--- user.module.5.2.orig	2007-08-25 13:26:36.000000000 -0700
+++ user.module	2007-08-25 13:26:38.000000000 -0700
@@ -341,6 +341,8 @@ function user_password($length = 10) {
  *   The permission, such as "administer nodes", being checked for.
  * @param $account
  *   (optional) The account to check, if not given use currently logged in user.
+ * @param $reset
+ *   (optional) If TRUE, reset $perm value.  Default = FALSE.
  *
  * @return
  *   boolean TRUE if the current user has the requested permission.
@@ -349,7 +351,7 @@ function user_password($length = 10) {
  * way, we guarantee consistent behavior, and ensure that the superuser
  * can perform all actions.
  */
-function user_access($string, $account = NULL) {
+function user_access($string, $account = NULL, $reset = FALSE) {
   global $user;
   static $perm = array();
 
@@ -363,8 +365,9 @@ function user_access($string, $account =
   }
 
   // To reduce the number of SQL queries, we cache the user's permissions
-  // in a static variable.
-  if (!isset($perm[$account->uid])) {
+  // in a static variable.
+  // Per http://www.lullabot.com/articles/a_beginners_guide_to_caching_data adding $reset option
+  if (!isset($perm[$account->uid]) || $reset) {
     $result = db_query("SELECT DISTINCT(p.perm) FROM {role} r INNER JOIN {permission} p ON p.rid = r.rid WHERE r.rid IN (%s)", implode(',', array_keys($account->roles)));
 
     $perm[$account->uid] = '';