Review consistency of responses to visiting inaccessible SimpleContent pages

[CrispinF]

Visiting a SimpleContent page that you don't have permissions for returns a 404 "Page not found". This seems undesirable - it should be 401 or 403 or a 302 redirect to login page (see debates on e.g. https://stackoverflow.com/questions/3297048/403-forbidden-vs-401-unauthorized-http-responses ).

Visiting a cloudscribe administrative page when unauthenticated returns a 302 and redirects to the login page e.g. /account/login?ReturnUrl=%2Fsiteadmin

Visiting a cloudscribe administrative page when authenticated but without correct permissions returns a 302 and redirects to the Access Denied page e.g. /account/accessdenied?ReturnUrl=%2Fsiteadmin

If we take the behaviour for the administrative pages as desirable, then we should make SimpleContent CMS pages/posts behave the same way. If the visited URL exists, and user is unauthenticated, we should 302 to login page with returnurl. If user is authenticated with insufficient privileges, we should 302 to the Access Denied page.

[markidox]

Can't do it exactly as specified because of the modular nature of cloudscribe. People will be redirected to a page informing them either they do not have the relevant permissions for that page or that the page requires authentication if they are not logged in.