From 2548153894853d0ae8d090fb068a68a3045c5273 Mon Sep 17 00:00:00 2001
From: Ole Laursen <olau@iola.dk>
Date: Thu, 20 Oct 2016 19:57:39 +0000
Subject: [PATCH] Fix permission bug, secretaries should be able to request
 reviews  - Legacy-Id: 12191

---
 ietf/doc/tests_review.py | 2 +-
 ietf/review/utils.py     | 5 +++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/ietf/doc/tests_review.py b/ietf/doc/tests_review.py
index 97a2c5a01..28f2c806d 100644
--- a/ietf/doc/tests_review.py
+++ b/ietf/doc/tests_review.py
@@ -48,7 +48,7 @@ class ReviewTests(TestCase):
         review_team = review_req.team
 
         url = urlreverse('ietf.doc.views_review.request_review', kwargs={ "name": doc.name })
-        login_testing_unauthorized(self, "secretary", url)
+        login_testing_unauthorized(self, "reviewsecretary", url)
 
         # get
         r = self.client.get(url)
diff --git a/ietf/review/utils.py b/ietf/review/utils.py
index 93ef74410..428d943f3 100644
--- a/ietf/review/utils.py
+++ b/ietf/review/utils.py
@@ -27,13 +27,14 @@ def can_request_review_of_doc(user, doc):
     if not user.is_authenticated():
         return False
 
-    return is_authorized_in_doc_stream(user, doc)
+    return (is_authorized_in_doc_stream(user, doc)
+            or Role.objects.filter(person__user=user, name="secr", group__in=active_review_teams).exists())
 
 def can_manage_review_requests_for_team(user, team, allow_non_team_personnel=True):
     if not user.is_authenticated():
         return False
 
-    return (Role.objects.filter(name__in=["secr", "delegate"], person__user=user, group=team).exists()
+    return (Role.objects.filter(name="secr", person__user=user, group=team).exists()
             or (allow_non_team_personnel and has_role(user, "Secretariat")))
 
 def review_requests_to_list_for_docs(docs):