diff --git a/info.textgrid.middleware.tgauth.rbac/tgExtensions/Project.class.php b/info.textgrid.middleware.tgauth.rbac/tgExtensions/Project.class.php
new file mode 100755
index 0000000000000000000000000000000000000000..56844448e061514dd0def6f521ae53a79344ddcb
--- /dev/null
+++ b/info.textgrid.middleware.tgauth.rbac/tgExtensions/Project.class.php
@@ -0,0 +1,132 @@
+<?php
+// ####################################################################
+// Version: 0.2.0
+// Autor: Markus Widmer
+// Erstellungsdatum: 18.11.2007
+// Letzte Aenderung: 04.12.2007
+
+
+
+class Project extends RBACExtension {
+
+  // ## Klassenvariablen ##############################################
+  //private $rbac;
+  //private $conf;
+
+
+
+
+  // ## Konstruktor ###################################################
+  public function __construct( $inRBAC, $inRegistrar ) {
+
+    // Save the instances of RBAC and grab the configuration
+    // from it.
+    $this->rbac = $inRBAC;
+    $this->conf = $inRBAC->getConfiguration();
+
+
+    // Get the user- and role connections from the
+    // underlying RBAC-system
+    $this->conn['role'] = $inRBAC->getConnection( "role" );
+
+
+    // Let the extension do all the things
+    // we dont't want to do
+    parent::__construct( $inRBAC );
+
+
+  }
+
+
+
+  // ## registerEvents ################################################
+  public function registerEvents( RBAC $inRegistrar ) {
+
+    $inRegistrar->registerEventListener( "addAscendant", "write", $this, "upgradeToProject" );
+    $inRegistrar->registerEventListener( "addAscendant", "finished", $this, "createMissingProjectRoleTree" );
+
+  }
+
+
+
+
+  // ## upgradeToProject ##############################################
+  public function upgradeToProject( Context $inContext ) {
+
+    $arrParameter = $inContext->getParameters();  // The parameters the addRole-function got
+    $roleDn = $inContext->getValue( "dn" );
+
+
+    // Extract the name of the role from the role-DN
+    $roleName = preg_split( "/[,]/", $roleDn );
+    $roleName = preg_split( "/[=]/", $roleName[0] );
+    $roleName = $roleName[1];
+
+
+    // If the roleName contains a DN that is directly under
+    // the project-base-DN, then add the project-specific
+    // permissions and operations
+    if( preg_match( "/^rbacName=TGPR[0-9]+\s*,\s*" . $this->conf->getValue( "project", "base" ) . "/i", $roleDn ) ) {
+
+      $arrEntry = $inContext->getValue( "entry" );
+
+
+      $arrEntry['objectclass'][] = "TextGridProject";
+      $arrEntry['objectclass'][] = "rbacResource";
+      $arrEntry['tgprojectid'][] = $roleName;
+      $arrEntry['rbacoperation'][] = "create";
+      $arrEntry['rbacoperation'][] = "delegate";
+
+
+      $inContext->setValue( "entry", $arrEntry );
+
+    }
+
+
+    return $inContext;
+
+  }
+
+
+
+
+  // ## createMissingProjectRoleTree ##################################
+  public function createMissingProjectRoleTree( Context $inContext ) {
+
+    $arrParameter = $inContext->getParameters();      // The parameters the addRole-function got
+    $projectDn = $inContext->getValue( "dn" );        // The DN of the entry
+    $projectEntry = $inContext->getValue( "entry" );  // The entry itself
+
+
+    $file = fopen( "LOG/createMissingProjectRoleTree.debug", "a+" );
+    fwrite( $file, "\n/^\s*rbacName=TGPR[0-9]+\s*,\s*" . $this->conf->getValue( "project", "base" ) . "/i" . " ::: " . $projectDn . "\n" );
+    fclose( $file );
+
+
+    if( preg_match( "/^\s*rbacName=TGPR[0-9]+\s*,\s*" . $this->conf->getValue( "project", "base" ) . "/i", $projectDn ) ) {
+
+      $file = fopen( "LOG/createMissingProjectRoleTree.debug", "a+" );
+      fwrite( $file, "It is indeed a project!\n" );
+      fclose( $file );
+
+
+      // Create the other roles
+      $this->rbac->addAscendant( $this->conf->getValue( "project", "observerRoleName" ), $projectDn );
+      $this->rbac->addAscendant( $this->conf->getValue( "project", "editorRoleName" ), $projectDn );
+      $this->rbac->addAscendant( $this->conf->getValue( "project", "administratorRoleName" ), $projectDn );
+      $this->rbac->addAscendant( $this->conf->getValue( "project", "leaderRoleName" ), $projectDn );
+
+
+      // Add the default rights to the roles and the Project
+      $this->rbac->grantPermission( $projectEntry['rbacname'][0], "delegate", "rbacName=Projektleiter," . $projectDn );
+      $this->rbac->grantPermission( $projectEntry['rbacname'][0], "create", "rbacName=Bearbeiter," . $projectDn );
+
+    }
+
+
+    return $inContext;
+
+  }
+
+}
+?>