Here is my scenario: I have a folder Acme in my portal (and many other companies' folders - see great ASCII art at the end of message ;). Only employees of Acme should be able to view Acme and all it's sub folders. So, I assign the View right to the User role in folder Acme. Now I must give all the employees of Acme the local role User to give them access to Acme's folder. So far, so good. Now I want users of the site to be able to pay a fee to get access to "special" resources. For instance, Johnny is given the local role User in the folder Acme (he is an employee), but also the global role, PaidUser as he paid for access to special resources. This should give him access to special resources in the public parts of the site AND special resources under Acme's folder. In the public parts (which is not a specific company's sub folder), I assign the View right to PaidUser in the public folder. I assign the View right to both User AND PaidUser in the special resources folder under Acme. My problem is that the folder will allow people with User role OR PaidUser role to view the folder, not people with User role AND PaidUser role. The only solution I see is the moment I upgrade Johnny from User to PaidUser, I must walk through the site and find all the folder where he has the local role User, then change that to PaidUser. This is quite a pain and doesn't feel like a great idea. Any better suggestions? Thanks Etienne ROOT ------ Acme ------ AcmeSpecial | | -----Public ------ Public Special | | -----Slacme ------- SlacmeSpecial Johnny is user on Acme, and PaidUser globally. I would like to mark AcmeSpecial's view right only for people with BOTH User AND SpecialUser, this doesn't seem possible in Zope's security model. PublicSpecial will only be marked as Viewable for PaidUser. So Johnny should be able to see: Acme, AcmeSpecial, Public, PublicSpecial, but not Slacme and SlacmeSpecial.