Client has need to prevent a user form Approving/Publishing any page they have themselves created.
Checking if the current user = page creator seems simple enough. However... I'm struggling to find way to access the relevant control from the page's master page code-behind? ... as page seems to be bundled up into the container of Edit mode by black magic...
p.s. I'd prefer not to fiddle with code of the epiServer application (in C:\Program Files..), but rather (override something?) in the website code (C\Episerver\Sites...) for simplicity of deployment.
I would suggest something like the following:
However this does mean some code...
Had a very similar request, much easier in episerver 6:
in episerver.config add:
Copy the user control from the episerver program files install, then grab the code behind by using reflector or ilspy etc. It is in episerver.ui.dll then Episerver.UI.Edit then EditPageButtonControl.
Then change the code as required.
Make sure you secure the "yourOverrides" path in web.config as per the existing edit mode pages.
It was the easiest way I found.
Thanks, that seems like a really useful approach.
One problem I'm running into with this though is the confilct of this 'new' version of 'Button control' with the existing one...
Warning The type 'EPiServer.UI.Edit.EditPageButtonControl' in 'C:\EPiServer\Sites\Wesleyan\Templates\Wesleyan\overrides\EditPageButtonControl.ascx.cs' conflicts with the imported type 'EPiServer.UI.Edit.EditPageButtonControl' in 'C:\EPiServer\Sites\Wesleyan\bin\EPiServer.UI.dll'. Using the type defined in 'C:\EPiServer\Sites\Wesleyan\Templates\Wesleyan\overrides\EditPageButtonControl.ascx.cs'.C:\EPiServer\Sites\Wesleyan\Templates\Wesleyan\overrides\EditPageButtonControl.ascx.cs92221EPiServer.Templates.RelatePlus
...sorry if I'm being a bit thick, but trying to change namespace just makes other issues appear...?
...removed GAC assembly (EPiServer.UI.dll), and now get:
The type 'EPiServer.UI.Edit.EditPageButtonControl' is ambiguous: it could come from assembly 'C:\EPiServer\Sites\Wesleyan\bin\EPiServer.Templates.RelatePlus.DLL' or from assembly 'C:\EPiServer\Sites\Wesleyan\bin\EPiServer.UI.DLL'. Please specify the assembly explicitly in the type name
Hi,You can simply hook up publishing event in data factory and do your checks there. Like this:
DataFactory.Instance.PublishingPage += Instance_PublishingPage;
static void Instance_PublishingPage(object sender, PageEventArgs e)
e.CancelReason = "Not allowed to publish";
e.CancelAction = true;
Giedrius, come to think of it that would certainly be the easiest option. I think I was thinking of ways of conditioning the publish button :)!
Giedrius - thanks very much.
Ideally I'd have liked option to disable the button that would have been possible with Paul's approach... but your idea is much simpler, and it works straight away. :)
Is it possible to get ACL list in intlization module in cms9,
I am using Bellow code,
PageData pg = DataFactory.Instance.GetPage(new PageReference((e.ContentLink).ID));
PageAccessControlList acl = new PageAccessControlList(pg.PageLink); acl.Add(new AccessControlEntry("Administrators", AccessLevel.NoAccess, SecurityEntityType.Role)); acl.Save();
//pg.IsPendingPublish = true; --> got readonly unable to set sagar var events = e.RequiredAccess; e.CancelAction = true; e.CancelReason = "Approved no need publish";
But i am getting ACL count is Zero.
You will need to cast the current IContent item as IContentSecurable then get hold of the IContentSecurityDescriptor from the securable entity. I've written the (untested) code below to get the current ACL list from a IContent item as part of an initialisation module:
private IEnumerable<AccessControlEntry> GetEffectiveACL(IContent content)
IEnumerable<AccessControlEntry> aclEntries = null;
// Check if the content type can have access restrictions
IContentSecurable securable = content as IContentSecurable;
if (securable != null)
// Get hold of the security descriptor
IContentSecurityDescriptor contentSecurityDescriptor = securable.GetContentSecurityDescriptor();
// Need to ensure the LoadedContent event is not fired when we get the ACL Entries when the ACL list
// is inherited. This is because accessing .Entries on a content item that has an inherited ACL will
// load parent content items until a parent item that is not inherierd is found. However the loading
// of parents will cause the LoadedContent event to be fired so would cause a recursive loop.
var contentEvents = EPiServer.ServiceLocation.ServiceLocator.Current.GetInstance<IContentEvents>();
contentEvents.LoadedContent -= Instance_LoadedContent;
aclEntries = GetACLEntries(contentSecurityDescriptor);
contentEvents.LoadedContent += Instance_LoadedContent;
//Safe to access .Entries directly as it will not cause up a recursive load up through the parent content items
aclEntries = GetACLEntries(contentSecurityDescriptor);
private IEnumerable<AccessControlEntry> GetACLEntries(IContentSecurityDescriptor contentSecurityDescriptor)
if (contentSecurityDescriptor != null && contentSecurityDescriptor.Entries != null)
Thanks for your reply.
I alrady somehow achieved to get the access list by using Pagedata instance.ACL.Entries property.
But i struck in the way to find a way for the restriction page publishing for a user who has rights to publish the page.Tried with e.CancelAction = True, but it is not satisfying my requirement.
Can you suggest me any ideas to achieve changing accessrights for a particular user dynamically for a particular page?