raggedstaff/openfoodnetwork
1
0
Fork 0
mirror of https://github.com/openfoodfoundation/openfoodnetwork synced 2026-03-21 05:09:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove permission dupliation, fixes accessible_by errors when accessing admin backend

Browse Source
This commit is contained in:
Rohan Mitchell
2013-08-27 10:19:54 +10:00
parent 6a5d819fa6
commit 72136a59ae
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/models/spree/ability_decorator.rb
View File

@@ -23,7 +23,7 @@ class AbilityDecorator
# Enterprise User can only access orders that they are a distributor for
can [:index, :create], Spree::Order
can [:admin, :index, :read, :create, :update, :fire, :resend], Spree::Order do |order|
can [:admin, :read, :update, :fire, :resend], Spree::Order do |order|
# We allow editing orders with a nil distributor as this state occurs
# during the order creation process from the admin backend
order.distributor.nil? || user.enterprises.include?(order.distributor)