Hi all, I've just finished coding a new permissions system for the site. I have created 4 roles: clerk medicalstudent doctor admin and 4 users to test those roles (username and password are identical): clerk student doctor admin The users are already associated with their roles, but I haven't finished assigning permissions yet. The list of possible permissions are: managepatients - create, view, and edit patient data messaging assesscase viewowncases takeexam assessvirtualcase viewkb feedbackexams feedbackcases viewallcases manageexams manageusers managekb managepermissions Hopefully the names are self-explanatory, but I will add descriptions into the permissions table of the database. To use these permissions you use: $this->usermodel->checkUserPermissions($user,$permission) Where $user is the username of the current user (you can use $this-usermodel-getCurrentUser() to get this) And $permission is the name of the permission (from the list above) you wish to check for. If the user has that permission it will return true, otherwise it will return false. You can use this in an if statement to prevent users accessing operations in the vths that certain roles shouldn't be able to access (e.g. only doctors should be able to view all cases, only admins can manage users, all roles can use messaging and manage patients, and all roles except clerk can assess cases) Any problems, just let me know, Chris