Level 1 users cannot edit or delete published posts. http://mosquito.wordpress.org/view.php?id=1004

git-svn-id: http://svn.automattic.com/wordpress/trunk@2452 1a063a9b-81f0-0310-95a4-ce76da25c4cd

wp-admin/edit.php

@@ -208,13 +208,13 @@ foreach($posts_columns as $column_name=>$column_display_name) {
 
 	case 'control_edit':
 		?>
-		<td><?php if ( user_can_edit_user($user_ID,$authordata->ID) ) { echo "<a href='post.php?action=edit&amp;post=$id' class='edit'>" . __('Edit') . "</a>"; } ?></td>
+		<td><?php if ( user_can_edit_post($user_ID,$post->ID) ) { echo "<a href='post.php?action=edit&amp;post=$id' class='edit'>" . __('Edit') . "</a>"; } ?></td>
 		<?php
 		break;
 
 	case 'control_delete':
 		?>
-		<td><?php if ( user_can_edit_user($user_ID,$authordata->ID) ) { echo "<a href='post.php?action=delete&amp;post=$id' class='delete' onclick=\"return confirm('" . sprintf(__("You are about to delete this post \'%s\'\\n  \'OK\' to delete, \'Cancel\' to stop."), wp_specialchars(get_the_title('', ''), 1) ) . "')\">" . __('Delete') . "</a>"; } ?></td>
+		<td><?php if ( user_can_edit_post($user_ID,$post->ID) ) { echo "<a href='post.php?action=delete&amp;post=$id' class='delete' onclick=\"return confirm('" . sprintf(__("You are about to delete this post \'%s\'\\n  \'OK\' to delete, \'Cancel\' to stop."), wp_specialchars(get_the_title('', ''), 1) ) . "')\">" . __('Delete') . "</a>"; } ?></td>
 		<?php
 		break;
 

wp-admin/post.php

@@ -229,11 +229,6 @@ case 'edit':
 	if( 'private' == $postdata->post_status && $postdata->post_author != $user_ID )
 		die ( __('You are not allowed to view other users\' private posts.') );
 
-	if ( 'publish' == $post_status && (!user_can_create_post($user_ID)) ) {
-		 _e('You are not allowed to edit published posts.');
-		 break;
-	}
-
 	if ($post_status == 'static') {
 		$page_template = get_post_meta($post_ID, '_wp_page_template', true);
 		include('edit-page-form.php');