Hi, I have a simple file library type page, and am tweeking it a bit so that anonymous users don't see all the file upload options etc. I'd like to hide the "add file" link from anonymous viewers. On the dtml method that shows a file upload form, I changed the "View" permission to "Authenticated" users. On the file library page, I wrapped a <dtml-if> around the code that makes the link to the upload page: <dtml-if "AUTHENTICATED_USER.has_permission('View', upload)"> <a href="upload">Upload</a> </dtml-if> However, for unauthenticated users, Zope gives the error that "upload" doesn't exist. So apparently, if a user can't View an object, they also can't call .has_permission('View' object). Am I missing something? To work around, I just used a <dtml-if upload>, dtml-if has nice behaviour when objects aren't found. I'm using Zope 2.5. Cheers, Tom Rockwell