Index: modules/node.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/node.module,v
retrieving revision 1.527
diff -u -p -r1.527 node.module
--- modules/node.module	2 Sep 2005 02:11:41 -0000	1.527
+++ modules/node.module	3 Sep 2005 16:16:11 -0000
@@ -587,7 +587,13 @@ function node_show($node, $cid) {
  * Implementation of hook_perm().
  */
 function node_perm() {
-  return array('administer nodes', 'access content');
+  $perms = array('administer nodes', 'access content');
+  foreach (node_get_types() as $type => $name) {
+    $perms[] = 'view revisions for $type';
+    $perms[] = 'revert revisions for $type';
+  }
+
+  return $perms;
 }
 
 /**
@@ -737,10 +743,10 @@ function node_menu($may_cache) {
           'access' => node_access('delete', $node),
           'weight' => 1,
           'type' => MENU_CALLBACK);
-        if (user_access('administer nodes') && db_result(db_query('SELECT COUNT(vid) FROM {node_revisions} WHERE nid = %d', arg(1))) > 1) {
+        if ((user_access(strtr('view revisions for %type', array('%type' => $node->type))) || user_access('administer nodes')) && db_result(db_query('SELECT COUNT(vid) FROM {node_revisions} WHERE nid = %d', arg(1))) > 1) {
           $items[] = array('path' => 'node/'. arg(1) .'/revisions', 'title' => t('revisions'),
             'callback' => 'node_page',
-            'access' => user_access('administer nodes'),
+            'access' => user_access(strtr('view revisions for %type', array('%type' => $node->type))) || user_access('administer nodes'),
             'weight' => 2,
             'type' => MENU_LOCAL_TASK);
         }
@@ -1013,45 +1019,54 @@ function node_types_configure($type = NU
 /**
  * Generate an overview table of older revisions of a node.
  */
-function node_revision_overview($nid) {
-  if (user_access('administer nodes')) {
-    $node = node_load($nid);
-
+function node_revision_overview($node) {
+  if (user_access(strtr('view revisions for %type', array('%type' => $node->type))) || user_access('administer nodes')) {
     drupal_set_title(t('Revisions for %title', array('%title' => check_plain($node->title))));
 
-    if ($node->vid) {
-      $header = array('', t('Author'), t('Title'), t('Date'), array('colspan' => '3', 'data' => t('Operations')));
+    $header = array('', t('Author'), t('Title'), t('Date'), array('colspan' => '3', 'data' => t('Operations')));
 
-      $revisions = node_revision_list($node);
+    $revisions = node_revision_list($node);
 
-      $i = 0;
-      foreach ($revisions as $revision) {
-        $row = ++$i;
-        if ($revision->current_vid) {
-          $rows[] = array(
-            array('data' => $row .' '. t('(current)'), 'rowspan' => ($revision->log != '') ? 2 : 1),
-            theme('username', $revision),
-            $revision->title,
-            format_date($revision->timestamp, 'small'),
-            l(t('view'), "node/$node->nid"),
-            '', '');
-        }
-        else {
-          $rows[] = array(
-            array('data' => $row, 'rowspan' => ($revision->log != '') ? 2 : 1),
-            theme('username', $revision),
-            $revision->title,
-            format_date($revision->timestamp, 'small'),
-            l(t('view'), "node/$node->nid/revision/". $revision->vid),
-            l(t('set active'), "node/$node->nid/rollback-revision/". $revision->vid),
-            l(t('delete'), "node/$node->nid/delete-revision/". $revision->vid));
+    $i = 0;
+    $revert_permission = FALSE;
+    if (user_access(strtr('revert revisions for %type', array('%type' => $node->type))) || user_access('administer nodes')) {
+      $revert_permission = TRUE;
+    }
+    $delete_permission = FALSE;
+    if (user_access('administer nodes')) {
+      $delete_permission = TRUE;
+    }
+    foreach ($revisions as $revision) {
+      $row = ++$i;
+      if ($revision->current_vid) {
+        $rows[] = array(
+          array('data' => $row .' '. t('(current)'), 'rowspan' => ($revision->log != '') ? 2 : 1),
+          theme('username', $revision),
+          $revision->title,
+          format_date($revision->timestamp, 'small'),
+          l(t('view'), "node/$node->nid"),
+          '', '');
+      }
+      else {
+        $current_row = array(
+          array('data' => $row, 'rowspan' => ($revision->log != '') ? 2 : 1),
+          theme('username', $revision),
+          $revision->title,
+          format_date($revision->timestamp, 'small'),
+          l(t('view'), "node/$node->nid/revision/". $revision->vid));
+        if ($revert_permission) {
+          $current_row[] = l(t('set active'), "node/$node->nid/rollback-revision/". $revision->vid);
         }
-        if ($revision->log != '') {
-          $rows[] = array(array('data' => $revision->log, 'colspan' => 6));
+        if ($delete_permission) {
+          $current_row[] = l(t('delete'), "node/$node->nid/delete-revision/". $revision->vid);
         }
+        $rows[] = $current_row;
+      }
+      if ($revision->log != '') {
+        $rows[] = array(array('data' => $revision->log, 'colspan' => 6));
       }
-      $output .= theme('table', $header, $rows);
     }
+    $output .= theme('table', $header, $rows);
   }
 
