Pass :only and :except options to before filters for load/authorize resource methods.

2009-12-13 11:00:12 -08:00 · 2009-12-13 11:00:12 -08:00 · 94e031bf96
commit 94e031bf96
parent 63634b4f5d
3 changed files with 27 additions and 11 deletions
--- a/CHANGELOG.rdoc
+++ b/CHANGELOG.rdoc
@ -1,3 +1,5 @@
+* Pass :only and :except options to before filters for load/authorize resource methods.
+
 * Adding :collection and :new options to load_resource method so we can specify behavior of additional actions if needed.

 * BACKWARDS INCOMPATIBLE: turning load and authorize resource methods into class methods which set up the before filter so they can accept additional arguments.
--- a/lib/cancan/controller_additions.rb
+++ b/lib/cancan/controller_additions.rb
@ -11,8 +11,8 @@ module CanCan
      #     load_and_authorize_resource
      #   end
      # 
-      def load_and_authorize_resource(*args)
-        before_filter { |c| ResourceAuthorization.new(c, c.params, *args).load_and_authorize_resource }
+      def load_and_authorize_resource(options = {})
+        before_filter(options.slice(:only, :except)) { |c| ResourceAuthorization.new(c, c.params, options.except(:only, :except)).load_and_authorize_resource }
      end
      
      # Sets up a before filter which loads the appropriate model resource into an instance variable.
@ -30,6 +30,12 @@ module CanCan
      # See load_and_authorize_resource to automatically authorize the resource too.
      # 
      # Options:
+      # [:+only+]
+      #   Only applies before filter to given actions.
+      #   
+      # [:+except+]
+      #   Does not apply before filter to given actions.
+      # 
      # [:+collection+]
      #   Specify which actions are resource collection actions in addition to :+index+. This
      #   is usually not necessary because it will try to guess depending on if an :+id+
@ -44,8 +50,8 @@ module CanCan
      #   
      #     load_resource :new => :build
      #   
-      def load_resource(*args)
-        before_filter { |c| ResourceAuthorization.new(c, c.params, *args).load_resource }
+      def load_resource(options = {})
+        before_filter(options.slice(:only, :except)) { |c| ResourceAuthorization.new(c, c.params, options.except(:only, :except)).load_resource }
      end
      
      # Sets up a before filter which authorizes the current resource using the instance variable.
@ -62,8 +68,16 @@ module CanCan
      #   end
      # 
      # See load_and_authorize_resource to automatically load the resource too.
-      def authorize_resource(*args)
-        before_filter { |c| ResourceAuthorization.new(c, c.params, *args).authorize_resource }
+      # 
+      # Options:
+      # [:+only+]
+      #   Only applies before filter to given actions.
+      #   
+      # [:+except+]
+      #   Does not apply before filter to given actions.
+      # 
+      def authorize_resource(options = {})
+        before_filter(options.slice(:only, :except)) { |c| ResourceAuthorization.new(c, c.params, options.except(:only, :except)).authorize_resource }
      end
    end
    
--- a/spec/cancan/controller_additions_spec.rb
+++ b/spec/cancan/controller_additions_spec.rb
@ -29,19 +29,19 @@ describe CanCan::ControllerAdditions do
  
  it "load_and_authorize_resource should setup a before filter which passes call to ResourceAuthorization" do
    stub(CanCan::ResourceAuthorization).new(@controller, @controller.params, :foo => :bar).mock!.load_and_authorize_resource
-    mock(@controller_class).before_filter { |block| block.call(@controller) }
+    mock(@controller_class).before_filter({}) { |options, block| block.call(@controller) }
    @controller_class.load_and_authorize_resource :foo => :bar
  end
  
  it "authorize_resource should setup a before filter which passes call to ResourceAuthorization" do
    stub(CanCan::ResourceAuthorization).new(@controller, @controller.params, :foo => :bar).mock!.authorize_resource
-    mock(@controller_class).before_filter { |block| block.call(@controller) }
-    @controller_class.authorize_resource :foo => :bar
+    mock(@controller_class).before_filter(:except => :show) { |options, block| block.call(@controller) }
+    @controller_class.authorize_resource :foo => :bar, :except => :show
  end
  
  it "load_resource should setup a before filter which passes call to ResourceAuthorization" do
    stub(CanCan::ResourceAuthorization).new(@controller, @controller.params, :foo => :bar).mock!.load_resource
-    mock(@controller_class).before_filter { |block| block.call(@controller) }
-    @controller_class.load_resource :foo => :bar
+    mock(@controller_class).before_filter(:only => [:show, :index]) { |options, block| block.call(@controller) }
+    @controller_class.load_resource :foo => :bar, :only => [:show, :index]
  end
 end