I am trying to implement a mechanism to let managers edit content on a site that I am building. I have the following statement on various pages to add certain functionality to pages based on the Authenticated-users's roles: <dtml-if "AUTHENTICATED_USER.has_role(['Manager'])"> blah blah (e.g. display an edit or delete button) </dtml-if> I am currently authenticating by a login link in the standard_html_header to a DTML document that opens in a new window and can only be viewed by a Manager (I edited the security setting for this particular object so that only managers could view it). If the manager logs in correctly, a javascript closes the login window, and reloads the original page to presumably now include the editing and deleting buttons on my content....but it doesn't work. Can anyone explain to me why if the authenticated user logs in to view a particular object, then why the above snippet of code doesn't return true in other objects within the same hierachy? thanks in advance, (I suspect I am not 'grokking' something here....heh) Darcy -- --------------------------------------------------- Ph: (734) 764 3377 Email: darcyc@engin.umich.edu URL: http://www-personal.engin.umich.edu/~darcyc/ --------------------------------------------------- 'If you're not part of the solution, you're part of the precipitate' ..... Steven Wright