Sorry , but I've exhausted my searching of the forums to find a suitable answer to this problem, but here goes:
1. Admin - Categories - Access Control
There is a way of restricting access to categories by customer role in v1.9, however, if you are not assigned to a customer role or browsing anonymously, you can see the restricted category. This is a bit of a pain, in an otherwise outstanding product!
2. Extensions.cs
Could anyone modify this bit of code found on line 97 of extensions.cs to block guests and all those NOT assigned to any customer role from seeing restricted categories?
public static bool IsAccessDenied(this Category category, NopObjectContext context)
{
if (category == null)
throw new ArgumentNullException("category");
bool result = false;
if (NopContext.Current.User != null)
{
//customer roles
var crQuery = from cr in NopContext.Current.User.CustomerRoles
orderby cr.CustomerRoleId
select cr.CustomerRoleId;
//ACL query
var query = from acl in context.ACLPerObject
where acl.ObjectId == category.CategoryId &&
acl.ObjectTypeId == (int)ObjectTypeEnum.Category &&
acl.Deny == true &&
//crQuery.Count > 0 &&
crQuery.Contains(acl.CustomerRoleId)
select acl.CustomerRoleId;
result = query.ToList().Count > 0;
}
return result;
}
Any help on this is greatly received as I am beginning to go mad ...
Thanks
Paul