Show 403 (HTTP Forbidden) page when the user doesn't have enough permissions

We have [permissions set up for some models](https://github.com/CCA-Public/dip-access-interface/blob/master/dips/migrations/0002_initial_data.py#L24-L51) but we're not using them anywhere. For example, we're checking directly the groups with some user model helpers in some views instead of using the [`permission_required` decorator](https://docs.djangoproject.com/en/2.2/topics/auth/default/#the-permission-required-decorator). Also, when the user doesn't have enough permissions, it's being redirected to another page instead of showing the 403 (HTTP Forbidden) page.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Show 403 (HTTP Forbidden) page when the user doesn't have enough permissions #155

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Show 403 (HTTP Forbidden) page when the user doesn't have enough permissions #155

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions