diff --git a/ChangeLog b/ChangeLog
index 53b0e1f36..7cefe4651 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,10 @@
 2007-06-01  Wolfgang Sourdeau  <wsourdeau@inverse.ca>
 
+	* SoObjects/SOGo/SOGoFolder.m ([SOGoFolder -aclsForUser:uid]): if
+	the user has the "ObjectReader" role on the parent container, then
+	he is granted the "ObjectViewer" role on this object. Same for
+	"ObjectEraser", although this might change later.
+
 	* UI/Scheduler/UIxComponentEditor.m ([UIxComponentEditor
 	-toolbar]): determine the toolbar filename based on the
 	permissions declared by the securitymanager. The role mechanism
diff --git a/SoObjects/SOGo/SOGoFolder.m b/SoObjects/SOGo/SOGoFolder.m
index 8b1e08cb5..6dc6f4f07 100644
--- a/SoObjects/SOGo/SOGoFolder.m
+++ b/SoObjects/SOGo/SOGoFolder.m
@@ -434,8 +434,27 @@ static NSString *defaultUserID = @"<default>";
 
 - (NSArray *) aclsForUser: (NSString *) uid
 {
-  return [self aclsForUser: uid
-               forObjectAtPath: [self pathArrayToSoObject]];
+  NSMutableArray *acls;
+  NSArray *ownAcls, *containerAcls;
+
+  acls = [NSMutableArray array];
+  ownAcls = [self aclsForUser: uid
+		  forObjectAtPath: [self pathArrayToSoObject]];
+  [acls addObjectsFromArray: ownAcls];
+  if ([container respondsToSelector: @selector (aclsForUser:)])
+    {
+      containerAcls = [container aclsForUser: uid];
+      if ([containerAcls count] > 0)
+	{
+	  if ([containerAcls containsObject: SOGoRole_ObjectReader])
+	    [acls addObject: SOGoRole_ObjectViewer];
+#warning this should be checked
+	  if ([containerAcls containsObject: SOGoRole_ObjectEraser])
+	    [acls addObject: SOGoRole_ObjectEraser];
+	}
+    }
+
+  return acls;
 }
 
 - (void) setRoles: (NSArray *) roles