I assume A and B are plain folders, each of which has an acl_users folder within it? All you need to do is: 1. Define a method for your product called getFood. 2. Associate the desired permissions with getFood. 3. Create a product instance in admin called (say) "feeder" 4. Include "feeder" somewhere after A or B in the path of any URL that will need to resolve getFood() If your permissions scheme is set up correctly, this should do the trick. HTH, Dylan At 10:00 AM 1/9/2003, Matthew Russell wrote:

Hi all,

I have a product, "MyProduct", which has two methods getFood() , getWater which are both declared protected with permissions.

If I have strcuture of admin -- A --B

there is a user in A called joe, with the Role of LocalManager and a user in B called fred, witth the Role of Developer, and Michelle with the Role LocalManager

I would like only to add a product instance to admin, not to A or B, but also let joe,Michelle and fredcall getFood() and getWater() *as they are hungry and thirsty* -- only if they have permission.

can anyone tell me what i'd need to do to achieve this? I have this working by adding my product to A and B, but don;t fancy having thousands of objects being created when i only need one.

TIA, Matt Ps. I know I *could* do a lot with external methods, but they just don't cut it for me (in my partic' senario)

_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )