Pass :only and :except options to before filters for load/authorize r…

…esource methods.
djtek · Dec 13, 2009 · 94e031b · 94e031b
1 parent 63634b4
commit 94e031b
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 11 deletions.
diff --git a/CHANGELOG.rdoc b/CHANGELOG.rdoc
@@ -1,3 +1,5 @@
+* Pass :only and :except options to before filters for load/authorize resource methods.
+
 * Adding :collection and :new options to load_resource method so we can specify behavior of additional actions if needed.
 
 * BACKWARDS INCOMPATIBLE: turning load and authorize resource methods into class methods which set up the before filter so they can accept additional arguments.

diff --git a/lib/cancan/controller_additions.rb b/lib/cancan/controller_additions.rb
@@ -11,8 +11,8 @@ module ClassMethods
       #     load_and_authorize_resource
       #   end
       # 
-      def load_and_authorize_resource(*args)
-        before_filter { |c| ResourceAuthorization.new(c, c.params, *args).load_and_authorize_resource }
+      def load_and_authorize_resource(options = {})
+        before_filter(options.slice(:only, :except)) { |c| ResourceAuthorization.new(c, c.params, options.except(:only, :except)).load_and_authorize_resource }
       end
 
       # Sets up a before filter which loads the appropriate model resource into an instance variable.
@@ -30,6 +30,12 @@ def load_and_authorize_resource(*args)
       # See load_and_authorize_resource to automatically authorize the resource too.
       # 
       # Options:
+      # [:+only+]
+      #   Only applies before filter to given actions.
+      #   
+      # [:+except+]
+      #   Does not apply before filter to given actions.
+      # 
       # [:+collection+]
       #   Specify which actions are resource collection actions in addition to :+index+. This
       #   is usually not necessary because it will try to guess depending on if an :+id+
@@ -44,8 +50,8 @@ def load_and_authorize_resource(*args)
       #   
       #     load_resource :new => :build
       #   
-      def load_resource(*args)
-        before_filter { |c| ResourceAuthorization.new(c, c.params, *args).load_resource }
+      def load_resource(options = {})
+        before_filter(options.slice(:only, :except)) { |c| ResourceAuthorization.new(c, c.params, options.except(:only, :except)).load_resource }
       end
 
       # Sets up a before filter which authorizes the current resource using the instance variable.
@@ -62,8 +68,16 @@ def load_resource(*args)
       #   end
       # 
       # See load_and_authorize_resource to automatically load the resource too.
-      def authorize_resource(*args)
-        before_filter { |c| ResourceAuthorization.new(c, c.params, *args).authorize_resource }
+      # 
+      # Options:
+      # [:+only+]
+      #   Only applies before filter to given actions.
+      #   
+      # [:+except+]
+      #   Does not apply before filter to given actions.
+      # 
+      def authorize_resource(options = {})
+        before_filter(options.slice(:only, :except)) { |c| ResourceAuthorization.new(c, c.params, options.except(:only, :except)).authorize_resource }
       end
     end
 

diff --git a/spec/cancan/controller_additions_spec.rb b/spec/cancan/controller_additions_spec.rb
@@ -29,19 +29,19 @@
 
   it "load_and_authorize_resource should setup a before filter which passes call to ResourceAuthorization" do
     stub(CanCan::ResourceAuthorization).new(@controller, @controller.params, :foo => :bar).mock!.load_and_authorize_resource
-    mock(@controller_class).before_filter { |block| block.call(@controller) }
+    mock(@controller_class).before_filter({}) { |options, block| block.call(@controller) }
     @controller_class.load_and_authorize_resource :foo => :bar
   end
 
   it "authorize_resource should setup a before filter which passes call to ResourceAuthorization" do
     stub(CanCan::ResourceAuthorization).new(@controller, @controller.params, :foo => :bar).mock!.authorize_resource
-    mock(@controller_class).before_filter { |block| block.call(@controller) }
-    @controller_class.authorize_resource :foo => :bar
+    mock(@controller_class).before_filter(:except => :show) { |options, block| block.call(@controller) }
+    @controller_class.authorize_resource :foo => :bar, :except => :show
   end
 
   it "load_resource should setup a before filter which passes call to ResourceAuthorization" do
     stub(CanCan::ResourceAuthorization).new(@controller, @controller.params, :foo => :bar).mock!.load_resource
-    mock(@controller_class).before_filter { |block| block.call(@controller) }
-    @controller_class.load_resource :foo => :bar
+    mock(@controller_class).before_filter(:only => [:show, :index]) { |options, block| block.call(@controller) }
+    @controller_class.load_resource :foo => :bar, :only => [:show, :index]
   end
 end