From 2bd54f81c4481fe72d302fbbb7491084250b596b Mon Sep 17 00:00:00 2001
From: nozik <ran@skycure.com>
Date: Tue, 30 Aug 2016 11:15:12 +0300
Subject: [PATCH 1/4] check for nil when authorizing doc

---
 app/controllers/apipie/apipies_controller.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/controllers/apipie/apipies_controller.rb b/app/controllers/apipie/apipies_controller.rb
index 297c0b09a..abe6fe87c 100644
--- a/app/controllers/apipie/apipies_controller.rb
+++ b/app/controllers/apipie/apipies_controller.rb
@@ -94,7 +94,7 @@ def get_language
 
     def authorized_doc
 
-      return @doc unless Apipie.configuration.authorize
+      return @doc unless Apipie.configuration.authorize or @doc.nil?
 
       new_doc = { :docs => @doc[:docs].clone }
 

From 79192f01f34c00755c87f7d5a329b46b025ef279 Mon Sep 17 00:00:00 2001
From: nozik <ran@skycure.com>
Date: Sun, 4 Sep 2016 16:29:05 +0300
Subject: [PATCH 2/4] separate conditions

---
 app/controllers/apipie/apipies_controller.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/controllers/apipie/apipies_controller.rb b/app/controllers/apipie/apipies_controller.rb
index 2329fb32f..a37a42ee4 100644
--- a/app/controllers/apipie/apipies_controller.rb
+++ b/app/controllers/apipie/apipies_controller.rb
@@ -93,8 +93,8 @@ def get_language
     end
 
     def authorized_doc
-
-      return @doc if @doc.nil? or not Apipie.configuration.authorize
+      return if @doc.nil?
+      return @doc unless Apipie.configuration.authorize
 
       new_doc = { :docs => @doc[:docs].clone }
 

From ac5080f56cb785270281b9677eb9ca3e210a58fc Mon Sep 17 00:00:00 2001
From: nozik <ran@skycure.com>
Date: Tue, 15 Nov 2016 13:04:44 +0200
Subject: [PATCH 3/4] handle array case

---
 app/controllers/apipie/apipies_controller.rb | 33 +++++++++++++++-----
 1 file changed, 26 insertions(+), 7 deletions(-)

diff --git a/app/controllers/apipie/apipies_controller.rb b/app/controllers/apipie/apipies_controller.rb
index a37a42ee4..b05ca8792 100644
--- a/app/controllers/apipie/apipies_controller.rb
+++ b/app/controllers/apipie/apipies_controller.rb
@@ -98,20 +98,39 @@ def authorized_doc
 
       new_doc = { :docs => @doc[:docs].clone }
 
-      new_doc[:docs][:resources] = @doc[:docs][:resources].select do |k, v|
-        if instance_exec(k, nil, v, &Apipie.configuration.authorize)
-          v[:methods] = v[:methods].select do |h|
-            instance_exec(k, h[:name], h, &Apipie.configuration.authorize)
+      resources = @doc[:docs][:resources]
+
+      if resources.is_a?(Array)
+        authorized_resources = []
+        resources.each do |resource|
+          authorized = resource.select do |k, v|
+            authorize_resource?(k, v)
           end
-          true
-        else
-          false
+          authorized_resources << authorized
+        end
+
+        new_doc[:docs][:resources] = authorized_resources
+      else
+        # Assume resource is a hash
+        new_doc[:docs][:resources] = resources.select do |k, v|
+          authorize_resource?(k, v)
         end
       end
 
       new_doc
     end
 
+    def authorize_resource?(name, value)
+      if instance_exec(name, nil, value, &Apipie.configuration.authorize)
+        v[:methods] = v[:methods].select do |h|
+          instance_exec(k, h[:name], h, &Apipie.configuration.authorize)
+        end
+        true
+      end
+
+      false
+    end
+
     def get_format
       [:resource, :method, :version].each do |par|
         if params[par]

From c488b081d6c9a6c03ab9f89e1adb5da9b4d5e619 Mon Sep 17 00:00:00 2001
From: nozik <ran@skycure.com>
Date: Tue, 15 Nov 2016 13:48:18 +0200
Subject: [PATCH 4/4] take first resource only

---
 app/controllers/apipie/apipies_controller.rb | 19 +++++++------------
 1 file changed, 7 insertions(+), 12 deletions(-)

diff --git a/app/controllers/apipie/apipies_controller.rb b/app/controllers/apipie/apipies_controller.rb
index b05ca8792..01862ddf4 100644
--- a/app/controllers/apipie/apipies_controller.rb
+++ b/app/controllers/apipie/apipies_controller.rb
@@ -97,18 +97,13 @@ def authorized_doc
       return @doc unless Apipie.configuration.authorize
 
       new_doc = { :docs => @doc[:docs].clone }
-
       resources = @doc[:docs][:resources]
 
-      if resources.is_a?(Array)
+      if params[:resource].present? and resources.is_a?(Array)
+        # We assume only one resource in the array when a specific resource was queried
+        resource_name = params[:resource]
         authorized_resources = []
-        resources.each do |resource|
-          authorized = resource.select do |k, v|
-            authorize_resource?(k, v)
-          end
-          authorized_resources << authorized
-        end
-
+        authorized_resources << resources.first if authorize_resource?(resource_name, resources.first)
         new_doc[:docs][:resources] = authorized_resources
       else
         # Assume resource is a hash
@@ -122,10 +117,10 @@ def authorized_doc
 
     def authorize_resource?(name, value)
       if instance_exec(name, nil, value, &Apipie.configuration.authorize)
-        v[:methods] = v[:methods].select do |h|
-          instance_exec(k, h[:name], h, &Apipie.configuration.authorize)
+        value[:methods] = value[:methods].select do |h|
+          instance_exec(name, h[:name], h, &Apipie.configuration.authorize)
         end
-        true
+        return true
       end
 
       false