From b5df5c836e3d998b50db30fc8d63edb7a93cb1ea Mon Sep 17 00:00:00 2001
From: Henrik Levkowetz <henrik@levkowetz.com>
Date: Sun, 13 Apr 2014 20:42:26 +0000
Subject: [PATCH] Merged in [7587] from rjsparks@nostrum.com:

    Anyone with a role in a group could preapprove drafts. Changed that to an explicit subset of roles. Fixes ticket 998.
 - Legacy-Id: 7609
Note: SVN reference [7587] has been migrated to Git commit 5ba0a274933e61e242ebcbf72b2f37e27d1da60d
---
 ietf/submit/views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ietf/submit/views.py b/ietf/submit/views.py
index da9ddc67f..daa008718 100644
--- a/ietf/submit/views.py
+++ b/ietf/submit/views.py
@@ -406,7 +406,7 @@ def add_preapproval(request):
     groups = Group.objects.filter(type="wg").exclude(state="conclude").order_by("acronym").distinct()
 
     if not has_role(request.user, "Secretariat"):
-        groups = groups.filter(role__person__user=request.user)
+        groups = groups.filter(role__person__user=request.user,role__name__in=['ad','chair','delegate','secr'])
 
     if request.method == "POST":
         form = PreapprovalForm(request.POST)