I have made two products, one news-product and one product for pressreleases. The products are exactly equal except that they have a bit different properties. All the code for processing these two products are equal (except then for the handling of their different properties). Everything works fine except when I want to update the properties of an object. For news this works perfectly but for pressreleases this doesnt work. I am completely puzzled because the code for doing this is the same for both of them. Here is how it looks: For news: <dtml-with "newsEntries"> <dtml-if "_.getitem(objId,0).approved == 0"> <dtml-call "REQUEST.set('approved', 1)"> <dtml-call "_[objId].propertysheets[1].manage_editProperties(REQUEST)"> <dtml-call "RESPONSE.redirect('approveNews')"> <dtml-else> <dtml-call "REQUEST.set('approved', 1)"> <dtml-call "_[objId].propertysheets[1].manage_editProperties(REQUEST)"> <dtml-call "RESPONSE.redirect('administerNews')"> </dtml-if> </dtml-with> For pressreleases: <dtml-with "pressEntries"> <dtml-call "_[objId].propertysheets[1].manage_editProperties(REQUEST)"> <dtml-call "RESPONSE.redirect('administerPress')"> </dtml-with> So the updating of both of the products are done by <dtml-call "_[objId].propertysheets[1].manage_editProperties(REQUEST)"> but when I try to update pressreleases is says I am unauthorized. However I am pretty sure this is not the problem. I cant set any proxy rules for the products, I am the manager and manager has got all permissions on those objects. I am still unauthorized when I try to login as superuser. I have been told I am unauthorized before when I in fact has tried to call the objects wrong so thats why I dont think this is a security-problem. Does any1 have a clue of what is wrong here? How can the same code work in one method and not in another? I am running 2.2 final. This is the traceback I get: Traceback (innermost last): File /usr/local/new.test.version.of.zope.DO.NOT.REMOVE/lib/python/ZPublisher/Publish.py, line 222, in publish_module File /usr/local/new.test.version.of.zope.DO.NOT.REMOVE/lib/python/ZPublisher/Publish.py, line 187, in publish File /usr/local/new.test.version.of.zope.DO.NOT.REMOVE/lib/python/ZPublisher/Publish.py, line 171, in publish File /usr/local/new.test.version.of.zope.DO.NOT.REMOVE/lib/python/ZPublisher/mapply.py, line 160, in mapply (Object: handleAdministration) File /usr/local/new.test.version.of.zope.DO.NOT.REMOVE/lib/python/ZPublisher/Publish.py, line 112, in call_object (Object: handleAdministration) File /usr/local/new.test.version.of.zope.DO.NOT.REMOVE/lib/python/OFS/DTMLMethod.py, line 167, in __call__ (Object: handleAdministration) File /usr/local/new.test.version.of.zope.DO.NOT.REMOVE/lib/python/DocumentTemplate/DT_String.py, line 502, in __call__ (Object: handleAdministration) File /usr/local/new.test.version.of.zope.DO.NOT.REMOVE/lib/python/DocumentTemplate/DT_With.py, line 146, in render (Object: pressEntries) File /usr/local/zope/lib/python/DocumentTemplate/DT_Util.py, line 342, in eval (Object: _[objId].propertysheets[1].manage_editProperties(REQUEST)) (Info: REQUEST) File <string>, line 0, in ? File /usr/local/zope/lib/python/DocumentTemplate/DT_Util.py, line 168, in careful_getitem File /usr/local/new.test.version.of.zope.DO.NOT.REMOVE/lib/python/OFS/DTMLMethod.py, line 189, in validate (Object: handleAdministration) File /usr/local/new.test.version.of.zope.DO.NOT.REMOVE/lib/python/AccessControl/SecurityManager.py, line 139, in validate File /usr/local/new.test.version.of.zope.DO.NOT.REMOVE/lib/python/AccessControl/ZopeSecurityPolicy.py, line 159, in validate Unauthorized: webdav Since I am completely puzzled of what the issue could be here I would really appreciate if someone could solve this for me. Thanks.