In previous e-mails I've described a problem that I've been having with my management tabs. I have a subclass of Folder which is displaying the Contents tab even though the currently authenticated user shouldn't have access to it. If my folder defines it's own "manage_main" instead of inheriting it from ObjectManager, the Contents tab is not visible to users who shouldn't see it. After spending some time with the debugger, I found the following bit of information: If I inherit manage_main from ObjectManager, when the object representing manage_main is asked for its '__roles__', it answers a list of ['Manager', 'Publisher', 'Manager']. I don't exactly understand where this information comes from, and, more importantly, why it contains my 'Publisher' role. If I define manage_main in my Folder subclass, however, asking manage_main for its '__roles__' answers ['Manager']. This seems like the correct answer to me. I have the feeling that there is some key concept about Zope and/or Python that I'm not getting. Why does the inherited manage_main have different __roles__ than if I define it in my subclass? How would it have managed to pick up a role (Publisher) that hasn't been assigned to it (to the best of my knowledge)? Finally, can someone tell me where I can see how __roles__ is implemented? I can't seem to find it. Thanks. James W. Howe mailto:jwh@allencreek.com Allen Creek Software, Inc. pgpkey: http://ic.net/~jwh/pgpkey.html Ann Arbor, MI 48103