A few weeks back I floated my og user roles module idea on this list as instructed by CVS Admin. This module (http://drupal.org/node/87679) is designed to assign roles to OG group members that are specific to the groups they are in. The problem was that I had to patch the core user.module in order to get it to work. After a couple of suggestions, I decided to formulate a proposal for a Drupal hook. What I thought made the most sense was either a user_access hook or a $user->roles hook because what I wanted to do was add roles to the site wide roles returned by $user->roles. user_access (which returns permissions allowed according to roles) is called by node_access which is what determines access on a node/add. I recently proposed a $user->roles hook (http://drupal.org/node/143393), and someone pointed out that I could accomplish the same thing by using the existing hook_user "load" operation. They were right. I modified my module to add the appropriate roles to the user object using hook_user "load" and in testing, it appears that $user->roles now returns the OG group as well as the site wide roles when a user is in a group. However, on a group node add, for example, http://www.mysite.com/node/add/link?gids[]=29, my user gets an "Access denied" error. I wrote a little debug program that writes out the values returned by my hook_user "load" addition, and every time it's called it returns the correct values. node_access would be the access control for a group node add. I have examined the code closely, and this is the only code that would be executed on a node "create": // Can't use node_invoke(), because the access hook takes the $op parameter // before the $node parameter. $module = node_get_types('module', $node); if ($module == 'node') { $module = 'node_content'; // Avoid function name collisions. } $access = module_invoke($module, 'access', $op, $node); if (!is_null($access)) { return $access; } This code would then call "node_content_access" (hook_access for node), which would use "user_access" (thus calling global $user, thus invoking my modification) to determine access. So, I'm at a complete loss as to why I would get an "Access denied" error for a group role. I need some help! The only thing I have noticed which seems to give me a clue is that when I load the "devel" module and give users access, everything works. But, I can't figure out what the devel module is doing that would cause this. Any hint, clue or anything would be appreciated. Thanks! -ron -- Ron Parker Software Creations http://www.scbbs.com Self-Administration Web Site http://saw.scbbs.com SDSS Subscription Mgmt Service http://sdss.scbbs.com Central Ave Dance Ensemble http://www.centralavedance.com R & B Salsa http://www.randbsalsa.com