AI OnAI Off
One of easy ways to implement that is to secure localtions where functionality is placed (using <location> element in web.config). Let's say for categories: http://server/{uiUrl}/CMS/Admin/Categories.aspx. Permissions won't be applied to side menu items though - so even if you don't have access to that location it still will be rendered in menu.
Thanks for a good solution! Didn't expected that it could be so quick and easy :)
"WebAdmins" group has access to everything in Admin "view".
But a customer prefer to have more restricted "XWebAdmins" group.
For example, he wants to create "CategoriesWebAdmins" which has access only to "Edit Categories" in Admin mode.
Is it possible? May be someone have similar expirience with overriding default access checking functionality in EpiServer?