diff -r e0c86caf5c48 -r 12a802ba5311 schemas/base.py
--- a/schemas/base.py	Thu Aug 04 12:50:58 2011 +0200
+++ b/schemas/base.py	Thu Aug 04 14:30:30 2011 +0200
@@ -42,10 +42,6 @@
     firstname = String(maxsize=64)
     surname   = String(maxsize=64)
     last_login_time  = Datetime(description=_('last connection date'))
-    # allowing an email to be the primary email of multiple entities is necessary for
-    # test at least :-/
-    primary_email = SubjectRelation('EmailAddress', cardinality='??',
-                                    description=_('email address to use for notification'))
     in_group = SubjectRelation('CWGroup', cardinality='+*',
                                constraints=[RQLConstraint('NOT O name "owners"')],
                                description=_('groups grant permissions to the user'))
@@ -71,6 +67,7 @@
 class use_email(RelationType):
     fulltext_container = 'subject'
 
+
 class use_email_relation(RelationDefinition):
     """user's email account"""
     name = "use_email"
@@ -84,9 +81,19 @@
     cardinality = '*?'
     composite = 'subject'
 
-class primary_email(RelationType):
-    """the prefered email"""
-    __permissions__ = use_email.__permissions__
+
+class primary_email(RelationDefinition):
+    """user's primary email"""
+    __permissions__ = {
+        'read':   ('managers', 'users', 'guests',),
+        'add':    ('managers', RRQLExpression('U has_update_permission S'),),
+        'delete': ('managers', RRQLExpression('U has_update_permission S'),),
+        }
+    subject = "CWUser"
+    object = "EmailAddress"
+    cardinality = '??'
+    constraints= [RQLConstraint('S use_email O')]
+
 
 class prefered_form(RelationType):
     __permissions__ = {