Merge pull request #754 from Serabe/new_authorization_bug

Solves problem when authorizing new action.
This commit is contained in:
Ryan Bates 2013-02-21 17:48:41 -08:00
commit 68ea78b6e9
2 changed files with 19 additions and 2 deletions

View File

@ -85,10 +85,11 @@ module CanCan
end
def assign_attributes(resource)
resource.send("#{parent_name}=", parent_resource) if @options[:singleton] && parent_resource
initial_attributes.each do |attr_name, value|
resource.send("#{attr_name}=", value)
end
resource.send("#{parent_name}=", parent_resource) if @options[:singleton] && parent_resource
resource
end

View File

@ -284,10 +284,26 @@ describe CanCan::ControllerResource do
CanCan::ControllerResource.new(@controller, :category, :load => true).process
CanCan::ControllerResource.new(@controller, :project, :load => true, :through => :category).process
project = @controller.instance_variable_get(:@project)
project.new_record?.should eq(true)
project.should be_new_record
project.name.should eq('foo')
end
it "does not overrides an attribute if it is based on parent resource" do
user = double('user')
user.should_receive(:category_id).and_return nil
@ability = Ability.new user
@ability.can :new, :projects, :category_id => user.category_id
category = Category.create!
@controller.instance_variable_set(:@category, category)
@params.merge! :action => 'new', :category_id => category.id
CanCan::ControllerResource.new(@controller, :category, :load => true).process
CanCan::ControllerResource.new(@controller, :project, :load => true, :through => :category, :singleton => true).process
project = @controller.instance_variable_get(:@project)
project.category_id.should_not be_nil
project.category.should eq(category)
end
it "authorizes nested resource through parent association on index action" do
pending
@params.merge!(:action => "index")