From 9305e0c4b41d7adc064bbf62b6d08226a460f6a8 Mon Sep 17 00:00:00 2001
From: Aung Myo <aungmyo.zaw@code2lab.com>
Date: Thu, 29 Jun 2017 15:39:46 +0630
Subject: [PATCH] update authorize void and edit in cashier

---
 app/controllers/base_origami_controller.rb      |  2 +-
 app/controllers/origami/sale_edit_controller.rb |  2 +-
 app/controllers/origami/void_controller.rb      |  2 +-
 app/models/ability.rb                           |  8 ++++++++
 app/views/layouts/origami.html.erb              | 14 +++++++-------
 5 files changed, 18 insertions(+), 10 deletions(-)

diff --git a/app/controllers/base_origami_controller.rb b/app/controllers/base_origami_controller.rb
index be4b4055..126b20b0 100644
--- a/app/controllers/base_origami_controller.rb
+++ b/app/controllers/base_origami_controller.rb
@@ -7,7 +7,7 @@ class BaseOrigamiController < ActionController::Base
 
   rescue_from CanCan::AccessDenied do |exception|
     flash[:warning] = exception.message
-    redirect_to root_path
+    redirect_to origami_root_path
   end
 
   def current_user
diff --git a/app/controllers/origami/sale_edit_controller.rb b/app/controllers/origami/sale_edit_controller.rb
index 70a5a380..fc8c3167 100644
--- a/app/controllers/origami/sale_edit_controller.rb
+++ b/app/controllers/origami/sale_edit_controller.rb
@@ -1,5 +1,5 @@
 class Origami::SaleEditController < BaseOrigamiController
-
+  authorize_resource :class => false
    # Index for sale item void OR edit
    def edit
      sale_id = params[:sale_id]
diff --git a/app/controllers/origami/void_controller.rb b/app/controllers/origami/void_controller.rb
index 3515b010..b8972cf2 100644
--- a/app/controllers/origami/void_controller.rb
+++ b/app/controllers/origami/void_controller.rb
@@ -1,5 +1,5 @@
 class Origami::VoidController < BaseOrigamiController
-
+   authorize_resource :class => false
   def overall_void
 
     sale_id = params[:sale_id]
diff --git a/app/models/ability.rb b/app/models/ability.rb
index 87371392..90ff2f52 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -54,6 +54,14 @@ class Ability
 
         can :move_dining, :moveroom
 
+        can :edit, :sale_edit
+        can :item_void, :sale_edit
+        can :item_void_cancel, :sale_edit
+        can :cancel_all_void, :sale_edit
+        can :apply_void, :sale_edit
+
+        can :overall_void, :void
+
     elsif user.role == "cashier"
 
         can :read, Order
diff --git a/app/views/layouts/origami.html.erb b/app/views/layouts/origami.html.erb
index 1f519d2b..d6bbf436 100644
--- a/app/views/layouts/origami.html.erb
+++ b/app/views/layouts/origami.html.erb
@@ -19,14 +19,14 @@
     <%= render 'layouts/header_orgiami' %>
     <div class="container-fluid">
       <% flash.each do |type, message| %>
-						    <% if !flash["errors"]%>
-                <div class="alert fade in">
-                <button class="close" aria-hidden="true" data-dismiss="alert" type="button">×</button>
-                  <%=message%>
-                 </div>
-                <% end %>
+        <% if !flash["errors"]%>
+          <div class="alert fade in">
+            <button class="close" aria-hidden="true" data-dismiss="alert" type="button">×</button>
+            <%=message%>
+          </div>
+        <% end %>
 
-			<% end %>
+      <% end %>
       <%= yield %>
 
     </div>