Show 403 (HTTP Forbidden) page when the user doesn't have enough permissions

[jraddaoui]

We have permissions set up for some models but we're not using them anywhere. For example, we're checking directly the groups with some user model helpers in some views instead of using the permission_required decorator. Also, when the user doesn't have enough permissions, it's being redirected to another page instead of showing the 403 (HTTP Forbidden) page.