diff --git a/document_page_approval/security/document_page_security.xml b/document_page_approval/security/document_page_security.xml
index f0c34538..e72c14ce 100644
--- a/document_page_approval/security/document_page_security.xml
+++ b/document_page_approval/security/document_page_security.xml
@@ -33,4 +33,17 @@
         <field name="perm_unlink" eval="True" />
         <field name="perm_create" eval="True" />
     </record>
+    <record model="ir.rule" id="rule_change_request_manager">
+        <field name="name">Change Request Manager</field>
+        <field name="model_id" ref="model_document_page_history" />
+        <field
+            name="groups"
+            eval="[(6, 0, [ref('document_page.group_document_manager')])]"
+        />
+        <field name="domain_force">[(1, '=', 1)]</field>
+        <field name="perm_read" eval="True" />
+        <field name="perm_write" eval="True" />
+        <field name="perm_unlink" eval="True" />
+        <field name="perm_create" eval="True" />
+    </record>
 </odoo>
diff --git a/document_page_approval/tests/test_document_page_approval.py b/document_page_approval/tests/test_document_page_approval.py
index 81b1843e..5cdba07c 100644
--- a/document_page_approval/tests/test_document_page_approval.py
+++ b/document_page_approval/tests/test_document_page_approval.py
@@ -1,3 +1,4 @@
+from odoo.exceptions import AccessError
 from odoo.tests import common
 
 
@@ -25,6 +26,16 @@ class TestDocumentPageApproval(common.TransactionCase):
                 ],
             }
         )
+        self.manager_gid = self.env.ref("document_page.group_document_manager")
+        self.user_manager = self.env["res.users"].create(
+            {
+                "name": "Test document manager",
+                "login": "Test document manager",
+                "groups_id": [
+                    (6, 0, [self.env.ref("base.group_user").id, self.manager_gid.id])
+                ],
+            }
+        )
         # demo_approval
         self.category2 = self.page_obj.create(
             {
@@ -136,6 +147,35 @@ class TestDocumentPageApproval(common.TransactionCase):
         self.assertEqual(page.approved_date, chreq.approved_date)
         self.assertEqual(page.approved_uid, chreq.approved_uid)
 
+    def test_check_rules(self):
+        page = self.page2
+        # aprove everything
+        self.history_obj.search(
+            [("page_id", "=", page.id), ("state", "!=", "approved")]
+        ).action_approve()
+        # new change request from scrath
+        chreq = self.history_obj.create(
+            {
+                "page_id": page.id,
+                "summary": "Changed something",
+                "content": "New content",
+            }
+        )
+        self.assertEqual(chreq.state, "draft")
+        chreq.action_to_approve()
+        self.assertEqual(chreq.state, "to approve")
+        chreq.action_cancel()
+        self.assertEqual(chreq.state, "cancelled")
+        chreq.sudo().action_draft()
+        chreq.invalidate_cache()
+        with self.assertRaises(AccessError):
+            self.assertEqual(chreq.with_user(self.user2).state, "draft")
+        self.assertEqual(chreq.state, "draft")
+        chreq.invalidate_cache()
+        self.assertEqual(chreq.with_user(self.user_manager).state, "draft")
+        chreq.action_approve()
+        self.assertEqual(chreq.state, "approved")
+
     def test_get_approvers_guids(self):
         """Get approver guids."""
         page = self.page2