Commerce Manager uses UnauthorizedAccessException, which can cause confusions

Found in

Release 7.5


Apr 14, 2014


May 09, 2014


Falcon/Commerce/Commerce Manager


Closed, Fixed and Tested

Steps to reproduce

Issue reported here: to reproduce:

- Go to Configs/Mediachase.Search.Config

- Edit the Indexers basePath to some invalid path, for example: Invalid/path

- Go to Cm, Administration/System settings/Search index, error:



Access Denied

Your account does not have rights to access this feature of the commerce manager. Please contact your system administrator for more information. 

The reason was IndexBuilder try to access the invalid path, then UnauthorizedAccessException is thrown. CM catches that exception and show above error.


The fix includes a new type of exception: Mediachase.Commerce.Security.AccessDeniedException that is thrown and catched instead of System.UnauthorizedAccessException.

All commerce code catching thrown System.UnauthorizedAccessException is rewritten to instead catch the new AccessDeniedException.

Third party developers throwing System.UnauthorizedAccessException as access handling needs to throw the new AccessDeniedException.