rooty/fab-manager
1
0
Fork 0
mirror of https://github.com/LaCasemate/fab-manager.git synced 2025-01-30 19:52:20 +01:00
Code Issues Releases Activity

fix access to /admin/invoices for managers

Browse Source
This commit is contained in:
Sylvain 2020-06-15 16:56:43 +02:00
parent be9ee9d25d
commit b790bc01e7
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/policies/payment_policy.rb
View File

@ -3,6 +3,6 @@
# Check the access policies for API::PaymentsController # Check the access policies for API::PaymentsController
class PaymentPolicy < ApplicationPolicy class PaymentPolicy < ApplicationPolicy
def online_payment_status? def online_payment_status?
user.admin? user.admin? || user.manager?
end end
end end

2
app/policies/setting_policy.rb
View File

@ -24,7 +24,7 @@ class SettingPolicy < ApplicationPolicy
end end
def test_present? def test_present?
user&.admin? || SettingPolicy.public_whitelist.push('openlab_app_secret').include?(record.name) user&.admin? || SettingPolicy.public_whitelist.concat(%w[openlab_app_secret stripe_secret_key]).include?(record.name)
end end
## ##