Add custom permission to object programmatically

Hi everyone,

is it possible to simply add a custom permission to an object programmatically?
Or do I have to hack it into __ac_permissions__?

Thanks in advance

I ended now up using this solution:

def manage_permission(obj, permission, roles, acquire=0):
    """Manage the permission of an object
       or adds the permission on the fly when it is not found.
        obj.manage_permission(permission, roles=roles, acquire=acquire)
    except ValueError:
        # NOTE: There seems to be no API to programmatically add an unmanaged
        #       permission to an object, so that the only way that worked is the
        #       one below...
        perms = list(obj.__ac_permissions__)
        entry = (permission, tuple())
        obj.__ac_permissions__ = perms
        obj.manage_permission(permission, roles=roles, acquire=acquire)

I would be grateful if someone shows me a more elegant way to solve this.

>>> from zope.component.hooks import setSite
>>> setSite(site)
>>> from import IPermission
>>> from import Permission
>>> x = Permission('x')
>>> from import Permission
>>> x = Permission('x')
>>> from zope.component import provideUtility
>>> provideUtility(x, IPermission, 'x')
>>> site.manage_permission('x', roles=['Member'], acquire=False)
Traceback (most recent call last):
  File "<console>", line 1, in <module>
  File "<string>", line 8, in manage_permission
  File "/home/casa/yuri/plone6/es6/buildout.coredev/plips/eggs/AccessControl-5.2-py3.9-linux-x86_64.egg/AccessControl/", line 89, in _curried
    return callable(*args, **kw)
  File "/home/casa/yuri/plone6/es6/buildout.coredev/src/Zope/src/OFS/", line 98, in manage_permission
  File "/home/casa/yuri/plone6/es6/buildout.coredev/plips/eggs/AccessControl-5.2-py3.9-linux-x86_64.egg/AccessControl/", line 222, in manage_permission
    raise ValueError(
ValueError: The permission <em>x</em> is invalid.
>>> from AccessControl.Permission import addPermission
>>> addPermission('x')
>>> site.manage_permission('x', roles=['Member'], acquire=False)
>>> allp = site.ac_inherited_permissions(1)
>>> for perm in sorted(allp):
...  print(perm)

('plone.restapi: Use REST API', (), ('Manager',))
('x', (), ('Manager',))

I've found this way, but still don't understand why 'x' is not added to the 'Member' role. I'm missing the glue between and AccessControl.Permission.Permission.