From 7b36c0592faf0b08b67534c83dc139c8b582739f Mon Sep 17 00:00:00 2001
From: thosakwe <thosakwe@gmail.com>
Date: Fri, 20 Jan 2017 22:39:39 -0500
Subject: [PATCH] 4

---
 README.md                |  2 +-
 lib/src/permissions.dart | 24 +++++++++++++-----------
 pubspec.yaml             |  2 +-
 3 files changed, 15 insertions(+), 13 deletions(-)

diff --git a/README.md b/README.md
index cfc78ee9..7745eab0 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,5 @@
 # security
-[![version 0.0.0-alpha+3](https://img.shields.io/badge/pub-v0.0.0--alpha+3-red.svg)](https://pub.dartlang.org/packages/angel_security)
+[![version 0.0.0-alpha+4](https://img.shields.io/badge/pub-v0.0.0--alpha+4-red.svg)](https://pub.dartlang.org/packages/angel_security)
 [![build status](https://travis-ci.org/angel-dart/security.svg)](https://travis-ci.org/angel-dart/security)
 
 Angel middleware designed to enhance application security by patching common Web security
diff --git a/lib/src/permissions.dart b/lib/src/permissions.dart
index 248d869c..d802b557 100644
--- a/lib/src/permissions.dart
+++ b/lib/src/permissions.dart
@@ -13,20 +13,22 @@ class Permission {
   HookedServiceEventListener toHook(
       {String message, String userKey, getRoles(user)}) {
     return (HookedServiceEvent e) async {
-      var user = e.request.grab(userKey ?? 'user');
+      if (e.params.containsKey('provider')) {
+        var user = e.request.grab(userKey ?? 'user');
 
-      if (user == null)
-        throw new AngelHttpException.forbidden(
-            message: message ??
-                'You have insufficient permissions to perform this action.');
+        if (user == null)
+          throw new AngelHttpException.forbidden(
+              message: message ??
+                  'You have insufficient permissions to perform this action.');
 
-      var roleFinder = getRoles ?? (user) async => user.roles ?? [];
-      List<String> roles = (await roleFinder(user)).toList();
+        var roleFinder = getRoles ?? (user) async => user.roles ?? [];
+        List<String> roles = (await roleFinder(user)).toList();
 
-      if (!roles.any(verify))
-        throw new AngelHttpException.forbidden(
-            message: message ??
-                'You have insufficient permissions to perform this action.');
+        if (!roles.any(verify))
+          throw new AngelHttpException.forbidden(
+              message: message ??
+                  'You have insufficient permissions to perform this action.');
+      }
     };
   }
 
diff --git a/pubspec.yaml b/pubspec.yaml
index 4afc0874..e2e65e8a 100644
--- a/pubspec.yaml
+++ b/pubspec.yaml
@@ -1,5 +1,5 @@
 name: angel_security
-version: 0.0.0-alpha+3
+version: 0.0.0-alpha+4
 description: Angel middleware designed to enhance application security by patching common Web security holes.
 author: Tobe O <thosakwe@gmail.com>
 environment: