diff --git a/bt5/erp5_payroll/ModuleTemplateItem/payroll_service_module.xml b/bt5/erp5_payroll/ModuleTemplateItem/payroll_service_module.xml
index 005a8d0fd1b6669cdd5958c73242a457f500255b..a5b4a2d81efad6a932a285bf35f00ee79eeb816a 100644
--- a/bt5/erp5_payroll/ModuleTemplateItem/payroll_service_module.xml
+++ b/bt5/erp5_payroll/ModuleTemplateItem/payroll_service_module.xml
@@ -40,9 +40,6 @@
    <role>Author</role>
    <role>Manager</role>
   </permission>
-  <permission type='list'>
-   <name>AccessContentsInformation</name>
-  </permission>
   <permission type='tuple'>
    <name>Add Accelerated HTTP Cache Managers</name>
    <role>Manager</role>
@@ -211,6 +208,10 @@
    <name>Add Formulator Forms</name>
    <role>Manager</role>
   </permission>
+  <permission type='tuple'>
+   <name>Add Local File Systems</name>
+   <role>Manager</role>
+  </permission>
   <permission type='tuple'>
    <name>Add LocalContents</name>
    <role>Manager</role>
@@ -231,6 +232,10 @@
    <name>Add MessageCatalogs</name>
    <role>Manager</role>
   </permission>
+  <permission type='tuple'>
+   <name>Add MimetypesRegistry Tools</name>
+   <role>Manager</role>
+  </permission>
   <permission type='tuple'>
    <name>Add Page Templates</name>
    <role>Manager</role>
@@ -243,6 +248,10 @@
    <name>Add Plugin Registrys</name>
    <role>Manager</role>
   </permission>
+  <permission type='tuple'>
+   <name>Add PortalTransforms Tools</name>
+   <role>Manager</role>
+  </permission>
   <permission type='tuple'>
    <name>Add Python Scripts</name>
    <role>Manager</role>
@@ -291,8 +300,9 @@
    <name>Add Z MySQL Database Connections</name>
    <role>Manager</role>
   </permission>
-  <permission type='list'>
+  <permission type='tuple'>
    <name>Add Z MySQL Deferred Database Connections</name>
+   <role>Manager</role>
   </permission>
   <permission type='tuple'>
    <name>Add ZCatalogs</name>
@@ -378,6 +388,10 @@
    <name>Change Images and Files</name>
    <role>Manager</role>
   </permission>
+  <permission type='tuple'>
+   <name>Change Local File System properties</name>
+   <role>Manager</role>
+  </permission>
   <permission type='tuple'>
    <name>Change Lock Information</name>
    <role>Manager</role>
@@ -445,6 +459,11 @@
   </permission>
   <permission type='tuple'>
    <name>Copy or Move</name>
+   <role>Assignee</role>
+   <role>Assignor</role>
+   <role>Associate</role>
+   <role>Auditor</role>
+   <role>Author</role>
    <role>Manager</role>
   </permission>
   <permission type='tuple'>
@@ -459,6 +478,10 @@
    <name>Define permissions</name>
    <role>Manager</role>
   </permission>
+  <permission type='tuple'>
+   <name>Delete local files</name>
+   <role>Manager</role>
+  </permission>
   <permission type='tuple'>
    <name>Delete objects</name>
    <role>Assignor</role>
@@ -529,8 +552,9 @@
    <name>Manage Groups</name>
    <role>Manager</role>
   </permission>
-  <permission type='list'>
+  <permission type='tuple'>
    <name>Manage Selenium test cases</name>
+   <role>Manager</role>
   </permission>
   <permission type='tuple'>
    <name>Manage Transient Object Container</name>
@@ -556,13 +580,14 @@
    <name>Manage ZCatalogIndex Entries</name>
    <role>Manager</role>
   </permission>
-  <permission type='list'>
-   <name>Manage extensions</name>
-  </permission>
   <permission type='tuple'>
    <name>Manage languages</name>
    <role>Manager</role>
   </permission>
+  <permission type='tuple'>
+   <name>Manage local files</name>
+   <role>Manager</role>
+  </permission>
   <permission type='tuple'>
    <name>Manage messages</name>
    <role>Manager</role>
@@ -596,6 +621,10 @@
    <name>Open/Close Database Connections</name>
    <role>Manager</role>
   </permission>
+  <permission type='tuple'>
+   <name>Overwrite local files</name>
+   <role>Manager</role>
+  </permission>
   <permission type='tuple'>
    <name>Post mail to ZMailIn</name>
    <role>Manager</role>
@@ -652,6 +681,10 @@
    <name>Undo changes</name>
    <role>Manager</role>
   </permission>
+  <permission type='tuple'>
+   <name>Upload local files</name>
+   <role>Manager</role>
+  </permission>
   <permission type='tuple'>
    <name>Use Database Methods</name>
    <role>Manager</role>
@@ -660,8 +693,9 @@
    <name>Use Factories</name>
    <role>Manager</role>
   </permission>
-  <permission type='list'>
+  <permission type='tuple'>
    <name>Use external editor</name>
+   <role>Manager</role>
   </permission>
   <permission type='tuple'>
    <name>Use mailhost services</name>
@@ -673,7 +707,10 @@
    <role>Assignor</role>
    <role>Associate</role>
    <role>Auditor</role>
-   <role>Author</role>
+   <role>Manager</role>
+  </permission>
