Thank you. Adapting your code, I also added getUserIdsWithPermission. Geoff from App.Common import aq_base def getUserIdsWithPermission(self, permission): "Get all userids having a permission." item=self dict={} while 1: if hasattr(aq_base(item), 'acl_users') and hasattr(item.acl_users, 'user_names'): for user in item.acl_users.getUsers(): if user.has_permission(permission, object=self): dict[user.getUserName()]=1 if not hasattr(item, 'aq_parent'): break item=item.aq_parent keys=dict.keys() keys.sort() return keys -----Original Message----- From: Shalabh Chaturvedi [mailto:shalabh@pspl.co.in] Sent: Thursday, June 15, 2000 5:43 AM To: Geoff Gardiner; Zope Mailing List Subject: Re: [Zope] getUsers cf. get_valid_userids question Hi: In an attempt to solve the very same problem (Get a list of all users with certain role) I created an external method. It walks up the acquisition path, at each level checking the existing acl_users (if it exists) for all users with the role. ....