--- diff.module 2007-02-03 20:48:16.000000000 +0100 +++ diff_patched.module 2007-03-07 19:14:18.000000000 +0100 @@ -42,7 +42,7 @@ if (arg(0) == 'node' && is_numeric(arg(1))) { $node = node_load(arg(1)); if ($node->nid) { - $revisions_access = (user_access('view revisions') || user_access('administer nodes')) && + $revisions_access = (user_access('view revisions') || user_access('administer revisions')) && node_access('view', $node) && db_result(db_query('SELECT COUNT(vid) FROM {node_revisions} WHERE nid = %d', arg(1))) > 1; $items[] = array( @@ -78,7 +78,7 @@ switch ($op) { case 'overview': $node = node_load(arg(1)); - if ((user_access('view revisions') || user_access('administer nodes')) && node_access('view', $node)) { + if ((user_access('view revisions') || user_access('administer revisions')) && node_access('view', $node)) { return diff_diffs_overview($node); } drupal_access_denied(); @@ -88,7 +88,7 @@ if (is_numeric(arg(4)) && is_numeric(arg(5))) { $node = node_load(arg(1)); if ($node->nid) { - if ((user_access('view revisions') || user_access('administer nodes')) && node_access('view', $node)) { + if ((user_access('view revisions') || user_access('administer revisions')) && node_access('view', $node)) { drupal_set_title(t('Diff for %title', array('%title' => $node->title))); return diff_diffs_show($node, arg(4), arg(5)); } @@ -151,11 +151,11 @@ } $revert_permission = FALSE; - if ((user_access('revert revisions') || user_access('administer nodes')) && node_access('update', $node)) { + if ((user_access('revert revisions') || user_access('administer revisions')) && node_access('update', $node)) { $revert_permission = TRUE; } $delete_permission = FALSE; - if (user_access('administer nodes')) { + if (user_access('administer revisions') && node_access('delete', $node)) { $delete_permission = TRUE; }