Index: includes/form.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/form.inc,v
retrieving revision 1.373
diff -u -p -r1.373 form.inc
--- includes/form.inc	18 Sep 2009 00:12:45 -0000	1.373
+++ includes/form.inc	19 Sep 2009 05:07:44 -0000
@@ -1959,18 +1959,50 @@ function form_process_text_format($eleme
     $element_name = array_pop($element_parents);
     $element_parents[] = $element_name . '_format';
 
-    // We need to break references, otherwise form_builder recurses infinitely.
-    $element['value'] = (array)$element;
-    $element['value']['#weight'] = 0;
-    unset($element['value']['#description']);
+    if (filter_access($element['#text_format'])) {
+      // We need to break references, otherwise form_builder recurses infinitely.
+      $element['value'] = (array)$element;
+      $element['value']['#weight'] = 0;
+      unset($element['value']['#description']);
+      $element['format'] = filter_form($element['#text_format'], 1, $element_parents);
+
+      // We need to clear the #text_format from the new child otherwise we
+      // would get into an infinite loop.
+      unset($element['value']['#text_format']);
+    }
+    else {
+      // @todo Breaks on previews.
+
+      // We need to break references, otherwise form_builder recurses infinitely.
+      $element['denied'] = (array)$element;
+      // We need to clear the #text_format from the new child otherwise we
+      // would get into an infinite loop.
+      unset($element['denied']['#text_format']);
+
+      $element['denied']['#value'] = t('This field has been disabled because you do not have sufficient permissions to edit it.');
+      if (strpos($element['#type'], 'textarea') !== FALSE) {
+        $element['denied']['#rows'] = 3;
+      }
+      $element['denied']['#disabled'] = TRUE;
+      $element['denied']['#resizable'] = FALSE;
+
+      // Ensure #default_value is #value.
+      $element['value'] = array(
+        '#type' => 'value',
+        '#value' => $element['#default_value'],
+      );
+
+      // Add fixed format.
+      $element['format'] = array(
+        '#type' => 'value',
+        '#value' => $element['#text_format'],
+        '#parents' => $element_parents,
+      );
+    }
+    // Reset original element.
     $element['#type'] = 'markup';
     $element['#theme'] = NULL;
     $element['#theme_wrappers'] = array('text_format_wrapper');
-    $element['format'] = filter_form($element['#text_format'], 1, $element_parents);
-
-    // We need to clear the #text_format from the new child otherwise we
-    // would get into an infinite loop.
-    unset($element['value']['#text_format']);
   }
   return $element;
 }
Index: modules/block/block.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/block/block.module,v
retrieving revision 1.377
diff -u -p -r1.377 block.module
--- modules/block/block.module	18 Sep 2009 00:04:22 -0000	1.377
+++ modules/block/block.module	19 Sep 2009 04:16:59 -0000
@@ -355,7 +355,6 @@ function block_custom_block_form($edit =
     '#description' => t('The content of the block as shown to the user.'),
     '#required' => TRUE,
     '#weight' => -17,
-    '#access' => filter_access($edit['format']),
   );
 
   return $form;
Index: modules/node/node.test
===================================================================
RCS file: /cvs/drupal/drupal/modules/node/node.test,v
retrieving revision 1.43
diff -u -p -r1.43 node.test
--- modules/node/node.test	29 Aug 2009 04:16:15 -0000	1.43
+++ modules/node/node.test	19 Sep 2009 04:48:45 -0000
@@ -178,8 +178,9 @@ class PageEditTestCase extends DrupalWeb
   function setUp() {
     parent::setUp();
 
-    $web_user = $this->drupalCreateUser(array('edit own page content', 'create page content'));
-    $this->drupalLogin($web_user);
+    $this->admin_user = $this->drupalCreateUser(array('administer filters', 'edit any page content', 'create page content'));
+    $this->web_user = $this->drupalCreateUser(array('edit own page content', 'create page content'));
+    $this->drupalLogin($this->web_user);
   }
 
   /**
@@ -243,6 +244,73 @@ class PageEditTestCase extends DrupalWeb
     $second_node_version = node_load($node->nid, $revised_node->vid);
     $this->assertNotIdentical($first_node_version->revision_uid, $second_node_version->revision_uid, 'Each revision has a distinct user.');
   }
+
+  /**
+   * Test edit page with special text format.
+   *
+   * Test if a normal user is able to edit the page but is not allowed to change
+   * the fields which use an inaccessible text format.
+   */
+  function testPageEditLimitedPermission() {
+    $moderator = $this->drupalCreateUser(array('edit any page content', 'create page content'));
+
+    $this->drupalLogout();
+    $this->drupalLogin($this->admin_user);
+
+    list($filtered, $full) = $this->getFilterFormats();
+
+    // Create node to edit.
+    $edit = array();
+    $edit['title'] = $this->randomName(8);
+    $edit['body'] = $this->randomName(16);
+    $edit['body_format'] = $full;
+    $this->drupalPost('node/add/page', $edit, t('Save'));
+    $node = $this->drupalGetNodeByTitle($edit['title']);
+
+    // Try to edit with normal user
+    $this->drupalLogout();
+    $this->drupalLogin($moderator);
+    $this->drupalGet("node/$node->nid");
+
+    // Verify that "Edit" link exists.
+    $this->clickLink(t('Edit'));
+
+    // Check if body field is read only.
+    $this->assertFieldByXPath("//textarea[@id='edit-body' and @disabled='disabled']", t('This field has been disabled because you do not have sufficient permissions to edit it.'), t('Body field contains denied message'));
+
+    // Try to "force" the change.
+    $new_edit = array();
+    $new_edit['title'] = $this->randomName(8);
+    $this->drupalPost("node/$node->nid/edit", $new_edit, t('Save'));
+
+    // Check that only the title is displayed with the updated values, the body
+    // should use the old values
+    $this->assertText($new_edit['title'], t('New title displayed.'));
+    $this->assertText($edit['body'], t('Old body displayed.'));
+  }
+
+  /**
+   * Query the database to get the two basic formats.
+   *
+   * @return
+   *   Array containing filtered and full filter ids.
+   */
+  function getFilterFormats() {
+    $result = db_query('SELECT format, name FROM {filter_format}');
+
+    $filtered = -1;
+    $full = -1;
+    foreach ($result as $format) {
+      if ($format->name == 'Filtered HTML') {
+        $filtered = $format->format;
+      }
+      elseif ($format->name == 'Full HTML') {
+        $full = $format->format;
+      }
+    }
+
+    return array($filtered, $full);
+  }
 }
 
 class PagePreviewTestCase extends DrupalWebTestCase {