In a method of a (python) product, I need to select the objects (eg in a Folder) for which a visitor (REQUEST.AUTHENTICATED_USER) has a given permission (eg 'Access contents information'). I tried the following scheme: obj = the_item_to_be_tested if REQUEST.AUTHENTICATED_USER.hasRole( obj, ['Access contents information'])): # add obj to result list But hasRole() always returns None... I then tried to use the method getRoles(). The documentation (in Products/OFSP/help/AuthenticatedUser.py) says: def getRoles(object): """ Returns a list of the roles the user has on the given object (in the current context?) Permission -- Always available """ but when I try: REQUEST.AUTHENTICATED_USER.getRoles(obj) I get a TypeError. Strangely, I observed that without arguments, REQUEST.AUTHENTICATED_USER.getRoles() returns: ('Anonymous',) (for a request from 'Anoymous User'). So I need help from a Zope guru ! Emmanuel