0
@@ -1,3 +1,8 @@
0
+* 0.03 - 04/28/2008
0
+  - Added :only_if_logged_in? key since logged_in? can't be tested via :if (scoping)
0
+  - Added generator option --library-only to allow for "safe" library updating
0
+  - Documented and enabled --skip-migration option
0
+
0
 * 0.02 - 04/25/2008
0
   - Fixed documentation problems (require_foo instead of authorize_foo leftovers)
0
   - Correctly failing users who aren't logged in for all conditions

0
@@ -23,6 +23,10 @@ To begin using restful-authorization, run:
0
 where role is your intended Role model name and user is the name of your
0
 User model in restful_authentication.
0
 
0
+The generator takes two additional options:
0
+  --skip-migration only skips the migration
0
+  --library_only only regenerates the library
0
+
0
 Syntax
0
 ======
0
 
0
@@ -75,6 +79,10 @@ Individual authorization requirements can be limited via a number of keys:
0
   * Restrict only the create and new actions
0
     :only => [:create, :new]
0
   
0
+  * Restrict only the create and new actions for users who are logged_in?
0
+    These will continue to be accessible to users who aren't logged_in?
0
+    :only_if_logged_in? => [:create, :new]
0
+  
0
   * Restrict all actions except index and show  
0
     :except => [:index, :show]
0
   

0
@@ -1,6 +1,8 @@
0
 require( File.join( File.dirname(__FILE__), "../authorized_generator_helpers" ))
0
 
0
 class AuthorizedGenerator < Rails::Generator::NamedBase
0
+  default_options :library_only => false,
0
+                  :skip_migration => false
0
   
0
   include AuthorizedGeneratorHelpers
0
   
0
@@ -23,15 +25,19 @@ class AuthorizedGenerator < Rails::Generator::NamedBase
0
   
0
   def manifest
0
     record do |m|
0
-      modify_or_add_user_fixtures(m)
0
-      add_roles_and_join_table_fixtures(m)
0
+      unless options[:library_only]
0
+        modify_or_add_user_fixtures(m)
0
+        add_roles_and_join_table_fixtures(m)
0
       
0
-      add_method_to_user_model(m)
0
+        add_method_to_user_model(m)
0
+      
0
+        add_role_model(m)
0
+        add_dependencies_to_application_rb
0
+        add_migration(m) unless options[:skip_migration]
0
+      end
0
       
0
-      add_role_model(m)
0
-      add_dependencies_to_application_rb
0
       add_authorized_system(m)
0
-      add_migration(m) unless options[:skip_migration]
0
+
0
     end
0
   end
0
   
0
@@ -145,4 +151,13 @@ EOF
0
       "Usage: #{$0} authorized RoleModelName [TargetUserModelName]"
0
     end
0
 
0
+
0
+    def add_options!(opt)
0
+      opt.separator ''
0
+      opt.separator 'Options:'
0
+      opt.on("--skip-migration", 
0
+             "Don't generate a migration file for this model") { |v| options[:skip_migration] = v }
0
+      opt.on("--library-only", 
0
+             "Only regenerates the library file") { |v| options[:library_only] = true }
0
+    end
0
 end
0
\ No newline at end of file

0
@@ -28,10 +28,11 @@ module AuthorizedSystem
0
     #
0
     # Valid options
0
     #
0
-    #   * :only    - authorization is only required for these actions
0
-    #   * :except  - authorization is required for all other actions
0
-    #   * :if      - a Proc or a string to evaluate; the authorization is required if it returns true
0
-    #   * :unless  - the inverse of :if
0
+    #   * :only               - authorization is only required for these actions
0
+    #   * :only_if_logged_in? - authorization is only required for these actions if the user is logged_in?
0
+    #   * :except             - authorization is required for all other actions
0
+    #   * :if                 - a Proc or a string to evaluate; the authorization is required if it returns true
0
+    #   * :unless             - the inverse of :if
0
     #
0
     #   * :redirect_url - takes a named route as a symbol (:new_example_path), string "/example/new",
0
     #     or hash { :controller => "example", :action => "new" }
0
@@ -48,7 +49,7 @@ module AuthorizedSystem
0
     #   given status. If no :render_url is specified, it renders a blank page with the status code given.
0
     #        
0
     def require_authorization(type, values, options = {})
0
-      options.assert_valid_keys(:if, :unless, :only, :except, :redirect_url, :render_url, :status)
0
+      options.assert_valid_keys(:if, :unless, :only, :only_if_logged_in?, :except, :redirect_url, :render_url, :status)
0
       
0
       # only declare the before filter once
0
       unless @before_filter_declared ||= false
0
@@ -95,6 +96,10 @@ module AuthorizedSystem
0
         options = requirement[:options]
0
     
0
         # handle the restriction keys associated with this requirement
0
+        if options.has_key?(:only_if_logged_in?)
0
+          next unless (options[:only_if_logged_in?].include?( (params[:action]||"index").to_sym) and <%= users_name %>)
0
+        end
0
+
0
         if options.has_key?(:only)
0
           next unless options[:only].include?( (params[:action]||"index").to_sym)
0
         end