Try our conversational search powered by Generative AI!

Read-only catalog


In a scenario where the entire catalog is owned by a third-party system, e.g. a PIM, it would be nice if we could make the catalog read-only. Would it be possible to disable catalog editing alltogether or restrict it to certain fields?

Jun 03, 2015 8:50

I don't think it's possible in CM, but for Catalog UI you can create your own content provider, inherit from CatalogContentProvider and simply does nothing in Save().

To make it truely "Read-only" then you might want to override the LinksRepository as well.

Another approach is to create an implementaion of CatalogEventListenerBase and prevent any modification by throwing exceptions. 



Jun 03, 2015 10:52

Hi Quan

Would the following be possible:

  • Hook into the LoadedContent event on products/variants
  • Get the ACL from IContentSecurable.GetContentSecurityDescriptor()
  • Remove all but Read access rights from the ACL for the product

I've put a POC together for this on content in the past and was wondering if this would work on Catalog entries too?


Jun 03, 2015 12:59


Unfortunately Commerce implemetation of ACL does not support that thing right now - so I don't think that'll be possible.



Jun 03, 2015 13:18

And to complete my question above, you can also override the ProviderCapabilities property to remove ContentProviderCapabilities.Create/Edit/Delete/Move/Copy enum, then in Catalog UI, options to edit content (move/copy/save...) will be disabled. 


Jun 05, 2015 15:31

Just an idea :)

var contenEventHandler = EPiServer.ServiceLocation.ServiceLocator.Current.GetInstance<EPiServer.Core.IContentEvents>();

void contenEventHandler_SavingContent(object sender, ContentEventArgs e)
            //Is it Commerce?
            e.RequiredAccess = AccessLevel.Administer;
            e.CancelAction = true;



Jun 09, 2015 11:38

Is Episerver Commerce (Commerce UI, not Commerce Manager) going to have an implementation of ACL similar to the CMS one anytime soon? Meaning, an administrator would be able to set view/edit/create/updat/delete access rights on catalogs, nodes, products, etc?

Nov 28, 2016 14:47


It's in our backlog, but it would not happen anytime soon (I'm talking about 3-6 months period)


Nov 28, 2016 14:50

Thank you Quan for your quick response :) 

Nov 28, 2016 14:53


Any news on this? Has ACL been implemented for Commerce?

Feb 18, 2020 9:16

It has been implemented in Commerce 11.6.0, limited to catalog and categories (entries inherit the setting from it true perent

Feb 18, 2020 9:19
Torbjörn Stavås - Feb 18, 2020 9:23
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.