--- node.module?rev=1.481	2005-03-29 17:43:33.000000000 +0200
+++ node.module	2005-03-30 00:12:32.000000000 +0200
@@ -566,7 +566,7 @@ function node_show($node, $cid) {
  * Implementation of hook_perm().
  */
 function node_perm() {
-  return array('administer nodes', 'access content');
+  return array('administer nodes', 'administer unpublished nodes', 'access content');
 }
 
 /**
@@ -657,7 +657,7 @@ function node_menu($may_cache) {
   if ($may_cache) {
     $items[] = array('path' => 'admin/node', 'title' => t('content'),
       'callback' => 'node_admin',
-      'access' => user_access('administer nodes'));
+      'access' => user_access('administer nodes') || user_access('administer unpublished nodes'));
     $items[] = array('path' => 'admin/node/action', 'title' => t('content'),
       'type' => MENU_CALLBACK);
     $items[] = array('path' => 'admin/node/overview', 'title' => t('list'),
@@ -675,7 +675,7 @@ function node_menu($may_cache) {
     if (module_exist('search')) {
       $items[] = array('path' => 'admin/node/search', 'title' => t('search'),
         'callback' => 'node_admin',
-        'access' => user_access('administer nodes'),
+        'access' => user_access('administer nodes') || user_access('administer unpublished nodes'),
         'type' => MENU_LOCAL_TASK);
     }
 
@@ -713,7 +713,7 @@ function node_menu($may_cache) {
         if ($node->revisions) {
           $items[] = array('path' => 'node/'. arg(1) .'/revisions', 'title' => t('revisions'),
             'callback' => 'node_page',
-            'access' => user_access('administer nodes'),
+            'access' => user_access('administer nodes') || user_access('administer unpublished nodes'),
             'weight' => 2,
             'type' => MENU_LOCAL_TASK);
         }
@@ -741,14 +741,24 @@ function node_admin_nodes() {
   /*
   ** Operations
   */
-  $operations = array(
-    'approve' =>   array(t('Approve the selected posts'), 'UPDATE {node} SET status = 1, moderate = 0 WHERE nid = %d'),
-    'promote' =>   array(t('Promote the selected posts'), 'UPDATE {node} SET status = 1, promote = 1 WHERE nid = %d'),
-    'sticky' =>    array(t('Make the selected posts sticky'), 'UPDATE {node} SET status = 1, sticky = 1 WHERE nid = %d'),
-    'demote' =>    array(t('Demote the selected posts'), 'UPDATE {node} SET promote = 0 WHERE nid = %d'),
-    'unpublish' => array(t('Unpublish the selected posts'), 'UPDATE {node} SET status = 0 WHERE nid = %d'),
-    'delete' =>    array(t('Delete the selected posts'), '')
-  );
+  if (user_access('administer nodes')) {
+    $operations = array(
+      'approve' =>   array(t('Approve the selected posts'), 'UPDATE {node} SET status = 1, moderate = 0 WHERE nid = %d'),
+      'promote' =>   array(t('Promote the selected posts'), 'UPDATE {node} SET status = 1, promote = 1 WHERE nid = %d'),
+      'sticky' =>    array(t('Make the selected posts sticky'), 'UPDATE {node} SET status = 1, sticky = 1 WHERE nid = %d'),
+      'demote' =>    array(t('Demote the selected posts'), 'UPDATE {node} SET promote = 0 WHERE nid = %d'),
+      'unpublish' => array(t('Unpublish the selected posts'), 'UPDATE {node} SET status = 0 WHERE nid = %d'),
+      'delete' =>    array(t('Delete the selected posts'), '')
+    );
+  }
+  else {
+    $operations = array(
+      'promote' =>   array(t('Promote the selected posts'), 'UPDATE {node} SET promote = 1 WHERE nid = %d'),
+      'sticky' =>    array(t('Make the selected posts sticky'), 'UPDATE {node} SET sticky = 1 WHERE nid = %d'),
+      'demote' =>    array(t('Demote the selected posts'), 'UPDATE {node} SET promote = 0 WHERE nid = %d'),
+      'delete' =>    array(t('Delete the selected posts'), '')
+    );
+  }
 
   // Handle operations
   $op = $_POST['op'];
@@ -909,6 +919,10 @@ function node_admin_nodes() {
     $args[] = $value;
     $join .= $filters[$key]['join'];
   }
+  if (user_access('administer unpublished nodes') && !user_access('administer nodes')) {
+    $where[] = 'n.status = %d';
+    $args[] = 0;
+  }
   $where = count($where) ? 'WHERE '. implode(' AND ', $where) : '';
   $result = pager_query('SELECT n.*, u.name, u.uid FROM {node} n '. $join .' INNER JOIN {users} u ON n.uid = u.uid '. $where, 50, 0, NULL, $args);
 
@@ -920,7 +934,15 @@ function node_admin_nodes() {
     $options[$key] = $value[0];
   }
 
