Access control has been added to Catfish to allow Categories and Products to be restricted from view for specific Customers.
The Access Control system checks these against a Customers Role or Department.
Generally Customers viewing the site will have the same Role (registered) and therefore it make more sense to base this visibility on Department.
Creating a Department
Login to the Storefront as an Administrator.
Choose Catfish -> Other -> Departments
Click "Add new record" to add a new Department
Give the department a Name, Description, Cost Code, PL code. The most important thing here is Department Name.
Save your Department.
Assign Users to Departments
Expand the Department using the + on the left of the Department name.
From the list, tick each user you wish to assign to this Department, then click "Save Changes".
As default, a Storefront has access permissions switched off.
Choose Catfish -> Other -> Access Permissions -> Access Permissions Settings
Switch on AccessPermissionEnabled
The DefaultIsAllowed switch determines whether the site shows All categories when you are not in a department or None.
DefaultIsAllowed = True means that all categories show up if users are not in a Department
DefaultIsAllowed = False means that all categories are hidden until a user is assigned to a Department that can use them.
It is best practise to make sure that DefaultIsAllowed is set to false and that you specifically allow departments access to what you would like them to be allowed access to as this will prevent further access.
For example, if you had a department "Department A", you had the categories "Category A" and "Category B", and you only want customers in Department A to see products in Category A, you would take the following actions:
Set DefaultIsAllowed to False
Create a rule allowing Department A to access Category A (This will include the products within the category)
Since DefaultIsAllowed is set to False, the customers in Department A will only be able to see Category A and its products, so they will not have access to Category B
Deny Guest Accounts should always be ticked as true.
Setting Department Permissions
From the Admin menu, choose Catfish -> Other -> Access Permissions -> Access Permission Manager
The top of the page confirms your Storefronts Access Permission settings (detailed above)
Below this you can select the Role or Department you wish to assign a restriction / access to.
Once you select a department, a secondary menu appears. What area of the site do you wish to target. General site use would be covered from either Products or Categories
Select a target, and click Load.
This loads all possible options for the site.
Each option has a tick box to 'apply' access to. Once ticked you can the grant access to it or leave unticked to restrict access.
Save the mappings when complete.
Impersonate the user or use the Access Permission test in the same Catfish menu.