From 6aa13d711879b731105ae58e63a6c3ecd9f0a6fa Mon Sep 17 00:00:00 2001
From: Martin Fenner <martin.fenner@datacite.org>
Date: Thu, 27 Feb 2020 12:31:53 +0100
Subject: [PATCH] tweak abilities. #432

---
 app/models/ability.rb | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/app/models/ability.rb b/app/models/ability.rb
index 36d9be4bd..f56e6e003 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -20,10 +20,12 @@ def initialize(user)
     elsif user.role_id == "staff_user"
       can :read, :all
     elsif user.role_id == "consortium_admin" && user.provider_id.present?
-      can [:update, :read, :read_billing_information], Provider, symbol: user.provider_id.upcase
-      can [:manage], Provider do |provider|
+      can [:new, :create, :delete], Provider do |provider|
         user.provider_id.casecmp(provider.consortium_id)
       end
+      can [:update, :read, :read_billing_information], Provider do |provider|
+        user.provider_id.casecmp(provider.id) || user.provider_id.casecmp(provider.consortium_id)
+      end
       can [:read], Provider
       can [:manage], ProviderPrefix do |provider_prefix|
         provider_prefix.provider && user.provider_id.casecmp(provider_prefix.provider.consortium_id)