fix logic error for single cannot
condition - it should return no records
This commit is contained in:
parent
ac19422a90
commit
5fd793090a
|
@ -234,12 +234,11 @@ module CanCan
|
||||||
|
|
||||||
true_cond = subject.send(:sanitize_sql, ['?=?', true, true])
|
true_cond = subject.send(:sanitize_sql, ['?=?', true, true])
|
||||||
false_cond = subject.send(:sanitize_sql, ['?=?', true, false])
|
false_cond = subject.send(:sanitize_sql, ['?=?', true, false])
|
||||||
conds.reverse.inject(nil) do |sql, action|
|
conds.reverse.inject(false_cond) do |sql, action|
|
||||||
behavior, condition = action
|
behavior, condition = action
|
||||||
if condition && condition != {}
|
if condition && condition != {}
|
||||||
condition = subject.send(:sanitize_sql, condition)
|
condition = subject.send(:sanitize_sql, condition)
|
||||||
case sql
|
case sql
|
||||||
when nil then behavior ? condition : "not (#{condition})"
|
|
||||||
when true_cond
|
when true_cond
|
||||||
behavior ? true_cond : "not (#{condition})"
|
behavior ? true_cond : "not (#{condition})"
|
||||||
when false_cond
|
when false_cond
|
||||||
|
|
|
@ -239,20 +239,34 @@ describe CanCan::Ability do
|
||||||
@ability.sql_conditions(:read, SqlSanitizer).should == { :blocked => false, :user_id => 1 }
|
@ability.sql_conditions(:read, SqlSanitizer).should == { :blocked => false, :user_id => 1 }
|
||||||
end
|
end
|
||||||
|
|
||||||
it "should return `not (sql)` for single `cannot` definition" do
|
it "should return `sql` for single `can` definition in front of default `cannot` condition" do
|
||||||
@ability.cannot :read, SqlSanitizer, :blocked => true, :user_id => 1
|
|
||||||
|
|
||||||
@ability.sql_conditions(:read, SqlSanitizer).should == 'not (blocked=true AND user_id=1)'
|
|
||||||
end
|
|
||||||
|
|
||||||
it "should return `sql` for single `can` definition in front of default cannot condition" do
|
|
||||||
@ability.cannot :read, SqlSanitizer
|
@ability.cannot :read, SqlSanitizer
|
||||||
@ability.can :read, SqlSanitizer, :blocked => false, :user_id => 1
|
@ability.can :read, SqlSanitizer, :blocked => false, :user_id => 1
|
||||||
|
|
||||||
@ability.sql_conditions(:read, SqlSanitizer).should == 'blocked=false AND user_id=1'
|
@ability.sql_conditions(:read, SqlSanitizer).should == 'blocked=false AND user_id=1'
|
||||||
end
|
end
|
||||||
|
|
||||||
it "should return `not (sql)` for single `cannot` definition in front of default can condition" do
|
it "should return `true condition` for single `can` definition in front of default `can` condition" do
|
||||||
|
@ability.can :read, SqlSanitizer
|
||||||
|
@ability.can :read, SqlSanitizer, :blocked => false, :user_id => 1
|
||||||
|
|
||||||
|
@ability.sql_conditions(:read, SqlSanitizer).should == 'true=true'
|
||||||
|
end
|
||||||
|
|
||||||
|
it "should return `false condition` for single `cannot` definition" do
|
||||||
|
@ability.cannot :read, SqlSanitizer, :blocked => true, :user_id => 1
|
||||||
|
|
||||||
|
@ability.sql_conditions(:read, SqlSanitizer).should == 'true=false'
|
||||||
|
end
|
||||||
|
|
||||||
|
it "should return `false condition` for single `cannot` definition in front of default `cannot` condition" do
|
||||||
|
@ability.cannot :read, SqlSanitizer
|
||||||
|
@ability.cannot :read, SqlSanitizer, :blocked => true, :user_id => 1
|
||||||
|
|
||||||
|
@ability.sql_conditions(:read, SqlSanitizer).should == 'true=false'
|
||||||
|
end
|
||||||
|
|
||||||
|
it "should return `not (sql)` for single `cannot` definition in front of default `can` condition" do
|
||||||
@ability.can :read, SqlSanitizer
|
@ability.can :read, SqlSanitizer
|
||||||
@ability.cannot :read, SqlSanitizer, :blocked => true, :user_id => 1
|
@ability.cannot :read, SqlSanitizer, :blocked => true, :user_id => 1
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user