I see how I can add additional roles by calling ` Spree Abil solidus #support

I see how I can add additional roles by calling `_...

Eric Gross

06/05/2023, 6:58 PM

I see how I can add additional roles by calling

_Spree_::_Ability_.register_ability

with new abilities. In my case though I don't want to create more abilities, but I want to indicate that any user with

.has_role?(:admin)

should be considered an admin by the Soldius back end. I haven't figured out how to make that work, has anyone got it working? I'm using

pundit

in my app rather than

cancancan

Eric Gross

06/05/2023, 7:19 PM

One thing I tried was ensuring that there was an

admin

Spree::Role

returned by

spree_roles

, but that didn't seem to grant me access to

can?(:admin, _Spree_::_Order_)

for some reason 🤷

Chris Todorov

06/05/2023, 8:30 PM

You can create a new

Spree::Role

record, give it the

name

"admin"

, then in your initializer give it the order management permission set like this

Copy code

config.roles.assign_permissions :admin, %w[Spree::PermissionSets::OrderManagement]

Chris Todorov

06/05/2023, 8:30 PM

This should cover the abilities you need https://github.com/solidusio/solidus/blob/main/core/lib/spree/permission_sets/order_management.rb

Chris Todorov

06/05/2023, 8:31 PM

I think this is more or less whats described here https://guides.solidus.io/advanced-solidus/permission-management#custom-user-roles

Chris Todorov

06/05/2023, 8:32 PM

Though it sounds like

admin

should already exist from Solidus as a super admin role

Chris Todorov

06/05/2023, 8:33 PM

From here https://github.com/solidusio/solidus/blob/v3.0/core/lib/spree/app_configuration.rb#L509

Chris Todorov

06/05/2023, 8:34 PM

If that doesn’t work for you you might need to modify your app configuration and assign this to something else

Eric Gross

06/05/2023, 10:57 PM

i was able to get this working with

Copy code

class SolidusAbilities
  include CanCan::Ability

  def initialize user
    if user.has_role?(:admin)
      can :admin, :all
      can :show, :all
      can :index, :all
    end
  end
end

and

Copy code

Spree::Ability.register_ability(SolidusAbilities)

spree.rb

👍🏼 1

Eric Gross

06/05/2023, 11:00 PM

It took a whole day to remove the default, user model and replace it with one that I made myself or use the passwordless gem in order to avoid having any passwords. And I'm using the pundit gem because I think it's a cleaner implementation of roles. It's great I can do those things without hacks 👍

Chris Todorov

06/05/2023, 11:14 PM

Sounds like you’re swimming against the current here but happy to hear you got it working. I’ve heard good things about

pundit

though have no experience using it, let alone in the context of Solidus.

Chris Todorov

06/05/2023, 11:15 PM

I think for a super user you only need this though https://github.com/solidusio/solidus/blob/main/core/lib/spree/permission_sets/super_user.rb#LL7C25-L7C25

Chris Todorov

06/05/2023, 11:16 PM

:manage

should give you all the permissions, though maybe that’s different for

pundit

👍 1

Open in Slack

Previous Next