restriction on public api for unauthenticated users

Author: YujithIsura

backend/src/events/views.py

@@ -1,4 +1,5 @@
-from rest_framework.decorators import api_view
+from rest_framework.permissions import IsAuthenticated
+from rest_framework.decorators import api_view, permission_classes
 from rest_framework.response import Response
 from rest_framework import status
 
@@ -8,6 +9,7 @@
 from ..incidents.services import is_valid_incident
 
 @api_view(['GET'])
+@permission_classes((IsAuthenticated, ))
 def get_event_trail(request, incident_id):
     if request.method == "GET":
         if is_valid_incident(incident_id):