Forum OpenACS Development: Response to is there any decent documentation on permissions?

ad_require_permission $user_id permission_needed

The way you've written it checks wether the user who's viewing the page has permission_needed on user_id, which is probably not what you want. The first argument should be your 'module'.

Otherwise, ad_permission_p allows the flexibility to check permissions for arbitrary users.