+  <permission type='tuple'>
+   <name>View Directory Index</name>
    <role>Manager</role>
   </permission>
   <permission type='tuple'>
diff --git a/bt5/erp5_payroll/ModuleTemplateItem/paysheet_model_module.xml b/bt5/erp5_payroll/ModuleTemplateItem/paysheet_model_module.xml
index e628de0592dfb7b40da73d9fda7a7f0dcb7bdf8f..9a74d88742bf21e943d512cc7d3487cf6dc158f7 100644
--- a/bt5/erp5_payroll/ModuleTemplateItem/paysheet_model_module.xml
+++ b/bt5/erp5_payroll/ModuleTemplateItem/paysheet_model_module.xml
@@ -40,9 +40,6 @@
    <role>Author</role>
    <role>Manager</role>
   </permission>
-  <permission type='list'>
-   <name>AccessContentsInformation</name>
-  </permission>
   <permission type='tuple'>
    <name>Add Accelerated HTTP Cache Managers</name>
    <role>Manager</role>
@@ -211,6 +208,10 @@
    <name>Add Formulator Forms</name>
    <role>Manager</role>
   </permission>
+  <permission type='tuple'>
+   <name>Add Local File Systems</name>
+   <role>Manager</role>
+  </permission>
   <permission type='tuple'>
    <name>Add LocalContents</name>
    <role>Manager</role>
@@ -231,6 +232,10 @@
    <name>Add MessageCatalogs</name>
    <role>Manager</role>
   </permission>
+  <permission type='tuple'>
+   <name>Add MimetypesRegistry Tools</name>
+   <role>Manager</role>
+  </permission>
   <permission type='tuple'>
    <name>Add Page Templates</name>
    <role>Manager</role>
@@ -243,6 +248,10 @@
    <name>Add Plugin Registrys</name>
    <role>Manager</role>
   </permission>
+  <permission type='tuple'>
+   <name>Add PortalTransforms Tools</name>
+   <role>Manager</role>
+  </permission>
   <permission type='tuple'>
    <name>Add Python Scripts</name>
    <role>Manager</role>
@@ -379,6 +388,10 @@
    <name>Change Images and Files</name>
    <role>Manager</role>
   </permission>
+  <permission type='tuple'>
+   <name>Change Local File System properties</name>
+   <role>Manager</role>
+  </permission>
   <permission type='tuple'>
    <name>Change Lock Information</name>
    <role>Manager</role>
@@ -465,6 +478,10 @@
    <name>Define permissions</name>
    <role>Manager</role>
   </permission>
+  <permission type='tuple'>
+   <name>Delete local files</name>
+   <role>Manager</role>
+  </permission>
   <permission type='tuple'>
    <name>Delete objects</name>
    <role>Assignor</role>
@@ -563,13 +580,14 @@
    <name>Manage ZCatalogIndex Entries</name>
    <role>Manager</role>
   </permission>
-  <permission type='list'>
-   <name>Manage extensions</name>
-  </permission>
   <permission type='tuple'>
    <name>Manage languages</name>
    <role>Manager</role>
   </permission>
+  <permission type='tuple'>
+   <name>Manage local files</name>
+   <role>Manager</role>
+  </permission>
   <permission type='tuple'>
    <name>Manage messages</name>
    <role>Manager</role>
@@ -603,6 +621,10 @@
    <name>Open/Close Database Connections</name>
    <role>Manager</role>
   </permission>
+  <permission type='tuple'>
+   <name>Overwrite local files</name>
+   <role>Manager</role>
+  </permission>
   <permission type='tuple'>
    <name>Post mail to ZMailIn</name>
    <role>Manager</role>
@@ -659,6 +681,10 @@
    <name>Undo changes</name>
    <role>Manager</role>
   </permission>
+  <permission type='tuple'>
+   <name>Upload local files</name>
+   <role>Manager</role>
+  </permission>
   <permission type='tuple'>
    <name>Use Database Methods</name>
    <role>Manager</role>
@@ -667,8 +693,9 @@
    <name>Use Factories</name>
    <role>Manager</role>
   </permission>
-  <permission type='list'>
+  <permission type='tuple'>
    <name>Use external editor</name>
+   <role>Manager</role>
   </permission>
   <permission type='tuple'>
    <name>Use mailhost services</name>
@@ -680,7 +707,10 @@
    <role>Assignor</role>
    <role>Associate</role>
    <role>Auditor</role>
-   <role>Author</role>
+   <role>Manager</role>
+  </permission>
+  <permission type='tuple'>
+   <name>View Directory Index</name>
    <role>Manager</role>
   </permission>
   <permission type='tuple'>
diff --git a/bt5/erp5_payroll/bt/revision b/bt5/erp5_payroll/bt/revision
index bea0d09c49935aac714f5439285e2706b15e1dd9..6e16ebf9e9b0d51c9d894320b64a380e9dac6a5c 100644
--- a/bt5/erp5_payroll/bt/revision
+++ b/bt5/erp5_payroll/bt/revision
@@ -1 +1 @@
-207
\ No newline at end of file
+208
\ No newline at end of file
diff --git a/bt5/erp5_payroll/bt/template_catalog_local_role_key_list b/bt5/erp5_payroll/bt/template_catalog_local_role_key_list
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/bt5/erp5_payroll/bt/template_catalog_role_key_list b/bt5/erp5_payroll/bt/template_catalog_role_key_list
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391