From ad1d3b3a6d7a7a2fd05eda50f0a61d0612ea49cd Mon Sep 17 00:00:00 2001 From: Alex Mirkhaydarov Date: Mon, 29 Feb 2016 01:02:49 +0000 Subject: [PATCH 1/5] authorised supplier for product management --- .../admin/products_controller_decorator.rb | 2 ++ .../spree/base_controller_decorator.rb | 23 +++++++++++++++---- 2 files changed, 20 insertions(+), 5 deletions(-) diff --git a/app/controllers/spree/admin/products_controller_decorator.rb b/app/controllers/spree/admin/products_controller_decorator.rb index 3e2fe08..2fba31f 100644 --- a/app/controllers/spree/admin/products_controller_decorator.rb +++ b/app/controllers/spree/admin/products_controller_decorator.rb @@ -1,5 +1,7 @@ Spree::Admin::ProductsController.class_eval do + belongs_to :supplier + before_filter :get_suppliers, only: [:edit, :update] before_filter :supplier_collection, only: [:index] diff --git a/app/controllers/spree/base_controller_decorator.rb b/app/controllers/spree/base_controller_decorator.rb index e64914f..377ff6a 100644 --- a/app/controllers/spree/base_controller_decorator.rb +++ b/app/controllers/spree/base_controller_decorator.rb @@ -1,13 +1,26 @@ Spree::BaseController.class_eval do - prepend_before_filter :redirect_supplier + # prepend_before_filter :redirect_supplier - private + before_action :authorize_supplier - def redirect_supplier - if ['/admin', '/admin/authorization_failure'].include?(request.path) && try_spree_current_user.try(:supplier) - redirect_to '/admin/shipments' and return false + # private + + # def redirect_supplier + # if ['/admin', '/admin/authorization_failure'].include?(request.path) && try_spree_current_user.try(:supplier) + # redirect_to '/admin/shipments' and return false + # end + # end + protected + + def authorize_supplier + if respond_to?(:model_class, true) && model_class + record = model_class + else + record = controller_name.to_sym end + authorize! :supplier, record + authorize! action, record end end From 0afaf049973ff6ef5404b01bee2e9661b703aee7 Mon Sep 17 00:00:00 2001 From: Alex Mirkhaydarov Date: Mon, 29 Feb 2016 01:27:03 +0000 Subject: [PATCH 2/5] added manage and create for supplier ability --- app/models/spree/supplier_ability.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/models/spree/supplier_ability.rb b/app/models/spree/supplier_ability.rb index 9cf4ca0..3d9a75a 100644 --- a/app/models/spree/supplier_ability.rb +++ b/app/models/spree/supplier_ability.rb @@ -12,7 +12,7 @@ def initialize(user) can [:admin, :read, :stock], Spree::Product do |product| product.supplier_ids.include?(user.supplier_id) end - can [:admin, :index], Spree::Product + can [:admin, :index, :manage, :create], Spree::Product can [:admin, :manage, :read, :ready, :ship], Spree::Shipment, order: { state: 'complete' }, stock_location: { supplier_id: user.supplier_id } can [:admin, :create, :update], :stock_items can [:admin, :manage], Spree::StockItem, stock_location_id: user.supplier.stock_locations.pluck(:id) From 374913846fd475e8ad8201fe428f57412f8735c2 Mon Sep 17 00:00:00 2001 From: Alex Mirkhaydarov Date: Mon, 21 Mar 2016 01:35:00 +0000 Subject: [PATCH 3/5] Update base_controller_decorator.rb --- app/controllers/spree/base_controller_decorator.rb | 9 --------- 1 file changed, 9 deletions(-) diff --git a/app/controllers/spree/base_controller_decorator.rb b/app/controllers/spree/base_controller_decorator.rb index 377ff6a..29c88bd 100644 --- a/app/controllers/spree/base_controller_decorator.rb +++ b/app/controllers/spree/base_controller_decorator.rb @@ -1,16 +1,7 @@ Spree::BaseController.class_eval do - # prepend_before_filter :redirect_supplier - before_action :authorize_supplier - # private - - # def redirect_supplier - # if ['/admin', '/admin/authorization_failure'].include?(request.path) && try_spree_current_user.try(:supplier) - # redirect_to '/admin/shipments' and return false - # end - # end protected def authorize_supplier From 51c239b21c535b300495ddd2e466f06d7dd61897 Mon Sep 17 00:00:00 2001 From: Alex Mirkhaydarov Date: Mon, 21 Mar 2016 01:39:00 +0000 Subject: [PATCH 4/5] Update base_controller_decorator.rb --- app/controllers/spree/base_controller_decorator.rb | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/app/controllers/spree/base_controller_decorator.rb b/app/controllers/spree/base_controller_decorator.rb index 29c88bd..daac5e6 100644 --- a/app/controllers/spree/base_controller_decorator.rb +++ b/app/controllers/spree/base_controller_decorator.rb @@ -1,9 +1,10 @@ Spree::BaseController.class_eval do + prepend_before_filter :redirect_supplier before_action :authorize_supplier - - protected - + + private + def authorize_supplier if respond_to?(:model_class, true) && model_class record = model_class @@ -14,4 +15,9 @@ def authorize_supplier authorize! action, record end + def redirect_supplier + if ['/admin', '/admin/authorization_failure'].include?(request.path) && try_spree_current_user.try(:supplier) + redirect_to '/admin/shipments' and return false + end + end end From 596d8e150de1f57d25e084982bea4977cd5e0970 Mon Sep 17 00:00:00 2001 From: Alex Mirkhaydarov Date: Mon, 21 Mar 2016 01:42:33 +0000 Subject: [PATCH 5/5] Update base_controller_decorator.rb --- app/controllers/spree/base_controller_decorator.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/app/controllers/spree/base_controller_decorator.rb b/app/controllers/spree/base_controller_decorator.rb index daac5e6..14b801c 100644 --- a/app/controllers/spree/base_controller_decorator.rb +++ b/app/controllers/spree/base_controller_decorator.rb @@ -1,5 +1,5 @@ Spree::BaseController.class_eval do - + prepend_before_filter :redirect_supplier before_action :authorize_supplier @@ -14,10 +14,10 @@ def authorize_supplier authorize! :supplier, record authorize! action, record end - + def redirect_supplier if ['/admin', '/admin/authorization_failure'].include?(request.path) && try_spree_current_user.try(:supplier) redirect_to '/admin/shipments' and return false end end -end + end