module Spree::Admin::Orders::CustomerDetailsControllerDecorator

Public Class Methods

prepended(base) click to toggle source
# File lib/controllers/backend/spree/admin/orders/customer_details_controller_decorator.rb, line 3
def self.prepended(base)
  base.before_action :check_authorization
end

Private Instance Methods

check_authorization() click to toggle source
# File lib/controllers/backend/spree/admin/orders/customer_details_controller_decorator.rb, line 9
def check_authorization
  load_order
  session[:access_token] ||= params[:token]

  resource = @order
  action = params[:action].to_sym
  action = :edit if action == :show # show route renders :edit for this controller

  authorize! action, resource, session[:access_token]
end