diff -r ecf3df87b81c -r 8a06ebff014e app/soc/views/helper/access.py
--- a/app/soc/views/helper/access.py	Thu Jan 29 18:13:21 2009 +0000
+++ b/app/soc/views/helper/access.py	Thu Jan 29 18:18:20 2009 +0000
@@ -795,14 +795,20 @@
   @denySidebar
   def checkIsAllowedToManageRole(self, django_args, role_logic, manage_role_logic):
     """Returns an alternate HTTP response if the user is not allowed to manage
-       the role given in args.
+       the role given in args. 
+
+     Args:
+       role_logic: determines the logic for the role in args.
+       manage_role_logic: determines the logic for the role which is allowed 
+           to manage this role.
 
      Raises:
        AccessViolationResponse: if the required authorization is not met
 
     Returns:
-      None if the current User has an active role for the given role_logic.
-      None if the current User has an active managing role
+      None if the given role is active and belongs to the current user.
+      None if the current User has an active role (from manage_role_logic) 
+           that belongs to the same scope as the role that needs to be managed
     """
 
     try: