Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- def Address.has_access?(auth_account, site)
- account_id != auth_account.id && !auth_account.admin_at(site) && !auth_account.manager_at(site) && !auth_account.staff_at(site)
- end
- class AddressesController < ApplicationController
- # other code was here
- def delete
- @address=Address.find(params[:id])
- if @address && @address.has_access?(@auth_account, @site)
- flash[:error]="You dont have permission to access this page"
- redirect_to root_url
- end
- @address.destroy
- flash[:success]="Address deleted successfully"
- redirect_to params[:landing] unless params[:landing].blank?
- redirect_to index_checkout_url
- end
- end
Add Comment
Please, Sign In to add comment