passing block to enable_authorization will be executed when CanCan::Unauthorized exception is raised
This commit is contained in:
parent
cf2896f011
commit
35fbee578f
|
@ -251,19 +251,20 @@ module CanCan
|
|||
#
|
||||
# enable_authorization :unless => :devise_controller?
|
||||
#
|
||||
def enable_authorization(options = {})
|
||||
self.before_filter(options.slice(:only, :except)) do |controller|
|
||||
def enable_authorization(options = {}, &block)
|
||||
before_filter(options.slice(:only, :except)) do |controller|
|
||||
break if options[:if] && !controller.send(options[:if])
|
||||
break if options[:unless] && controller.send(options[:unless])
|
||||
controller.authorize! controller.params[:action], controller.params[:controller]
|
||||
end
|
||||
self.after_filter(options.slice(:only, :except)) do |controller|
|
||||
after_filter(options.slice(:only, :except)) do |controller|
|
||||
break if options[:if] && !controller.send(options[:if])
|
||||
break if options[:unless] && controller.send(options[:unless])
|
||||
unless controller.current_ability.fully_authorized? controller.params[:action], controller.params[:controller]
|
||||
raise CanCan::InsufficientAuthorizationCheck, "Authorization check is not sufficient for this action. This is probably because you have a conditions or attributes defined in Ability and are not checking for them in the action."
|
||||
end
|
||||
end
|
||||
rescue_from(CanCan::Unauthorized, &block) if block
|
||||
end
|
||||
|
||||
def cancan_resource_class
|
||||
|
|
|
@ -95,4 +95,13 @@ describe CanCan::ControllerAdditions do
|
|||
@controller_class.enable_authorization(:unless => :engine_controller?)
|
||||
@authorize_called.should be_false
|
||||
end
|
||||
|
||||
it "enable_authorization should pass block to rescue_from CanCan::Unauthorized call" do
|
||||
@block_called = false
|
||||
mock(@controller_class).before_filter({})
|
||||
mock(@controller_class).after_filter({})
|
||||
mock(@controller_class).rescue_from(CanCan::Unauthorized) { |options, block| block.call(:exception) }
|
||||
@controller_class.enable_authorization { |e| @block_called = (e == :exception) }
|
||||
@block_called.should be_true
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue
Block a user