Index: branches/unlabeled/unlabeled-1.3.2/admin/install/upgrades/inportal_upgrade_v1.2.0.sql
===================================================================
diff -u -r5280 -r5330
--- branches/unlabeled/unlabeled-1.3.2/admin/install/upgrades/inportal_upgrade_v1.2.0.sql	(.../inportal_upgrade_v1.2.0.sql)	(revision 5280)
+++ branches/unlabeled/unlabeled-1.3.2/admin/install/upgrades/inportal_upgrade_v1.2.0.sql	(.../inportal_upgrade_v1.2.0.sql)	(revision 5330)
@@ -44,6 +44,7 @@
 INSERT INTO Permissions (Permission, GroupId, PermissionValue, Type, CatId) VALUES ('in-portal:user_groups.edit', 11, 1, 1, 0);
 INSERT INTO Permissions (Permission, GroupId, PermissionValue, Type, CatId) VALUES ('in-portal:user_groups.delete', 11, 1, 1, 0);
 INSERT INTO Permissions (Permission, GroupId, PermissionValue, Type, CatId) VALUES ('in-portal:user_groups.advanced:send_email', 11, 1, 1, 0);
+INSERT INTO Permissions (Permission, GroupId, PermissionValue, Type, CatId) VALUES ('in-portal:user_groups.advanced:manage_permissions', 11, 1, 1, 0);
 INSERT INTO Permissions (Permission, GroupId, PermissionValue, Type, CatId) VALUES ('in-portal:configure_users.view', 11, 1, 1, 0);
 INSERT INTO Permissions (Permission, GroupId, PermissionValue, Type, CatId) VALUES ('in-portal:configure_users.edit', 11, 1, 1, 0);
 INSERT INTO Permissions (Permission, GroupId, PermissionValue, Type, CatId) VALUES ('in-portal:user_email.view', 11, 1, 1, 0);
Index: branches/unlabeled/unlabeled-1.1.2/kernel/admin_templates/groups/groups_edit_tabs.tpl
===================================================================
diff -u -r4950 -r5330
--- branches/unlabeled/unlabeled-1.1.2/kernel/admin_templates/groups/groups_edit_tabs.tpl	(.../groups_edit_tabs.tpl)	(revision 4950)
+++ branches/unlabeled/unlabeled-1.1.2/kernel/admin_templates/groups/groups_edit_tabs.tpl	(.../groups_edit_tabs.tpl)	(revision 5330)
@@ -5,7 +5,10 @@
 			<tr>
 				<inp2:m_ParseBlock name="tab" title="la_tab_General" t="groups/groups_edit" main_prefix="g"/>
 				<!--<inp2:m_ParseBlock name="tab" title="la_tab_Users" t="groups/groups_edit_users" main_prefix="g"/>-->
-				<inp2:m_ParseBlock name="tab" title="la_tab_Permissions" t="groups/groups_edit_permissions" main_prefix="g"/>
+				
+				<inp2:m_if check="m_CheckPermission" permissions="in-portal:user_groups.advanced:manage_permissions" system="1">
+					<inp2:m_ParseBlock name="tab" title="la_tab_Permissions" t="groups/groups_edit_permissions" main_prefix="g"/>
+				</inp2:m_if>
 			</tr>
 		</table>
 	</td>
Index: branches/unlabeled/unlabeled-1.8.2/kernel/units/groups/groups_config.php
===================================================================
diff -u -r5188 -r5330
--- branches/unlabeled/unlabeled-1.8.2/kernel/units/groups/groups_config.php	(.../groups_config.php)	(revision 5188)
+++ branches/unlabeled/unlabeled-1.8.2/kernel/units/groups/groups_config.php	(.../groups_config.php)	(revision 5330)
@@ -50,7 +50,7 @@
 																						'icon'			=>	'usergroups',
 																						'label'			=>	'la_tab_User_Groups',
 																						'url'			=>	Array('t' => 'groups/groups_list', 'pass' => 'm'),
-																						'permissions'	=>	Array('view', 'add', 'edit', 'delete', 'advanced:send_email'),
+																						'permissions'	=>	Array('view', 'add', 'edit', 'delete', 'advanced:send_email', 'advanced:manage_permissions'),
 																						'priority'		=>	2,
 																						'type'			=>	stTREE,
 																				),
Index: branches/unlabeled/unlabeled-1.1.2/core/admin_templates/groups/groups_edit_tabs.tpl
===================================================================
diff -u -r4950 -r5330
