This post is a quick write up of an issue I noticed when using Google Chrome on a touch screen Windows 8.1 machine when using EPiServer 7.5 and how to solve it.
I was using a Windows 8.1 touch screen laptop with Google Chrome installed to access an EPiServer 7.5 site. I noticed the UI didn't seem to fully work. Specifically the context menus didn't appear when I hovered over blocks with a mouse and also I couldn't drag blocks to rearrange or add a new block. Using a mouse to hover over a block I expected to see this:
I have previously posted about Granular Page Type security in EPiServer using PageTypeSecurityAddOn. This added granular security to page types in EPiServer.
However the client in question also wanted more control over the access rights on langauges too. More specifically they wanted to remove publish rights to a specific langauge in EPiServer. I translated this requirement to mean it should be possible to specify who should have publish rights on a per langauge basis. So I created LanguageSecurityAddOn to address this requirement.
I recently posted about Granular Page Type security in EPiServer using PageTypeSecurityAddOn which I created as part of SecurityPack for EPiServer on CodePlex. After discussions with some collegues I have added some additional features.
I was at a client site and they asked why users could edit a page that they did not have access to create. I asked what they meant and they said they they removed Create access in admin mode for a certain page type but users could still edit pages that were created with that page type. I explained the access was for create permissions only but the client disagreed and thought that if you cannot access a page type then why should you be able to edit it? To be honest, I agreed.
So I decided to create a plug in that resolved the problem. I wanted a plug in that would give me more granular access to page types in EPiServer, to allow me to specify who could edit certain pages types, not just create them. So I created PageTypeSecurityAddOn.
Recently I read an EPiServer forum post about securing EPiServer edit and admin mode. If I understood the post correctly then there is a public facing EPiServer site, using the standard SQL providers. The requirement was to prevent access to edit and admin mode to all but a restricted set of IP addresses.