diff -u project.install project.install
--- project.install	11 Aug 2010 22:49:20 -0000
+++ project.install	12 Aug 2010 01:47:22 -0000
@@ -228 +227,0 @@
-
only in patch2:
unchanged:
--- release/project_release.install	7 Jun 2010 22:45:39 -0000	1.31
+++ release/project_release.install	12 Aug 2010 01:47:18 -0000
@@ -351,6 +351,35 @@ function project_release_schema() {
       'expire' => array('expire')
     ),
   );
+
+  $schema['project_release_project_maintainer'] = array(
+    'description' => t('Users who have various per-project maintainer permissions.'),
+    'fields' => array(
+      'nid' => array(
+        'description' => t('Foreign key: {project_projects}.nid of the project.'),
+        'type' => 'int',
+        'unsigned' => TRUE,
+        'not null' => TRUE,
+        'default' => 0,
+      ),
+      'uid' => array(
+        'description' => t('Foreign key: {users}.uid of a user with any project maintainer permissions.'),
+        'type' => 'int',
+        'unsigned' => TRUE,
+        'not null' => TRUE,
+        'default' => 0,
+      ),
+      'administer_project_releases' => array(
+        'description' => t('Can this user create and administer releases for the given project.'),
+        'type' => 'int',
+        'unsigned' => TRUE,
+        'not null' => TRUE,
+        'default' => 0,
+      ),
+    ),
+    'primary key' => array('nid', 'uid'),
+  );
+
   return $schema;
 }
 
@@ -706,3 +735,51 @@ function project_release_update_6009() {
   }
   return $ret;
 }
+
+/**
+ * Add the {project_release_project_maintainer} table.
+ */
+function project_release_update_6010() {
+  $ret = array();
+
+  $table = array(
+    'description' => t('Users who have various per-project maintainer permissions.'),
+    'fields' => array(
+      'nid' => array(
+        'description' => t('Foreign key: {project_projects}.nid of the project.'),
+        'type' => 'int',
+        'unsigned' => TRUE,
+        'not null' => TRUE,
+        'default' => 0,
+      ),
+      'uid' => array(
+        'description' => t('Foreign key: {users}.uid of a user with any project maintainer permissions.'),
+        'type' => 'int',
+        'unsigned' => TRUE,
+        'not null' => TRUE,
+        'default' => 0,
+      ),
+      'administer_project_releases' => array(
+        'description' => t('Can this user create and administer releases for the given project.'),
+        'type' => 'int',
+        'unsigned' => TRUE,
+        'not null' => TRUE,
+        'default' => 0,
+      ),
+    ),
+    'primary key' => array('nid', 'uid'),
+  );
+  db_create_table($ret, 'project_release_project_maintainer', $table);
+
+  // Initially populate the table so that every project owner has full
+  // powers on their own projects.
+  $ret[] = update_sql("INSERT INTO {project_release_project_maintainer} (nid, uid, administer_project_releases) SELECT nid, uid, 1 FROM {node} WHERE type = 'project_project'");
+
+  // If CVS module is enabled, also populate the table from the
+  // {cvs_project_maintainers} table so that everyone with CVS access can
+  // administer releases.
+  if (module_exists('cvs')) {
+    $ret[] = update_sql("INSERT INTO {project_release_project_maintainer} (nid, uid, administer_project_releases) SELECT nid, uid, 1 FROM {cvs_project_maintainers}");
+  }
+  return $ret;
+}
only in patch2:
unchanged:
--- release/project_release.module	8 Jul 2010 23:16:17 -0000	1.153
+++ release/project_release.module	12 Aug 2010 02:04:47 -0000
@@ -40,8 +40,8 @@ function project_release_menu() {
     'title' => 'Releases',
     'page callback' => 'project_release_project_edit_releases',
     'page arguments' => array(1),
-    'access callback' => 'node_access',
-    'access arguments' => array('update', 1),
+    'access callback' => 'project_check_admin_access',
+    'access arguments' => array(1, 'administer project releases'),
     'type' => MENU_LOCAL_TASK,
     'file' => 'includes/project_edit_releases.inc',
   );
@@ -120,7 +120,7 @@ function project_release_access($op, $no
       // We can't just use project_project_access() here, since we
       // need to check access to the project itself, not the release
       // node, so we use the helper method and pass the project id.
-      return project_check_admin_access($node->project_release['pid']);
+      return project_check_admin_access($node->project_release['pid'], 'administer project releases');
     case 'delete':
       // No one should ever delete a release node, only unpublish it.
       return FALSE;
@@ -142,6 +142,59 @@ function project_release_node_info() {
 }
 
