Merge pull request #14 from sascha-karnatz/prevent-updating-base-roles

Prevent updating base roles

Author: tvdeyen

app/decorators/models/solidus_user_roles/spree/role_decorator.rb

@@ -3,13 +3,15 @@
 module SolidusUserRoles
   module Spree
     module RoleDecorator
+      BASE_ROLES = ["admin", "user"]
+
       def self.prepended(base)
         base.has_many :role_permissions, dependent: :destroy
         base.has_many :permission_sets, through: :role_permissions
 
-        base.scope :non_base_roles, -> { where.not(name: ["admin", "user"]) }
+        base.scope :non_base_roles, -> { where.not(name: BASE_ROLES) }
         base.validates_uniqueness_of :name, case_sensitive: false
-        base.after_save :assign_permissions
+        base.after_save :assign_permissions, if: -> { BASE_ROLES.none?(name) }
       end
 
       def permission_sets_constantized

spec/models/spree/role_spec.rb

@@ -29,6 +29,15 @@
 
       expect { role.save }.to change { Spree::Config.roles.roles[role.name].permission_sets.count }.from(1).to(0)
     end
+
+    it "should not update base roles" do
+      role.name = "admin"
+      role.save
+
+      role.permission_sets = []
+
+      expect { role.save }.to_not change { Spree::Config.roles.roles[role.name].permission_sets.count }
+    end
   end
 
   describe "#destroy" do