you can do this type of thing via the method manage_setLocalRoles(self, userid, roles, REQUEST=none) you can check out the source in lib/python/AccessControl/Role.py but basically, if 'Manager' is in the roles list that you pass to the function, the user will have Manager access to that object. one catch is that whatever object that you have call 'manage_setLocalRoles' will need to have the correct permission to call it. I think it is the 'Manage Users' or 'Change Permissions' permission. This should only be an issue if you are trying to add the role programatically as opposed to manually. You can also set up a 'proxy role' on the object that is going to be calling manage_setLocalRoles--that way the user doesn't necessarily have to have 'Manager' role in order to invoke your call to 'manage_setLocalRoles'. I have created a product called 'ZLocalRolesManager' that I am thinking about cleaning up and releasing on zope.org. Its purpose is to provide an easy way for you to allow users to assign local roles on objects. The way it works is, you create an instance of it, and set a property called allowed_roles. allowed_roles has type 'lines' and contains a list of roles that you want it to allow the user to dole out. then you can set up a view in a zclass, or just set up a DTML method that calls the LocalRolesManager, and your users will have the ability to assign local roles. They will only be able to assign the specified roles, so you can prevent them from handing out 'Manager' roles, etc., if you choose. it's a very simple product but it has been very useful to me... if anyone is interested in it shoot me an e-mail, and that will encourage me to clean it up and post it on zope.org. :) chris On Tue, 2001-11-27 at 17:03, Keith Alperin wrote:

Greetings! I am relatively new to Zope, and have benefited greatly from following this mailing list. Currently, I have a Member product which (among other things) stores information about the members of my site. I am trying to figure out how to set the local role of a specific user to be the manager of a specific Member object (so that the user can manage their own Member object, but no others.) Unfortunately, I have not been able to find any information on how to do this from my product. Any assistance would be greatly appreciated.

Warmest Regards, Keith R. Alperin

_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )