I'm doing a site that allows membership. When users sign up, I create a folder with an acl_users folder and a user for them. All the folder/user creation happens as an anonymous user, which should be ok 'cause the only way they can do these things is via my logic. Problem is, I'd also *like* to copy or clone a index_html page into the user's new folder. What I think I've found, however, is that pretty much all of the methods in OFS/CopySupport.py require "View management screens" permissions in order to do copy/clone operations. Delete operations, on the other hand, have their own permission setting. Does this make sense? I really don't want to have to turn on "View management screens" for anonymous users, and I don't think I should have to just to use copy/clone methods. IMHO the copy operations should have their own seperate permission as delete does. What do you think? As a completely seperate aside, it'd be nice if, when access fails due to permissions, Zope would report on just what sort of permission would be required in order to accomplish the operation in question. As it stands it's an easter egg hunt and it's not too fun.