Hi everyone, Yesterday I finally unveiled the first semi-cool version of the Zope-powered site at my school district. Everyone is invited to check it out at at http://www.isd197.k12.mn.us/. At this point there are three major features that really use Zope. 1. A ZClass that we use to create news articles (a la Slashdot) for display on the homepage. (We decided not to use Squishdot for a couple reasons.) 2. The PostgreSQL-driven alumni database. 3. Dynamic news headlines using Site Summary. My student and I learned a ton working on it and we hope to really expand the features of the site over the next few months. The question: We have created a role called 'NewsPoster' that should be able to post news articles for publication and basically have no other privileges. I'm having a terrible time trying to tweak the permissions so this person can log in, let alone post articles. What should be checked on the security page? Obviously the person needs 'Add News Articles' (our ZClass), but anything else beyone what 'Anonymous' has? If you visit the site, you'll see the 'Submit news' link on the left. Maybe I'm using the wrong URL to add the article. I've got: <a href="/school_news/articles/manage_addProduct/NewsProduct/NewsArticle_factory/">Submit news</a> The /school_news/articles/ directory is where all the instances are stored. The default behavior of NewsArticle_factory is to add an instance. I'm stumped. Any ideas? -Tim -- Timothy Wilson | "The faster you | Check out: Henry Sibley H.S. | go, the shorter | http://slashdot.org/ W. St. Paul, MN, USA | you are." | http://linux.com/ wilson@visi.com | -Einstein | http://www.mn-linux.org/