will/cancan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #570 from bsodmike/bsodmike-2.0

Browse Source 
Cancan 2.0 fix for issue #565; fixes namespaced non-db/model backed resources authorization
This commit is contained in:
Ryan Bates 2012-05-11 08:18:03 -07:00
commit 4986de8b3e
2 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/cancan/rule.rb
View File

@ -100,7 +100,7 @@ module CanCan
def matches_subject?(subject)
subject = subject_name(subject) if subject_object? subject
@expanded_subjects.include?(:all) || @expanded_subjects.include?(subject.to_sym) # || matches_subject_class?(subject)
@expanded_subjects.include?(:all) || @expanded_subjects.include?(subject.to_sym) || @expanded_subjects.include?(subject) # || matches_subject_class?(subject)
end
def matches_attribute?(attribute)

8
spec/cancan/controller_resource_spec.rb
View File

@ -384,6 +384,14 @@ describe CanCan::ControllerResource do
@controller.instance_variable_get(:@project).name.should == "foobar"
end
it "should properly authorize resource for namespaced controller" do
@ability.can(:index, "admin/dashboard")
@params.merge!(:controller => "admin/dashboard", :action => "index")
@controller.authorize!(:index, "admin/dashboard")
resource = CanCan::ControllerResource.new(@controller, :authorize => true).process
lambda { resource.process }.should_not raise_error(CanCan::Unauthorized)
end
# it "raises ImplementationRemoved when adding :name option" do
# lambda {
# CanCan::ControllerResource.new(@controller, :name => :foo)