+#sub post_new_object_callback {
+# my( $cgi, $access_user ) = @_;
+#
+# if ( length($cgi->param('_password')) ) {
+# my $password = scalar($cgi->param('_password'));
+# my $error = $access_user->is_password_allowed($password);
+# #XXX and then bubble the error back up to the UI
+# }
+#}
+
+sub noerror_callback {