I've read comments from others whereby they've reluctantly been obliged to give users a certain role in order for some products to work, due to a hasRole() call in the product. But why do products call hasRole()? I would have thought that for most cases the proper thing to do was to test for the user having the necessary *permission*; that is, the product shouldn't test for the user having the 'Editor' role, but for having the 'Edit' permission (roles just being a means to simplify the allocation of permissions to users). Or have I missed something? Hamish Lawson ____________________________________________________________ Do You Yahoo!? Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk or your free @yahoo.ie address at http://mail.yahoo.ie