We want to allow certain users access to edit pages in their departments. We don't want them to see the rest of the site when they are in the CMS admin area. We also want to limit them to see only the images and documents for their department.
Is there a way to do this, either via the UI or with code?
Did you tried to use Admin mode -> Set Access Rights -> Set Access Rights for "..." ?
Should it hide it? So far I have access to the whole tree when I try it this way. Is that what is supposed to happen?
That does not hide it, since they propably have access to view the pages in a public mode.I do not think there is a easy way to do this (it is easy to set access but not to hide the pages in the tree).Maybe you could extend on the event that does the listning of the pages in the tree and set the node to hidden if there are no access.But then, how would they be able to get to the pages if there are pages above in the tree that they should not be able to see?
The following article explains how to do it (it is for EPiServer 6 but it should work with never versions as well). In summary, you have to use "Everyone" and "Anonymous" groups to restrict access rights. I have used this method couple of years ago for restricting access to file manager in EPiServer 6 R2 and it worked.