--- branches/unlabeled/unlabeled-1.1.2/core/admin_templates/groups/groups_edit_tabs.tpl	(.../groups_edit_tabs.tpl)	(revision 4950)
+++ branches/unlabeled/unlabeled-1.1.2/core/admin_templates/groups/groups_edit_tabs.tpl	(.../groups_edit_tabs.tpl)	(revision 5330)
@@ -5,7 +5,10 @@
 			<tr>
 				<inp2:m_ParseBlock name="tab" title="la_tab_General" t="groups/groups_edit" main_prefix="g"/>
 				<!--<inp2:m_ParseBlock name="tab" title="la_tab_Users" t="groups/groups_edit_users" main_prefix="g"/>-->
-				<inp2:m_ParseBlock name="tab" title="la_tab_Permissions" t="groups/groups_edit_permissions" main_prefix="g"/>
+				
+				<inp2:m_if check="m_CheckPermission" permissions="in-portal:user_groups.advanced:manage_permissions" system="1">
+					<inp2:m_ParseBlock name="tab" title="la_tab_Permissions" t="groups/groups_edit_permissions" main_prefix="g"/>
+				</inp2:m_if>
 			</tr>
 		</table>
 	</td>
Index: branches/unlabeled/unlabeled-1.8.2/core/admin_templates/groups/groups_edit_permissions.tpl
===================================================================
diff -u -r4944 -r5330
--- branches/unlabeled/unlabeled-1.8.2/core/admin_templates/groups/groups_edit_permissions.tpl	(.../groups_edit_permissions.tpl)	(revision 4944)
+++ branches/unlabeled/unlabeled-1.8.2/core/admin_templates/groups/groups_edit_permissions.tpl	(.../groups_edit_permissions.tpl)	(revision 5330)
@@ -1,4 +1,4 @@
-<inp2:m_RequireLogin permissions="in-portal:user_groups.view" system="1"/>
+<inp2:m_RequireLogin permissions="in-portal:user_groups.advanced:manage_permissions" system="1"/>
 <inp2:m_include t="incs/header" nobody="yes"/>
 
 <body topmargin="0" leftmargin="8" marginheight="0" marginwidth="8" bgcolor="#FFFFFF">
Index: branches/unlabeled/unlabeled-1.1.2/kernel/units/permissions/permissions_event_handler.php
===================================================================
diff -u -r4950 -r5330
--- branches/unlabeled/unlabeled-1.1.2/kernel/units/permissions/permissions_event_handler.php	(.../permissions_event_handler.php)	(revision 4950)
+++ branches/unlabeled/unlabeled-1.1.2/kernel/units/permissions/permissions_event_handler.php	(.../permissions_event_handler.php)	(revision 5330)
@@ -3,12 +3,30 @@
 class PermissionsEventHandler extends InpDBEventHandler {
 
 	/**
-		 * Saves permissions while editing group
-		 *
-		 * @param kEvent $event
-		 */
+	 * Allows to override standart permission mapping
+	 *
+	 */
+	function mapPermissions()
+	{
+		parent::mapPermissions();
+		$permissions = Array(
+								'OnSavePermissions'	=>	Array('subitem' => 'advanced:manage_permissions'),
+						);
+		$this->permMapping = array_merge($this->permMapping, $permissions);
+	}
+	
+	/**
+	 * Saves permissions while editing group
+	 *
+	 * @param kEvent $event
+	 */
 	function OnSavePermissions(&$event)
 	{
+		if (!$this->Application->CheckPermission('in-portal:user_groups.advanced:manage_permissions', 1)) {
+			// no permission to save permissions
+			return false;
+		}
+		
 		$permissions = $this->Application->GetVar($event->getPrefixSpecial(true));
 		if (!$permissions) {
 			return false;
Index: branches/unlabeled/unlabeled-1.12.2/core/units/admin/admin_config.php
===================================================================
diff -u -r4941 -r5330
--- branches/unlabeled/unlabeled-1.12.2/core/units/admin/admin_config.php	(.../admin_config.php)	(revision 4941)
+++ branches/unlabeled/unlabeled-1.12.2/core/units/admin/admin_config.php	(.../admin_config.php)	(revision 5330)
@@ -24,7 +24,7 @@
 																						'icon'			=>	'site',
 																						'label'			=>	$this->Application->ConfigValue('Site_Name'),
 																						'url'			=>	Array('t' => 'sections_list', 'pass' => 'm', 'pass_section' => true, 'no_amp' => 1),
