search

duncanmcclean / simple-commerce

A simple, yet powerful e-commerce addon for Statamic.
https://statamic.com/addons/duncanmcclean/simple-commerce
Other
143 stars 36 forks source link

Can't access orders/customers if not SuperAdmin when they are configured with Eloquent repository #937

Closed wautersj closed 9 months ago

wautersj commented 9 months ago

Description

Created a role for shop-keeper that should only need to see the cms views required to manage the shop.

But when testing the role, it seems the 2 'collections' we set up with a DDB Eloquent connection are not accessible. The other shop views are still visible. (Overview, Tax, Coupons, ...)

Maybe it has something to do with Runway?

Steps to reproduce

  1. Set up orders or customers to work wil Eloquent repo
  2. Create a role to show only shop related cms views
  3. login as a user assigned with the role and no super-admin
Screenshot 2023-11-17 at 01 14 16 Screenshot 2023-11-17 at 01 12 54 Screenshot 2023-11-17 at 01 19 56

Environment

Environment Application Name: DemoShop Laravel Version: 10.30.1 PHP Version: 8.1.14 Composer Version: 2.5.4 Environment: local Debug Mode: ENABLED URL: statamic-simple-commerce-start.valet Maintenance Mode: OFF

Cache Config: NOT CACHED Events: NOT CACHED Routes: NOT CACHED Views: CACHED

Drivers Broadcasting: log Cache: statamic Database: mysql Mail: smtp Queue: sync Session: file

Simple Commerce Currencies: EUR, EUR Gateways: Mollie Repository: Customer: DoubleThreeDigital\SimpleCommerce\Customers\EloquentCustomerRepository Repository: Order: DoubleThreeDigital\SimpleCommerce\Orders\EloquentOrderRepository Repository: Product: DoubleThreeDigital\SimpleCommerce\Products\EntryProductRepository Shipping Methods: Free Shipping Tax Engine: DoubleThreeDigital\SimpleCommerce\Tax\Standard\TaxEngine

Livewire Livewire: v3.1.0

Statamic Addons: 6 Antlers: regex Stache Watcher: Enabled Static Caching: Disabled Version: 4.34.0 PRO

Statamic Addons digiti/statamic-crow: 1.1.2 doublethreedigital/duplicator: 4.0.1 doublethreedigital/runway: 5.4.1 doublethreedigital/sc-digital-products: 5.0.6 doublethreedigital/simple-commerce: 5.6.1 statamic/seo-pro: 5.2.2

joeriwauters@Joeri-Wauters--Digiti statamic-simple-commerce-start %

duncanmcclean commented 9 months ago

Hey 👋

I don't have a test site with a database setup right now but I may know how to fix it. Can you try changing two lines in vendor/doublethreedigital/simple-commerce/src/ServiceProvider.php?

Change line 316 to ->can('view', $orderResource)

Change line 345 to ->can('view', $customerResource)

Let me know if that fixes the issue for you.

duncanmcclean commented 9 months ago

Also... you no longer need doublethreedigital/duplicator installed as that's part of Core now 😄

wautersj commented 9 months ago

@duncanmcclean let me check this as soon as I can, I will get back to you with the results! Today was quite a hectic day, and I didn't find the time.

wautersj commented 9 months ago

@duncanmcclean Confirmed! This indeed fixes the issue. Good thinking.

->can('view', $orderResource) ->can('view', $customerResource)

Looking forward to the release!

github-actions[bot] commented 9 months ago

Released as part of v5.6.2.