Index: openacs-4/packages/acs-subsite/www/permissions/one-oracle.xql
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-subsite/www/permissions/one-oracle.xql,v
diff -u -r1.4 -r1.5
--- openacs-4/packages/acs-subsite/www/permissions/one-oracle.xql	16 Jan 2003 13:40:37 -0000	1.4
+++ openacs-4/packages/acs-subsite/www/permissions/one-oracle.xql	2 Aug 2003 06:18:49 -0000	1.5
@@ -22,7 +22,7 @@
         select grantee_id, acs_object.name(grantee_id) as grantee_name,
                privilege, -1 as counter
         from acs_permissions
-        where object_id = :object_id)
+        where object_id = :object_id )
   group by grantee_id, grantee_name, privilege
   having sum(counter) > 0
 
@@ -37,6 +37,7 @@
          privilege
   from acs_permissions
   where object_id = :object_id
+	$extra_where_clause
 
       </querytext>
 </fullquery>
Index: openacs-4/packages/acs-subsite/www/permissions/one-postgresql.xql
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-subsite/www/permissions/one-postgresql.xql,v
diff -u -r1.5 -r1.6
--- openacs-4/packages/acs-subsite/www/permissions/one-postgresql.xql	16 Jan 2003 13:40:37 -0000	1.5
+++ openacs-4/packages/acs-subsite/www/permissions/one-postgresql.xql	2 Aug 2003 06:18:49 -0000	1.6
@@ -22,7 +22,7 @@
         select grantee_id, acs_object__name(grantee_id) as grantee_name,
                privilege, -1 as counter
         from acs_permissions
-        where object_id = :object_id) dummy
+        where object_id = :object_id ) dummy
   group by grantee_id, grantee_name, privilege
   having sum(counter) > 0
 
@@ -37,6 +37,7 @@
          privilege
   from acs_permissions
   where object_id = :object_id
+	$extra_where_clause
 
       </querytext>
 </fullquery>
Index: openacs-4/packages/acs-subsite/www/permissions/one.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-subsite/www/permissions/one.tcl,v
diff -u -r1.5 -r1.6
--- openacs-4/packages/acs-subsite/www/permissions/one.tcl	17 May 2003 10:02:04 -0000	1.5
+++ openacs-4/packages/acs-subsite/www/permissions/one.tcl	2 Aug 2003 06:18:49 -0000	1.6
@@ -16,8 +16,22 @@
 set user_id [ad_maybe_redirect_for_registration]
 ad_require_permission $object_id admin
 
-set name [ad_quotehtml [db_string name {select acs_object.name(:object_id) from dual}]]
+#
+# RBM: Check if this is the Main Site and prevent the user from being
+#      able to remove Read permission on "The Public" and locking
+#      him/herself out.
+#
 
+set node_id [site_node::get_node_id_from_object_id -object_id $object_id]
+set ancestor [site_node::closest_ancestor_package -node_id $node_id]
+set extra_where_clause ""
+
+if {[empty_string_p $ancestor]} {
+	set extra_where_clause "AND grantee_id <> -1"
+}
+
+set name [ad_quotehtml [db_string name {}]]
+
 set context [list [list "./" [_ acs-subsite.Permissions]] [_ acs-subsite.Permissions_for_name]]
 
 db_multirow inherited inherited_permissions { *SQL* } { 
@@ -30,7 +44,7 @@
 
 set controls [list]
 
-lappend controls "<a href=grant?[export_url_vars {application_url object_id}]>[_ acs-subsite.Grant_Permission]</a>"
+lappend controls "<a href=grant?[export_vars {application_url object_id}]>[_ acs-subsite.Grant_Permission]</a>"
 
 db_1row context { *SQL* }