diff -r d4fbfc6a7662 roundup/security.py
--- a/roundup/security.py	Tue Oct 01 23:52:04 2024 -0400
+++ b/roundup/security.py	Wed Oct 16 23:32:37 2024 -0400
@@ -278,17 +278,25 @@
            Permission.test() method.
 
         '''
+        perm_checks = 0
+        role_checks = 0
+
         if itemid and classname is None:
             raise ValueError('classname must accompany itemid')
         for rolename in self.db.user.get_roles(userid):
+            role_checks += 1
             if not rolename or (rolename not in self.role):
                 continue
             # for each of the user's Roles, check the permissions
             for perm in self.role[rolename].permissions:
+                perm_checks += 1
                 # permission match?
                 if perm.test(self.db, permission, classname, property,
                              userid, itemid):
+                    logger.debug("hasPermission: (%s, %s, %s, %s, %s) (%s, %s) %s", permission, userid, classname, property, itemid, role_checks, perm_checks, "allow")
+
                     return 1
+        logger.debug("hasPermission: (%s, %s, %s, %s, %s) (%s, %s) %s", permission, userid, classname, property, itemid, role_checks, perm_checks, "deny")
         return 0
 
     def roleHasSearchPermission(self, classname, property, *rolenames):