[Patch] Bad permissions model
|Reported by:||Jonathan S. Shapiro||Owned by:||Alec Thomas|
The AddComment macro has an insufficient permissions model. On some sites, comments are welcome, but only by authenticated users. Wouldn't it be appropriate to add COMMENT_CREATE, COMMENT_MODIFY, COMMENT_DELETE, COMMENT_ADMIN permissions and let the existing permissions mechanism be used to decide who can add comments?