-																						'permissions'	=>	Array('view', 'advanced:admin_login', 'advanced:front_login'),
+																						'permissions'	=>	Array('advanced:admin_login', 'advanced:front_login'),
 																						'priority'		=>	0,
 																						'type'			=>	stTREE,
 																				),
Index: branches/unlabeled/unlabeled-1.8.2/kernel/admin_templates/groups/groups_edit_permissions.tpl
===================================================================
diff -u -r4944 -r5330
--- branches/unlabeled/unlabeled-1.8.2/kernel/admin_templates/groups/groups_edit_permissions.tpl	(.../groups_edit_permissions.tpl)	(revision 4944)
+++ branches/unlabeled/unlabeled-1.8.2/kernel/admin_templates/groups/groups_edit_permissions.tpl	(.../groups_edit_permissions.tpl)	(revision 5330)
@@ -1,4 +1,4 @@
-<inp2:m_RequireLogin permissions="in-portal:user_groups.view" system="1"/>
+<inp2:m_RequireLogin permissions="in-portal:user_groups.advanced:manage_permissions" system="1"/>
 <inp2:m_include t="incs/header" nobody="yes"/>
 
 <body topmargin="0" leftmargin="8" marginheight="0" marginwidth="8" bgcolor="#FFFFFF">
Index: branches/unlabeled/unlabeled-1.1.2/core/units/permissions/permissions_event_handler.php
===================================================================
diff -u -r4950 -r5330
--- branches/unlabeled/unlabeled-1.1.2/core/units/permissions/permissions_event_handler.php	(.../permissions_event_handler.php)	(revision 4950)
+++ branches/unlabeled/unlabeled-1.1.2/core/units/permissions/permissions_event_handler.php	(.../permissions_event_handler.php)	(revision 5330)
@@ -3,12 +3,30 @@
 class PermissionsEventHandler extends InpDBEventHandler {
 
 	/**
-		 * Saves permissions while editing group
-		 *
-		 * @param kEvent $event
-		 */
+	 * Allows to override standart permission mapping
+	 *
+	 */
+	function mapPermissions()
+	{
+		parent::mapPermissions();
+		$permissions = Array(
+								'OnSavePermissions'	=>	Array('subitem' => 'advanced:manage_permissions'),
+						);
+		$this->permMapping = array_merge($this->permMapping, $permissions);
+	}
+	
+	/**
+	 * Saves permissions while editing group
+	 *
+	 * @param kEvent $event
+	 */
 	function OnSavePermissions(&$event)
 	{
+		if (!$this->Application->CheckPermission('in-portal:user_groups.advanced:manage_permissions', 1)) {
+			// no permission to save permissions
+			return false;
+		}
+		
 		$permissions = $this->Application->GetVar($event->getPrefixSpecial(true));
 		if (!$permissions) {
 			return false;
Index: branches/unlabeled/unlabeled-1.7.2/kernel/admin_templates/groups/permissions_selector.tpl
===================================================================
diff -u -r5290 -r5330
--- branches/unlabeled/unlabeled-1.7.2/kernel/admin_templates/groups/permissions_selector.tpl	(.../permissions_selector.tpl)	(revision 5290)
+++ branches/unlabeled/unlabeled-1.7.2/kernel/admin_templates/groups/permissions_selector.tpl	(.../permissions_selector.tpl)	(revision 5330)
@@ -1,4 +1,4 @@
-<inp2:m_RequireLogin permissions="in-portal:user_groups.view" system="1"/>
+<inp2:m_RequireLogin permissions="in-portal:user_groups.advanced:manage_permissions" system="1"/>
 <inp2:m_include t="incs/header" nobody="yes"/>
 
 <body topmargin="0" leftmargin="8" marginheight="0" marginwidth="8" bgcolor="#FFFFFF">
Index: branches/unlabeled/unlabeled-1.12.2/kernel/units/admin/admin_config.php
===================================================================
diff -u -r4941 -r5330
--- branches/unlabeled/unlabeled-1.12.2/kernel/units/admin/admin_config.php	(.../admin_config.php)	(revision 4941)
+++ branches/unlabeled/unlabeled-1.12.2/kernel/units/admin/admin_config.php	(.../admin_config.php)	(revision 5330)
