Fix infinite redirect when logged in

By default the `permission_required` decorator redirects to the login url
when you don't have sufficient permissions. The result of this is if
a user navigates to a page they don't have permission to view they end
up in an infinite redirect loop between the forbidden page and the login page.

This change will allow logged out users a chance to login but return
forbidden when you don't have sufficient permissions.

Author: gmjosack

django_comments/views/moderation.py

@@ -35,7 +35,8 @@ def flag(request, comment_id, next=None):
 
 
 @csrf_protect
-@permission_required("django_comments.can_moderate")
+@login_required
+@permission_required("django_comments.can_moderate", raise_exception=True)
 def delete(request, comment_id, next=None):
     """
     Deletes a comment. Confirmation on GET, action on POST. Requires the "can
@@ -63,7 +64,8 @@ def delete(request, comment_id, next=None):
 
 
 @csrf_protect
-@permission_required("django_comments.can_moderate")
+@login_required
+@permission_required("django_comments.can_moderate", raise_exception=True)
 def approve(request, comment_id, next=None):
     """
     Approve a comment (that is, mark it as public and non-removed). Confirmation