Index: trunk/core/units/permissions/permissions_event_handler.php
===================================================================
diff -u -N -r5326 -r5431
--- trunk/core/units/permissions/permissions_event_handler.php	(.../permissions_event_handler.php)	(revision 5326)
+++ trunk/core/units/permissions/permissions_event_handler.php	(.../permissions_event_handler.php)	(revision 5431)
@@ -3,6 +3,19 @@
 class PermissionsEventHandler extends InpDBEventHandler {
 
 	/**
+	 * Allows to override standart permission mapping
+	 *
+	 */
+	function mapPermissions()
+	{
+		parent::mapPermissions();
+		$permissions = Array(
+								'OnGroupSavePermissions'	=>	Array('subitem' => 'advanced:manage_permissions'),
+						);
+		$this->permMapping = array_merge($this->permMapping, $permissions);
+	}
+	
+	/**
 	 * Save category permissions
 	 *
 	 * @param kEvent $event
@@ -70,6 +83,11 @@
 	 */
 	function OnGroupSavePermissions(&$event)
 	{
+		if (!$this->Application->CheckPermission('in-portal:user_groups.advanced:manage_permissions', 1)) {
+			// no permission to save permissions
+			return false;
+		}
+		
 		$permissions = $this->Application->GetVar($event->getPrefixSpecial(true));
 		if (!$permissions) {
 			return false;