Merge pull request solidusio#3701 from filippoliverani/filippoliverani/remove_cancancan_customizations_cont

Remove CanCanCan custom actions aliases (cont.)

Author: aldesantis

api/app/controllers/spree/api/addresses_controller.rb

@@ -6,7 +6,7 @@ class AddressesController < Spree::Api::BaseController
       before_action :find_order
 
       def show
-        authorize! :read, @order, order_token
+        authorize! :show, @order, order_token
         find_address
         respond_with(@address)
       end

api/app/controllers/spree/api/base_controller.rb

@@ -135,13 +135,13 @@ def find_product(id)
 
       def product_scope
         if can?(:admin, Spree::Product)
-          scope = Spree::Product.with_discarded.accessible_by(current_ability, :read).includes(*product_includes)
+          scope = Spree::Product.with_discarded.accessible_by(current_ability).includes(*product_includes)
 
           unless params[:show_deleted]
             scope = scope.not_deleted
           end
         else
-          scope = Spree::Product.accessible_by(current_ability, :read).available.includes(*product_includes)
+          scope = Spree::Product.accessible_by(current_ability).available.includes(*product_includes)
         end
 
         scope
@@ -161,7 +161,7 @@ def order_id
 
       def authorize_for_order
         @order = Spree::Order.find_by(number: order_id)
-        authorize! :read, @order, order_token
+        authorize! :show, @order, order_token
       end
 
       def lock_order

api/app/controllers/spree/api/countries_controller.rb

@@ -7,7 +7,7 @@ class CountriesController < Spree::Api::BaseController
 
       def index
         @countries = Spree::Country.
-          accessible_by(current_ability, :read).
+          accessible_by(current_ability).
           ransack(params[:q]).
           result.
           order('name ASC')
@@ -21,7 +21,7 @@ def index
       end
 
       def show
-        @country = Spree::Country.accessible_by(current_ability, :read).find(params[:id])
+        @country = Spree::Country.accessible_by(current_ability, :show).find(params[:id])
         respond_with(@country)
       end
     end

api/app/controllers/spree/api/credit_cards_controller.rb

@@ -9,7 +9,7 @@ class CreditCardsController < Spree::Api::BaseController
       def index
         @credit_cards = user
           .credit_cards
-          .accessible_by(current_ability, :read)
+          .accessible_by(current_ability)
           .with_payment_profile
           .ransack(params[:q]).result
 
@@ -29,7 +29,7 @@ def update
 
       def user
         if params[:user_id].present?
-          @user ||= Spree.user_class.accessible_by(current_ability, :read).find(params[:user_id])
+          @user ||= Spree.user_class.accessible_by(current_ability, :show).find(params[:user_id])
         end
       end
 

api/app/controllers/spree/api/customer_returns_controller.rb

@@ -23,7 +23,7 @@ def index
 
         @customer_returns = @order.
           customer_returns.
-          accessible_by(current_ability, :read).
+          accessible_by(current_ability).
           ransack(params[:q]).
           result
 
@@ -38,7 +38,7 @@ def new
 
       def show
         authorize! :show, CustomerReturn
-        @customer_return = @order.customer_returns.accessible_by(current_ability, :read).find(params[:id])
+        @customer_return = @order.customer_returns.accessible_by(current_ability, :show).find(params[:id])
         respond_with(@customer_return)
       end
 
@@ -56,7 +56,7 @@ def update
 
       def load_order
         @order ||= Spree::Order.find_by!(number: order_id)
-        authorize! :read, @order
+        authorize! :show, @order
       end
 
       def customer_return_params

api/app/controllers/spree/api/images_controller.rb

@@ -4,12 +4,12 @@ module Spree
   module Api
     class ImagesController < Spree::Api::BaseController
       def index
-        @images = scope.images.accessible_by(current_ability, :read)
+        @images = scope.images.accessible_by(current_ability)
         respond_with(@images)
       end
 
       def show
-        @image = scope.images.accessible_by(current_ability, :read).find(params[:id])
+        @image = scope.images.accessible_by(current_ability, :show).find(params[:id])
         respond_with(@image)
       end
 

api/app/controllers/spree/api/inventory_units_controller.rb

@@ -26,7 +26,7 @@ def update
       private
 
       def inventory_unit
-        @inventory_unit ||= Spree::InventoryUnit.accessible_by(current_ability, :read).find(params[:id])
+        @inventory_unit ||= Spree::InventoryUnit.accessible_by(current_ability, :show).find(params[:id])
       end
 
       def prepare_event

api/app/controllers/spree/api/option_types_controller.rb

@@ -5,15 +5,15 @@ module Api
     class OptionTypesController < Spree::Api::BaseController
       def index
         if params[:ids]
-          @option_types = Spree::OptionType.includes(:option_values).accessible_by(current_ability, :read).where(id: params[:ids].split(','))
+          @option_types = Spree::OptionType.includes(:option_values).accessible_by(current_ability).where(id: params[:ids].split(','))
         else
-          @option_types = Spree::OptionType.includes(:option_values).accessible_by(current_ability, :read).load.ransack(params[:q]).result
+          @option_types = Spree::OptionType.includes(:option_values).accessible_by(current_ability).load.ransack(params[:q]).result
         end
         respond_with(@option_types)
       end
 
       def show
-        @option_type = Spree::OptionType.accessible_by(current_ability, :read).find(params[:id])
+        @option_type = Spree::OptionType.accessible_by(current_ability, :show).find(params[:id])
         respond_with(@option_type)
       end
 

api/app/controllers/spree/api/option_values_controller.rb

@@ -46,9 +46,9 @@ def destroy
 
       def scope
         if params[:option_type_id]
-          @scope ||= Spree::OptionType.find(params[:option_type_id]).option_values.accessible_by(current_ability, :read)
+          @scope ||= Spree::OptionType.find(params[:option_type_id]).option_values.accessible_by(current_ability)
         else
-          @scope ||= Spree::OptionValue.accessible_by(current_ability, :read).load
+          @scope ||= Spree::OptionValue.accessible_by(current_ability).load
         end
       end
 

api/app/controllers/spree/api/orders_controller.rb

@@ -53,7 +53,7 @@ def empty
       end
 
       def index
-        authorize! :index, Order
+        authorize! :admin, Order
         orders_includes = [
           { user: :store_credits },
           :line_items,