-  $form = form_select(NULL, 'operation', 'approve', $options, NULL, ($disabled ? 'disabled="disabled"' : ''));
+  if (user_access('administer nodes')) {
+    $default = 'approve';
+    $description = NULL;
+  }
+  else {
+    $default = 'promote';
+    $description = t('You do not have the right to publish nodes, so these operations will take effect only after a node administrator approves the nodes.');
+  }
+  $form = form_select(NULL, 'operation', $default, $options, $description, ($disabled ? 'disabled="disabled"' : ''));
   $form .= form_submit(t('Update'), 'op', ($disabled ? array('disabled' => 'disabled') : array()));
 
   $output .= form_group(t('Update options'), "<div class=\"container-inline\">$form</div>");
@@ -987,8 +1009,8 @@ function node_types_configure($type = NU
  * Generate an overview table of older revisions of a node.
  */
 function node_revision_overview($nid) {
-  if (user_access('administer nodes')) {
-    $node = node_load(array('nid' => $nid));
+  $node = node_load(array('nid' => $nid));
+  if (user_access('administer nodes') || (!$node->status && user_access('administer unpublished nodes'))) {
 
     drupal_set_title($node->title);
 
@@ -1037,8 +1059,8 @@ function node_revision_create($node) {
 function node_revision_rollback($nid, $revision) {
   global $user;
 
-  if (user_access('administer nodes')) {
-    $node = node_load(array('nid' => $nid));
+  $node = node_load(array('nid' => $nid));
+  if (user_access('administer nodes') || (!$node->status && user_access('administer unpublished nodes'))) {
 
     // Extract the specified revision:
     $rev = $node->revisions[$revision]['node'];
@@ -1068,8 +1090,8 @@ function node_revision_rollback($nid, $r
  * Delete the revision with specified revision number.
  */
 function node_revision_delete($nid, $revision) {
-  if (user_access('administer nodes')) {
-    $node = node_load(array('nid' => $nid));
+  $node = node_load(array('nid' => $nid));
+  if (user_access('administer nodes') || (!$node->status && user_access('administer unpublished nodes'))) {
 
     unset($node->revisions[$revision]);
 
@@ -1221,7 +1243,7 @@ function node_validate($node) {
     form_set_error('changed', t('This content has been modified by another user, unable to save changes.'));
   }
 
-  if (user_access('administer nodes')) {
+  if (user_access('administer nodes') || (!$node->status && user_access('administer unpublished nodes'))) {
     // Set up default values, if required.
     if (!$node->created) {
       $node->created = time();
@@ -1252,6 +1274,11 @@ function node_validate($node) {
     else {
       form_set_error('date', t('You have to specify a valid date.'));
     }
+
+    if (!user_access('administer nodes')) {
+      $node_options = variable_get('node_options_'. $node->type, array('status', 'promote'));
+      $node->status = in_array('status', $node_options);
+    }
   }
   else {
     // Validate for normal users:
@@ -1312,7 +1339,7 @@ function node_form($edit) {
   $output .= '<input type="hidden" name="op" value="'. check_form(t('Preview')) ."\" />\n";
 
   // Add the admin-specific parts.
-  if (user_access('administer nodes')) {
+  if (user_access('administer nodes') || (!$edit->status && user_access('administer unpublished nodes'))) {
     $output .= '<div class="admin">';
 
     $author = form_textfield(t('Authored by'), 'name', $edit->name, 20, 60);
@@ -1323,7 +1350,9 @@ function node_form($edit) {
     $output .= "</div>\n";
 
     $node_options = variable_get('node_options_'. $edit->type, array('status', 'promote'));
-    $options .= form_checkbox(t('Published'), 'status', 1, isset($edit->status) ? $edit->status : in_array('status', $node_options));
+    if (user_access('administer nodes')) {
+      $options .= form_checkbox(t('Published'), 'status', 1, isset($edit->status) ? $edit->status : in_array('status', $node_options));
+    }
     $options .= form_checkbox(t('In moderation queue'), 'moderate', 1, isset($edit->moderate) ? $edit->moderate : in_array('moderate', $node_options));
     $options .= form_checkbox(t('Promoted to front page'), 'promote', 1, isset($edit->promote) ? $edit->promote : in_array('promote', $node_options));
     $options .= form_checkbox(t('Sticky at top of lists'), 'sticky', 1, isset($edit->sticky) ? $edit->sticky : in_array('sticky', $node_options));
@@ -1792,7 +1821,9 @@ function node_nodeapi(&$node, $op, $arg 
  *
  * In determining access rights for a node, node_access() first checks
  * whether the user has the "administer nodes" permission. Such users have
- * unrestricted access to all nodes. Then the node module's hook_access()
+ * unrestricted access to all nodes. Second, it checks whether the user has
+ * the "administer unpublished nodes" permission and if the node is
+ * unpublished, access is granted. Then the node module's hook_access()
  * is called, and a TRUE or FALSE return value will grant or deny access.
  * This allows, for example, the blog module to always grant access to the
  * blog author, and for the book module to always deny editing access to
@@ -1847,6 +1878,10 @@ function node_access($op, $node = NULL, 
     return TRUE;
   }
 
+  if (!$node->status && user_access('administer unpublished nodes')) {
+    return TRUE;
+  }
+
   if (!user_access('access content')) {
     return FALSE;
   }