diff --git a/app/controllers/settings/commissioners_controller.rb b/app/controllers/settings/commissioners_controller.rb
index d4d1fa53..b518ca8f 100755
--- a/app/controllers/settings/commissioners_controller.rb
+++ b/app/controllers/settings/commissioners_controller.rb
@@ -1,4 +1,5 @@
class Settings::CommissionersController < ApplicationController
+ load_and_authorize_resource except: [:create]
before_action :set_commissioner, only: [:show, :edit, :update, :destroy]
# GET /commissioners
diff --git a/app/controllers/settings/commissions_controller.rb b/app/controllers/settings/commissions_controller.rb
index deaf566a..3973e623 100755
--- a/app/controllers/settings/commissions_controller.rb
+++ b/app/controllers/settings/commissions_controller.rb
@@ -1,4 +1,5 @@
class Settings::CommissionsController < ApplicationController
+ load_and_authorize_resource except: [:create]
before_action :set_commission, only: [:show, :edit, :update, :destroy]
# GET /commissions
diff --git a/app/controllers/settings/products_controller.rb b/app/controllers/settings/products_controller.rb
index 0c2fa15d..16b0da7a 100755
--- a/app/controllers/settings/products_controller.rb
+++ b/app/controllers/settings/products_controller.rb
@@ -1,4 +1,5 @@
class Settings::ProductsController < ApplicationController
+load_and_authorize_resource except: [:create]
before_action :set_settings_product, only: [:show, :edit, :update, :destroy]
# GET /settings/products
diff --git a/app/controllers/settings/promotions_controller.rb b/app/controllers/settings/promotions_controller.rb
index 8acc7764..708da778 100755
--- a/app/controllers/settings/promotions_controller.rb
+++ b/app/controllers/settings/promotions_controller.rb
@@ -1,4 +1,5 @@
class Settings::PromotionsController < ApplicationController
+ load_and_authorize_resource except: [:create]
before_action :set_promotion, only: [:show, :edit, :update, :destroy]
# GET /promotions
diff --git a/app/controllers/transactions/credit_notes_controller.rb b/app/controllers/transactions/credit_notes_controller.rb
index b1a16c78..339998f5 100755
--- a/app/controllers/transactions/credit_notes_controller.rb
+++ b/app/controllers/transactions/credit_notes_controller.rb
@@ -1,4 +1,5 @@
class Transactions::CreditNotesController < ApplicationController
+
before_action :set_transactions_sale, only: [:show, :edit, :update, :destroy]
# GET /transactions/sales
diff --git a/app/models/ability.rb b/app/models/ability.rb
index 768e8c4b..13712f3e 100755
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -25,9 +25,15 @@ class Ability
can :manage, TaxProfile
can :manage, PrintSetting
can :manage, Account
+ can :manage, Commission
+ can :manage, Commissioner
+ can :manage, Promotion
+ can :manage, Product
+
can :manage, Order
can :manage, Sale
+
can :manage, Customer
can :manage, DiningQueue
diff --git a/app/views/layouts/_left_sidebar.html.erb b/app/views/layouts/_left_sidebar.html.erb
index da084d32..a0006ce5 100755
--- a/app/views/layouts/_left_sidebar.html.erb
+++ b/app/views/layouts/_left_sidebar.html.erb
@@ -73,15 +73,21 @@
<%= t :transactions %>
@@ -117,86 +123,108 @@
+ <% if can? :menage, Zone %>
donut_large
<%= t :dinings %>
-
-
- donut_large
- <%= t :menu %>
-
-
+ <% end %>
+ <% if can? :menage, Menu %>
+
+
+ donut_large
+ <%= t :menu %>
+
+
+ <% end %>
+ <% if can? :menage, OrderQueueStation %>
donut_large
<%= t :oqs %>
-
-
-
- donut_large
- <%= t :staff %>
-
-
+
+ <% end %>
+ <% if can? :menage, Employee %>
+
+
+ donut_large
+ <%= t :staff %>
+
+
+ <% end %>
+ <% if can? :menage, CashierTerminal %>
donut_large
<%= (t :cashier) + " " + (t :terminal) %>
+ <% end %>
+ <% if can? :menage, PrintSetting %>
donut_large
<%= t :printer %>
-
-
-
-
-
- donut_large
- <%= t :tax_profile %>
-
-
-
-
- donut_large
- <%= t :payment_methods %>
-
-
+
+ <% end %>
+ <% if can? :menage, TaxProfile %>
+
+
+ donut_large
+ <%= t :tax_profile %>
+
+
+ <% end %>
+ <% if can? :menage, PaymentMethodSetting %>
+
+
+ donut_large
+ <%= t :payment_methods %>
+
+
+ <% end %>
-
-
- donut_large
- <%= t :products %>
-
-
-
-
- donut_large
- <%= t :promotions %>
-
-
-
-
- donut_large
- <%= t :commissions %>
-
-
-
-
- donut_large
- <%= t :commissioners %>
-
-
+ <% if can? :menage, Product %>
+
+
+ donut_large
+ <%= t :products %>
+
+
+ <% end %>
+ <% if can? :menage, Promotion %>
+
+
+ donut_large
+ <%= t :promotions %>
+
+
+ <% end %>
+ <% if can? :menage, Commission %>
+
+
+ donut_large
+ <%= t :commissions %>
+
+
+ <% end %>
+ <% if can? :menage, Commissioner %>
+
+
+ donut_large
+ <%= t :commissioners %>
+
+
+ <% end %>