diff --git a/sites/all/modules/taxonomy_access_control/tac.admin.php b/sites/all/modules/taxonomy_access_control/tac.admin.php
index a2c7c2fc0e8b18db8aab362a298e7a32b1961d4b..e997ca99b6e22fcc2d858b75edb66369d46b153a 100644
--- a/sites/all/modules/taxonomy_access_control/tac.admin.php
+++ b/sites/all/modules/taxonomy_access_control/tac.admin.php
@@ -47,10 +47,15 @@ function tac_admin($form, $form_state, $rid = NULL) {
       foreach (taxonomy_get_tree($vocabulary) as $term) {
         $subform['term_' . $term->tid] = array(
           '#title' => $term->name,
-          'view' => array(
-            '#parents'       => array('edit', $rid, $term->tid, 'view'),
+          'list' => array(
+            '#parents'       => array('edit', $rid, $term->tid, 'list'),
             '#type'          => 'checkbox',
-            '#default_value' => (isset($currentValues[$rid][$term->tid]->grant_view) ? $currentValues[$rid][$term->tid]->grant_view : 0),
+            '#default_value' => (isset($currentValues[$rid][$term->tid]->grant_list) ? $currentValues[$rid][$term->tid]->grant_list : 0),
+          ),
+          'create' => array(
+            '#parents'       => array('edit', $rid, $term->tid, 'create'),
+            '#type'          => 'checkbox',
+            '#default_value' => (isset($currentValues[$rid][$term->tid]->grant_create) ? $currentValues[$rid][$term->tid]->grant_create : 0),
           ),
           'update' => array(
             '#parents'       => array('edit', $rid, $term->tid, 'update'),
@@ -79,13 +84,14 @@ function tac_admin($form, $form_state, $rid = NULL) {
 function theme_tac_term_list($variables) {
   $form = $variables['form'];
   
-  $headers = array('Term', 'View', 'Update', 'Delete');
+  $headers = array('Term', 'List', 'Create', 'Update', 'Delete');
   $rows = array();
   foreach (element_children($form) as $key) {
     $rows[] = array(
       'data' => array(
         $form[$key]['#title'],
-        drupal_render($form[$key]['view']),
+        drupal_render($form[$key]['list']),
+        drupal_render($form[$key]['create']),
         drupal_render($form[$key]['update']),
         drupal_render($form[$key]['delete']),
       )
@@ -115,12 +121,12 @@ function tac_admin_submit($form, &$form_state) {
   }
   
 
-  $insert = db_insert('tac_map')->fields(array('rid', 'tid', 'grant_view', 'grant_update', 'grant_delete'));
+  $insert = db_insert('tac_map')->fields(array('rid', 'tid', 'grant_list', 'grant_create', 'grant_update', 'grant_delete'));
   
   foreach ($form_state['values']['edit'] as $rid => $terms) {
     foreach ($terms as $tid => $grants) {
       $insert->values(array(
-        $rid, $tid, $grants['view'], $grants['update'], $grants['delete'],
+        $rid, $tid, $grants['list'], $grants['create'], $grants['update'], $grants['delete'],
       ));
     }
   }
diff --git a/sites/all/modules/taxonomy_access_control/tac.install b/sites/all/modules/taxonomy_access_control/tac.install
index 3aa690423cb24ee38f2e5bcda5916db89dcbb452..e9a503dbdb13bbad538da4448a7a443475228a92 100644
--- a/sites/all/modules/taxonomy_access_control/tac.install
+++ b/sites/all/modules/taxonomy_access_control/tac.install
@@ -45,6 +45,22 @@ function tac_schema()
         'default' => 0,
         'size' => 'tiny',
       ),
+      'grant_create' => array(
+        'description' => 'Boolean indicating whether a user with the realm/grant pair can create this term on a node.',
+        'type' => 'int',
+        'unsigned' => TRUE,
+        'not null' => TRUE,
+        'default' => 0,
+        'size' => 'tiny',
+      ),
+      'grant_list' => array(
+        'description' => 'Boolean indicating whether a user with the realm/grant pair can list this term.',
+        'type' => 'int',
+        'unsigned' => TRUE,
+        'not null' => TRUE,
+        'default' => 0,
+        'size' => 'tiny',
+      ),
     ),
     'primary key' => array('rid', 'tid'),
     'foreign keys' => array(
@@ -122,6 +138,25 @@ function tac_update_7100()
   db_create_table('tac_map', $table);
 }
 
