stffn · chucre · Oct 14, 2016 · Oct 15, 2016 · Oct 15, 2016 · Dec 7, 2016
diff --git a/.travis.yml b/.travis.yml
@@ -1,20 +1,15 @@
 language: ruby
 script: bundle exec rake test
 rvm:
-  - 1.8.7
-  - 1.9.3
+  - 2.1
+  - 2.2 
 gemfile:
-  - gemfiles/2.3.gemfile
-  - gemfiles/3.0.gemfile
-  - gemfiles/3.1.gemfile
-  - gemfiles/3.2.gemfile
   - gemfiles/4.0.gemfile
   - gemfiles/4.1.gemfile
+  - gemfiles/5.0.gemfile
+
 matrix:
   exclude:
-    - rvm: 1.8.7
-      gemfile: gemfiles/4.0.gemfile
-    - rvm: 1.8.7
-      gemfile: gemfiles/4.1.gemfile
-    - rvm: 1.9.3
-      gemfile: gemfiles/2.3.gemfile
+    - rvm: 2.1
+     gemfile: gemfiles/5.0.gemfile
+
diff --git a/gemfiles/3.0.gemfile b/gemfiles/3.0.gemfile
diff --git a/gemfiles/3.1.gemfile b/gemfiles/3.1.gemfile
diff --git a/gemfiles/3.2.gemfile b/gemfiles/3.2.gemfile
diff --git a/gemfiles/2.3.gemfile → gemfiles/5.0.gemfile b/gemfiles/2.3.gemfile → gemfiles/5.0.gemfile
@@ -1,8 +1,8 @@
 source 'https://rubygems.org'
 
-gem 'rails', '~> 2.3.0'
+gem 'rails', '~> 5.0.0'
 gem 'sqlite3'
 gem 'ruby_parser'
 gem 'rdoc'
-gemspec :path => '..'
 
+gemspec :path => '..'
diff --git a/lib/declarative_authorization.rb b/lib/declarative_authorization.rb
@@ -14,6 +14,5 @@
 require File.join(%w{declarative_authorization railsengine}) if defined?(::Rails::Engine)
 
 ActionController::Base.send :include, Authorization::AuthorizationInController
-ActionController::Base.helper Authorization::AuthorizationHelper
 
 ActiveRecord::Base.send :include, Authorization::AuthorizationInModel if defined?(ActiveRecord)
diff --git a/lib/declarative_authorization/in_controller.rb b/lib/declarative_authorization/in_controller.rb
@@ -3,11 +3,23 @@
 
 module Authorization
   module AuthorizationInController
-
+    
     def self.included(base) # :nodoc:
       base.extend(ClassMethods)
-      base.hide_action :authorization_engine, :permitted_to?,
-        :permitted_to!
+      if base.respond_to? :helper
+        base.helper Authorization::AuthorizationHelper
+      end
+
+      if base.respond_to? :helper_method
+          helpers = %w(
+            permitted_to? 
+            has_role? 
+            has_role_with_hierarchy?
+            has_any_role?
+            has_any_role_with_hierarchy?
+          )
+          base.helper_method(*helpers)
+        end
     end
 
     DEFAULT_DENY = false
@@ -131,7 +143,7 @@ def filter_access_filter # :nodoc:
           # permission_denied needs to render or redirect
           send(:permission_denied)
         else
-          send(:render, :text => "You are not allowed to access this action.",
+          send(:render, :plain => "You are not allowed to access this action.",
             :status => :forbidden)
         end
       end
@@ -238,10 +250,10 @@ module ClassMethods
       # authorization rules are enforced because for some actions (collections,
       # +new+, +create+), there is no object to evaluate conditions against.  To
       # allow attribute checks on all actions, it is a common pattern to provide
-      # custom objects through +before_filters+:
+      # custom objects through +before_actions+:
       #   class BranchesController < ApplicationController
-      #     before_filter :load_company
-      #     before_filter :new_branch_from_company_and_params,
+      #     before_action :load_company
+      #     before_action :new_branch_from_company_and_params,
       #       :only => [:index, :new, :create]
       #     filter_access_to :all, :attribute_check => true
       #
@@ -250,7 +262,7 @@ module ClassMethods
       #       @branch = @company.branches.new(params[:branch])
       #     end
       #   end
-      # NOTE: +before_filters+ need to be defined before the first
+      # NOTE: +before_actions+ need to be defined before the first
       # +filter_access_to+ call.
       #   
       # For further customization, a custom filter expression may be formulated
@@ -311,8 +323,10 @@ def filter_access_to (*args, &filter_block)
         actions = args.flatten
 
         # prevent setting filter_access_filter multiple times
-        skip_before_filter :filter_access_filter
-        before_filter :filter_access_filter
+        # skip_before_action :filter_access_filter
+        before_action do |controller|
+          controller.send(:filter_access_filter) if controller.methods.include? :filter_access_filter
+        end
 
         filter_access_permissions.each do |perm|
           perm.remove_actions(actions)
@@ -344,7 +358,7 @@ def all_filter_access_permissions # :nodoc:
 
       # To DRY up the filter_access_to statements in restful controllers,
       # filter_resource_access combines typical filter_access_to and
-      # before_filter calls, which set up the instance variables.
+      # before_action calls, which set up the instance variables.
       #
       # The simplest case are top-level resource controllers with only the
       # seven CRUD methods, e.g.
@@ -457,7 +471,7 @@ def all_filter_access_permissions # :nodoc:
       #   Allows to add additional new actions to the default resource +new+ actions.
       # [:+context+]
       #   The context is used to determine the model to load objects from for the
-      #   before_filters and the context of privileges to use in authorization
+      #   before_actions and the context of privileges to use in authorization
       #   checks.
       # [:+nested_in+]
       #   Specifies the parent controller if the resource is nested in another
@@ -514,7 +528,7 @@ def filter_resource_access(options = {})
         unless options[:nested_in].blank?
           load_parent_method = :"load_#{options[:nested_in].to_s.singularize}"
           shallow_exceptions = options[:shallow] ? {:except => members.keys} : {}
-          before_filter shallow_exceptions do |controller|
+          before_action shallow_exceptions do |controller|
             if controller.respond_to?(load_parent_method, true)
               controller.send(load_parent_method)
             else
@@ -523,7 +537,7 @@ def filter_resource_access(options = {})
           end
 
           new_for_collection_method = :"new_#{controller_name.singularize}_for_collection"
-          before_filter :only => collections.keys do |controller|
+          before_action :only => collections.keys do |controller|
             # new_for_collection
             if controller.respond_to?(new_for_collection_method, true)
               controller.send(new_for_collection_method)
@@ -536,7 +550,7 @@ def filter_resource_access(options = {})
 
         unless options[:strong_parameters]
           new_from_params_method = :"new_#{controller_name.singularize}_from_params"
-          before_filter :only => new_actions.keys do |controller|
+          before_action :only => new_actions.keys do |controller|
             # new_from_params
             if controller.respond_to?(new_from_params_method, true)
               controller.send(new_from_params_method)
@@ -547,7 +561,7 @@ def filter_resource_access(options = {})
           end
         else
           new_object_method = :"new_#{controller_name.singularize}"
-          before_filter :only => :new do |controller|
+          before_action :only => :new do |controller|
             # new_from_params
             if controller.respond_to?(new_object_method, true)
               controller.send(new_object_method)
@@ -559,7 +573,7 @@ def filter_resource_access(options = {})
         end
 
         load_method = :"load_#{controller_name.singularize}"
-        before_filter :only => members.keys do |controller|
+        before_action :only => members.keys do |controller|
           # load controller object
           if controller.respond_to?(load_method, true)
             controller.send(load_method)