perms.RIGS.view_event %}6{% else %}12{% endif %}">
-        
+
        <div class="panel panel-default">
            <div class="panel-heading">
                 <h4 class="list-group-item-heading">Quick Links</h4>
@@ -26,10 +26,11 @@

                    <a class="list-group-item" href="https://forum.nottinghamtec.co.uk" target="_blank"><span class="glyphicon glyphicon-link"></span> TEC Forum</a>
                    <a class="list-group-item" href="//members.nottinghamtec.co.uk/wiki" target="_blank"><span class="glyphicon glyphicon-link"></span> TEC Wiki</a>
+                    {% if perms.RIGS.view_event %}
                    <a class="list-group-item" href="http://members.nottinghamtec.co.uk/wiki/images/2/22/Event_Risk_Assesment.pdf" target="_blank"><span class="glyphicon glyphicon-link"></span> Pre-Event Risk Assessment</a>
                    <a class="list-group-item" href="//members.nottinghamtec.co.uk/price" target="_blank"><span class="glyphicon glyphicon-link"></span> Price List</a>
                    <a class="list-group-item" href="https://goo.gl/forms/jdPWov8PCNPoXtbn2" target="_blank"><span class="glyphicon glyphicon-link"></span> Subhire Insurance Form</a>
-                
+                    {% endif %}
            </div>
        </div>

@@ -73,7 +74,7 @@
    </div>
    {% if perms.RIGS.view_event %}
    <div class="col-sm-6">
-        {% include 'RIGS/activity_feed.html' %}    
+        {% include 'RIGS/activity_feed.html' %}
    </div>
    {% endif %}
 </div>