 /**
+ * Implement hook_project_permission_info()
+ */
+function project_release_project_permission_info() {
+  return array(
+    'administer_project_releases' => 'administer project releases',
+  );
+}
+
+/**
+ * Add a maintainer with the specified permissions to a given project.
+ *
+ * @param $nid
+ *   The Project NID to add the maintainer to.
+ * @param $uid
+ *   The user ID of the maintainer to add.
+ * @param array $permissions
+ *   Associative array of which project-level permissions the maintainer
+ *   should have. The keys are permission names, and the values are if the
+ *   permission should be granted or not.
+ */
+function project_release_project_maintainer_add($nid, $uid, $permissions = array()) {
+  db_query("INSERT INTO {project_release_project_maintainer} (nid, uid, administer_project_releases) VALUES (%d, %d, %d)", $nid, $uid, $permissions['administer project releases']);
+}
+
+/**
+ * Update the permissions associated with a maintainer for a given project.
+ *
+ * @param $nid
+ *   The Project NID to update the maintainer for.
+ * @param $uid
+ *   The user ID of the maintainer to update.
+ * @param array $permissions
+ *   Associative array of which project-level permissions the maintainer
+ *   should have. The keys are permission names, and the values are if the
+ *   permission should be granted or not.
+ */
+function project_release_project_maintainer_update($nid, $uid, $permissions = array()) {
+  db_query("UPDATE {project_release_project_maintainer} SET administer_project_releases = %d WHERE nid = %d AND uid = %d", $permissions['administer project releases'], $nid, $uid);
+}
+
+/**
+ * Remove a maintainer from a given project.
+ *
+ * @param $nid
+ *   The Project NID to remove the maintainer from.
+ * @param $uid
+ *   The user ID of the maintainer to remove.
+ */
+function project_release_project_maintainer_remove($nid, $uid) {
+  db_query("DELETE FROM {project_release_project_maintainer} WHERE nid = %d and uid = %d", $nid, $uid);
+}
+
+/**
  * Implement of hook_form() for project_release nodes.
  */
 function project_release_form(&$release, &$form_state) {
@@ -609,7 +662,7 @@ function project_release_view($node, $te
   }
 
   // Display packaging errors to admins.
-  if (project_check_admin_access($node->project_release['pid'])) {
+  if (project_check_admin_access($node->project_release['pid'], 'administer project releases')) {
     $rows = array();
     $result = db_query('SELECT * FROM {project_release_package_errors} WHERE nid = %d', $node->nid);
     $error = db_fetch_object($result);
@@ -690,7 +743,7 @@ function project_release_get_releases($p
   $where = '';
   $join = '';
   $args = array($project->nid);
-  if (!project_check_admin_access($project)) {
+  if (!project_check_admin_access($project, 'administer project releases')) {
     if (!empty($rids)) {
       $where = "AND (n.status = %d OR n.nid IN (". db_placeholders($rids) ."))";
       $args[] = 1;
@@ -837,6 +890,50 @@ function project_release_alter_release_f
   $form['buttons']['submit']['#submit'][] = 'project_release_node_submit';
 }
 
