Index: openacs-4/packages/acs-subsite/www/permissions/one.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-subsite/www/permissions/one.tcl,v
diff -u -N -r1.2.2.3 -r1.2.2.4
--- openacs-4/packages/acs-subsite/www/permissions/one.tcl	1 May 2003 19:18:29 -0000	1.2.2.3
+++ openacs-4/packages/acs-subsite/www/permissions/one.tcl	2 Aug 2003 05:37:46 -0000	1.2.2.4
@@ -16,8 +16,22 @@
 set user_id [ad_maybe_redirect_for_registration]
 ad_require_permission $object_id admin
 
-set name [ad_quotehtml [db_string name {select acs_object.name(:object_id) from dual}]]
+#
+# RBM: Check if this is the Main Site and prevent the user from being
+#      able to remove Read permission on "The Public" and locking
+#      him/herself out.
+#
 
+set node_id [site_node::get_node_id_from_object_id -object_id $object_id]
+set ancestor [site_node::closest_ancestor_package -node_id $node_id]
+set extra_where_clause ""
+
+if {[empty_string_p $ancestor]} {
+	set extra_where_clause "AND grantee_id <> -1"
+}
+
+set name [ad_quotehtml [db_string name {}]]
+
 set context [list [list "./" "Permissions"] "Permissions for $name"]
 
 db_multirow inherited inherited_permissions { *SQL* } {