   return $output;
@@ -1063,7 +1078,8 @@ function node_revision_overview($nid) {
 function node_revision_rollback($nid, $revision) {
   global $user;
 
-  if (user_access('administer nodes')) {
+  $node = node_load($nid);
+  if (user_access(strtr('revert revisions for %type', array('%type' => $node->type))) || user_access('administer nodes')) {
     if($title = db_fetch_object(db_query('SELECT title, timestamp FROM {node_revisions} WHERE nid = %d AND vid = %d', $nid, $revision))) {
       db_query('UPDATE {node} SET vid = %d, changed = %d WHERE nid = %d', $revision, $title->timestamp, $nid);
 
@@ -1081,6 +1097,7 @@ function node_revision_rollback($nid, $r
  */
 function node_revision_delete($nid, $revision) {
   if (user_access('administer nodes')) {
+    $node = node_load($nid);
     $count_revisions = db_result(db_query('SELECT COUNT(vid) FROM {node_revisions} WHERE nid = %d', $nid));
     // Don't delete the last revision of the node or the current revision
     if ($count_revisions > 1) {
@@ -1678,7 +1695,7 @@ function node_page() {
       return;
     case 'view':
       if (is_numeric(arg(1))) {
-        $node = node_load(arg(1), $_GET['revision']);
+        $node = node_load(arg(1));
         if ($node->nid) {
           drupal_set_title(check_plain($node->title));
           return node_show($node, arg(2));
@@ -1695,8 +1712,9 @@ function node_page() {
       return node_add(arg(2));
       break;
     case 'revisions':
-      if (user_access('administer nodes')) {
-        return node_revision_overview(arg(1));
+      $node = node_load(arg(1));
+      if (user_access(strtr('view revisions for %type', array('%type' => $node->type))) || user_access('administer nodes')) {
+        return node_revision_overview($node);
       }
       else {
         drupal_access_denied();
@@ -1727,13 +1745,16 @@ function node_page() {
       if (is_numeric(arg(1)) && is_numeric(arg(3))) {
         $node = node_load(arg(1), arg(3));
         if ($node->nid) {
-          drupal_set_title(t('Revision of %title', array('%title' => theme('placeholder', $node->title))));
-          print theme('page', node_show($node, arg(2)));
-        }
-        else {
-          drupal_not_found();
+          if (user_access(strtr('view revisions for %type', array('%type' => $node->type))) || user_access('administer nodes')) {
+            drupal_set_title(t('Revision of %title', array('%title' => theme('placeholder', $node->title))));
+            print theme('page', node_show($node, arg(2)));
+          }
+          else {
+            drupal_access_denied();
+          }
         }
       }
+      drupal_not_found();
       break;
     case t('Preview'):
       $edit = node_validate($edit);