Restricting access to Episerver Commerce Markets for specific users

Tags: EPiServer Commerce Apr 13, 2017

Markets is a feature in Episerver Commerce that allows the catalog and items like pricing to be segmented. However when using Episerver Commerce it's not possible to lock catalogue editors down to particular markets meaning all editors can access/edit catalogue entries and prices for all markets. In scenarios where we may only wish user to see particular markets and edit prices for those markets this may be an issue.

This post describes a method that allows users to only edit product data and pricing for markets they have been given access to.

This in achieved by replacing the IMarketService and IPriceDetail service implementations with custom implementations. The code uses groups to assign whether a user has access to a market or not with group conventiuon of "MarketAccess_"but you can choose any implementation you wish.

The overall effect of this is that users will only be presented with the markets they have access to and also to prevent users from other markets editing their catalogue. In this example the user has only been granted access to the UK so can only access the UK market:

In the example code this is configured using groups in admin mode:

This also has the effect when editing pricing:

Implementation

First up register the custom implementations:

Then implement the custom IMarketService and IPriceDetail implementations:

See my gist for the full code of this implementation which includes the source of the helper class.

Disclaimer

This was put together as a quick proof of concept on the latest version of the Episerver Commerce Reference architecture (Quicksilver). It may not suit your exact needs and may require further refining for your specific needs.

Conclusion

This is just a quick example of how its possible to fine tune the way Episerver Commerce works using very little code. If you have any feedback, issues or ideas please let me know in the comments below or on @davidknipe.

comments powered by Disqus