* CHANGE: First pass at opening up RIGS #233
Whilst it makes it something of a misnomer, the intent is to make the 'view_event' perm a permission to view event details like client/price. I don't see the point in giving everyone 'view_event' and adding a new 'view_event_detail'...Open to arguments the other way.
* CHANGE: New user signups now require admin approval
Given that I intend to reveal much more data to new users this seems necessary...
* CHORE: Fix CI
* FIX: Legacy Profiles are now auto-approved correctly
* Add testing of approval mechanism
This fixes the other functional tests failing because the user cannot login without being approved.
* Superusers bypass approval check
This should fix the remainder of the tests
* Prevent unapproved users logging in through embeds
Test suite doing its job...!
* FIX: Require login on events and event embeds again
Little too far to the open side there Arona... Whooooooops!
* FIX: Use has_oembed decorator for events
* FIX: Re-prevent basic seeing reversion
This is to prevent financials/client data leaking when changed. Hopefully can show them a filtered version in future.
* FIX: Remove mitigation for #264
Someone quietly fixed it, it appears
* FEAT: Add admin email notif when an account is activated and awaiting approval
No async or time-since shenanigans yet!
* FIX: Whoops, undo accidental whitespace change
* FEAT: Add a fifteen min cooldown between emails to admins
Probably not the right way to go about it...but it does work!
TODO: How to handle cooldown-emailing shared mailbox addresses?
* FIX: Remove event modal history deadlink for basic users
Also removes some links on the RIGS homepage that will deadlink for them
* FIX: Wrong perms syntax for history pages
* CHORE: Squash migrations
* FIX: Use a setting for cooldown
* FIX: Minor code improvements
