will/cancan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Pass :only and :except options to before filters for load/authorize resource methods.

Browse Source
This commit is contained in:
Ryan Bates 2009-12-13 11:00:12 -08:00
parent 63634b4f5d
commit 94e031bf96
3 changed files with 27 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.rdoc
View File

@ -1,3 +1,5 @@
* Pass :only and :except options to before filters for load/authorize resource methods.
* Adding :collection and :new options to load_resource method so we can specify behavior of additional actions if needed. * Adding :collection and :new options to load_resource method so we can specify behavior of additional actions if needed.
* BACKWARDS INCOMPATIBLE: turning load and authorize resource methods into class methods which set up the before filter so they can accept additional arguments. * BACKWARDS INCOMPATIBLE: turning load and authorize resource methods into class methods which set up the before filter so they can accept additional arguments.

26
lib/cancan/controller_additions.rb
View File

@ -11,8 +11,8 @@ module CanCan
# load_and_authorize_resource # load_and_authorize_resource
# end # end
# #
def load_and_authorize_resource(*args) def load_and_authorize_resource(options = {})
before_filter { |c| ResourceAuthorization.new(c, c.params, *args).load_and_authorize_resource } before_filter(options.slice(:only, :except)) { |c| ResourceAuthorization.new(c, c.params, options.except(:only, :except)).load_and_authorize_resource }
end end
# Sets up a before filter which loads the appropriate model resource into an instance variable. # Sets up a before filter which loads the appropriate model resource into an instance variable.
@ -30,6 +30,12 @@ module CanCan
# See load_and_authorize_resource to automatically authorize the resource too. # See load_and_authorize_resource to automatically authorize the resource too.
# #
# Options: # Options:
# [:+only+]
# Only applies before filter to given actions.
#
# [:+except+]
# Does not apply before filter to given actions.
#
# [:+collection+] # [:+collection+]
# Specify which actions are resource collection actions in addition to :+index+. This # Specify which actions are resource collection actions in addition to :+index+. This
# is usually not necessary because it will try to guess depending on if an :+id+ # is usually not necessary because it will try to guess depending on if an :+id+
@ -44,8 +50,8 @@ module CanCan
# #
# load_resource :new => :build # load_resource :new => :build
# #
def load_resource(*args) def load_resource(options = {})
before_filter { |c| ResourceAuthorization.new(c, c.params, *args).load_resource } before_filter(options.slice(:only, :except)) { |c| ResourceAuthorization.new(c, c.params, options.except(:only, :except)).load_resource }
end end
# Sets up a before filter which authorizes the current resource using the instance variable. # Sets up a before filter which authorizes the current resource using the instance variable.
@ -62,8 +68,16 @@ module CanCan
# end # end
# #
# See load_and_authorize_resource to automatically load the resource too. # See load_and_authorize_resource to automatically load the resource too.
def authorize_resource(*args) #
before_filter { |c| ResourceAuthorization.new(c, c.params, *args).authorize_resource } # Options:
# [:+only+]
# Only applies before filter to given actions.
#
# [:+except+]
# Does not apply before filter to given actions.
#
def authorize_resource(options = {})
before_filter(options.slice(:only, :except)) { |c| ResourceAuthorization.new(c, c.params, options.except(:only, :except)).authorize_resource }
end end
end end

10
spec/cancan/controller_additions_spec.rb
View File

@ -29,19 +29,19 @@ describe CanCan::ControllerAdditions do
it "load_and_authorize_resource should setup a before filter which passes call to ResourceAuthorization" do it "load_and_authorize_resource should setup a before filter which passes call to ResourceAuthorization" do
stub(CanCan::ResourceAuthorization).new(@controller, @controller.params, :foo => :bar).mock!.load_and_authorize_resource stub(CanCan::ResourceAuthorization).new(@controller, @controller.params, :foo => :bar).mock!.load_and_authorize_resource
mock(@controller_class).before_filter { |block| block.call(@controller) } mock(@controller_class).before_filter({}) { |options, block| block.call(@controller) }
@controller_class.load_and_authorize_resource :foo => :bar @controller_class.load_and_authorize_resource :foo => :bar
end end
it "authorize_resource should setup a before filter which passes call to ResourceAuthorization" do it "authorize_resource should setup a before filter which passes call to ResourceAuthorization" do
stub(CanCan::ResourceAuthorization).new(@controller, @controller.params, :foo => :bar).mock!.authorize_resource stub(CanCan::ResourceAuthorization).new(@controller, @controller.params, :foo => :bar).mock!.authorize_resource
mock(@controller_class).before_filter { |block| block.call(@controller) } mock(@controller_class).before_filter(:except => :show) { |options, block| block.call(@controller) }
@controller_class.authorize_resource :foo => :bar @controller_class.authorize_resource :foo => :bar, :except => :show
end end
it "load_resource should setup a before filter which passes call to ResourceAuthorization" do it "load_resource should setup a before filter which passes call to ResourceAuthorization" do
stub(CanCan::ResourceAuthorization).new(@controller, @controller.params, :foo => :bar).mock!.load_resource stub(CanCan::ResourceAuthorization).new(@controller, @controller.params, :foo => :bar).mock!.load_resource
mock(@controller_class).before_filter { |block| block.call(@controller) } mock(@controller_class).before_filter(:only => [:show, :index]) { |options, block| block.call(@controller) }
@controller_class.load_resource :foo => :bar @controller_class.load_resource :foo => :bar, :only => [:show, :index]
end end
end end