will/cancan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

don't authorize uncountable instance in collection action - closes #193

Browse Source
This commit is contained in:
Ryan Bates
2011-01-05 13:47:38 -08:00
parent 15ca8ade3b
commit bc9ecb226d
2 changed files with 23 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
lib/cancan/controller_resource.rb
View File

@@ -26,7 +26,7 @@ module CanCan
end
def load_resource
if parent? || member_action?
if load_instance?
self.resource_instance ||= load_resource_instance
elsif load_collection?
self.collection_instance ||= load_collection
@@ -51,9 +51,12 @@ module CanCan
end
end
def load_instance?
parent? || member_action?
end
def load_collection?
resource_base.respond_to?(:accessible_by) &&
!current_ability.has_block?(authorization_action, resource_class)
resource_base.respond_to?(:accessible_by) && !current_ability.has_block?(authorization_action, resource_class)
end
def load_collection
@@ -116,7 +119,7 @@ module CanCan
end
def resource_instance
@controller.instance_variable_get("@#{instance_name}")
@controller.instance_variable_get("@#{instance_name}") if load_instance?
end
def collection_instance=(instance)