Access rights CMS 6 R2

A critical vulnerability was discovered in React Server Components (Next.js). Our systems remain protected but we advise to update packages to newest version. Learn More.

AI OnAI Off

Home / Documentation / Episerver Search & Navigation / 10 / EPiServer CMS 6 R2 /

Area: Optimizely Search & Navigation

ARCHIVED This content is retired and no longer maintained. See the latest version here.

Introduction

The search engine does not implement any access rights filtering for documents (pages, files etc). However, when using the EPiServer CMS integration, the return value from an extension method for PageData named RolesWithReadAccess will be indexed. This means that we can filter out pages that the current user should not be able to see.

Examples

Filtering out results using RolesWithReadAcess:

SearchClient.Instance.Search<StandardPage>()
    .For("Possibly secret stuff")
    .Filter(x => x.RolesWithReadAccess().Match("Everyone"))
    .GetPagesResult();

Last updated: Sep 21, 2015