diff -r 64143d458495 -r 8dce25da9d95 schemas/base.py
--- a/schemas/base.py	Fri Feb 26 17:39:33 2010 +0100
+++ b/schemas/base.py	Wed Mar 03 17:51:49 2010 +0100
@@ -10,9 +10,9 @@
 
 from yams.buildobjs import (EntityType, RelationType, SubjectRelation,
                             String, Datetime, Password)
-from cubicweb.schema import (RQLConstraint, WorkflowableEntityType,
-                             ERQLExpression, RRQLExpression)
-from cubicweb.schemas import META_ETYPE_PERMS, META_RTYPE_PERMS
+from cubicweb.schema import (
+    RQLConstraint, WorkflowableEntityType, ERQLExpression, RRQLExpression,
+    PUB_SYSTEM_ENTITY_PERMS, PUB_SYSTEM_REL_PERMS, PUB_SYSTEM_ATTR_PERMS)
 
 class CWUser(WorkflowableEntityType):
     """define a CubicWeb user"""
@@ -85,7 +85,7 @@
 
 class in_group(RelationType):
     """core relation indicating a user's groups"""
-    __permissions__ = META_RTYPE_PERMS
+    __permissions__ = PUB_SYSTEM_REL_PERMS
 
 class owned_by(RelationType):
     """core relation indicating owners of an entity. This relation
@@ -118,18 +118,21 @@
 
 class creation_date(RelationType):
     """creation time of an entity"""
+    __permissions__ = PUB_SYSTEM_ATTR_PERMS
     cardinality = '11'
     subject = '*'
     object = 'Datetime'
 
 class modification_date(RelationType):
     """latest modification time of an entity"""
+    __permissions__ = PUB_SYSTEM_ATTR_PERMS
     cardinality = '11'
     subject = '*'
     object = 'Datetime'
 
 class cwuri(RelationType):
     """internal entity uri"""
+    __permissions__ = PUB_SYSTEM_ATTR_PERMS
     cardinality = '11'
     subject = '*'
     object = 'String'
@@ -155,7 +158,7 @@
 class CWPermission(EntityType):
     """entity type that may be used to construct some advanced security configuration
     """
-    __permissions__ = META_ETYPE_PERMS
+    __permissions__ = PUB_SYSTEM_ENTITY_PERMS
 
     name = String(required=True, indexed=True, internationalizable=True, maxsize=100,
                   description=_('name or identifier of the permission'))
@@ -170,11 +173,11 @@
     """link a permission to the entity. This permission should be used in the
     security definition of the entity's type to be useful.
     """
-    __permissions__ = META_RTYPE_PERMS
+    __permissions__ = PUB_SYSTEM_REL_PERMS
 
 class require_group(RelationType):
     """used to grant a permission to a group"""
-    __permissions__ = META_RTYPE_PERMS
+    __permissions__ = PUB_SYSTEM_REL_PERMS
 
 
 class ExternalUri(EntityType):
@@ -209,6 +212,8 @@
 
     Also, checkout the AppObject.get_cache() method.
     """
+    # XXX only handle by hooks, shouldn't be readable/editable at all through
+    # the ui and so no permissions should be granted, no?
     __permissions__ = {
         'read':   ('managers', 'users', 'guests'),
         'add':    ('managers',),