Hello, while trying to implement a Zope product encountered the following problem: I think I understand the concepts of both users and roles, roles being a set of permissions. In this connection groups (as in Unix) are implemented just by putting the Zope user folders in the right place. When I want to have a more centralized user administration I'd need something like a group attribute for it, so I could give certain roles (in principle I'd just need an editor role) dependent on the user belonging to a certain group. AFAIK none of the products USerDB, GUF oder etcUserFolder provides hooks for this. Where is a good place to start with an implementation and what implications would it have with the Zope security model? thanks for any hints oliver