Hi, I have encountered a problem with proxy roles with my product GuardedFile. A GuardedFile is a File that is accessible by proxy only. When a GuardedFile is created, all acquired permissions are unset and a proxy role is created in its container with the sole permission 'view'. In all other aspects a GuardedFile behaves like a File. Typically, the GuardedFile creator next creates a DTML method and assigns to it the associated proxy role. Anonymous and other users access the GuardedFile via the DTML method. I've discovered a problem with the product setup: Suppose user 'ngps' exists in the top-level user folder, and has the default roles 'owner' and 'manager'. 1. ngps creates a folder called 'junk' somewhere within Zope. 2. ngps switches to the folder 'junk'. 3. ngps creates a GuardedFile 'agf'. A proxy role 'proxy_for_agf' is automatically created in 'junk'. 4. ngps creates a DTML method 'view_agf' to access 'agf'. When ngps tries to assign the role 'proxy_for_agf' to 'view_agf', the following error is generated: (Slightly reformatted for readability.) You are not authorized to change 'view_agf' because you do not have proxy roles. Traceback (innermost last): File C:\pkg\Zope220b3\lib\python\ZPublisher\Publish.py, line 222, in publish_module File C:\pkg\Zope220b3\lib\python\ZPublisher\Publish.py, line 187, in publish File C:\pkg\Zope220b3\lib\python\Zope\__init__.py, line 221, in zpublisher_exception_hook (Object: view_agf) File C:\pkg\Zope220b3\lib\python\ZPublisher\Publish.py, line 171, in publish File C:\pkg\Zope220b3\lib\python\ZPublisher\mapply.py, line 160, in mapply (Object: manage_proxy) File C:\pkg\Zope220b3\lib\python\ZPublisher\Publish.py, line 112, in call_object (Object: manage_proxy) File C:\pkg\Zope220b3\lib\python\OFS\DTMLMethod.py, line 273, in manage_proxy (Object: view_agf) File C:\pkg\Zope220b3\lib\python\OFS\DTMLMethod.py, line 266, in _validateProxy (Object: view_agf) Forbidden: (see above) The following works around this: 1. ngps creates a user folder in 'junk'. 2. ngps adds a user in 'junk' called 'user2', with roles 'owner', 'manager' and 'proxy_for_agf'. 3. Login as 'user2'; 'user2' is now able to assign the role 'proxy_for_agf' to the above-mentioned DTML method 'view_agf'. This proxy role handling seems unwieldy, in that 'ngps' cannot assign the proxy role but can create another user 'user2' that _can_ assign said proxy role. Is this a bug or a feature? Cheers. -- Ng Pheng Siong <ngps@post1.com> * http://www.post1.com/home/ngps