@@ -24,7 +24,7 @@
 																						'icon'			=>	'site',
 																						'label'			=>	$this->Application->ConfigValue('Site_Name'),
 																						'url'			=>	Array('t' => 'sections_list', 'pass' => 'm', 'pass_section' => true, 'no_amp' => 1),
-																						'permissions'	=>	Array('view', 'advanced:admin_login', 'advanced:front_login'),
+																						'permissions'	=>	Array('advanced:admin_login', 'advanced:front_login'),
 																						'priority'		=>	0,
 																						'type'			=>	stTREE,
 																				),
Index: branches/unlabeled/unlabeled-1.62.2/admin/install/inportal_data.sql
===================================================================
diff -u -r5280 -r5330
--- branches/unlabeled/unlabeled-1.62.2/admin/install/inportal_data.sql	(.../inportal_data.sql)	(revision 5280)
+++ branches/unlabeled/unlabeled-1.62.2/admin/install/inportal_data.sql	(.../inportal_data.sql)	(revision 5330)
@@ -297,6 +297,7 @@
 INSERT INTO Permissions (Permission, GroupId, PermissionValue, Type, CatId) VALUES ('in-portal:user_groups.edit', 11, 1, 1, 0);
 INSERT INTO Permissions (Permission, GroupId, PermissionValue, Type, CatId) VALUES ('in-portal:user_groups.delete', 11, 1, 1, 0);
 INSERT INTO Permissions (Permission, GroupId, PermissionValue, Type, CatId) VALUES ('in-portal:user_groups.advanced:send_email', 11, 1, 1, 0);
+INSERT INTO Permissions (Permission, GroupId, PermissionValue, Type, CatId) VALUES ('in-portal:user_groups.advanced:manage_permissions', 11, 1, 1, 0);
 INSERT INTO Permissions (Permission, GroupId, PermissionValue, Type, CatId) VALUES ('in-portal:configure_users.view', 11, 1, 1, 0);
 INSERT INTO Permissions (Permission, GroupId, PermissionValue, Type, CatId) VALUES ('in-portal:configure_users.edit', 11, 1, 1, 0);
 INSERT INTO Permissions (Permission, GroupId, PermissionValue, Type, CatId) VALUES ('in-portal:user_email.view', 11, 1, 1, 0);
Index: branches/unlabeled/unlabeled-1.8.2/core/units/groups/groups_config.php
===================================================================
diff -u -r5186 -r5330
--- branches/unlabeled/unlabeled-1.8.2/core/units/groups/groups_config.php	(.../groups_config.php)	(revision 5186)
+++ branches/unlabeled/unlabeled-1.8.2/core/units/groups/groups_config.php	(.../groups_config.php)	(revision 5330)
@@ -50,7 +50,7 @@
 																						'icon'			=>	'usergroups',
 																						'label'			=>	'la_tab_User_Groups',
 																						'url'			=>	Array('t' => 'groups/groups_list', 'pass' => 'm'),
-																						'permissions'	=>	Array('view', 'add', 'edit', 'delete', 'advanced:send_email'),
+																						'permissions'	=>	Array('view', 'add', 'edit', 'delete', 'advanced:send_email', 'advanced:manage_permissions'),
 																						'priority'		=>	2,
 																						'type'			=>	stTREE,
 																				),
Index: branches/unlabeled/unlabeled-1.7.2/core/admin_templates/groups/permissions_selector.tpl
===================================================================
diff -u -r5290 -r5330
--- branches/unlabeled/unlabeled-1.7.2/core/admin_templates/groups/permissions_selector.tpl	(.../permissions_selector.tpl)	(revision 5290)
+++ branches/unlabeled/unlabeled-1.7.2/core/admin_templates/groups/permissions_selector.tpl	(.../permissions_selector.tpl)	(revision 5330)
@@ -1,4 +1,4 @@
-<inp2:m_RequireLogin permissions="in-portal:user_groups.view" system="1"/>
+<inp2:m_RequireLogin permissions="in-portal:user_groups.advanced:manage_permissions" system="1"/>
 <inp2:m_include t="incs/header" nobody="yes"/>
 
 <body topmargin="0" leftmargin="8" marginheight="0" marginwidth="8" bgcolor="#FFFFFF">