Something I'd like to figure out when I have time is, why does the security machinery fail in such ways when the object is not owned by a valid user ? Florent
It finally dawned on me that all the skins and so on were owned by the now nonexistent admin in the sub-acl_users, and that this caused all those problems.
I re-added him. I probably could have "taken ownership" of all skins and CMF machinery from the admin at the root but I wanted to play it safe.
We had that kind of problem some time ago, just right before a product shipment. It drove us crazy. Maybe it should be documented somewhere. Or even better (though probably a little bit harder to do): When a user is deleted, there should be a warning if he still owns stuff. -- Florent Guillaume, Nuxeo (Paris, France) +33 1 40 33 79 10 http://nuxeo.com mailto:fg@nuxeo.com