Avoid call to current_user in AuthorizationInController#permitted_to*

when :user option is passed.

lib/declarative_authorization/in_controller.rb

@@ -176,11 +176,12 @@ def options_for_permit (object_or_sym = nil, options = {}, bang = true)
         object = object_or_sym
       end
 
-      {:user => current_user,
-        :object => object,
+      result = {:object => object,
         :context => context,
         :skip_attribute_test => object.nil?,
         :bang => bang}.merge(options)
+      result[:user] = current_user unless result.key?(:user)
+      result
     end
 
     module ClassMethods