app/controllers/spree/api/checkouts_controller.rb in solidus_api-1.0.0.pre2 vs app/controllers/spree/api/checkouts_controller.rb in solidus_api-1.0.0.pre3

@@ -50,10 +50,10 @@
 
       def update
         authorize! :update, @order, order_token
 
         if @order.update_from_params(params, permitted_checkout_attributes, request.headers.env)
-          if current_api_user.has_spree_role?('admin') && user_id.present?
+          if can?(:admin, @order) && user_id.present?
             @order.associate_user!(Spree.user_class.find(user_id))
           end
 
           return if after_update_attributes