diff --git a/modpol/modules/consent.lua b/modpol/modules/consent.lua
new file mode 100644
index 0000000..e69de29
diff --git a/modpol/modules/defer_to.lua b/modpol/modules/defer_to.lua
new file mode 100644
index 0000000..e69de29
diff --git a/modpol/orgs/base.lua b/modpol/orgs/base.lua
index 7fc1f30..37315ad 100644
--- a/modpol/orgs/base.lua
+++ b/modpol/orgs/base.lua
@@ -288,7 +288,8 @@ function modpol.orgs:set_policy(policy_type, process, must_be_member)
         process = process,
         must_be_member = must_be_member
     }
-    self.policies[policy_type] = policy
+    self.policies[policy_type] = new_policy
+    modpol.ocutil.log('Added policy for ' .. policy_type .. ' in ' .. self.name)
 end
 
 
diff --git a/modpol/orgs/requests.lua b/modpol/orgs/requests.lua
index 322e3ec..39c07ab 100644
--- a/modpol/orgs/requests.lua
+++ b/modpol/orgs/requests.lua
@@ -47,6 +47,20 @@ function modpol.orgs.comp_req(req1, req2)
     return true
 end
 
+-- ===============================
+-- returns string of all active requests
+function modpol.orgs:list_request()
+    local str
+    for id, req in ipairs(self.requests) do
+        if str then 
+            str = str .. '\n' .. req.type .. ' (' .. req.user .. ') '
+        else 
+            str = req.type .. ' (' .. req.user .. ') '
+        end
+    end
+    return str
+end
+
 -- ================================
 -- tries to make a request to the org
 function modpol.orgs:make_request(request)
@@ -78,13 +92,25 @@ function modpol.orgs:make_request(request)
 
     -- checking to see if user is able to make request
     local requested_policy = self.policies[request.type]
-    if requested_policy then
-        if requested_policy.must_be_member and not self:has_member(request.user) then
-            modpol.ocutil.log('Error in ' .. self.name .. ':make_request -> user must be org member to make this request')
+    local parent_policy = modpol.orgs.get_org(self.parent).policies[request.type]
+
+    -- tries to use org's policy table, defers to parent otherwise
+    if not requested_policy then
+        modpol.ocutil.log(request.type .. 'policy not found, deferring to parent org')
+        requested_policy = parent_policy
+
+        if not parent_policy then
+            modpol.ocutil.log('Error in ' .. self.name .. ':make_request -> parent policy undefined')
             return false
         end
     end
 
+    -- make sure user is allowed to make request
+    if requested_policy.must_be_member and not self:has_member(request.user) then
+        modpol.ocutil.log('Error in ' .. self.name .. ':make_request -> user must be org member to make this request')
+        return false
+    end
+
     -- linear search for empty process slots (lazy deletion)
     for k, v in ipairs(self.requests) do
         if v == 'deleted' then
@@ -110,4 +136,5 @@ function modpol.orgs:make_request(request)
     modpol.ocutil.log("Request made")
 
     return request_id
-end
\ No newline at end of file
+end
+
diff --git a/modpol/tests/org_req_test.lua b/modpol/tests/org_req_test.lua
new file mode 100644
index 0000000..17875b3
--- /dev/null
+++ b/modpol/tests/org_req_test.lua
@@ -0,0 +1,19 @@
+dofile('../modpol.lua');
+
+modpol.orgs.reset()
+
+test_org = modpol.instance:add_org('test_org')
+
+test_org:set_policy("add_member", nil, false);
+
+new_request = {
+    user = "lukvmil",
+    type = "add_member",
+    params = {"lukvmil"}
+}
+
+request_id = test_org:make_request(new_request)
+request_id = test_org:make_request(new_request)
+
+print(test_org:list_request())
+test_org:create_process(request_id)
\ No newline at end of file