adding :singular option to support has_one associations in load/authorize resource - closes #93

lib/cancan/controller_additions.rb

@@ -67,6 +67,9 @@ module CanCan
       # [:+through+]
       #   Load this resource through another one. This should match the name of the parent instance variable.
       #
+      # [:+singular+]
+      #   Pass +true+ if this is a singular resource through a +has_one+ association.
+      #
       # [:+parent+]
       #   True or false depending on if the resource is considered a parent resource. This defaults to +true+ if a resource
       #   name is given which does not match the controller.

lib/cancan/controller_resource.rb

@@ -41,12 +41,21 @@ module CanCan
 
     def load_resource_instance
       if !parent? && new_actions.include?(@params[:action].to_sym)
-        @params[name] ? resource_base.new(@params[name]) : resource_base.new
+        build_resource
-      elsif id_param
+      elsif id_param || @options[:singular]
-        resource_base.find(id_param)
+        find_resource
       end
     end
 
+    def build_resource
+      method_name = @options[:singular] ? "build_#{name}" : "new"
+      resource_base.send(*[method_name, @params[name]].compact)
+    end
+
+    def find_resource
+      @options[:singular] ? resource_base.send(name) : resource_base.find(id_param)
+    end
+
     def authorization_action
       parent? ? :read : @params[:action].to_sym
     end
@@ -77,8 +86,13 @@ module CanCan
 
     # The object that methods (such as "find", "new" or "build") are called on.
     # If the :through option is passed it will go through an association on that instance.
+    # If the :singular option is passed it won't use the association because it needs to be handled later.
     def resource_base
-      through_resource ? through_resource.send(name.to_s.pluralize) : resource_class
+      if through_resource
+        @options[:singular] ? through_resource : through_resource.send(name.to_s.pluralize)
+      else
+        resource_class
+      end
     end
 
     # The object to load this resource through.

spec/cancan/controller_resource_spec.rb

@@ -166,6 +166,26 @@ describe CanCan::ControllerResource do
     @controller.instance_variable_get(:@ability).should == :some_ability
   end
 
+  it "should find record through has_one association with :singular option" do
+    @params.merge!(:action => "show")
+    person = Object.new
+    @controller.instance_variable_set(:@person, person)
+    stub(person).ability { :some_ability }
+    resource = CanCan::ControllerResource.new(@controller, :through => :person, :singular => true)
+    resource.load_resource
+    @controller.instance_variable_get(:@ability).should == :some_ability
+  end
+
+  it "should build record through has_one association with :singular option" do
+    @params.merge!(:action => "create", :ability => :ability_attributes)
+    person = Object.new
+    @controller.instance_variable_set(:@person, person)
+    stub(person).build_ability(:ability_attributes) { :new_ability }
+    resource = CanCan::ControllerResource.new(@controller, :through => :person, :singular => true)
+    resource.load_resource
+    @controller.instance_variable_get(:@ability).should == :new_ability
+  end
+
   it "should only authorize :read action on parent resource" do
     @params.merge!(:action => "new", :person_id => 123)
     stub(Person).find(123) { :some_person }