diff --git a/api/handlers/collectionshandler.py b/api/handlers/collectionshandler.py
index ff8861fae062f7ea14d67163a7e0bc46b07e814f..6f8e5518090f1061f402ffcdd1e82413d07485ee 100644
--- a/api/handlers/collectionshandler.py
+++ b/api/handlers/collectionshandler.py
@@ -4,6 +4,7 @@ import datetime
from .. import config
from ..auth import containerauth, always_ok
from ..dao import containerstorage
+from ..dao import APIStorageException
from containerhandler import ContainerHandler
diff --git a/api/handlers/containerhandler.py b/api/handlers/containerhandler.py
index 66138571b0223841c69f554323f42a5f399b8892..77b1bd5a9cc15a409b2bd03f0a96a7c200cf9446 100644
--- a/api/handlers/containerhandler.py
+++ b/api/handlers/containerhandler.py
@@ -258,9 +258,10 @@ class ContainerHandler(base.RequestHandler):
if target_parent_container:
if cont_name == 'sessions':
payload['group'] = target_parent_container['group']
- payload['permissions'] = target_parent_container.get('roles')
- if payload['permissions'] is None:
- payload['permissions'] = target_parent_container['permissions']
+ if cont_name == 'projects':
+ payload['permissions'] = target_parent_container.get('roles', [])
+ else:
+ payload['permissions'] = target_parent_container.get('permissions', [])
payload['modified'] = datetime.datetime.utcnow()
if payload.get('timestamp'):
diff --git a/api/handlers/grouphandler.py b/api/handlers/grouphandler.py
index 6c99477b23c751f9395a74fc33285110041725bf..390ddf50cbc62b5419af174b4787f7b125fb7b8b 100644
--- a/api/handlers/grouphandler.py
+++ b/api/handlers/grouphandler.py
@@ -73,6 +73,7 @@ class GroupHandler(base.RequestHandler):
payload_validator = validators.payload_from_schema_file(self, 'group.json')
payload_validator(payload, 'POST')
payload['created'] = payload['modified'] = datetime.datetime.utcnow()
+ payload['roles'] = [{'_id': self.uid, 'access': 'admin', 'site': self.user_site}]
result = mongo_validator(permchecker(self.storage.exec_op))('POST', payload=payload)
if result.acknowledged:
return {'_id': result.inserted_id}