I'm having trouble with permissions and Python class instances that aren't part of the Zope permission mechanism. I'm creating plain Python class instances in the Python baseclass of a ZClass, and storing them in a list on the baseclass. The baseclass instantiates these instances and appends them to its list. The class is defined in the baseclass .py file. A method on the baseclass returns this list of instances, and I'm iterating over them in DTML and looking at their attributes - or trying to. I get an authorization prompt, which always gives me an auth error, even though the user can look at the ZClass that's returning the instances. I'm able to get around this by registering the plain Python class as a base class, subclassing them with a ZClass, and instantiating ZClass instances instead of baseclass instances. It seems like overkill, though (and I always thought that instantiating ZClasses in python was confusing). I don't need to expose methods or restrict access, just open the attributes to be used as DTML variables. Are there ways to do this without making full-fledged ZClasses out of my classes? Are there guidelines in general for using non-Zopish subobjects that get used by the publishing process? -- Karl Anderson kra@monkey.org http://www.pobox.com/~kra/