Hello,

OK - acquire_local_roles in disabled on Sale Invoice Transaction. For
new I'm using revision which is done before this feature, so my users
won't be able to operate on Sale Invoice Transactions.

Is it enough to create _same_ Roles as in Accounting Transaction Module
portal type, update security settings and reindex site to have same
results as in _before_ acquire_local_roles was disabled?

In my case it do not work. I've made _exactly_ same Roles as on
Accounting Transaction Module (all was working) and this happens:

* user has access to Sale Invoice Transaction objects create _before_
acquire_local_roles
* user has access to Sale Invoice Transaction objects created _after_
acquire_local_roles, by Manager (Base_viewSecurity shows all roles for
certain users correctly)
* users aren't able to create new Sale Invoice Transaction (even
those which has roles: Author, Auditor, Assignor, Assignee, Associate)

This is what I do have in last case:
Error Type: Unauthorized
Error Value: Your user account does not have the required permission.
Access to 'getSimulationState' of (Invoice
at /erp5/accounting_module/475) denied. Your user account, shufla,
exists at /erp5/acl_users. Access requires
Access_contents_information_Permission, granted to the following roles:
['Assignee', 'Assignor', 'Associate', 'Auditor', 'Author', 'Manager'].
Your roles in this context are ['Authenticated', 'Member', 'Owner'].

Some questions:
- is such case tested anywhere in unit tests (I wasn't able to find it)
- if not, shall I prepare such unit test (I'm unit testing it right
now, but test is Ventis specific and no Nexedish in its style)

I am pretty sure, that it is my failure...

Regards,
Luke