Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Nicer handling of 'optional options'

  • Loading branch information...
commit a054694bf7b6146199864ad4e2579bbcd96edc23 1 parent e3dabfe
@nathanl authored
View
13 lib/authority.rb
@@ -31,19 +31,16 @@ def self.adjectives
# @param [Hash] options, arbitrary options hash to delegate to the authorizer
# @raise [SecurityViolation] if user is not allowed to perform action on resource
# @return [Model] resource instance
- def self.enforce(action, resource, user, *options)
- unless action_authorized?(action, resource, user, *options)
+ def self.enforce(action, resource, user, options = {})
+ unless action_authorized?(action, resource, user, options)
raise SecurityViolation.new(user, action, resource)
end
resource
end
- def self.action_authorized?(action, resource, user, *options)
- if options.empty?
- user.send("can_#{action}?", resource)
- else
- user.send("can_#{action}?", resource, Hash[*options])
- end
+ def self.action_authorized?(action, resource, user, options = {})
+ resource_and_maybe_options = [resource, options].tap {|args| args.pop if args.last == {}}
+ user.send("can_#{action}?", *resource_and_maybe_options)
end
class << self
View
7 lib/authority/authorizer.rb
@@ -29,11 +29,8 @@ def self.default(adjective, user, options = {})
Authority.adjectives.each do |adjective|
class_eval <<-RUBY, __FILE__, __LINE__ + 1
def self.#{adjective}_by?(user, options = {})
- if options.empty?
- default(:#{adjective}, user)
- else
- default(:#{adjective}, user, options)
- end
+ user_and_maybe_options = [user, options].tap {|args| args.pop if args.last == {}}
+ default(:#{adjective}, *user_and_maybe_options)
end
RUBY
end
View
9 lib/authority/user_abilities.rb
@@ -11,17 +11,14 @@ module UserAbilities
Authority.verbs.each do |verb|
class_eval <<-RUBY, __FILE__, __LINE__ + 1
def can_#{verb}?(resource, options = {})
- if options.empty?
- resource.#{Authority.abilities[verb]}_by?(self)
- else
- resource.#{Authority.abilities[verb]}_by?(self, options)
- end
+ self_and_maybe_options = [self, options].tap {|args| args.pop if args.last == {}}
+ resource.#{Authority.abilities[verb]}_by?(*self_and_maybe_options)
end
RUBY
end
def can?(action, options = {})
- self_and_maybe_options = [self, (options == {} ? nil : options)].compact # throw out if nil
+ self_and_maybe_options = [self, options].tap {|args| args.pop if args.last == {}}
begin
ApplicationAuthorizer.send("authorizes_to_#{action}?", *self_and_maybe_options)
rescue NoMethodError => original_exception
View
4 spec/authority_spec.rb
@@ -42,7 +42,7 @@
let(:user) { ExampleUser.new }
let(:resource_class) { ExampleResource }
- describe "if given options" do
+ describe "when given options" do
it "checks the user's authorization, passing along the options" do
options = { :for => 'context' }
@@ -52,7 +52,7 @@
end
- describe "if not given options" do
+ describe "when not given options" do
it "checks the user's authorization, passing no options" do
user.should_receive(:can_delete?).with(resource_class).and_return(true)

0 comments on commit a054694

Please sign in to comment.
Something went wrong with that request. Please try again.