OK, here's a quick note about what I learned today. Perhaps this will help some googler some day. The root problem I set out to fix was that I could not create a new issue via a ZWiki issue tracker when logged in as a regular Member; it would always result in Insufficient Privileges. This even though I could create new wiki pages in the same wiki instance/folder. I eventually figured out on another Zope/Plone instance that granting the 'ZWiki: Add pages' permission to Owner allows the createNextIssue() method called from the issuetrackerdtml DTML method to run. But that didn't work on the problematic instance, apparently because that DTML method was owned by 'admin', the Zope superuser. And *that* happened because the Plone site was imported by someone (not me -- honest) logged in as admin who chose to take ownership during the import. So I logged in to the ZMI as a non-admin Manager user and tried to take ownership of the portal_skins folder (and all content below it). That resulted in Insufficient Privileges too. The error_log entry had this: Unauthorized: manage_takeOwnership was called from an invalid context That method requires the HTTP_REFERER value from the request to do its work. (Why? Is that really to be trusted?) I typically access sites via a proxy (junkbuster) that removes the HTTP_REFERER header and so I was hosed. After bypassing that proxy I was able to take ownership of portal_skins from the non-admin Manager account. And with that done I was finally able to create a ZWiki issue-tracker item when logged in as a regular Member. Q.E.D. -- Fred Yankowski fred@ontosys.com tel: +1.630.879.1312 OntoSys, Inc PGP keyID: 7B449345 www.ontosys.com 38W242 Deerpath Rd, Batavia, IL 60510-9461, USA