raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-01-24 20:36:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

When we load up incomplete orders, make sure that they have a user associated if the user is logged in

Browse Source 
Also associate customer ONLY if one already exists. This is required to prevent unauthorised access to customer-only shopfronts.
This commit is contained in:
Rob Harrington
2016-04-21 14:42:34 +10:00
parent 302bdfd628
commit 48d4c8733d
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/controllers/enterprises_controller.rb
View File

@@ -47,6 +47,11 @@ class EnterprisesController < BaseController
order.distributor = distributor
if user = try_spree_current_user
order.associate_user!(user) if (order.user.blank? || order.email.blank?)
order.send(:associate_customer) if order.customer.nil? # Only associates existing customers
end
order_cycle_options = OrderCycle.active.with_distributor(distributor)
order.order_cycle = order_cycle_options.first if order_cycle_options.count == 1
order.save!