+function tac_update_7101() {
+  db_add_field('tac_map', 'grant_create', array(
+    'description' => 'Boolean indicating whether a user with the realm/grant pair can create this term on a node.',
+    'type' => 'int',
+    'unsigned' => TRUE,
+    'not null' => TRUE,
+    'default' => 0,
+    'size' => 'tiny',
+  ));
+  
+  db_add_field('tac_map', 'grant_list', array(
+    'description' => 'Boolean indicating whether a user with the realm/grant pair can list this term.',
+    'type' => 'int',
+    'unsigned' => TRUE,
+    'not null' => TRUE,
+    'default' => 0,
+    'size' => 'tiny',
+  ));
+}
 
 
 
diff --git a/sites/all/modules/taxonomy_access_control/tac.module b/sites/all/modules/taxonomy_access_control/tac.module
index a8f7405032342aba0a92e7d92fcfbb410c065170..dc7c39cef0ca73d659e6c61f85d009d4877c44b8 100644
--- a/sites/all/modules/taxonomy_access_control/tac.module
+++ b/sites/all/modules/taxonomy_access_control/tac.module
@@ -103,3 +103,80 @@ function tac_node_grants($account, $op) {
   
   return $grants;
 }
+
+function tac_form_alter(&$form, &$form_state, $form_id) {
+  if (substr($form_id, -10) == '_node_form') {
+    
+    // If the current user can bypass node access controls, we don't need to filter anything
+    if (user_access('bypass node access')) {
+      return;
+    }
+    
+    $tac_vid = variable_get('tac_vocabulary', -1);
+    $taxonomy_fields = array();
+    
+    $fields = field_info_instances('node', $form['#node']->type);
+    foreach ($fields as $field) {
+      $fieldInfo = field_info_field($field['field_name']);
+      if ($fieldInfo['type'] != 'taxonomy_term_reference') {
+        continue;
+      }
+      $taxonomy_fields[] = $field['field_name'];
+    }
+    
+    $query = db_select('tac_map', 'm');
+    $query->fields('m');
+    $query->condition('m.rid', array_keys($GLOBALS['user']->roles), 'IN');
+    $data = $query->execute()->fetchAll();
+    
+    $grants = array();
+    foreach ($data as $row) {
+      if ($row->grant_create) {
+        $grants[$row->tid]['create'] = TRUE;
+      }
+      if ($row->grant_list) {
+        $grants[$row->tid]['list'] = TRUE;
+      }
+    }
+    
+    $form['#validate'][] = 'tac_node_form_validate';
+    foreach ($taxonomy_fields as $field) {
+      if ($form[$field]['und']['#type'] == 'checkboxes') {
+        foreach ($form[$field]['und']['#options'] as $tid => $term) {
+          if (!isset($grants[$tid]['list']) || !$grants[$tid]['list']) {
+            $form[$field]['und'][$tid]['#type'] = 'hidden';
+            $form_state['storage']['tac'][$field][$tid] = $tid;
+          }
+          if (!isset($grants[$tid]['create']) || !$grants[$tid]['create']) {
+            $form[$field]['und'][$tid]['#disabled'] = 'TRUE';
+            $form_state['storage']['tac'][$field][$tid] = $tid;
+          }
+        }
+      }
+    }
+  }
+}
+
+function tac_node_form_validate($form, &$form_state) {
+  foreach ($form_state['storage']['tac'] as $field => $locked_terms) {
+    $default_terms = $form[$field]['und']['#default_value'];
+    
+    $set_terms = array();
+    foreach ($form_state['values'][$field]['und'] as $key => $term_value) {
+      $set_terms[$key] = $term_value['tid'];
+    }
+    
+    foreach ($locked_terms as $locked_term) {
+      if (in_array($locked_term, $default_terms) && !in_array($locked_term, $set_terms)) {
+        $form_state['values'][$field]['und'][] = array(
+          'tid' => $locked_term,
+        );
+      }
+      if (!in_array($locked_term, $default_terms) && in_array($locked_term, $set_terms)) {
+        form_set_error('tac', 'Attempt to add a denied term detected.');
+        return FALSE;
+      }
+    }
+  }
+}
+