Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Explicitly set read permissions for products and orders #32

Closed
wants to merge 1 commit into from

1 participant

John Tajima
John Tajima
Admin

I tried using the shopify_app gem today and found that by default, we only have read permissions for products, however the Home controller index action tries to grab both orders and products.

This caused a 403 error.

This PR sets the api permissions to be able to read both orders and products, so the basic experience doesn't cause an error.

@edward @jnormore can you pull and update gem?

John Tajima redronin closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Dec 14, 2012
  1. John Tajima
This page is out of date. Refresh to see the latest.
2  lib/generators/shopify_app/templates/config/initializers/omniauth.rb
View
@@ -5,7 +5,7 @@
# Example permission scopes - see http://api.shopify.com/authentication.html for full listing
# :scope => 'read_orders, write_products',
-
+ :scope => 'read_orders, read_products',
:setup => lambda {|env|
params = Rack::Utils.parse_query(env['QUERY_STRING'])
site_url = "https://#{params['shop']}"
Something went wrong with that request. Please try again.