Only make certain fields editable by non-admins

[melodykramer]

Certain fields should never change:

• Name
• Slug
• Client
• Tock ID
• Cloud.gov project

Other fields may change, but should require approval by someone at the admin level:

• Tagline
• Project lead
• Description
• Impact
• Live URL
• GitHub URL(s)

Fields that may change:

• Status
• Billable

We should think about how to create a system to allow edits to be approved through an admin layer, or some other means of ensuring that everyone cannot edit every field — because that might cause errors with Tock and/or other places where we have this material. Is there a way to lock certain fields?

[toolness]

Hmm good idea. It's definitely easy to make certain fields read-only by non-superusers; adding workflow to the process, whereby an 18F member suggests a change and then it needs to be approved by an admin, is a bit harder. I guess this is one small benefit of the .about.yml approach to doing things, since it allows us to leverage github's PR workflow for this.

We should probably do some research and see if there's any good third-party libraries or general patterns for easily doing this sort of thing in Django.