From 62a3a4fe41ef03c5ce3669251edd8b42b3f483e9 Mon Sep 17 00:00:00 2001 From: Robert Sparks Date: Thu, 5 Aug 2021 14:56:28 +0000 Subject: [PATCH] Restrict group creation to the secretariat. Commit ready to merge. - Legacy-Id: 19277 --- ietf/group/views.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ietf/group/views.py b/ietf/group/views.py index 2d72f0352..b562374e9 100644 --- a/ietf/group/views.py +++ b/ietf/group/views.py @@ -897,6 +897,10 @@ def edit(request, group_type=None, acronym=None, action="edit", field=None): if not (can_manage_group(request.user, group) or group.has_role(request.user, group.features.groupman_roles)): permission_denied(request, "You don't have permission to access this view") + else: + if not has_role(request.user, "Secretariat"): + permission_denied(request, "You don't have permission to access this view") + if request.method == 'POST': form = GroupForm(request.POST, group=group, group_type=group_type, field=field)