Based on feedback from the Secretariat, changed the 404 for IPR declarations in other states than 'posted' to a 403 with a login link.

levkowetz · levkowetz · commit 0c4d58a9f7c8 · 2020-07-31T12:36:50.000Z
- Legacy-Id: 18333
diff --git a/ietf/ipr/tests.py b/ietf/ipr/tests.py
@@ -100,17 +100,17 @@ def test_show_posted(self):
     def test_show_parked(self):
         ipr = HolderIprDisclosureFactory(state_id='parked')
         r = self.client.get(urlreverse("ietf.ipr.views.show", kwargs=dict(id=ipr.pk)))
-        self.assertEqual(r.status_code, 404)
+        self.assertEqual(r.status_code, 403)
 
     def test_show_pending(self):
         ipr = HolderIprDisclosureFactory(state_id='pending')
         r = self.client.get(urlreverse("ietf.ipr.views.show", kwargs=dict(id=ipr.pk)))
-        self.assertEqual(r.status_code, 404)
+        self.assertEqual(r.status_code, 403)
         
     def test_show_rejected(self):
         ipr = HolderIprDisclosureFactory(state_id='rejected')
         r = self.client.get(urlreverse("ietf.ipr.views.show", kwargs=dict(id=ipr.pk)))
-        self.assertEqual(r.status_code, 404)
+        self.assertEqual(r.status_code, 403)
         
     def test_show_removed(self):
         ipr = HolderIprDisclosureFactory(state_id='removed')
diff --git a/ietf/ipr/views.py b/ietf/ipr/views.py
@@ -7,13 +7,13 @@
 
 from django.conf import settings
 from django.contrib import messages
-from django.urls import reverse as urlreverse
 from django.db.models import Q
 from django.forms.models import inlineformset_factory, model_to_dict
 from django.forms.formsets import formset_factory
 from django.http import HttpResponse, Http404, HttpResponseRedirect
 from django.shortcuts import render, get_object_or_404, redirect
 from django.template.loader import render_to_string
+from django.urls import reverse as urlreverse
 from django.utils.html import escape
 
 import debug                            # pyflakes:ignore
@@ -41,6 +41,7 @@
 from ietf.secr.utils.document import get_rfc_num, is_draft
 from ietf.utils.draft_search import normalize_draftname
 from ietf.utils.mail import send_mail, send_mail_message
+from ietf.utils.response import permission_denied
 from ietf.utils.text import text_to_dict
 
 # ----------------------------------------------------------------
@@ -779,7 +780,7 @@ def show(request, id):
                 'ipr': ipr
             })
         elif ipr.state.slug != 'posted':
-            raise Http404
+            permission_denied(request, "Restricted to role: Secretariat.")
 
     updates_iprs = ipr.relatedipr_source_set.all().order_by('source__time')
     prev_rel = updates_iprs.last()
