load collection resources in custom controller actions with no id param - closes #296

This commit is contained in:
Ryan Bates 2011-03-08 16:10:40 -08:00
parent ba999970b1
commit 37102fe6f8
3 changed files with 17 additions and 8 deletions

View File

@ -113,7 +113,7 @@ module CanCan
end end
def member_action? def member_action?
!collection_actions.include? @params[:action].to_sym new_actions.include?(@params[:action].to_sym) || (@params[:id] && !collection_actions.include?(@params[:action].to_sym))
end end
# Returns the class used for this resource. This can be overriden by the :class option. # Returns the class used for this resource. This can be overriden by the :class option.

View File

@ -110,7 +110,7 @@ describe CanCan::ControllerResource do
end end
it "should perform authorization using controller action and loaded model" do it "should perform authorization using controller action and loaded model" do
@params[:action] = "show" @params.merge!(:action => "show", :id => 123)
@controller.instance_variable_set(:@project, :some_project) @controller.instance_variable_set(:@project, :some_project)
stub(@controller).authorize!(:show, :some_project) { raise CanCan::AccessDenied } stub(@controller).authorize!(:show, :some_project) { raise CanCan::AccessDenied }
resource = CanCan::ControllerResource.new(@controller) resource = CanCan::ControllerResource.new(@controller)
@ -118,27 +118,36 @@ describe CanCan::ControllerResource do
end end
it "should perform authorization using controller action and non loaded model" do it "should perform authorization using controller action and non loaded model" do
@params[:action] = "show" @params.merge!(:action => "show", :id => 123)
stub(@controller).authorize!(:show, Project) { raise CanCan::AccessDenied } stub(@controller).authorize!(:show, Project) { raise CanCan::AccessDenied }
resource = CanCan::ControllerResource.new(@controller) resource = CanCan::ControllerResource.new(@controller)
lambda { resource.authorize_resource }.should raise_error(CanCan::AccessDenied) lambda { resource.authorize_resource }.should raise_error(CanCan::AccessDenied)
end end
it "should call load_resource and authorize_resource for load_and_authorize_resource" do it "should call load_resource and authorize_resource for load_and_authorize_resource" do
@params[:action] = "show" @params.merge!(:action => "show", :id => 123)
resource = CanCan::ControllerResource.new(@controller) resource = CanCan::ControllerResource.new(@controller)
mock(resource).load_resource mock(resource).load_resource
mock(resource).authorize_resource mock(resource).authorize_resource
resource.load_and_authorize_resource resource.load_and_authorize_resource
end end
it "should not build a resource when on custom collection action" do it "should not build a single resource when on custom collection action even with id" do
@params[:action] = "sort" @params.merge!(:action => "sort", :id => 123)
resource = CanCan::ControllerResource.new(@controller, :collection => [:sort, :list]) resource = CanCan::ControllerResource.new(@controller, :collection => [:sort, :list])
resource.load_resource resource.load_resource
@controller.instance_variable_get(:@project).should be_nil @controller.instance_variable_get(:@project).should be_nil
end end
it "should load a collection resource when on custom action with no id param" do
stub(Project).accessible_by(@ability, :sort) { :found_projects }
@params[:action] = "sort"
resource = CanCan::ControllerResource.new(@controller)
resource.load_resource
@controller.instance_variable_get(:@project).should be_nil
@controller.instance_variable_get(:@projects).should == :found_projects
end
it "should build a resource when on custom new action even when params[:id] exists" do it "should build a resource when on custom new action even when params[:id] exists" do
@params.merge!(:action => "build", :id => 123) @params.merge!(:action => "build", :id => 123)
stub(Project).new { :some_project } stub(Project).new { :some_project }
@ -250,7 +259,7 @@ describe CanCan::ControllerResource do
end end
it "should find record through has_one association with :singleton option" do it "should find record through has_one association with :singleton option" do
@params.merge!(:action => "show") @params.merge!(:action => "show", :id => 123)
category = Object.new category = Object.new
@controller.instance_variable_set(:@category, category) @controller.instance_variable_set(:@category, category)
stub(category).project { :some_project } stub(category).project { :some_project }

View File

@ -12,7 +12,7 @@ describe CanCan::InheritedResource do
end end
it "show should load resource through @controller.resource" do it "show should load resource through @controller.resource" do
@params[:action] = "show" @params.merge!(:action => "show", :id => 123)
stub(@controller).resource { :project_resource } stub(@controller).resource { :project_resource }
CanCan::InheritedResource.new(@controller).load_resource CanCan::InheritedResource.new(@controller).load_resource
@controller.instance_variable_get(:@project).should == :project_resource @controller.instance_variable_get(:@project).should == :project_resource