avoid use of exceptions wherever possible with help of new :bang option

gkathare · Jun 1, 2011 · 792b155 · 792b155
1 parent ea71502
commit 792b155
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 34 deletions.
diff --git a/lib/declarative_authorization/authorization.rb b/lib/declarative_authorization/authorization.rb
@@ -191,15 +191,15 @@ def permit! (privilege, options = {})
       end
     end
 
-    # Calls permit! but rescues the AuthorizationException and returns false
-    # instead.  If no exception is raised, permit? returns true and yields
-    # to the optional block.
-    def permit? (privilege, options = {}, &block) # :yields:
-      permit!(privilege, options)
-      yield if block_given?
-      true
-    rescue NotAuthorized
-      false
+    # Calls permit! but doesn't raise authorization errors. If no exception is
+    # raised, permit? returns true and yields  to the optional block.
+    def permit? (privilege, options = {}) # :yields:
+      if permit!(privilege, options.merge(:bang=> false))
+        yield if block_given?
+        true
+      else
+        false
+      end
     end
 
     # Returns the obligations to be met by the current user for the given 

diff --git a/lib/declarative_authorization/in_controller.rb b/lib/declarative_authorization/in_controller.rb
@@ -42,35 +42,19 @@ def authorization_engine
     # If no object or context is specified, the controller_name is used as
     # context.
     #
-    def permitted_to? (privilege, object_or_sym = nil, options = {}, &block)
-      permitted_to!(privilege, object_or_sym, options.merge(:non_bang => true), &block)
+    def permitted_to? (privilege, object_or_sym = nil, options = {})
+      if authorization_engine.permit!(privilege, options_for_permit(object_or_sym, options, false))
+        yield if block_given?
+        true
+      else
+        false
+      end
     end
 
     # Works similar to the permitted_to? method, but
     # throws the authorization exceptions, just like Engine#permit!
-    def permitted_to! (privilege, object_or_sym = nil, options = {}, &block)
-      context = object = nil
-      if object_or_sym.nil?
-        context = self.class.decl_auth_context
-      elsif !object_or_sym.respond_to?(:proxy_reflection) and object_or_sym.is_a?(Symbol)
-        context = object_or_sym
-      else
-        object = object_or_sym
-      end
-
-      non_bang = options.delete(:non_bang)
-      args = [
-        privilege,
-        {:user => current_user,
-         :object => object,
-         :context => context,
-         :skip_attribute_test => object.nil?}.merge(options)
-      ]
-      if non_bang
-        authorization_engine.permit?(*args, &block)
-      else
-        authorization_engine.permit!(*args, &block)
-      end
+    def permitted_to! (privilege, object_or_sym = nil, options = {})
+      authorization_engine.permit!(privilege, options_for_permit(object_or_sym, options, true))
     end
 
     # While permitted_to? is used for authorization, in some cases
@@ -182,6 +166,23 @@ def new_controller_object_for_collection (context_without_namespace, parent_cont
       instance_variable_set(instance_var, model_or_proxy.new)
     end
 
+    def options_for_permit (object_or_sym = nil, options = {}, bang = true)
+      context = object = nil
+      if object_or_sym.nil?
+        context = self.class.decl_auth_context
+      elsif !object_or_sym.respond_to?(:proxy_reflection) and object_or_sym.is_a?(Symbol)
+        context = object_or_sym
+      else
+        object = object_or_sym
+      end
+
+      {:user => current_user,
+        :object => object,
+        :context => context,
+        :skip_attribute_test => object.nil?,
+        :bang => bang}.merge(options)
+    end
+
     module ClassMethods
       #
       # Defines a filter to be applied according to the authorization of the