Index: modules/user.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/user.module,v
retrieving revision 1.536
diff -u -p -r1.536 user.module
--- modules/user.module	30 Nov 2005 11:09:38 -0000	1.536
+++ modules/user.module	2 Dec 2005 02:29:39 -0000
@@ -424,7 +424,7 @@ function user_fields() {
  * Implementation of hook_perm().
  */
 function user_perm() {
-  return array('administer access control', 'administer users', 'access user profiles');
+  return array('administer access control', 'administer users', 'access user profiles', 'change own username');
 }
 
 /**
@@ -1157,7 +1157,9 @@ function user_register_execute($form_id,
 function user_edit_form($uid, $edit) {
   // Account information:
   $form['account'] = array('#type' => 'fieldset', '#title' => t('Account information'), '#weight' => 0);
-  $form['account']['name'] = array('#type' => 'textfield', '#title' => t('Username'), '#default_value' => $edit['name'], '#maxlength' => 55, '#description' => t('Your full name or your preferred username: only letters, numbers and spaces are allowed.'), '#required' => TRUE);
+  if (user_access('change own username') || user_access('administer users')) {
+    $form['account']['name'] = array('#type' => 'textfield', '#title' => t('Username'), '#default_value' => $edit['name'], '#maxlength' => 55, '#description' => t('Your full name or your preferred username: only letters, numbers and spaces are allowed.'), '#required' => TRUE);
+  }
   $form['account']['mail'] = array('#type' => 'textfield', '#title' => t('E-mail address'), '#default_value' => $edit['mail'], '#maxlength' => 55, '#description' => t('Insert a valid e-mail address.  All e-mails from the system will be sent to this address. The e-mail address is not made public and will only be used if you wish to receive a new password or wish to receive certain news or notifications by e-mail.'), '#required' => TRUE);
   $form['account']['pass'] = array('#type' => 'item', '#title' => t('Password'), '#value' => '<input type="password" class="form-password" name="edit[pass1]" size="12" maxlength="24" /> <input type="password" class="form-password" name="edit[pass2]" size="12" maxlength="24" />', '#required' => true);
   if (user_access('administer users')) {
@@ -1182,14 +1184,19 @@ function user_edit_form($uid, $edit) {
 
 function _user_edit_validate($uid, &$edit) {
   // Validate the username:
-  if ($error = user_validate_name($edit['name'])) {
-    form_set_error('name', $error);
-  }
-  else if (db_num_rows(db_query("SELECT uid FROM {users} WHERE uid != %d AND LOWER(name) = LOWER('%s')", $uid, $edit['name'])) > 0) {
-    form_set_error('name', t('The name %name is already taken.', array('%name' => theme('placeholder', $edit['name']))));
+  if (user_access('change own username') || user_access('administer users')) {
+    if ($error = user_validate_name($edit['name'])) {
+      form_set_error('name', $error);
+    }
+    else if (db_num_rows(db_query("SELECT uid FROM {users} WHERE uid != %d AND LOWER(name) = LOWER('%s')", $uid, $edit['name'])) > 0) {
+      form_set_error('name', t('The name %name is already taken.', array('%name' => theme('placeholder', $edit['name']))));
+    }
+    else if (drupal_is_denied('user', $edit['name'])) {
+      form_set_error('name', t('The name %name has been denied access.', array('%name' => theme('placeholder', $edit['name']))));
+    }
   }
-  else if (drupal_is_denied('user', $edit['name'])) {
-    form_set_error('name', t('The name %name has been denied access.', array('%name' => theme('placeholder', $edit['name']))));
+  else {
+    unset($edit['name']);
   }
 
   // Validate the e-mail address: