Index: modules/comment/comment.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/comment/comment.module,v
retrieving revision 1.604
diff -u -p -r1.604 comment.module
--- modules/comment/comment.module	6 Dec 2007 09:58:30 -0000	1.604
+++ modules/comment/comment.module	8 Dec 2007 03:23:16 -0000
@@ -1079,6 +1079,15 @@ function comment_num_replies($pid) {
   return $cache[$pid];
 }
 
+function comment_authenticated_user_has_post_perm() {
+  static $post_perm;
+  
+  if (!isset($post_perm)) {
+    $post_perm = db_result(db_query("SELECT pid FROM {permission} WHERE rid = %d AND perm LIKE '%%%s%%'", DRUPAL_AUTHENTICATED_RID, 'post comments'));
+  }  
+  return is_numeric($post_perm);
+}
+
 /**
  * get number of new comments for current user and specified node
  *
@@ -1639,11 +1648,13 @@ function theme_comment_post_forbidden($n
       $destination = "destination=". drupal_urlencode("node/$node->nid#comment-form");
     }
 
-    if (variable_get('user_register', 1)) {
-      return t('<a href="@login">Login</a> or <a href="@register">register</a> to post comments', array('@login' => url('user/login', array('query' => $destination)), '@register' => url('user/register', array('query' => $destination))));
-    }
-    else {
-      return t('<a href="@login">Login</a> to post comments', array('@login' => url('user/login', array('query' => $destination))));
+    if (comment_authenticated_user_has_post_perm()) {
+      if (variable_get('user_register', 1)) {
+        return t('<a href="@login">Login</a> or <a href="@register">register</a> to post comments', array('@login' => url('user/login', array('query' => $destination)), '@register' => url('user/register', array('query' => $destination))));
+      }
+      else {
+        return t('<a href="@login">Login</a> to post comments', array('@login' => url('user/login', array('query' => $destination))));
+      }
     }
   }
 }