EPiServer: AccessDenied to language, if language role missing

If you in EPiServer 7.x have activated multiple languages via
then you can restrict who can edit each language in GUI by removing everyone and add some other group:

Restrict editors to language

If you want to restrict who can read, then you can issue an AccessDeniedDelegate after checking permissions in DeniedAccessToAuthenticatedWithoutRoleForCountry()

    //From http://www.epinova.no/blog/tarjei-olsen/dates/2012/12/handling-page-access-denied-scenarios-in-episerver-cms-7-mvc/
    private void CheckAccess()
        if (DeniedAccessToAuthenticatedWithoutRoleForCountry())
        if (CurrentPage.QueryAccess().HasFlag(AccessLevel.Read))

    private bool DeniedAccessToAuthenticatedWithoutRoleForCountry()
        string siteCountry = CurrentPage.LanguageBranch;
        var currUser = System.Web.HttpContext.Current.User;
        if (!string.IsNullOrEmpty(siteCountry) && currUser.Identity.IsAuthenticated)
            string requiredRole = Country.SiteToRole(siteCountry);
            bool hasUserRequiredRole = currUser.IsInRole(requiredRole);
            if (!hasUserRequiredRole)
                return true;
        return false;

    private void ServeAccessDenied()
            new AccessDeniedException(CurrentPage.ContentLink));

        AccessDeniedDelegate accessDenied 
            = DefaultAccessDeniedHandler.CreateAccessDeniedDelegate();

The End.


Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: