authorizer.rb in curupira-0.1.4

- old
+ new

@@ -13,15 +13,15 @@
         deny_access
       end
     end
 
     def has_authorization?
-      return true if current_user.admin?
-      query(params).present?
+      has_authorization_for(params)
     end
 
     def has_authorization_for(params)
+      return true if current_user.admin?
       query(params).present?
     end
 
     private
 
@@ -29,10 +29,10 @@
       redirect_to "/", notice: "Sem autorização"
     end
 
     def query(params)
       User.joins(
-        role_group_users: { role: { features: [:action_labels] } } 
+        role_group_users: { role: { features: [:action_labels] } }
       )
       .where(
         features: { controller: params[:controller] },
         action_labels: { name: [params[:action], 'manage'] },
         id: current_user
\ No newline at end of file