Allow program leads to request meetings. Fixes #3141. Commit ready for merge.

- Legacy-Id: 18718

ietf/group/views.py

@@ -767,7 +767,7 @@ def meetings(request, acronym=None, group_type=None):
 
     future, in_progress, recent, past = group_sessions(sessions)
 
-    can_edit = group.has_role(request.user,["Chair","Secretary"])
+    can_edit = group.has_role(request.user,group.features.groupman_roles)
     can_always_edit = has_role(request.user,["Secretariat","Area Director"])
 
     return render(request,'group/meetings.html',

ietf/secr/utils/decorators.py

@@ -10,7 +10,7 @@ from django.utils.http import urlquote
 
 from ietf.ietfauth.utils import has_role
 from ietf.doc.models import Document
-from ietf.group.models import Group, Role
+from ietf.group.models import Group
 from ietf.meeting.models import Session
 from ietf.secr.utils.meeting import get_timeslot
 from ietf.utils.response import permission_denied
@@ -65,11 +65,9 @@ def check_permissions(func):
         except ObjectDoesNotExist:
             permission_denied(request, "User not authorized to access group: %s" % group.acronym)
             
-        groups = [group]
+        if login.role_set.filter(name__in=group.features.groupman_roles,group=group):
-        if group.parent:
+            return func(request, *args, **kwargs)
-            groups.append(group.parent)
+        elif group.parent and login.role_set.filter(name__in=group.parent.features.groupman_roles,group=group.parent):
-        all_roles = Role.objects.filter(group__in=groups,name__in=('ad','chair','secr'))
-        if login in [ r.person for r in all_roles ]:
             return func(request, *args, **kwargs)
 
         # if session is plenary allow ietf/iab chairs