|
8 | 8 | from django.shortcuts import render, redirect |
9 | 9 | from django.contrib.auth.decorators import login_required |
10 | 10 |
|
| 11 | +import debug # pyflakes:ignore |
| 12 | + |
11 | 13 | from ietf.doc.models import DocEvent |
12 | 14 | from ietf.doc.utils import get_chartering_type |
13 | 15 | from ietf.doc.fields import SearchableDocumentsField |
14 | 16 | from ietf.group.models import GroupMilestone, MilestoneGroupEvent |
15 | | -from ietf.group.utils import (save_milestone_in_history, can_manage_group, milestone_reviewer_for_group_type, |
16 | | - get_group_or_404) |
| 17 | +from ietf.group.utils import (save_milestone_in_history, can_manage_group_type, can_manage_group, |
| 18 | + milestone_reviewer_for_group_type, get_group_or_404) |
17 | 19 | from ietf.name.models import GroupMilestoneStateName |
18 | 20 | from ietf.group.mails import email_milestones_changed |
19 | 21 | from ietf.utils.fields import DatepickerDateField |
@@ -93,12 +95,13 @@ def edit_milestones(request, acronym, group_type=None, milestone_set="current"): |
93 | 95 | raise Http404 |
94 | 96 |
|
95 | 97 | needs_review = False |
96 | | - if not can_manage_group(request.user, group): |
97 | | - if group.has_role(request.user, group.features.admin_roles): |
| 98 | + if can_manage_group(request.user, group): |
| 99 | + if not can_manage_group_type(request.user, group): |
| 100 | + # The user is chair or similar, not AD: |
98 | 101 | if milestone_set == "current": |
99 | 102 | needs_review = True |
100 | | - else: |
101 | | - return HttpResponseForbidden("You are not chair of this group.") |
| 103 | + else: |
| 104 | + return HttpResponseForbidden("You don't have permission to access this view") |
102 | 105 |
|
103 | 106 | if milestone_set == "current": |
104 | 107 | title = "Edit milestones for %s %s" % (group.acronym, group.type.name) |
@@ -328,11 +331,9 @@ def reset_charter_milestones(request, group_type, acronym): |
328 | 331 | group = get_group_or_404(acronym, group_type) |
329 | 332 | if not group.features.has_milestones: |
330 | 333 | raise Http404 |
331 | | - |
332 | | - can_manage = can_manage_group(request.user, group) |
333 | | - is_chair = group.has_role(request.user, "chair") |
334 | | - if (not can_manage) and (not is_chair): |
335 | | - return HttpResponseForbidden("You are not chair of this group.") |
| 334 | + |
| 335 | + if not can_manage_group(request.user, group): |
| 336 | + return HttpResponseForbidden("You don't have permission to access this view") |
336 | 337 |
|
337 | 338 | current_milestones = group.groupmilestone_set.filter(state="active") |
338 | 339 | charter_milestones = group.groupmilestone_set.filter(state="charter") |
|
0 commit comments