Merged in [19315] from rjsparks@nostrum.com:

Restore ADs ability to charter new groups. Fixes #3397. , - Legacy-Id: 19334 Note: SVN reference [19315] has been migrated to Git commit 311b4728e1
2021-09-04 03:21:32 +00:00 · 2021-09-04 03:21:32 +00:00 · cecf079139
parent 333173271d 311b4728e1
commit cecf079139
2 changed files with 19 additions and 11 deletions
--- a/ietf/group/tests_info.py
+++ b/ietf/group/tests_info.py
@ -479,11 +479,16 @@ class GroupEditTests(TestCase):
        area = Group.objects.filter(type="area").first()

        # normal get
-        r = self.client.get(url)
-        self.assertEqual(r.status_code, 200)
-        q = PyQuery(r.content)
-        self.assertEqual(len(q('form input[name=acronym]')), 1)
+        for username in ("secretary","ad","irtf-chair"):
+            self.client.logout()
+            login_testing_unauthorized(self, username, url)
+            r = self.client.get(url)
+            self.assertEqual(r.status_code, 200)
+            q = PyQuery(r.content)
+            self.assertEqual(len(q('form input[name=acronym]')), 1)

+        self.client.logout()
+        login_testing_unauthorized(self, "secretary", url)
        # faulty post
        r = self.client.post(url, dict(acronym="foobarbaz")) # No name
        self.assertEqual(r.status_code, 200)
@ -527,7 +532,6 @@ class GroupEditTests(TestCase):
    def test_create_rg(self):

        url = urlreverse('ietf.group.views.edit', kwargs=dict(group_type="rg", action="charter"))
-        login_testing_unauthorized(self, "secretary", url)

        irtf = Group.objects.get(acronym='irtf')
        num_rgs = len(Group.objects.filter(type="rg"))
@ -535,11 +539,14 @@ class GroupEditTests(TestCase):
        proposed_state = GroupStateName.objects.get(slug="proposed")

        # normal get
-        r = self.client.get(url)
-        self.assertEqual(r.status_code, 200)
-        q = PyQuery(r.content)
-        self.assertEqual(len(q('form input[name=acronym]')), 1)
-        self.assertEqual(q('form select[name=parent]')[0].value,'%s'%irtf.pk)
+        for username in ("secretary", "ad", "irtf-chair"):
+            self.client.logout()
+            login_testing_unauthorized(self, username, url)
+            r = self.client.get(url)
+            self.assertEqual(r.status_code, 200)
+            q = PyQuery(r.content)
+            self.assertEqual(len(q('form input[name=acronym]')), 1)
+            self.assertEqual(q('form select[name=parent]')[0].value,'%s'%irtf.pk)

        r = self.client.post(url, dict(acronym="testrg", name="Testing RG", state=proposed_state.pk, parent=irtf.pk))
        self.assertEqual(r.status_code, 302)
--- a/ietf/group/views.py
+++ b/ietf/group/views.py
@ -904,7 +904,8 @@ def edit(request, group_type=None, acronym=None, action="edit", field=None):
                or group.has_role(request.user, group.features.groupman_roles)):
            permission_denied(request, "You don't have permission to access this view")
    else:
-        if not has_role(request.user, "Secretariat"):
+        # This allows ADs to create RG and the IRTF Chair to create WG, but we trust them not to
+        if not has_role(request.user, ("Secretariat", "Area Director", "IRTF Chair")):
             permission_denied(request, "You don't have permission to access this view")