SQL

Locate Episerver content with restricted access rights

If someone deletes a page from an Episerver site, you can figure out what happened. Even if the page is permanently deleted from trash, you can still see what happened (and who to blame) in the Change Log, found in Admin mode.

Here I can see that someone first moved my «Super important content» to trash, and then permanently deleted it.

A screenshot of the tool «Change log» in Episerver admin mode.

If someone changes access rights for a page, the change is completely without trace. There is not created a new version of the page, and there is nothing witten to the change log. Stealth mode!

So, If someone goes crazy in admin mode and changes access rights for a lot of random pages - how can you figure out what happened without checking every single page?

Normally, most pages should inherit settings from their parent, like this:
Access rights for content, the checkbox «Inherit settings from parent item» is checked.

So, how do I find all pages with settings like this?
Access rights for content, the checkbox «Inherit settings from parent item» is not checked.

Dig into the database, of course.

To identify all content that has access rights explicit set, i.e. do not inherit from parent item, run this query:

SELECT DISTINCT fkContentID
FROM tblContentAccess

Or if you only care about content that is not available to Everyone:

SELECT DISTINCT fkContentID
FROM tblContentAccess
WHERE fkContentID NOT IN 
(
   SELECT fkContentID from tblContentAccess WHERE Name = 'Everyone'
)

If you are not sure what to do with the content id, check out this blog post: Identify your Episerver content!