Modify access level on creating content

Vote:
 

I'm trying to remove public access to a certain media content on creation. I have tried modifying the access rules both via SetDefaultValues and IContentEvents.CreatingContent, but with no success. This is my current code using SetDefaultValues:

public override void SetDefaultValues(ContentType contentType)
{
    base.SetDefaultValues(contentType);

    if (this is IContentSecurable securable)
    {
        var securityDescriptor = securable.GetContentSecurityDescriptor();
        securityDescriptor.IsInherited = false;

        var everyone = securityDescriptor.Entries.FirstOrDefault(x => x.EntityType == SecurityEntityType.Role && x.Name == EveryoneRole.RoleName);
        if (everyone != null)
        {
            securityDescriptor.RemoveEntry(everyone);
        }
    }
}

In the code above, I try to remove the inherited access and also entirely remove the rule which allows Everyone to read the content. Nothing seems to get applied though - when I try to view that content in Episerver, it still says that it inherits access rules and it also says the Everyone still has Read access.

I haven't tried changing these rules in the CreatedContent event, but I assume that would require me create a writable clone, do the change and then re-save that content, which just seems excessive.

#210649
Dec 02, 2019 13:47
Vote:
 

Hi,

In addition to above information. The reason your changes are not persisted is because you need to call IContentSecurityRepository explicitly to work with a content's ACL.

#210654
Dec 02, 2019 16:52