diff --git a/gql.go b/gql.go
index 1b53fda..7c00608 100644
--- a/gql.go
+++ b/gql.go
@@ -33,6 +33,21 @@ import (
 const GQLThreadType = ThreadType("GQL")
 const GQLNodeType = NodeType("GQL")
 
+// Initializes a new GQL node without an ACLPolicyExt(which needs to be added)
+func NewGQLNode(ctx *Context, gql_ext *GQLExt) (*Node, error) {
+  node := NewNode(ctx, RandID(), GQLNodeType)
+  node.Extensions[GroupExtType] = NewGroupExt(nil)
+  var err error
+  node.Extensions[ThreadExtType], err = NewThreadExt(ctx, GQLThreadType, nil, nil, "init", nil)
+  if err != nil {
+    return nil, err
+  }
+  node.Extensions[LockableExtType] = NewLockableExt(nil, nil, nil, nil)
+  node.Extensions[GQLExtType] = gql_ext
+
+  return node, nil
+}
+
 type AuthReqJSON struct {
   Time time.Time `json:"time"`
   Pubkey []byte `json:"pubkey"`
diff --git a/gql_test.go b/gql_test.go
index dea64e3..8a9151d 100644
--- a/gql_test.go
+++ b/gql_test.go
@@ -61,24 +61,20 @@ func TestGQLDB(t * testing.T) {
   key, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
   fatalErr(t, err)
 
-  gql := NewNode(ctx, RandID(), TestGQLNodeType)
+  gql, err := NewGQLNode(ctx, NewGQLExt(":0", ecdh.P256(), key, nil, nil))
+  fatalErr(t, err)
   gql_policy := NewChildOfPolicy(NodeActions{
     gql.ID: Actions{"signal.status"},
   })
-  gql.Extensions[ACLExtType] = NewACLExt(NodeList(u1))
   gql.Extensions[ACLPolicyExtType] = NewACLPolicyExt(map[PolicyType]Policy{
     ChildOfPolicyType: &gql_policy,
   })
-  gql.Extensions[GroupExtType] = NewGroupExt(nil)
-  gql.Extensions[GQLExtType] = NewGQLExt(":0", ecdh.P256(), key, nil, nil)
-  gql.Extensions[ThreadExtType], err = NewThreadExt(ctx, GQLThreadType, nil, nil, "ini", nil)
-  fatalErr(t, err)
-  gql.Extensions[LockableExtType] = NewLockableExt(nil, nil, nil, nil)
 
   ctx.Log.Logf("test", "GQL_ID: %s", gql.ID)
+
   info := ParentInfo{true, "start", "restore"}
   context := NewWriteContext(ctx)
-  err = UpdateStates(context, u1, NewACLInfo(gql, []string{"users"}), func(context *StateContext) error {
+  err = UpdateStates(context, u1, ACLMap{}, func(context *StateContext) error {
     err := LinkThreads(context, u1, gql, ChildInfo{t1, map[InfoType]Info{
       ParentInfoType: &info,
     }})
diff --git a/node.go b/node.go
index 29786b3..e49ea48 100644
--- a/node.go
+++ b/node.go
@@ -171,15 +171,21 @@ func Allowed(context *StateContext, principal *Node, action string, node *Node)
 
   // Check if the node has a policy extension itself, and check against the policies in it
   policy_ext, err := GetExt[*ACLPolicyExt](node)
+  self_tried := false
   if err == nil {
     if policy_ext.Allows(context, principal, action, node) == true {
       return nil
     }
+    self_tried = true
   }
 
   acl_ext, err := GetExt[*ACLExt](node)
   if err != nil {
-    return err
+    if self_tried == true {
+      return fmt.Errorf("POLICY_SELF: policies on %s do not allow %s to perform %s", node.ID, principal.ID, action)
+    } else {
+      return err
+    }
   }
 
   for _, policy_node := range(acl_ext.Delegations) {
@@ -211,10 +217,10 @@ func SendSignal(context *StateContext, node *Node, princ *Node, signal Signal) e
     return err
   }
 
-  for _, ext := range(node.Extensions) {
+  for ext_type, ext := range(node.Extensions) {
     err = ext.Process(context, node, signal)
     if err != nil {
-      return err
+      context.Graph.Log.Logf("signal", "EXTENSION_SIGNAL_ERR: %s/%s - %s", node.ID, ext_type, err)
     }
   }
 
@@ -460,7 +466,7 @@ func LoadNode(ctx * Context, id NodeID) (*Node, error) {
   }
 
   if len(extra_extensions) > 0 {
-    return nil, fmt.Errorf("DB_LOAD_EXTRA_EXTENSIONS: %s - %+v - %+v", id, node_type, extra_extensions)
+    ctx.Log.Logf("db", "DB_LOAD_EXTRA_EXTENSIONS: %s - %+v - %+v", id, node_type, extra_extensions)
   }
 
   ctx.Log.Logf("db", "DB_NODE_LOADED: %s", id)