Index: trunk/core/units/permissions/permissions_event_handler.php
===================================================================
diff -u -N -r5302 -r5325
--- trunk/core/units/permissions/permissions_event_handler.php	(.../permissions_event_handler.php)	(revision 5302)
+++ trunk/core/units/permissions/permissions_event_handler.php	(.../permissions_event_handler.php)	(revision 5325)
@@ -9,16 +9,54 @@
 	 */
 	function OnCategorySavePermissions(&$event)
 	{
-		$group_id = $this->Application->GetVar('group_id');
+		$group_id = $this->Application->GetVar('current_group_id');
+		$category_id = $this->Application->GetVar('c_id');
 		$permissions = $this->Application->GetVar($event->getPrefixSpecial(true));
 		if (isset($permissions[$group_id])) {
 			$permissions = $permissions[$group_id];
-
 			
+			$object =& $event->getObject( Array('skip_autoload' => true) );
+			$permissions_helper =& $this->Application->recallObject('PermissionsHelper');
+			$permissions_helper->LoadPermissions($group_id, $category_id, 0, true);
 			
+			// format: <perm_name>['inherited'] || <perm_name>['value']
 			
-			
-			
+			$delete_ids = Array();
+			$create_sql = Array();
+			$update_sql = Array();
+			$create_mask = '(%s,%s,'.$group_id.',%s,0,'.$category_id.')';
+			$new_id = (int)$this->Conn->GetOne('SELECT MIN('.$object->IDField.') FROM '.$object->TableName);
+			if($new_id > 0) $new_id = 0;
+			--$new_id;
+		
+			foreach ($permissions as $perm_name => $perm_data) {
+				$inherited = $perm_data['inherited'];
+				$perm_value = isset($perm_data['value']) ? $perm_data['value'] : false;
+				$perm_id = $permissions_helper->getPermissionID($perm_name);
+				
+				if ($inherited && ($perm_id != 0)) {
+					// permission become inherited (+ direct value was set before) => DELETE
+					$delete_ids[] = $permissions_helper->getPermissionID($perm_name);
+				}
+				
+				if (!$inherited) {
+					// not inherited
+					if (($perm_id != 0) && ($perm_value != $permissions_helper->getPermissionValue($perm_name))) {
+						// record was found in db & new value differs from old one => UPDATE
+						$update_sql[] = '	UPDATE '.$object->TableName.'
+											SET PermissionValue = '.$perm_value.'
+											WHERE (PermissionId = '.$perm_id.')';
+					}
+					
+					if ($perm_id == 0) {
+						// not found in db, but set directly => INSERT
+						$create_sql[] = sprintf($create_mask, $new_id--, $this->Conn->qstr($perm_name), $this->Conn->qstr($perm_value));
+					}
+				}
+				// permission state was not changed in all other cases
+			}
+	
+			$this->UpdatePermissions($event, $create_sql, $update_sql, $delete_ids);
 		}
 		
 		$event->MasterEvent->SetRedirectParam('item_prefix', $this->Application->GetVar('item_prefix'));
@@ -40,7 +78,7 @@
 		$object =& $event->getObject( Array('skip_autoload' => true) );
 		$group_id = $this->Application->GetVar('g_id');
 		$permissions_helper =& $this->Application->recallObject('PermissionsHelper');
-		$permissions_helper->LoadPermissions('g');
+		$permissions_helper->LoadPermissions($group_id, 0, 1);
 
 		$delete_ids = Array();
 		$create_sql = Array();
@@ -70,32 +108,53 @@
 			}
 		}
 
+		$this->UpdatePermissions($event, $create_sql, Array(), $delete_ids);
+	
+		if ($this->Application->GetVar('advanced_save') == 1) {
+			// advanced permission popup [save button]
+			$this->finalizePopup($event);
+//			$event->redirect = 'incs/just_close';
+		}
+		elseif ($this->Application->GetVar('section_name') != '') {
+			// save simple permissions before opening advanced permission popup
+			$event->redirect = false;
+		}
+
+	}
+	
+	/**
+	 * Apply modification sqls to permissions table
+	 *
+	 * @param kEvent $event
+	 * @param Array $create_sql
+	 * @param Array $update_sql
+	 * @param Array $delete_ids
+	 */
+	function UpdatePermissions(&$event, $create_sql, $update_sql, $delete_ids)
+	{
+		$object =& $event->getObject();
+		
 		if ($delete_ids) {
 			$delete_sql = '	DELETE FROM '.$object->TableName.'
-								WHERE '.$object->IDField.' IN ('.implode(',', $delete_ids).')';
+							WHERE '.$object->IDField.' IN ('.implode(',', $delete_ids).')';
 			$this->Conn->Query($delete_sql);
 		}
 
 		if ($create_sql) {
 			$create_sql = '	INSERT INTO '.$object->TableName.'
-								VALUES '.implode(',', $create_sql);
+							VALUES '.implode(',', $create_sql);
 			$this->Conn->Query($create_sql);
 		}
+		
+		if ($update_sql) {
+			foreach ($update_sql as $sql) {
+				$this->Conn->Query($sql);
+			}
+		}
 
-		if ($delete_ids || $create_sql) {
+		if ($delete_ids || $create_sql || $update_sql) {
 			$object->setModifiedFlag();
 		}
-
-		if ($this->Application->GetVar('advanced_save') == 1) {
-			// advanced permission popup [save button]
-			$this->finalizePopup($event);
-//			$event->redirect = 'incs/just_close';
-		}
-		elseif ($this->Application->GetVar('section_name') != '') {
-			// save simple permissions before opening advanced permission popup
-			$event->redirect = false;
-		}
-
 	}
 }