Fix some privacy issues

app/corpora/followers/json_routes.py

@@ -1,5 +1,5 @@
 from flask import abort, jsonify, request
-from flask_login import current_user, login_required
+from flask_login import current_user
 from app import db
 from app.decorators import content_negotiation
 from app.models import (
@@ -13,7 +13,6 @@ from . import bp
 
 
 @bp.route('/<hashid:corpus_id>/followers', methods=['POST'])
-@login_required
 @corpus_owner_or_admin_required
 @content_negotiation(consumes='application/json', produces='application/json')
 def create_corpus_followers(corpus_id):
@@ -35,7 +34,6 @@ def create_corpus_followers(corpus_id):
 
 
 @bp.route('/<hashid:corpus_id>/followers/<hashid:follower_id>/role', methods=['PUT'])
-@login_required
 @corpus_owner_or_admin_required
 @content_negotiation(consumes='application/json', produces='application/json')
 def update_corpus_follower_role(corpus_id, follower_id):
@@ -58,7 +56,6 @@ def update_corpus_follower_role(corpus_id, follower_id):
 
 
 @bp.route('/<hashid:corpus_id>/followers/<hashid:follower_id>', methods=['DELETE'])
-@login_required
 @content_negotiation(produces='application/json')
 def delete_corpus_follower(corpus_id, follower_id):
     corpus = Corpus.query.get_or_404(corpus_id)