Index: openacs-4/packages/forums/tcl/forums-security-procs.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/forums/tcl/forums-security-procs.tcl,v
diff -u -r1.3.2.1 -r1.3.2.2
--- openacs-4/packages/forums/tcl/forums-security-procs.tcl	14 Oct 2002 21:20:01 -0000	1.3.2.1
+++ openacs-4/packages/forums/tcl/forums-security-procs.tcl	20 Jan 2003 14:29:04 -0000	1.3.2.2
@@ -57,7 +57,7 @@
         {-user_id ""}
         {-forum_id:required}
     } {
-        return [permission::permission_p -party_id $user_id -object_id $forum_id -privilege forum_write]
+        return [permission::permission_p -party_id $user_id -object_id $forum_id -privilege forum_create]
     }
 
     ad_proc -public require_post_forum {
Index: openacs-4/packages/forums/www/message-post.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/forums/www/message-post.tcl,v
diff -u -r1.13.2.4 -r1.13.2.5
--- openacs-4/packages/forums/www/message-post.tcl	28 Nov 2002 15:53:19 -0000	1.13.2.4
+++ openacs-4/packages/forums/www/message-post.tcl	20 Jan 2003 14:29:04 -0000	1.13.2.5
@@ -183,10 +183,15 @@
 
     # trim multiple leading Re:
     regsub {^(\s*Re:\s*)*} $subject {Re: } subject
+
+    # see if they're allowed to add to this thread
+    forum::security::require_post_message -message_id $parent_id
+} else {
+    # no parent_id, therefore new thread
+    # require thread creation privs
+    forum::security::require_post_forum -forum_id $forum_id
 }
 
-forum::security::require_post_forum -forum_id $forum_id
-
 forum::get -forum_id $forum_id -array forum
 
 # Prepare the other data 
Index: openacs-4/packages/forums/www/message-view.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/forums/www/message-view.tcl,v
diff -u -r1.11.2.1 -r1.11.2.2
--- openacs-4/packages/forums/www/message-view.tcl	28 Nov 2002 15:53:19 -0000	1.11.2.1
+++ openacs-4/packages/forums/www/message-view.tcl	20 Jan 2003 14:29:04 -0000	1.11.2.2
@@ -17,18 +17,18 @@
 set table_bgcolor [parameter::get -parameter table_bgcolor]
 set table_other_bgcolor [parameter::get -parameter table_other_bgcolor]
 
+# Load up the message information
+forum::message::get -message_id $message_id -array message
+set message(subject) [ad_quotehtml $message(subject)]
+
 # Check if the user has admin on the message
 set moderate_p [forum::security::can_moderate_message_p -message_id $message_id]
 if {!${moderate_p}} {
-    set post_p [forum::security::can_post_message_p -message_id $message_id]
+    set post_p [forum::security::can_post_forum_p -forum_id $message(forum_id)]
 } else {
     set post_p 1
 }
 
-# Load up the message information
-forum::message::get -message_id $message_id -array message
-set message(subject) [ad_quotehtml $message(subject)]
-
 form create search -action search
 
 element create search search_text \