November Happy Hour will be moved to Thursday December 5th.
AI OnAI Off
Security
I find the situation kind of strange - perhaps you need more roles to describe your scenario (i.e. the user who gains access to the child page because of role membership shouldn't be a member of that group but rather a different group or vice versa). Perhaps a virtual role combining two or more roles (like in this blog article: http://labs.episerver.com/en/Blogs/Allan/Dates/2009/9/I-am-virtually-in-the-role-dude/)
Edit: Group/role blah... You know what I mean.
Edited,
Sep 27, 2010 17:48
I think the easiest way to enforce the check is to add a recursive check in your custom template base class (you have one - right?) that loads parent pages up to the start page. Each page should be checked for read access using:
aPage.QueryDistinctAccess(EPiServer.Security.AccessLevel.Read)
If it returns false, just to AccessDenied(); and the login redirect will happen.
/Steve
Sep 27, 2010 22:54
This thread is locked and should be used for reference only. Please use the Episerver CMS 7 and earlier versions forum to open new discussions.
Hi,
I have the following scenario:
The requirement is that the child page link should not be available and if the user navigates to the child page (bookmark or manually entering) they are presented with an error or access denied page. Basically the user should not be able to access the child page as they do not have access to the parent.
Does anyone know how to enforce this?
Many thanks in advance,
Mark