vtestagrossa
commented
8 months ago Recommend assigning the session variable during group selection. Since the page reloads with the POST request, assigning the session variable based on ownership would work.
the common_model.authorized function currently has no way of detecting if the user is a facilitator since there is no check done to see who the creator of the group is.