diff --git a/controllers/accounts_controller.php b/controllers/accounts_controller.php
index acd4ac5..2920e74 100644
--- a/controllers/accounts_controller.php
+++ b/controllers/accounts_controller.php
@@ -90,6 +90,10 @@ class AccountsController extends AppController {
       $conditions[] = array('Account.type' => strtoupper($params['action']));
     }
 
+    // REVISIT <AP>: 20090811
+    //  No security issues have been worked out yet
+    $conditions[] = array('Account.level >=' => 10);
+
     return $conditions;
   }
 
@@ -160,12 +164,6 @@ class AccountsController extends AppController {
    */
 
   function view($id = null) {
-    if (!$id) {
-      $this->Session->setFlash(__('Invalid Item.', true));
-      $this->redirect(array('action'=>'index'));
-    }
-
-    // Get details about the account and its ledgers (no ledger entries yet)
     $account = $this->Account->find
       ('first',
        array('contain' =>
@@ -177,14 +175,18 @@ class AccountsController extends AppController {
 		   array('CloseTransaction' => array
 			 ('order' => array('CloseTransaction.stamp' => 'DESC'))),
 		   ),
-	     'conditions' => array(array('Account.id' => $id)),
+	     'conditions' => array(array('Account.id' => $id),
+				   // REVISIT <AP>: 20090811
+				   //  No security issues have been worked out yet
+				   array('Account.level >=' => 10),
+				   ),
 	     )
        );
 
-    // Get all ledger entries of the CURRENT ledger
-    $entries = $this->Account->ledgerEntries($id);
-    //pr(compact('entries'));
-    $account['CurrentLedger']['LedgerEntry'] = $entries;
+    if (empty($account)) {
+      $this->Session->setFlash(__('Invalid Item.', true));
+      $this->redirect(array('action'=>'index'));
+    }
 
     // Obtain stats across ALL ledgers for the summary infobox
     $stats = $this->Account->stats($id, true);
@@ -202,8 +204,4 @@ class AccountsController extends AppController {
     $this->set(compact('account', 'title', 'stats'));
   }
 
-  function tst($id) {
-    //$entries = $this->Account->($id);
-    pr($entries);
-  }
 }
diff --git a/controllers/ledger_entries_controller.php b/controllers/ledger_entries_controller.php
index c41a482..6c3fa7a 100644
--- a/controllers/ledger_entries_controller.php
+++ b/controllers/ledger_entries_controller.php
@@ -145,12 +145,6 @@ class LedgerEntriesController extends AppController {
    */
 
   function view($id = null) {
-    if (!$id) {
-      $this->Session->setFlash(__('Invalid Item.', true));
-      $this->redirect(array('controller' => 'accounts', 'action'=>'index'));
-    }
-
-    // Get the Entry and related fields
     $entry = $this->LedgerEntry->find
       ('first',
        array('contain' => array
@@ -163,6 +157,10 @@ class LedgerEntriesController extends AppController {
 	      array('fields' => array('id', 'sequence', 'name'),
 		    'Account' => 
 		    array('fields' => array('id', 'name', 'type'),
+			  'conditions' =>
+			  // REVISIT <AP>: 20090811
+			  //  No security issues have been worked out yet
+			  array('Account.level >=' => 10),
 			),
 		  ),
 
@@ -177,6 +175,11 @@ class LedgerEntriesController extends AppController {
 	     'conditions' => array('LedgerEntry.id' => $id),
 	     ));
 
+    if (empty($entry) || empty($entry['Ledger']['Account'])) {
+      $this->Session->setFlash(__('Invalid Item.', true));
+      $this->redirect(array('controller' => 'accounts', 'action'=>'index'));
+    }
+
     if (!empty($entry['DebitEntry']) && !empty($entry['CreditEntry']))
       die("LedgerEntry has both a matching DebitEntry and CreditEntry");
     if (empty($entry['DebitEntry']) && empty($entry['CreditEntry']))
diff --git a/controllers/ledgers_controller.php b/controllers/ledgers_controller.php
index 107fb2c..5aa073b 100644
--- a/controllers/ledgers_controller.php
+++ b/controllers/ledgers_controller.php
@@ -50,24 +50,21 @@ class LedgersController extends AppController {
   }
 
   function gridDataCountTables(&$params, &$model) {
-    // Our count should NOT include anything extra,
-    // so we need the virtual function to prevent
-    // the base class from just calling our
-    // gridDataTables function.
-    return parent::gridDataTables($params, $model);
-  }
-
-  function gridDataTables(&$params, &$model) {
     return array
       ('link' =>
        array(// Models
 	     'Account',
-	     'LedgerEntry',
-	     'CloseTransaction',
 	     ),
        );
   }
 
+  function gridDataTables(&$params, &$model) {
+    $tables = $this->gridDataCountTables($params, $model);
+    $tables['link'][] = 'LedgerEntry';
+    $tables['link'][] = 'CloseTransaction';
+    return $tables;
+  }
+
   function gridDataFields(&$params, &$model) {
     $fields = parent::gridDataFields($params, $model);
     $fields[] = 'CONCAT(Account.id, "-", Ledger.sequence) AS id_sequence';
@@ -85,6 +82,10 @@ class LedgersController extends AppController {
       $conditions[] = array('Ledger.close_transaction_id !=' => null);
     }
 
