Browse files

Merge pull request #660 from fl00r/master

Segmentation fault on aliasing
  • Loading branch information...
2 parents d20d90d + 925274d commit cad4db2d7b050d4256af0e2b8a23c4dfd9e1f5f0 @ryanb committed Jul 2, 2012
Showing with 10 additions and 0 deletions.
  1. +6 −0 lib/cancan/ability.rb
  2. +4 −0 spec/cancan/ability_spec.rb
@@ -172,10 +172,16 @@ def cannot(action = nil, subject = nil, conditions = nil, &block)
# This way one can use params[:action] in the controller to determine the permission.
def alias_action(*args)
target = args.pop[:to]
+ validate_target(target)
aliased_actions[target] ||= []
aliased_actions[target] += args
+ # User shouldn't specify targets with names of real actions or it will cause Seg fault
+ def validate_target(target)
+ raise Error, "You can't specify target (#{target}) as alias because it is real action name" if aliased_actions.values.flatten.include? target
+ end
# Returns a hash of aliased actions. The key is the target and the value is an array of actions aliasing the key.
def aliased_actions
@aliased_actions ||= default_alias_actions
@@ -87,6 +87,10 @@
@ability.can?(:increment, 123).should be_true
+ it "should raise an Error if alias target is an exist action" do
+ lambda{ @ability.alias_action :show, :to => :show }.should raise_error(CanCan::Error, "You can't specify target (show) as alias because it is real action name")
+ end
it "should always call block with arguments when passing no arguments to can" do
@ability.can do |action, object_class, object|
action.should == :foo

0 comments on commit cad4db2

Please sign in to comment.