Granular Language security in EPiServer using LanguageSecurityAddOn
Apr 30, 2012
I have previously posted about Granular Page Type security in EPiServer using PageTypeSecurityAddOn. This added granular security to page types in EPiServer.
However the client in question also wanted more control over the access rights on langauges too. More specifically they wanted to remove publish rights to a specific langauge in EPiServer. I translated this requirement to mean it should be possible to specify who should have publish rights on a per langauge basis. So I created LanguageSecurityAddOn to address this requirement.
What does LanguageSecurityAddOn do?
This plug a adds a couple of features to any EPiServer CMS 6 R2 installation:
- Extends the EPiServer admin mode UI to add a "Publish" option to the access level option when setting up the security Access Level in admin mode:
- Removes Publish rights if a user doesn't have Publish access to the langauge as set up in admin mode
- Adds a scheduled job called "SecurityPack : Language security set up". This is for initial set up and adds Publish rights to languages types that only have Change access (i.e. the default scenario when first installing LanguageSecurityAddOn):
How do I get it?
By far the easiest way to install is from the NuGet package available on the EPiServer NuGet feed.
Alternatively grab the code from the SecurityPack project Codeplex, compile the dll and drop it in the \bin folder of your site. There are no config changes to make or folders/files to copy.
Where's the code and who owns it?
This project is open sourced on CodePlex. Its part of the SecurityPack project on CodePlex.
Feedback
Has this requirement come up for your editors/admins before? Is there anything else that you'd like to lock security down on in EPiServer? I'd be happy to hear any feedback on the comments below or @davidknipe