diff --git a/lib/cancan/ability.rb b/lib/cancan/ability.rb index ae243ca..b2fbcf9 100644 --- a/lib/cancan/ability.rb +++ b/lib/cancan/ability.rb @@ -219,13 +219,5 @@ module CanCan :update => [:edit], } end - - def includes_action?(actions, action) - actions.include?(:manage) || actions.include?(action) - end - - def includes_subject?(subjects, subject) - subjects.include?(:all) || subjects.include?(subject) || subjects.any? { |c| c.kind_of?(Class) && subject.kind_of?(c) } - end end end diff --git a/lib/cancan/can_definition.rb b/lib/cancan/can_definition.rb index 17dc844..5c598ea 100644 --- a/lib/cancan/can_definition.rb +++ b/lib/cancan/can_definition.rb @@ -33,7 +33,7 @@ module CanCan end def matches_subject?(subject) - @subjects.include?(:all) || @subjects.include?(subject) || @subjects.any? { |c| c.kind_of?(Class) && subject.kind_of?(c) } + @subjects.include?(:all) || @subjects.include?(subject) || @subjects.any? { |sub| sub.kind_of?(Class) && subject.kind_of?(sub) } end def can_without_base_behavior?(action, subject, extra_args) diff --git a/lib/cancan/controller_resource.rb b/lib/cancan/controller_resource.rb index 83065e0..d2f18cb 100644 --- a/lib/cancan/controller_resource.rb +++ b/lib/cancan/controller_resource.rb @@ -1,4 +1,5 @@ module CanCan + # Used internally to load and authorize a given controller resource. class ControllerResource # :nodoc: def initialize(controller, name, parent = nil, options = {}) raise ImplementationRemoved, "The :class option has been renamed to :resource for specifying the class in CanCan." if options.has_key? :class @@ -9,12 +10,13 @@ module CanCan end def model_class - if @options[:resource].nil? + resource_class = @options[:resource] + if resource_class.nil? @name.to_s.camelize.constantize - elsif @options[:resource].kind_of? String - @options[:resource].constantize + elsif resource_class.kind_of? String + resource_class.constantize else - @options[:resource] + resource_class # likely a symbol end end diff --git a/lib/cancan/resource_authorization.rb b/lib/cancan/resource_authorization.rb index badb0ef..21429df 100644 --- a/lib/cancan/resource_authorization.rb +++ b/lib/cancan/resource_authorization.rb @@ -1,7 +1,7 @@ module CanCan + # Handle the load and authorization controller logic so we don't clutter up all controllers with non-interface methods. + # This class is used internally, so you do not need to call methods directly on it. class ResourceAuthorization # :nodoc: - attr_reader :params - def self.add_before_filter(controller_class, method, options = {}) controller_class.before_filter(options.slice(:only, :except)) do |controller| ResourceAuthorization.new(controller, controller.params, options.except(:only, :except)).send(method) @@ -20,17 +20,17 @@ module CanCan end def load_resource - unless collection_actions.include? params[:action].to_sym - if new_actions.include? params[:action].to_sym - resource.build(params[model_name.to_sym]) - elsif params[:id] - resource.find(params[:id]) + unless collection_actions.include? @params[:action].to_sym + if new_actions.include? @params[:action].to_sym + resource.build(@params[model_name.to_sym]) + elsif @params[:id] + resource.find(@params[:id]) end end end def authorize_resource - @controller.authorize!(params[:action].to_sym, resource.model_instance || resource.model_class) + @controller.authorize!(@params[:action].to_sym, resource.model_instance || resource.model_class) end private @@ -54,7 +54,7 @@ module CanCan end def model_name - params[:controller].sub("Controller", "").underscore.split('/').last.singularize + @params[:controller].sub("Controller", "").underscore.split('/').last.singularize end def collection_actions