--- a/src/pyams_security/security.py	Mon Apr 20 09:51:14 2015 +0200
+++ b/src/pyams_security/security.py	Mon Apr 20 09:51:46 2015 +0200
@@ -41,8 +41,8 @@
     """Base class for object protected by roles"""
 
     inherit_parent_security = FieldProperty(IRoleProtectedObject['inherit_parent_security'])
-    _everyone_permission = FieldProperty(IRoleProtectedObject['everyone_permission'])
-    _authenticated_permission = FieldProperty(IRoleProtectedObject['authenticated_permission'])
+    _everyone_permissions = FieldProperty(IRoleProtectedObject['everyone_permissions'])
+    _authenticated_permissions = FieldProperty(IRoleProtectedObject['authenticated_permissions'])
     inherit_parent_roles = FieldProperty(IRoleProtectedObject['inherit_parent_roles'])
 
     def __init__(self):
@@ -50,40 +50,40 @@
         self._roles_by_principal = PersistentDict()
 
     @property
-    def everyone_permission(self):
-        permission = self._everyone_permission
-        if permission is None and self.inherit_parent_security:
+    def everyone_permissions(self):
+        permissions = self._everyone_permissions
+        if (not permissions) and self.inherit_parent_security:
             for parent in lineage(self):
                 if parent in (self, self.__parent__):
                     continue
                 protection = IProtectedObject(parent, None)
                 if protection is not None:
-                    permission = protection.everyone_permission
-                if permission is not None:
+                    permissions = protection.everyone_permissions
+                if permissions:
                     break
-        return permission
+        return permissions
 
-    @everyone_permission.setter
-    def everyone_permission(self, value):
-        self._everyone_permission = value
+    @everyone_permissions.setter
+    def everyone_permissions(self, value):
+        self._everyone_permissions = value
 
     @property
-    def authenticated_permission(self):
-        permission = self._authenticated_permission
-        if permission is None and self.inherit_parent_security:
+    def authenticated_permissions(self):
+        permissions = self._authenticated_permissions
+        if (not permissions) and self.inherit_parent_security:
             for parent in lineage(self):
                 if parent in (self, self.__parent__):
                     continue
                 protection = IProtectedObject(parent, None)
                 if protection is not None:
-                    permission = protection.authenticated_permission
-                if permission is not None:
+                    permissions = protection.authenticated_permissions
+                if permissions:
                     break
-        return permission
+        return permissions
 
-    @authenticated_permission.setter
-    def authenticated_permission(self, value):
-        self._authenticated_permission = value
+    @authenticated_permissions.setter
+    def authenticated_permissions(self, value):
+        self._authenticated_permissions = value
 
     def grant_role(self, role_id, principal_ids):
         registry = check_request().registry
@@ -150,10 +150,10 @@
         # always grant all permissions to system manager
         result = [(Allow, 'system:admin', ALL_PERMISSIONS)]
         # grant permission to everyone and authenticated
-        if self.everyone_permission:
-            result.append((Allow, Everyone, self.everyone_permission))
-        if self.authenticated_permission:
-            result.append((Allow, Authenticated, self.authenticated_permission))
+        if self.everyone_permissions:
+            result.append((Allow, Everyone, self.everyone_permissions))
+        if self.authenticated_permissions:
+            result.append((Allow, Authenticated, self.authenticated_permissions))
         # grant access to all roles permissions
         for role_id in self._principals_by_role.keys():
             role = query_utility(IRole, role_id)