Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Set access rights to Episerver Commerce Markets for specific users
using Mediachase.Commerce;
namespace EPiServer.Reference.Commerce.Site.Features.MarketSecurity
{
public interface IMarketAccessRightsHelper
{
bool IsFilteredMarketsRequest();
bool UserHasAccessToMarket(IMarket market);
}
}
using System.Collections.Generic;
using System.Web;
using EPiServer.ServiceLocation;
using Mediachase.Commerce;
namespace EPiServer.Reference.Commerce.Site.Features.MarketSecurity
{
[ServiceConfiguration(typeof(IMarketAccessRightsHelper), Lifecycle = ServiceInstanceScope.Singleton)]
public class MarketAccessRightsHelper : IMarketAccessRightsHelper
{
private readonly IList<string> _epiUiUrls;
public MarketAccessRightsHelper()
{
// Configure Episerver UI url segments
_epiUiUrls = new List<string>
{
"Episerver.Commerce.Shell/".ToLower(),
"CMS/".ToLower(),
"Shell/".ToLower()
};
}
public virtual bool IsFilteredMarketsRequest()
{
if (HttpContext.Current.Request.Url.Segments.Length > 2)
{
var uiUrlSegment = HttpContext.Current.Request.Url.Segments[2].ToLower();
return _epiUiUrls.Contains(uiUrlSegment);
}
return false;
}
public virtual bool UserHasAccessToMarket(IMarket market) => HttpContext.Current.User.IsInRole("MarketAccess_" + market.MarketName);
}
}
using System.Collections.Generic;
using System.Linq;
using EPiServer.Framework.Cache;
using Mediachase.Commerce;
using Mediachase.Commerce.Markets.Database;
namespace EPiServer.Reference.Commerce.Site.Features.MarketSecurity
{
public class MarketAccessRightsMarketService : MarketServiceCache
{
private readonly IMarketAccessRightsHelper _marketAccessRightsHelper;
public MarketAccessRightsMarketService(ISynchronizedObjectInstanceCache cache, IMarketAccessRightsHelper marketAccessRightsHelper) : base(cache)
{
_marketAccessRightsHelper = marketAccessRightsHelper;
}
public override IEnumerable<IMarket> GetAllMarkets()
{
if (_marketAccessRightsHelper.IsFilteredMarketsRequest())
{
var allMarkets = base.GetAllMarkets();
return allMarkets.Where(market => _marketAccessRightsHelper.UserHasAccessToMarket(market)).ToList();
}
return base.GetAllMarkets();
}
}
}
using System.Collections.Generic;
using System.Linq;
using EPiServer.Core;
using Mediachase.Commerce;
using Mediachase.Commerce.Catalog;
using Mediachase.Commerce.Markets;
using Mediachase.Commerce.Pricing;
using Mediachase.Commerce.Pricing.Database;
namespace EPiServer.Reference.Commerce.Site.Features.MarketSecurity
{
public class MarketAccessRightsPriceDetailDatabase : PriceDetailDatabase, IPriceDetailService
{
private readonly IMarketAccessRightsHelper _marketAccessRightsHelper;
private readonly IMarketService _marketService;
public MarketAccessRightsPriceDetailDatabase(ReferenceConverter referenceConverter, IMarketAccessRightsHelper marketAccessRightsHelper, IMarketService marketService) : base(referenceConverter)
{
_marketAccessRightsHelper = marketAccessRightsHelper;
_marketService = marketService;
}
public new IList<IPriceDetailValue> List(ContentReference catalogContentReference, MarketId marketId,
PriceFilter priceFilter, int offset, int count, out int totalCount)
{
// If the market Id is blank (i.e "All") then filter the
// prices by the markets that the user has access to
if (_marketAccessRightsHelper.IsFilteredMarketsRequest() && marketId.Value == string.Empty)
{
var allowedMarkets = _marketService.GetAllMarkets().Select(m => m.MarketId);
var allPrices = base.List(catalogContentReference, marketId, priceFilter, offset, count, out totalCount);
return allPrices.Where(price => allowedMarkets.Contains(price.MarketId)).ToList();
}
return base.List(catalogContentReference, marketId, priceFilter, offset, count, out totalCount);
}
}
}
using EPiServer.Framework;
using EPiServer.Framework.Initialization;
using EPiServer.ServiceLocation;
using Mediachase.Commerce.Markets;
using Mediachase.Commerce.Pricing;
namespace EPiServer.Reference.Commerce.Site.Features.MarketSecurity
{
[ModuleDependency(typeof(EPiServer.Commerce.Initialization.InitializationModule))]
public class RegisterMarketSecurityImpl : IConfigurableModule
{
public void ConfigureContainer(ServiceConfigurationContext context)
{
// Ovveride the default implementations, could use an interceptor here too
context.Container.Configure(x => { x.For<IMarketService>().Use<MarketAccessRightsMarketService>(); });
context.Container.Configure(x => { x.For<IPriceDetailService>().Use<MarketAccessRightsPriceDetailDatabase>(); });
}
public void Initialize(InitializationEngine context) { }
public void Uninitialize(InitializationEngine context) { }
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.