From 3a75f6b86a3e916283e2ea418f4e3e0f8bb54327 Mon Sep 17 00:00:00 2001
From: David Cook <david@redcliffs.net>
Date: Thu, 22 Aug 2013 11:49:18 +1000
Subject: [PATCH] Enterprise user can access all OFN reports

---
 .../spree/admin/base_controller_decorator.rb       | 14 ++++++++++++++
 app/models/spree/ability_decorator.rb              |  4 +++-
 2 files changed, 17 insertions(+), 1 deletion(-)
 create mode 100644 app/controllers/spree/admin/base_controller_decorator.rb

diff --git a/app/controllers/spree/admin/base_controller_decorator.rb b/app/controllers/spree/admin/base_controller_decorator.rb
new file mode 100644
index 0000000000..8e876513fa
--- /dev/null
+++ b/app/controllers/spree/admin/base_controller_decorator.rb
@@ -0,0 +1,14 @@
+Spree::Admin::BaseController.class_eval do
+  # Override Spree method
+  # It's a shame Spree doesn't just let CanCan handle this in it's own way
+  def authorize_admin
+    if respond_to?(:model_class, true) && model_class
+      record = model_class
+    else
+      # this line changed to allow specificity for each non-resource controller (to be consistent with "authorize_resource :class => false", see https://github.com/ryanb/cancan/blob/60cf6a67ef59c0c9b63bc27ea0101125c4193ea6/lib/cancan/controller_resource.rb#L146)
+      record = self.class.to_s.sub("Controller", "").underscore.split('/').last.singularize.to_sym
+    end
+    authorize! :admin, record
+    authorize! action, record
+  end
+end
\ No newline at end of file
diff --git a/app/models/spree/ability_decorator.rb b/app/models/spree/ability_decorator.rb
index ccd4252897..9b2875ce43 100644
--- a/app/models/spree/ability_decorator.rb
+++ b/app/models/spree/ability_decorator.rb
@@ -17,7 +17,7 @@ class AbilityDecorator
       can [:admin, :index, :read, :search], Spree::Taxon
       can [:admin, :index, :read, :create, :edit], Spree::Classification
 
-      #User can only access orders that they are a distributor for
+      #Enterprise User can only access orders that they are a distributor for
       can [:index, :create], Spree::Order
       can [:admin, :read, :update, :fire, :resend ], Spree::Order do |order|
         user.enterprises.include? order.distributor
@@ -52,6 +52,8 @@ class AbilityDecorator
         user.enterprises.include? enterprise
       end
 
+      #Enterprise User can access reports page
+      can [:admin, :index, :orders_and_distributors, :group_buys, :bulk_coop, :payments, :order_cycles], :report
     end
   end
 end