4đź‘Ť
I found a solution myself now:
First I wrote a custom middleware that redirects all requests to Django CMS pages to the login. Then, I removed the “can view pages” permission from all groups and all global permissions for non-staff.
Finally I removed all view restrictions on the page root and set them only on the particular pages which should be restricted.
If you are interested about some more findings in Django CMS’ permissions: I blogged some thoughts about it here: http://blog.webrunners.de/2015/09/08/django-cms-permission-pitfalls/
👤schneck
Source:stackexchange.com