From 1ea983a1c258950c88e704e5302c34fed17b818c Mon Sep 17 00:00:00 2001
From: Robert Sparks <rjsparks@nostrum.com>
Date: Mon, 12 Dec 2016 21:42:53 +0000
Subject: [PATCH] Disallow requesting directorate reviews of RFCs (such things
 would better be done with reviews of status change documents). Fixes #2065.
 Commit ready for merge.  - Legacy-Id: 12505

---
 ietf/doc/tests_review.py | 11 +++++++++++
 ietf/review/utils.py     |  3 +++
 2 files changed, 14 insertions(+)

diff --git a/ietf/doc/tests_review.py b/ietf/doc/tests_review.py
index 9889b8a82..911918517 100644
--- a/ietf/doc/tests_review.py
+++ b/ietf/doc/tests_review.py
@@ -75,6 +75,17 @@ class ReviewTests(TestCase):
             self.assertEqual(req.requested_rev, "01")
             self.assertEqual(doc.latest_event().type, "requested_review")
 
+    def test_request_review_of_rfc(self):
+        make_test_data()
+        doc = Document.objects.filter(states__type_id='draft',states__slug='rfc').first()
+        make_review_data(doc)
+
+        url = urlreverse('ietf.doc.views_review.request_review', kwargs={ "name": doc.name })
+        login_testing_unauthorized(self, "ad", url)
+
+        # get should fail
+        r = self.client.get(url)
+        self.assertEqual(r.status_code, 403)
 
     def test_doc_page(self):
         doc = make_test_data()
diff --git a/ietf/review/utils.py b/ietf/review/utils.py
index d36913d67..2f999e764 100644
--- a/ietf/review/utils.py
+++ b/ietf/review/utils.py
@@ -29,6 +29,9 @@ def can_request_review_of_doc(user, doc):
     if not user.is_authenticated():
         return False
 
+    if doc.type_id == 'draft' and doc.get_state_slug() != 'active':
+        return False
+
     return (is_authorized_in_doc_stream(user, doc)
             or Role.objects.filter(person__user=user, name="secr", group__in=active_review_teams).exists())