From b8ff2dbc6a024926970f5a3bce64c402390c3538 Mon Sep 17 00:00:00 2001 From: Ryan Bates Date: Mon, 13 Jun 2011 15:16:08 -0700 Subject: [PATCH] load member through method instead of instance variable to improve decent_exposure support --- lib/cancan/controller_resource.rb | 8 +++++++- spec/cancan/controller_resource_spec.rb | 8 ++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/lib/cancan/controller_resource.rb b/lib/cancan/controller_resource.rb index 513e056..2d6540c 100644 --- a/lib/cancan/controller_resource.rb +++ b/lib/cancan/controller_resource.rb @@ -148,7 +148,13 @@ module CanCan end def resource_instance - @controller.instance_variable_get("@#{instance_name}") if load_instance? + if load_instance? + if @controller.instance_variable_defined? "@#{instance_name}" + @controller.instance_variable_get("@#{instance_name}") + elsif @controller.respond_to?(instance_name, true) + @controller.send(instance_name) + end + end end def collection_instance=(instance) diff --git a/spec/cancan/controller_resource_spec.rb b/spec/cancan/controller_resource_spec.rb index 28edc6c..a8e2542 100644 --- a/spec/cancan/controller_resource_spec.rb +++ b/spec/cancan/controller_resource_spec.rb @@ -336,6 +336,14 @@ describe CanCan::ControllerResource do CanCan::ControllerResource.new(@controller, :authorize => true).process end + it "should fetch member through method when instance variable is not provided" do + stub(@controller).project { :some_project } + @params.merge!(:action => "show", :id => 123) + stub(@controller).authorize!(:show, :some_project) { raise CanCan::Unauthorized } + resource = CanCan::ControllerResource.new(@controller, :authorize => true) + lambda { resource.process }.should raise_error(CanCan::Unauthorized) + end + # it "should raise ImplementationRemoved when adding :name option" do # lambda { # CanCan::ControllerResource.new(@controller, :name => :foo)