We have a problem/qustion, that we dont really understand:
* We have an Epi page ( inherits from Episerver.TemplatePage )
* We have overridden : public override void AccessDenied() to do nothing at all:
* When the current user is not logged in at all, there seems to be no problems, no exception is thrown
* When the user is logged in, but have no rights on that page, this throws an exception ( this exception is thrown when trying to execute/access : base.OnInit(e);, but we have also found out that it throws an exception when, for ex trying to access CurrentPage )
In our opinion, those two scenarios should behave in the sam way ?!
Is this an Episerver bug, or is it a correct behavior, if so; why ?
We have found some pretty ugly ways to solve this, but it would be great if someone explained ?
What we are trying to accomplish is:
The user/client is trying to access a page that he/she does not have access to, we want them to stay on the same page ( but display different content ).
The reason lies withing PageData.GetPage() that throws an AccessDeniedException if you are authenticated.
It is virtual so you can probably patch the problem by overriding GetPage() in addition to AccessDenied().
public virtual PageData GetPage(PageReference pageLink)
return new PageData();
PageData page = DataFactory.Instance.GetPage(pageLink);
AccessLevel access = (pageLink.ID == this.CurrentPageLink.ID) ? this.RequiredAccess() : AccessLevel.Read;
if (!page.GetSecurityDescriptor().HasAccess(PrincipalInfo.CurrentPrincipal, access))
throw new AccessDeniedException();