cancan 1.0.0 → 1.0.1

data/CHANGELOG.rdoc

@@ -1,3 +1,10 @@
+1.0.1 (Dec 14, 2009)
+
+* Adding :class option to load_resource so one can customize which class to use for the model - see issue #17
+
+* Don't fetch parent of nested resource if *_id parameter is missing so it works with shallow nested routes - see issue #14
+
+
 1.0.0 (Dec 13, 2009)
 
 * Don't set resource instance variable if it has been set already - see issue #13

data/README.rdoc

@@ -65,11 +65,7 @@ Setting this for every action can be tedious, therefore the load_and_authorize_r
 If the user authorization fails, a CanCan::AccessDenied exception will be raised. You can catch this and modify its behavior in the ApplicationController.
 
   class ApplicationController < ActionController::Base
-    rescue_from CanCan::AccessDenied, :with => :access_denied
-  
-    protected
-  
-    def access_denied
+    rescue_from CanCan::AccessDenied do |exception|
       flash[:error] = "Sorry, you are not allowed to access that page."
       redirect_to root_url
     end

data/lib/cancan/controller_additions.rb

@@ -59,6 +59,9 @@ module CanCan
       #   
       #     load_resource :nested => [:publisher, :author]
       #   
+      # [:+class+]
+      #   The class to use for the model.
+      #   
       # [:+collection+]
       #   Specify which actions are resource collection actions in addition to :+index+. This
       #   is usually not necessary because it will try to guess depending on if an :+id+
@@ -72,7 +75,7 @@ module CanCan
       #   fetch one.
       #   
       #     load_resource :new => :build
-      #   
+      # 
       def load_resource(options = {})
         before_filter(options.slice(:only, :except)) { |c| ResourceAuthorization.new(c, c.params, options.except(:only, :except)).load_resource }
       end
@@ -99,6 +102,9 @@ module CanCan
       # [:+except+]
       #   Does not apply before filter to given actions.
       # 
+      # [:+class+]
+      #   The class to use for the model.
+      # 
       def authorize_resource(options = {})
         before_filter(options.slice(:only, :except)) { |c| ResourceAuthorization.new(c, c.params, options.except(:only, :except)).authorize_resource }
       end

data/lib/cancan/controller_resource.rb

@@ -1,13 +1,14 @@
 module CanCan
   class ControllerResource # :nodoc:
-    def initialize(controller, name, parent = nil)
+    def initialize(controller, name, parent = nil, options = {})
       @controller = controller
       @name = name
       @parent = parent
+      @options = options
     end
     
     def model_class
-      @name.to_s.camelize.constantize
+      @options[:class] || @name.to_s.camelize.constantize
     end
     
     def find(id)

data/lib/cancan/resource_authorization.rb

@@ -30,14 +30,19 @@ module CanCan
     private
     
     def resource
-      @resource ||= ControllerResource.new(@controller, model_name, parent_resource)
+      @resource ||= ControllerResource.new(@controller, model_name, parent_resource, @options)
     end
     
     def parent_resource
       parent = nil
       [@options[:nested]].flatten.compact.each do |name|
-        parent = ControllerResource.new(@controller, name, parent)
-        parent.find(@params["#{name}_id".to_sym])
+        id = @params["#{name}_id".to_sym]
+        if id
+          parent = ControllerResource.new(@controller, name, parent)
+          parent.find(id)
+        else
+          parent = nil
+        end
       end
       parent
     end

data/spec/cancan/controller_resource_spec.rb

@@ -40,4 +40,10 @@ describe CanCan::ControllerResource do
     CanCan::ControllerResource.new(@controller, :ability).find(123)
     @controller.instance_variable_get(:@ability).should == :some_ability
   end
+  
+  it "should use the model class option if provided" do
+    stub(Person).find(123) { :some_resource }
+    CanCan::ControllerResource.new(@controller, :ability, nil, :class => Person).find(123)
+    @controller.instance_variable_get(:@ability).should == :some_resource
+  end
 end

data/spec/cancan/resource_authorization_spec.rb

@@ -96,4 +96,20 @@ describe CanCan::ResourceAuthorization do
     authorization.load_resource
     @controller.instance_variable_get(:@ability).should == :some_ability
   end
+  
+  it "should not load nested resource and build through this if *_id param isn't specified" do
+    stub(Person).find(456) { :some_person }
+    stub(Ability).new(nil) { :some_ability }
+    authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "new", :person_id => 456}, {:nested => [:person, :behavior]})
+    authorization.load_resource
+    @controller.instance_variable_get(:@person).should == :some_person
+    @controller.instance_variable_get(:@ability).should == :some_ability
+  end
+  
+  it "should load the model using a custom class" do
+    stub(Person).find(123) { :some_resource }
+    authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "show", :id => 123}, {:class => Person})
+    authorization.load_resource
+    @controller.instance_variable_get(:@ability).should == :some_resource
+  end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: cancan
 version: !ruby/object:Gem::Version 
-  version: 1.0.0
+  version: 1.0.1
 platform: ruby
 authors: 
 - Ryan Bates
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-12-13 00:00:00 -08:00
+date: 2009-12-14 00:00:00 -08:00
 default_executable: 
 dependencies: []