lib/authority/controller.rb in authority-3.2.0 vs lib/authority/controller.rb in authority-3.2.1

@@ -13,11 +13,12 @@
       end
     end
 
     included do
       rescue_from(Authority::SecurityViolation, :with => Authority::Controller.security_violation_callback)
-      class_attribute :authority_resource, :instance_reader => false
+      class_attribute :authority_resource,  :instance_reader => false
+      class_attribute :authority_arguments, :instance_writer => false
     end
 
     attr_writer :authorization_performed
 
     def authorization_performed?
@@ -38,15 +39,20 @@
       # @param [Class OR Symbol] resource_or_finder - class whose authorizer
       # should be consulted, or instance method on the controller which will
       # determine that class when the request is made
       # @param [Hash] options - can contain :actions to
       # be merged with existing
-      # ones and any other options applicable to a before_filter
+      # ones and any other options applicable to a before_filter,
+      # and can contain an array of :opts to pass to the authorizer
       def authorize_actions_for(resource_or_finder, options = {})
         self.authority_resource = resource_or_finder
         add_actions(options.fetch(:actions, {}))
         force_action(options[:all_actions]) if options[:all_actions]
+        
+        # Capture custom authorization options
+        self.authority_arguments = options.delete(:args)
+        
         if respond_to? :before_action
           before_action :run_authorization_check, options
         else
           before_filter :run_authorization_check, options
         end
@@ -137,14 +143,14 @@
     # The `before_filter` that will be setup to run when the class method
     # `authorize_actions_for` is called
     def run_authorization_check
       if instance_authority_resource.is_a?(Array)
         # Array includes options; pass as separate args
-        authorize_action_for(*instance_authority_resource)
+        authorize_action_for(*instance_authority_resource, *authority_arguments)
       else
         # *resource would be interpreted as resource.to_a, which is wrong and
         # actually triggers a query if it's a Sequel model
-        authorize_action_for(instance_authority_resource)
+        authorize_action_for(instance_authority_resource, *authority_arguments)
       end
     end
 
     def instance_authority_resource
       case self.class.authority_resource