diff --git a/product/ERP5/Document/RoleDefinition.py b/product/ERP5/Document/RoleDefinition.py
index 0d181d9aea52123b2a3279ed6ef9a0f9bf707e97..42734efc58bde0a18a115b261a2a9cbcc09f6ed3 100644
--- a/product/ERP5/Document/RoleDefinition.py
+++ b/product/ERP5/Document/RoleDefinition.py
@@ -26,8 +26,11 @@
 ##############################################################################
 
 from AccessControl import ClassSecurityInfo
+from Acquisition import aq_parent
+from Acquisition import aq_inner
 from Products.CMFCore.utils import getToolByName
 from Products.CMFCore.WorkflowCore import WorkflowMethod
+
 from Products.ERP5Type import Permissions, PropertySheet, Constraint, Interface
 from Products.ERP5Type.XMLObject import XMLObject
 
@@ -48,4 +51,14 @@ class RoleDefinition(XMLObject):
                       , PropertySheet.CategoryCore
                       , PropertySheet.DublinCore
                       , PropertySheet.RoleDefinition
-                      )
\ No newline at end of file
+                      )
+
+    security.declareProtected(Permissions.ModifyPortalContent,
+                             'assignRoleToSecurityGroupOnParent')
+    def assignRoleToSecurityGroupOnParent(self, **kw):
+      """Assign roles to security group on the parent.
+
+      We redefine this method here, because we want the security check to be
+      performed on the role definition object itself, and not the parent. """
+      aq_parent(aq_inner(self)).assignRoleToSecurityGroup(**kw)
+