diff --git a/app/models/spree/ability_decorator.rb b/app/models/spree/ability_decorator.rb
index 3a0466f1cc..6371d26aff 100644
--- a/app/models/spree/ability_decorator.rb
+++ b/app/models/spree/ability_decorator.rb
@@ -65,9 +65,10 @@ class AbilityDecorator
   def add_product_management_abilities(user)
     # Enterprise User can only access products that they are a supplier for
     can [:create], Spree::Product
-    can [:admin, :read, :update, :product_distributions, :bulk_edit, :bulk_update, :clone, :destroy], Spree::Product do |product|
+    can [:admin, :read, :update, :product_distributions, :bulk_edit, :bulk_update, :override_variants, :clone, :destroy], Spree::Product do |product|
       OpenFoodNetwork::Permissions.new(user).managed_product_enterprises.include? product.supplier
     end
+    can :override_variants, nil
 
     can [:create], Spree::Variant
     can [:admin, :index, :read, :edit, :update, :search, :destroy], Spree::Variant do |variant|
diff --git a/spec/models/spree/ability_spec.rb b/spec/models/spree/ability_spec.rb
index 4a8f34a1d9..1662ab7942 100644
--- a/spec/models/spree/ability_spec.rb
+++ b/spec/models/spree/ability_spec.rb
@@ -140,21 +140,25 @@ module Spree
         let(:order) {create(:order)}
 
         it "should be able to read/write their enterprises' products and variants" do
-          should have_ability([:admin, :read, :update, :product_distributions, :bulk_edit, :bulk_update, :clone, :destroy], for: p1)
+          should have_ability([:admin, :read, :update, :product_distributions, :bulk_edit, :bulk_update, :override_variants, :clone, :destroy], for: p1)
           should have_ability([:admin, :index, :read, :edit, :update, :search, :destroy], for: p1.master)
         end
 
         it "should be able to read/write related enterprises' products and variants with manage_products permission" do
           er_p
-          should have_ability([:admin, :read, :update, :product_distributions, :bulk_edit, :bulk_update, :clone, :destroy], for: p_related)
+          should have_ability([:admin, :read, :update, :product_distributions, :bulk_edit, :bulk_update, :override_variants, :clone, :destroy], for: p_related)
           should have_ability([:admin, :index, :read, :edit, :update, :search, :destroy], for: p_related.master)
         end
 
         it "should not be able to read/write other enterprises' products and variants" do
-          should_not have_ability([:admin, :read, :update, :product_distributions, :bulk_edit, :bulk_update, :clone, :destroy], for: p2)
+          should_not have_ability([:admin, :read, :update, :product_distributions, :bulk_edit, :bulk_update, :override_variants, :clone, :destroy], for: p2)
           should_not have_ability([:admin, :index, :read, :edit, :update, :search, :destroy], for: p2.master)
         end
 
+        it "should be able to override_variants on nil (required for override_variants)" do
+          should have_ability :override_variants, for: nil
+        end
+
         it "should not be able to access admin actions on orders" do
           should_not have_ability([:admin], for: Spree::Order)
         end