From 626e903ab9e05b2a897d71419c7cc0d2f2a6bc34 Mon Sep 17 00:00:00 2001
From: Gaetan Craig-Riou <gaetan.riou@gmail.com>
Date: Tue, 9 Jan 2024 14:44:12 +1100
Subject: [PATCH] Add ability for controller to use CanCan

---
 .../dfc_provider/application_controller.rb            | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/engines/dfc_provider/app/controllers/dfc_provider/application_controller.rb b/engines/dfc_provider/app/controllers/dfc_provider/application_controller.rb
index 3db7525d58..16a830d336 100644
--- a/engines/dfc_provider/app/controllers/dfc_provider/application_controller.rb
+++ b/engines/dfc_provider/app/controllers/dfc_provider/application_controller.rb
@@ -8,6 +8,7 @@ module DfcProvider
     protect_from_forgery with: :null_session
 
     rescue_from ActiveRecord::RecordNotFound, with: :not_found
+    rescue_from CanCan::AccessDenied, with: :unauthorized
 
     before_action :check_authorization
 
@@ -16,7 +17,7 @@ module DfcProvider
     private
 
     def check_authorization
-      head :unauthorized if current_user.nil?
+      unauthorized if current_user.nil?
     end
 
     def check_enterprise
@@ -50,5 +51,13 @@ module DfcProvider
     def not_found
       head :not_found
     end
+
+    def unauthorized
+      head :unauthorized
+    end
+
+    def current_ability
+      @current_ability ||= Spree::Ability.new(current_user)
+    end
   end
 end