+    // REVISIT <AP>: 20090811
+    //  No security issues have been worked out yet
+    $conditions[] = array('Account.level >=' => 10);
+
     return $conditions;
   }
 
@@ -119,22 +120,25 @@ class LedgersController extends AppController {
    */
 
   function view($id = null) {
-    if (!$id) {
-      $this->Session->setFlash(__('Invalid Item.', true));
-      $this->redirect(array('action'=>'index'));
-    }
-
-    // Get details about the ledger itself (no entries yet)
     $ledger = $this->Ledger->find
       ('first',
        array('contain' =>
 	     array(// Models
 		   'Account',
 		   ),
-	     'conditions' => array(array('Ledger.id' => $id)),
+	     'conditions' => array(array('Ledger.id' => $id),
+				   // REVISIT <AP>: 20090811
+				   //  No security issues have been worked out yet
+				   array('Account.level >=' => 10),
+				   ),
 	     )
        );
 
+    if (empty($ledger)) {
+      $this->Session->setFlash(__('Invalid Item.', true));
+      $this->redirect(array('action'=>'index'));
+    }
+
     // Get ledger stats for our summary box
     $stats = $this->Ledger->stats($id);
 
diff --git a/controllers/statement_entries_controller.php b/controllers/statement_entries_controller.php
index 293a003..0e1f9e3 100644
--- a/controllers/statement_entries_controller.php
+++ b/controllers/statement_entries_controller.php
@@ -209,12 +209,6 @@ class StatementEntriesController extends AppController {
    */
 
   function view($id = null) {
-    if (!$id) {
-      $this->Session->setFlash(__('Invalid Item.', true));
-      $this->redirect(array('controller' => 'accounts', 'action'=>'index'));
-    }
-
-    // Get the StatementEntry and related fields
     $entry = $this->StatementEntry->find
       ('first',
        array('contain' => array
@@ -224,10 +218,17 @@ class StatementEntriesController extends AppController {
 	      'Lease' => array('fields' => array('id')),
 	      ),
 
-	     'conditions' => array('StatementEntry.id' => $id),
+	     'conditions' => array(array('StatementEntry.id' => $id),
+				   // REVISIT <AP>: 20090811
+				   //  No security issues have been worked out yet
+				   array('Account.level >=' => 10)
+				   ),
 	     ));
-    
-    $reconciled = $this->StatementEntry->reconciledEntries($id);
+
+    if (empty($entry)) {
+      $this->Session->setFlash(__('Invalid Item.', true));
+      $this->redirect(array('controller' => 'accounts', 'action'=>'index'));
+    }
 
     $stats = $this->StatementEntry->stats($id);
 
@@ -266,7 +267,7 @@ class StatementEntriesController extends AppController {
 
     // Prepare to render.
     $title = "Statement Entry #{$entry['StatementEntry']['id']}";
-    $this->set(compact('entry', 'title', 'reconciled', 'stats'));
+    $this->set(compact('entry', 'title', 'stats'));
   }
 
 }
diff --git a/controllers/transactions_controller.php b/controllers/transactions_controller.php
index e70f1ff..c61b99a 100644
--- a/controllers/transactions_controller.php
+++ b/controllers/transactions_controller.php
@@ -54,7 +54,12 @@ class TransactionsController extends AppController {
    */
 
   function gridDataCountTables(&$params, &$model) {
-    return parent::gridDataTables($params, $model);
+    return array
+      ('link' =>
+       array(// Models
+	     'Account' => array('fields' => array()),
+	     ),
+       );
   }
 
   function gridDataTables(&$params, &$model) {
@@ -79,6 +84,10 @@ class TransactionsController extends AppController {
     if (in_array($params['action'], array('invoice', 'receipt', 'deposit')))
       $conditions[] = array('Transaction.type' => strtoupper($params['action']));
 
+    // REVISIT <AP>: 20090811
+    //  No security issues have been worked out yet
+    $conditions[] = array('Account.level >=' => 5);
+
     return $conditions;
   }
 
@@ -361,11 +370,6 @@ class TransactionsController extends AppController {
    */
 
   function view($id = null) {
-    if (!$id) {
-      $this->Session->setFlash(__('Invalid Item.', true));
-      $this->redirect(array('action'=>'index'));
-    }
-
     $transaction = $this->Transaction->find
       ('first',
        array('contain' =>
@@ -380,9 +384,18 @@ class TransactionsController extends AppController {
 					   'Ledger.name'),
 			 ),
 		   ),
-	     'conditions' => array('Transaction.id' => $id),
+	     'conditions' => array(array('Transaction.id' => $id),
+				   // REVISIT <AP>: 20090811
+				   //  No security issues have been worked out yet
+				   array('Account.level >=' => 5),
+				   ),
 	     ));
 
+    if (empty($transaction)) {
+      $this->Session->setFlash(__('Invalid Item.', true));
+      $this->redirect(array('action'=>'index'));
+    }
+
     if ($transaction['Transaction']['type'] === 'DEPOSIT') {
       $this->sidemenu_links[] =
 	array('name' => 'Operations',    'header' => true);