+function project_release_form_project_maintainers_form_alter(&$form) {
+  $project_release_project_perms = project_release_project_permission_info();
+  $project = $form['#project'];
+
+  // Add our checkboxes for the existing maintainers.
+  if (!empty($project->project['maintainers'])) {
+    foreach ($project->project['maintainers'] as $uid => $maintainer) {
+      foreach ($project_release_project_perms as $perm) {
+        $form['maintainers'][$uid]['permissions'][$perm] = array(
+          '#type' => 'checkbox',
+          '#default_value' => !empty($maintainer['permissions'][$perm]),
+        );
+      }
+    }
+  }
+
+  foreach ($project_release_project_perms as $key => $perm) {
+    // Update the header
+    $form['#header'][$key] = array('data' => drupal_ucfirst($perm));
+
+    // Add checkboxes for the new maintainer row
+    $form['new_maintainer']['permissions'][$perm] = array(
+      '#type' => 'checkbox',
+    );
+  }
+
+  $form['#submit'][] = 'project_release_project_maintainers_form_submit';
+}
+
+function project_release_project_maintainers_form_submit($form, &$form_state) {
+  $project_nid = $form['#project']->nid;
+
+  // Loop over all the maintainers and update their permissions accordingly.
+  if (!empty($form_state['values']['maintainers'])) {
+    foreach ($form_state['values']['maintainers'] as $uid => $maintainer) {
+      project_release_project_maintainer_update($project_nid, $uid, $maintainer['permissions']);
+    }
+  }
+
+  // See if we need to insert a record for a new maintainer.
+  if (!empty($form_state['values']['new_maintainer']['uid'])) {
+    project_release_project_maintainer_add($project_nid, $form_state['values']['new_maintainer']['uid'], $form_state['values']['new_maintainer']['permissions']);
+  }
+}
 
 /**
  * @defgroup project_release_nodeapi Node API hooks
@@ -895,6 +992,21 @@ function project_release_project_nodeapi
       $node->project_release['project_release_show_snapshots'] = TRUE;
     }
   }
+
+  // Also load project_release maintainer info. We don't want to load all the
+  // permissions here, just the ones that project_release is responsible for,
+  // so we use our implementation of the hook, instead of the global load
+  // function.
+  $project_release_project_perms = project_release_project_permission_info();
+  $maintainers = db_query('SELECT u.name, prpm.* FROM {project_release_project_maintainer} prpm INNER JOIN {users} u ON prpm.uid = u.uid WHERE prpm.nid = %d', $node->nid);
+  while ($maintainer = db_fetch_object($maintainers)) {
+    if (empty($node->project['maintainers'][$maintainer->uid])) {
+      $node->project['maintainers'][$maintainer->uid]['name'] = $maintainer->name;
+    }
+    foreach ($project_release_project_perms as $db_field => $perm_name) {
+      $node->project['maintainers'][$maintainer->uid]['permissions'][$perm_name] = $maintainer->$db_field;
+    }
+  }
 }
 
 /**
@@ -1230,7 +1342,7 @@ function project_release_project_page_li
     ),
   );
 
-  if (project_check_admin_access($node->nid)) {
+  if (project_check_admin_access($node->nid, 'administer project releases')) {
     $links['project_release']['links']['add_new_release'] = l(t('Add new release'), 'node/add/project_release/'. $node->nid);
     $links['project_release']['links']['administer_releases'] = l(t('Administer releases'), 'node/'. $node->nid .'/edit/releases');
   }
only in patch2:
unchanged:
--- release/includes/release_node_form.inc	30 Jan 2010 02:33:40 -0000	1.11
+++ release/includes/release_node_form.inc	12 Aug 2010 02:04:20 -0000
@@ -24,7 +24,7 @@ function _project_release_form(&$release
     }
     // Make sure this user should have permissions to add releases for
     // the requested project
-    if (!project_check_admin_access($project)) {
+    if (!project_check_admin_access($project, 'administer project releases')) {
       drupal_access_denied();
       module_invoke_all('exit');
       exit;