I think there's a bug with the "create" permission. If it is unchecked on the CCK field settings page, and "edit own" permission is checked, then I expect that the user can create the field as inherited by being able to create the node. But that is not the case. Steps to reproduce:
- Install brand new Drupal with only CCK and Field Permissions modules.
- Create new content type called "membership" and add text field called "Organization Name". Don't check any of the "field permissions" checkboxes.
- Grant "create membership content" permission to authenticated users.
- Create a test user, login, and visit the Membership node form. You will see the Organization Name field. (Here, it appears that the "create" permission is inherited properly.)
- As administrator, go back to the Organization Name field settings, and select "Edit own Organization Name on node created by the user." Save.
- As newly created user, revisit the "Create Membership" node form, and you will not see the Organization Name field.
Shouldn't that field appear here? Yes, on the Organization Name field settings page, if I select "Create Organization Name (edit on node creation)" and then grant authenticated users that permission, it does appear. But I thought that leaving it unchecked would cause the permission to be inherited by the node access?