Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Fixed handling of nil attributes in if_permitted_to

  • Loading branch information...
commit 40ed030f6a4fb5c966327a9018fd941e0476fd61 1 parent 2ad5e34
@stffn authored
View
5 lib/declarative_authorization/authorization.rb
@@ -460,12 +460,15 @@ def validate? (attr_validator, object = nil, hash_or_attr = nil)
case hash_or_attr
when Symbol
attr_value = object_attribute_value(object, hash_or_attr)
+ if attr_value.nil?
+ raise NilAttributeValueError, "Attribute #{hash_or_attr.inspect} is nil in #{object.inspect}."
+ end
attr_validator.engine.permit? @privilege, :object => attr_value, :user => attr_validator.user
when Hash
hash_or_attr.all? do |attr, sub_hash|
attr_value = object_attribute_value(object, attr)
if attr_value.nil?
- raise AuthorizationError, "Attribute #{attr.inspect} is nil in #{object.inspect}."
+ raise NilAttributeValueError, "Attribute #{attr.inspect} is nil in #{object.inspect}."
end
validate?(attr_validator, attr_value, sub_hash)
end
View
27 test/authorization_test.rb
@@ -514,6 +514,33 @@ def test_attribute_with_deep_permissions
:object => MockDataObject.new(:shallow_permission =>
MockDataObject.new(:permission => perm_data_attr_2)))
end
+
+ def test_attribute_with_permissions_nil
+ reader = Authorization::Reader::DSLReader.new
+ reader.parse %{
+ authorization do
+ role :test_role do
+ has_permission_on :permissions, :to => :test do
+ if_attribute :test_attr => 1
+ end
+ has_permission_on :permission_children, :to => :test do
+ if_permitted_to :test, :permission
+ end
+ end
+ end
+ }
+ engine = Authorization::Engine.new(reader)
+
+ assert_nothing_raised do
+ engine.permit?(:test, :context => :permission_children,
+ :user => MockUser.new(:test_role),
+ :object => MockDataObject.new(:permission => nil))
+ end
+
+ assert !engine.permit?(:test, :context => :permission_children,
+ :user => MockUser.new(:test_role),
+ :object => MockDataObject.new(:permission => nil))
+ end
def test_raise_on_if_attribute_hash_on_collection
reader = Authorization::Reader::DSLReader.new
Please sign in to comment.
Something went wrong with that request. Please try again.