adding a before filter for loading and authorizing a resource

lib/cancan/ability.rb

@@ -9,7 +9,7 @@ module CanCan
       base.alias_action :edit, :to => :update
     end
     
-    def can?(original_action, target)
+    def can?(original_action, target) # TODO this could use some refactoring
       (self.class.can_history || []).reverse.each do |can_action, can_target, can_block|
         possible_actions_for(original_action).each do |action|
           if (can_action == :manage || can_action == action) && (can_target == :all || can_target == target || target.kind_of?(can_target))

lib/cancan/controller_additions.rb

@@ -15,6 +15,23 @@ module CanCan
     def can?(*args)
       (@current_ability ||= current_ability).can?(*args)
     end
+    
+    def load_resource # TODO this could use some refactoring
+      if params[:id]
+        instance_variable_set("@#{params[:controller].singularize}", params[:controller].singularize.camelcase.constantize.find(params[:id]))
+      elsif params[params[:controller].singularize.to_sym]
+        instance_variable_set("@#{params[:controller].singularize}", params[:controller].singularize.camelcase.constantize.new(params[params[:controller].singularize.to_sym]))
+      end
+    end
+    
+    def authorize_resource # TODO this could use some refactoring
+      unauthorized! unless can?(params[:action].to_sym, instance_variable_get("@#{params[:controller].singularize}") || params[:controller].singularize.camelcase.constantize)
+    end
+    
+    def load_and_authorize_resource
+      load_resource
+      authorize_resource
+    end
   end
 end