Add authorisation process for sign ups and allow access to EventDetail for basic users (#399)

* CHANGE: First pass at opening up RIGS #233

Whilst it makes it something of a misnomer, the intent is to make the 'view_event' perm a permission to view event details like client/price. I don't see the point in giving everyone 'view_event' and adding a new 'view_event_detail'...Open to arguments the other way.

* CHANGE: New user signups now require admin approval

Given that I intend to reveal much more data to new users this seems necessary...

* CHORE: Fix CI

* FIX: Legacy Profiles are now auto-approved correctly

* Add testing of approval mechanism

This fixes the other functional tests failing because the user cannot login without being approved.

* Superusers bypass approval check

This should fix the remainder of the tests

* Prevent unapproved users logging in through embeds

Test suite doing its job...!

* FIX: Require login on events and event embeds again

Little too far to the open side there Arona... Whooooooops!

* FIX: Use has_oembed decorator for events

* FIX: Re-prevent basic seeing reversion

This is to prevent financials/client data leaking when changed. Hopefully can show them a filtered version in future.

* FIX: Remove mitigation for #264

Someone quietly fixed it, it appears

* FEAT: Add admin email notif when an account is activated and awaiting approval

No async or time-since shenanigans yet!

* FIX: Whoops, undo accidental whitespace change

* FEAT: Add a fifteen min cooldown between emails to admins

Probably not the right way to go about it...but it does work!

TODO: How to handle cooldown-emailing shared mailbox addresses?

* FIX: Remove event modal history deadlink for basic users

Also removes some links on the RIGS homepage that will deadlink for them

* FIX: Wrong perms syntax for history pages

* CHORE: Squash migrations

* FIX: Use a setting for cooldown

* FIX: Minor code improvements

RIGS/views.py

@@ -41,7 +41,7 @@ def login(request, **kwargs):
     else:
         from django.contrib.auth.views import login
 
-        return login(request)
+        return login(request, authentication_form=forms.CheckApprovedForm)
 
 
 # This view should be exempt from requiring CSRF token.