...perhaps not the only thing I don't get but.. Hi to all, I have a folder that should be 'operated' only by a certain group of users so I created a local role and then activated the 'Access contents information' permission only for this role (and for manager, just in case). Now I would like to test with a python script if the folder is accessible to the current user, to build dynamically a menu so I tried this script based on the one in the chapter 'Users and Security' of the Zope Book: ################################################################# ## Script (Python) "check" ##bind container=container ##bind context=context ##bind namespace= ##bind script=script ##bind subpath=traverse_subpath ##parameters= ##title= ## # Import a standard function, and get the HTML request and response objects. from Products.PythonScripts.standard import html_quote request = container.REQUEST RESPONSE = request.RESPONSE from AccessControl import getSecurityManager sec_mgr = getSecurityManager() return sec_mgr.checkPermission('Access contents information', context.restrictedTraverse('/path/to/folder')) ################################################################## It doesn't work the way I hope, It ask me to authenticate claiming that I'm not allowed to access the object. I suppose this is the correct behavior, probably I miss something that is in front of my eyes, but a this point I really need a little help... please thanks massimo p.s. yes, I'm a zope beginner