Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

not able to add the product in the cart #59

Open
ghost opened this issue Nov 1, 2019 · 4 comments
Open

not able to add the product in the cart #59

ghost opened this issue Nov 1, 2019 · 4 comments

Comments

@ghost
Copy link

ghost commented Nov 1, 2019

When I am adding a product into cart without login then getting 403 forbidden error.

@storhet
Copy link

storhet commented Nov 22, 2019

/lib/spree/permissions.rb at line#28 and line#32 there's a call to a guest_token which was completely renamed to a token since spree 3.7

It's fixed in this PR #57

And also a default permission set should include read variant permission

@ghost
Copy link
Author

ghost commented Nov 23, 2019

Still the issue did not resolved.

I am also wanted to know that when I am adding a product in cart which permission should be enable. current_ability.can :update, Spree::Order.

@storhet
Copy link

storhet commented Nov 23, 2019

For example if you check the add_item action in the latest stable version of the spree https://github.com/spree/spree/blob/4-0-stable/api/app/controllers/spree/api/v2/storefront/cart_controller.rb#L24
you will find the spree_authorize! calls inside with these options

spree_authorize! :update, spree_current_order, order_token
spree_authorize! :show, variant

I hope it helps :)

@shkhalid
Copy link

I am getting the same problem.
It's working when i allow Can Manage Orders but then guest can mange orders in dashboard without login.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants