From b3fc5add347a613009035e1f2376080328732b51 Mon Sep 17 00:00:00 2001 From: Patrick Morgan Date: Wed, 14 Sep 2011 13:39:11 -0500 Subject: [PATCH 01/34] Correct "return cant jump across threads" error when using check_authorization() --- lib/cancan/controller_additions.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/cancan/controller_additions.rb b/lib/cancan/controller_additions.rb index 12e0875..0d293a3 100644 --- a/lib/cancan/controller_additions.rb +++ b/lib/cancan/controller_additions.rb @@ -247,9 +247,9 @@ module CanCan # def check_authorization(options = {}) self.after_filter(options.slice(:only, :except)) do |controller| - return if controller.instance_variable_defined?(:@_authorized) - return if options[:if] && !controller.send(options[:if]) - return if options[:unless] && controller.send(options[:unless]) + next if controller.instance_variable_defined?(:@_authorized) + next if options[:if] && !controller.send(options[:if]) + next if options[:unless] && controller.send(options[:unless]) raise AuthorizationNotPerformed, "This action failed the check_authorization because it does not authorize_resource. Add skip_authorization_check to bypass this check." end end From 98326394f0d89364da8f3934c92c37751ecbd45d Mon Sep 17 00:00:00 2001 From: Ryan Bates Date: Wed, 28 Sep 2011 16:24:03 -0700 Subject: [PATCH 02/34] removing jruby/rubinius from travis.yml for now until I figure out why they aren't passing --- .travis.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index ac6a307..0c0a278 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,8 +1,6 @@ rvm: - 1.8.7 - - jruby - ree - - rbx-2.0 notifications: recipients: - graf.otodrakula@gmail.com From 26b40f2b49426041f3103727c627da3fa8657589 Mon Sep 17 00:00:00 2001 From: Ryan Bates Date: Wed, 28 Sep 2011 17:00:32 -0700 Subject: [PATCH 03/34] releasing version 1.6.6 --- CHANGELOG.rdoc | 20 +++++++++++++++++++- cancan.gemspec | 2 +- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.rdoc b/CHANGELOG.rdoc index 367a91e..d288a03 100644 --- a/CHANGELOG.rdoc +++ b/CHANGELOG.rdoc @@ -1,3 +1,22 @@ +1.6.6 (September 28, 2011) + +* correct "return cant jump across threads" error when using check_authorization (thanks codeprimate) - issues #463, #469 + +* fixing tests in development by specifying with_model version (thanks kirkconnell) - issue #476 + +* added travis.yml file for TravisCI support (thanks bai) - issue #427 + +* better support for namespaced models (thanks whilefalse) - issues #424 + +* adding :id_param option to load_and_authorize_resource (thanks skhisma) - issue #425 + +* make default unauthorized message translatable text (thanks nhocki) - issue #409 + +* improving DataMapper behavior (thanks psanford, maxsum-corin) - issue #410, #373 + +* allow :find_by option to be full find method name - issue #335 + + 1.6.5 (May 18, 2011) * pass action and subject through AccessDenied exception when :through isn't found - issue #366 @@ -15,7 +34,6 @@ * improve scope merging - issue #328 - 1.6.4 (March 29, 2011) * Fixed mongoid 'or' error - see issue #322 diff --git a/cancan.gemspec b/cancan.gemspec index 5379d48..ac1a179 100644 --- a/cancan.gemspec +++ b/cancan.gemspec @@ -1,6 +1,6 @@ Gem::Specification.new do |s| s.name = "cancan" - s.version = "1.6.5" + s.version = "1.6.6" s.author = "Ryan Bates" s.email = "ryan@railscasts.com" s.homepage = "http://github.com/ryanb/cancan" From 67a3038628a343feb80a706aa3646b18f4d7a583 Mon Sep 17 00:00:00 2001 From: Ryan Bates Date: Tue, 4 Oct 2011 15:02:59 -0700 Subject: [PATCH 04/34] quick fix to get nested resources working again - closes #482 --- cancan.gemspec | 2 +- lib/cancan/controller_resource.rb | 2 +- spec/cancan/controller_resource_spec.rb | 4 ++-- spec/cancan/model_adapters/active_record_adapter_spec.rb | 4 ---- spec/spec_helper.rb | 4 ++++ 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/cancan.gemspec b/cancan.gemspec index ac1a179..2f2fa3b 100644 --- a/cancan.gemspec +++ b/cancan.gemspec @@ -10,7 +10,7 @@ Gem::Specification.new do |s| s.files = Dir["{lib,spec}/**/*", "[A-Z]*", "init.rb"] - ["Gemfile.lock"] s.require_path = "lib" - s.add_development_dependency 'rspec', '~> 2.1.0' + s.add_development_dependency 'rspec', '~> 2.6.0' s.add_development_dependency 'rails', '~> 3.0.9' s.add_development_dependency 'rr', '~> 0.10.11' # 1.0.0 has respond_to? issues: http://github.com/btakita/rr/issues/issue/43 s.add_development_dependency 'supermodel', '~> 0.1.4' diff --git a/lib/cancan/controller_resource.rb b/lib/cancan/controller_resource.rb index d4f30b3..7f29d61 100644 --- a/lib/cancan/controller_resource.rb +++ b/lib/cancan/controller_resource.rb @@ -208,7 +208,7 @@ module CanCan end def namespaced_name - @params[:controller].sub("Controller", "").singularize.camelize.constantize + @name || @params[:controller].sub("Controller", "").singularize.camelize.constantize rescue NameError name end diff --git a/spec/cancan/controller_resource_spec.rb b/spec/cancan/controller_resource_spec.rb index 220971f..21493f9 100644 --- a/spec/cancan/controller_resource_spec.rb +++ b/spec/cancan/controller_resource_spec.rb @@ -197,8 +197,8 @@ describe CanCan::ControllerResource do it "should load parent resource through proper id parameter" do project = Project.create! - @params.merge!(:action => "index", :project_id => project.id) - resource = CanCan::ControllerResource.new(@controller, :project, :parent => true) + @params.merge!(:controller => "categories", :action => "index", :project_id => project.id) + resource = CanCan::ControllerResource.new(@controller, :project) resource.load_resource @controller.instance_variable_get(:@project).should == project end diff --git a/spec/cancan/model_adapters/active_record_adapter_spec.rb b/spec/cancan/model_adapters/active_record_adapter_spec.rb index cf4155b..0c82c02 100644 --- a/spec/cancan/model_adapters/active_record_adapter_spec.rb +++ b/spec/cancan/model_adapters/active_record_adapter_spec.rb @@ -1,10 +1,6 @@ if ENV["MODEL_ADAPTER"].nil? || ENV["MODEL_ADAPTER"] == "active_record" require "spec_helper" - RSpec.configure do |config| - config.extend WithModel - end - ActiveRecord::Base.establish_connection(:adapter => "sqlite3", :database => ":memory:") describe CanCan::ModelAdapters::ActiveRecordAdapter do diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 4deccd1..9576275 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -9,11 +9,15 @@ require 'matchers' require 'cancan/matchers' RSpec.configure do |config| + config.treat_symbols_as_metadata_keys_with_true_values = true + config.filter_run :focus => true + config.run_all_when_everything_filtered = true config.mock_with :rr config.before(:each) do Project.delete_all Category.delete_all end + config.extend WithModel end class Ability From 9eebeb21558bdd056e3e7b07f7e6eb57c1656973 Mon Sep 17 00:00:00 2001 From: Ryan Bates Date: Tue, 4 Oct 2011 15:04:28 -0700 Subject: [PATCH 05/34] releasing 1.6.7 with nested resource fix --- CHANGELOG.rdoc | 5 +++++ cancan.gemspec | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.rdoc b/CHANGELOG.rdoc index d288a03..c2440fc 100644 --- a/CHANGELOG.rdoc +++ b/CHANGELOG.rdoc @@ -1,3 +1,8 @@ +1.6.7 (October 4, 2011) + +* fixing nested resource problem caused by namespace addition - issue #482 + + 1.6.6 (September 28, 2011) * correct "return cant jump across threads" error when using check_authorization (thanks codeprimate) - issues #463, #469 diff --git a/cancan.gemspec b/cancan.gemspec index 2f2fa3b..bb86976 100644 --- a/cancan.gemspec +++ b/cancan.gemspec @@ -1,6 +1,6 @@ Gem::Specification.new do |s| s.name = "cancan" - s.version = "1.6.6" + s.version = "1.6.7" s.author = "Ryan Bates" s.email = "ryan@railscasts.com" s.homepage = "http://github.com/ryanb/cancan" From 80ceaf8e17b67308c4de2957fd6ab60fffdc3e29 Mon Sep 17 00:00:00 2001 From: soopa Date: Fri, 14 Oct 2011 20:06:43 -0500 Subject: [PATCH 06/34] fix uninitialized constant warning in CanCan::Rule#model_adapter --- lib/cancan/rule.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/cancan/rule.rb b/lib/cancan/rule.rb index 44c14af..c65e685 100644 --- a/lib/cancan/rule.rb +++ b/lib/cancan/rule.rb @@ -136,7 +136,7 @@ module CanCan end def model_adapter(subject) - ModelAdapters::AbstractAdapter.adapter_class(subject_class?(subject) ? subject : subject.class) + CanCan::ModelAdapters::AbstractAdapter.adapter_class(subject_class?(subject) ? subject : subject.class) end end end From 7797b37c7e70a4299c144a0da5dbc3b347416715 Mon Sep 17 00:00:00 2001 From: Roger Campos Date: Mon, 31 Oct 2011 14:08:50 +0100 Subject: [PATCH 07/34] Adding Ability#merge --- lib/cancan/ability.rb | 7 +++++++ spec/cancan/ability_spec.rb | 13 +++++++++++++ 2 files changed, 20 insertions(+) diff --git a/lib/cancan/ability.rb b/lib/cancan/ability.rb index 5f86877..2b597e1 100644 --- a/lib/cancan/ability.rb +++ b/lib/cancan/ability.rb @@ -228,6 +228,13 @@ module CanCan relevant_rules(action, subject).any?(&:only_raw_sql?) end + def merge(ability) + ability.send(:rules).each do |rule| + rules << rule.dup + end + self + end + private def unauthorized_message_keys(action, subject) diff --git a/spec/cancan/ability_spec.rb b/spec/cancan/ability_spec.rb index 48b6782..3551cce 100644 --- a/spec/cancan/ability_spec.rb +++ b/spec/cancan/ability_spec.rb @@ -416,4 +416,17 @@ describe CanCan::Ability do @ability.unauthorized_message(:edit, 1..3).should == "edit range" end end + + describe "#merge" do + it "should add the rules from the given ability" do + @ability.can :use, :tools + another_ability = Object.new + another_ability.extend(CanCan::Ability) + another_ability.can :use, :search + + @ability.merge(another_ability) + @ability.can?(:use, :search).should be_true + @ability.send(:rules).size.should == 2 + end + end end From 98312940e49a08f01812a93b327866c18d245847 Mon Sep 17 00:00:00 2001 From: Grant Hutchins Date: Wed, 2 Nov 2011 22:37:37 -0400 Subject: [PATCH 08/34] Use latest with_model gem Now with_model clears the association class cache between specs, which fixes a test pollution problem. --- Gemfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile b/Gemfile index 78cdd51..a235191 100644 --- a/Gemfile +++ b/Gemfile @@ -4,7 +4,7 @@ case ENV["MODEL_ADAPTER"] when nil, "active_record" gem "sqlite3" gem "activerecord", '~> 3.0.9', :require => "active_record" - gem "with_model", '~> 0.1.5' + gem "with_model", "~> 0.2.5" gem "meta_where" when "data_mapper" gem "dm-core", "~> 1.0.2" From f18f53c9ce2120c9d5cc4978fc4b554c33f1e209 Mon Sep 17 00:00:00 2001 From: Artem Kornienko Date: Wed, 9 Nov 2011 18:38:19 +0200 Subject: [PATCH 09/34] Fixed problem with 'with_model' gem in DataMapper tests and Mongoid tests. --- spec/spec_helper.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 9576275..c5857da 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -17,7 +17,7 @@ RSpec.configure do |config| Project.delete_all Category.delete_all end - config.extend WithModel + config.extend WithModel if ENV["MODEL_ADAPTER"].nil? || ENV["MODEL_ADAPTER"] == "active_record" end class Ability From e65f9bd4fdfb857bf791dc6d5b5d474198a65111 Mon Sep 17 00:00:00 2001 From: Manuel Meurer Date: Sun, 25 Dec 2011 19:55:35 +0100 Subject: [PATCH 10/34] Fixed typo --- lib/cancan/controller_additions.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/cancan/controller_additions.rb b/lib/cancan/controller_additions.rb index 0d293a3..9a95217 100644 --- a/lib/cancan/controller_additions.rb +++ b/lib/cancan/controller_additions.rb @@ -94,7 +94,7 @@ module CanCan # [:+find_by+] # Find using a different attribute other than id. For example. # - # load_resource :find_by => :permalink # will use find_by_permlink!(params[:id]) + # load_resource :find_by => :permalink # will use find_by_permalink!(params[:id]) # # [:+collection+] # Specify which actions are resource collection actions in addition to :+index+. This From baadcb923b2c335cff48c8d683317db0b88496d1 Mon Sep 17 00:00:00 2001 From: Dmitry Afanasyev Date: Fri, 6 Jan 2012 01:21:11 +0400 Subject: [PATCH 11/34] Fixed bug with params for actions that build new instances with namespaced models --- lib/cancan/controller_resource.rb | 5 ++++- spec/cancan/controller_resource_spec.rb | 20 ++++++++++++++++++-- spec/spec_helper.rb | 15 +++++++++++++++ 3 files changed, 37 insertions(+), 3 deletions(-) diff --git a/lib/cancan/controller_resource.rb b/lib/cancan/controller_resource.rb index 7f29d61..93e5430 100644 --- a/lib/cancan/controller_resource.rb +++ b/lib/cancan/controller_resource.rb @@ -82,7 +82,10 @@ module CanCan end def build_resource - resource = resource_base.new(@params[name] || {}) + params = @options[:class] \ + ? @params[@options[:class].to_s.underscore.gsub('/', '_')] \ + : @params[name] || {} + resource = resource_base.new(params) resource.send("#{parent_name}=", parent_resource) if @options[:singleton] && parent_resource initial_attributes.each do |attr_name, value| resource.send("#{attr_name}=", value) diff --git a/spec/cancan/controller_resource_spec.rb b/spec/cancan/controller_resource_spec.rb index 21493f9..c89480c 100644 --- a/spec/cancan/controller_resource_spec.rb +++ b/spec/cancan/controller_resource_spec.rb @@ -62,6 +62,14 @@ describe CanCan::ControllerResource do @controller.instance_variable_get(:@project).name.should == "foobar" end + it "should build a new resource for namespaced model with hash if params[:id] is not specified" do + project = Sub::Project.create! + @params.merge!(:action => "create", 'sub_project' => {:name => "foobar"}) + resource = CanCan::ControllerResource.new(@controller, :class => ::Sub::Project) + resource.load_resource + @controller.instance_variable_get(:@project).name.should == "foobar" + end + it "should build a new resource with attributes from current ability" do @params.merge!(:action => "new") @ability.can(:create, Project, :name => "from conditions") @@ -324,6 +332,14 @@ describe CanCan::ControllerResource do @controller.instance_variable_get(:@project).should == project end + it "should load the model using a custom namespaced class" do + project = Sub::Project.create! + @params.merge!(:action => "show", :id => project.id) + resource = CanCan::ControllerResource.new(@controller, :class => ::Sub::Project) + resource.load_resource + @controller.instance_variable_get(:@project).should == project + end + it "should authorize based on resource name if class is false" do @params.merge!(:action => "show", :id => 123) stub(@controller).authorize!(:show, :project) { raise CanCan::AccessDenied } @@ -339,7 +355,7 @@ describe CanCan::ControllerResource do lambda { resource.load_and_authorize_resource }.should raise_error(CanCan::AccessDenied) @controller.instance_variable_get(:@custom_project).should == project end - + it "should load resource using custom ID param" do project = Project.create! @params.merge!(:action => "show", :the_project => project.id) @@ -347,7 +363,7 @@ describe CanCan::ControllerResource do resource.load_resource @controller.instance_variable_get(:@project).should == project end - + it "should load resource using custom find_by attribute" do project = Project.create!(:name => "foo") @params.merge!(:action => "show", :id => "foo") diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 9576275..620af5d 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -31,6 +31,21 @@ class Category < SuperModel::Base has_many :projects end +module Sub + class Project < SuperModel::Base + belongs_to :category + attr_accessor :category # why doesn't SuperModel do this automatically? + + def self.respond_to?(method, include_private = false) + if method.to_s == "find_by_name!" # hack to simulate ActiveRecord + true + else + super + end + end + end +end + class Project < SuperModel::Base belongs_to :category attr_accessor :category # why doesn't SuperModel do this automatically? From 83e2dcebd09a5fa716bc632773d311a3e9704aa7 Mon Sep 17 00:00:00 2001 From: Mauricio Zaffari Date: Thu, 2 Feb 2012 21:06:38 -0200 Subject: [PATCH 12/34] Pass forward :if and :unless options to the before filter. i.e: load_and_authorize_resource :if => condition == true --- lib/cancan/controller_resource.rb | 4 ++-- spec/cancan/controller_additions_spec.rb | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/cancan/controller_resource.rb b/lib/cancan/controller_resource.rb index 7f29d61..776dd91 100644 --- a/lib/cancan/controller_resource.rb +++ b/lib/cancan/controller_resource.rb @@ -6,8 +6,8 @@ module CanCan options = args.extract_options! resource_name = args.first before_filter_method = options.delete(:prepend) ? :prepend_before_filter : :before_filter - controller_class.send(before_filter_method, options.slice(:only, :except)) do |controller| - controller.class.cancan_resource_class.new(controller, resource_name, options.except(:only, :except)).send(method) + controller_class.send(before_filter_method, options.slice(:only, :except, :if, :unless)) do |controller| + controller.class.cancan_resource_class.new(controller, resource_name, options.except(:only, :except, :if, :unless)).send(method) end end diff --git a/spec/cancan/controller_additions_spec.rb b/spec/cancan/controller_additions_spec.rb index 2fec074..cb8af3f 100644 --- a/spec/cancan/controller_additions_spec.rb +++ b/spec/cancan/controller_additions_spec.rb @@ -49,14 +49,14 @@ describe CanCan::ControllerAdditions do it "authorize_resource should setup a before filter which passes call to ControllerResource" do stub(CanCan::ControllerResource).new(@controller, nil, :foo => :bar).mock!.authorize_resource - mock(@controller_class).before_filter(:except => :show) { |options, block| block.call(@controller) } - @controller_class.authorize_resource :foo => :bar, :except => :show + mock(@controller_class).before_filter(:except => :show, :if => true) { |options, block| block.call(@controller) } + @controller_class.authorize_resource :foo => :bar, :except => :show, :if => true end it "load_resource should setup a before filter which passes call to ControllerResource" do stub(CanCan::ControllerResource).new(@controller, nil, :foo => :bar).mock!.load_resource - mock(@controller_class).before_filter(:only => [:show, :index]) { |options, block| block.call(@controller) } - @controller_class.load_resource :foo => :bar, :only => [:show, :index] + mock(@controller_class).before_filter(:only => [:show, :index], :unless => false) { |options, block| block.call(@controller) } + @controller_class.load_resource :foo => :bar, :only => [:show, :index], :unless => false end it "skip_authorization_check should set up a before filter which sets @_authorized to true" do From 37a42e3666278ec452f9ec0f6a706c211dac2432 Mon Sep 17 00:00:00 2001 From: Diego Plentz Date: Tue, 14 Feb 2012 23:41:18 -0200 Subject: [PATCH 13/34] adding travis-ci badge --- README.rdoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.rdoc b/README.rdoc index a5100f3..0bd10b9 100644 --- a/README.rdoc +++ b/README.rdoc @@ -1,4 +1,4 @@ -= CanCan += CanCan {}[http://travis-ci.org/ryanb/cancan] Wiki[https://github.com/ryanb/cancan/wiki] | RDocs[http://rdoc.info/projects/ryanb/cancan] | Screencast[http://railscasts.com/episodes/192-authorization-with-cancan] From ba01349eb0e1b3ea8b08f7761cb9145702051ded Mon Sep 17 00:00:00 2001 From: Florent Piteau Date: Wed, 29 Feb 2012 15:49:19 +0100 Subject: [PATCH 14/34] Don't remove key-value from the subject hash we might want to use it again. --- lib/cancan/rule.rb | 2 +- spec/cancan/ability_spec.rb | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/lib/cancan/rule.rb b/lib/cancan/rule.rb index 44c14af..4e6bee2 100644 --- a/lib/cancan/rule.rb +++ b/lib/cancan/rule.rb @@ -123,7 +123,7 @@ module CanCan end def nested_subject_matches_conditions?(subject_hash) - parent, child = subject_hash.shift + parent, child = subject_hash.first matches_conditions_hash?(parent, @conditions[parent.class.name.downcase.to_sym] || {}) end diff --git a/spec/cancan/ability_spec.rb b/spec/cancan/ability_spec.rb index 48b6782..30bf3ad 100644 --- a/spec/cancan/ability_spec.rb +++ b/spec/cancan/ability_spec.rb @@ -298,6 +298,14 @@ describe CanCan::Ability do @ability.can?(:read, 123 => Range).should be_true end + it "passing a hash of subjects with multiple definitions should check permissions correctly" do + @ability.can :read, Range, :string => {:length => 4} + @ability.can [:create, :read], Range, :string => {:upcase => 'FOO'} + @ability.can?(:read, "foo" => Range).should be_true + @ability.can?(:read, "foobar" => Range).should be_false + @ability.can?(:read, 1234 => Range).should be_true + end + it "should allow to check ability on Hash-like object" do class Container < Hash; end @ability.can :read, Container From f166b5945a63b3f13288faa4dc378aabef18d43b Mon Sep 17 00:00:00 2001 From: Dmitriy Vorotilin Date: Fri, 23 Mar 2012 01:34:04 +0400 Subject: [PATCH 15/34] Just add singleton to description of authorize_resource --- lib/cancan/controller_additions.rb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/cancan/controller_additions.rb b/lib/cancan/controller_additions.rb index 0d293a3..a65578e 100644 --- a/lib/cancan/controller_additions.rb +++ b/lib/cancan/controller_additions.rb @@ -151,6 +151,9 @@ module CanCan # [:+except+] # Does not apply before filter to given actions. # + # [:+singleton+] + # Pass +true+ if this is a singleton resource through a +has_one+ association. + # # [:+parent+] # True or false depending on if the resource is considered a parent resource. This defaults to +true+ if a resource # name is given which does not match the controller. From 51702e0f7b3e2331bee164adab79a7016ba8b868 Mon Sep 17 00:00:00 2001 From: Shailesh Patil Date: Tue, 3 Apr 2012 15:44:41 +0530 Subject: [PATCH 16/34] checked for ActionContoller::Base instead of just ActionContoller --- lib/cancan/controller_additions.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/cancan/controller_additions.rb b/lib/cancan/controller_additions.rb index 0d293a3..598cc44 100644 --- a/lib/cancan/controller_additions.rb +++ b/lib/cancan/controller_additions.rb @@ -382,7 +382,7 @@ module CanCan end end -if defined? ActionController +if defined? ActionController::Base ActionController::Base.class_eval do include CanCan::ControllerAdditions end From aed37cda03bac7f67ce41197f99230d3791f0361 Mon Sep 17 00:00:00 2001 From: Ryan Bates Date: Tue, 17 Apr 2012 14:00:30 -0700 Subject: [PATCH 17/34] adding project status message to readme --- README.rdoc | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/README.rdoc b/README.rdoc index a5100f3..2c38b28 100644 --- a/README.rdoc +++ b/README.rdoc @@ -99,6 +99,11 @@ This will raise an exception if authorization is not performed in an action. If * {See more}[https://github.com/ryanb/cancan/wiki] +== Project Status + +Unfortunately I have not had time to actively work on this project recently. If you find a critical issue where it does not work as documented please {ping me on twitter}[http://twitter.com/rbates] and I'll take a look. + + == Questions or Problems? If you have any issues with CanCan which you cannot find the solution to in the documentation[https://github.com/ryanb/cancan/wiki], please add an {issue on GitHub}[https://github.com/ryanb/cancan/issues] or fork the project and send a pull request. From 65bbf0e35414392bf996729d7f76682dcff46d15 Mon Sep 17 00:00:00 2001 From: Aryk Grosz Date: Mon, 23 Apr 2012 00:51:55 -0700 Subject: [PATCH 18/34] Add check for Enumerable as condition value --- lib/cancan/rule.rb | 2 +- spec/cancan/ability_spec.rb | 10 +++++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/lib/cancan/rule.rb b/lib/cancan/rule.rb index 44c14af..27355bd 100644 --- a/lib/cancan/rule.rb +++ b/lib/cancan/rule.rb @@ -111,7 +111,7 @@ module CanCan else !attribute.nil? && matches_conditions_hash?(attribute, value) end - elsif value.kind_of?(Array) || value.kind_of?(Range) + elsif value.kind_of?(Enumerable) value.include? attribute else attribute == value diff --git a/spec/cancan/ability_spec.rb b/spec/cancan/ability_spec.rb index 48b6782..a99aea5 100644 --- a/spec/cancan/ability_spec.rb +++ b/spec/cancan/ability_spec.rb @@ -249,7 +249,15 @@ describe CanCan::Ability do @ability.can?(:read, 1..5).should be_true @ability.can?(:read, 4..6).should be_false end - + + it "should accept a set as a condition value" do + mock(object_with_foo_2 = Object.new).foo { 2 } + mock(object_with_foo_3 = Object.new).foo { 3 } + @ability.can :read, Object, :foo => [1, 2, 5].to_set + @ability.can?(:read, object_with_foo_2).should be_true + @ability.can?(:read, object_with_foo_3).should be_false + end + it "should not match subjects return nil for methods that must match nested a nested conditions hash" do mock(object_with_foo = Object.new).foo { :bar } @ability.can :read, Array, :first => { :foo => :bar } From 10cbfbb92379762dd0995bb736a2db0852bf8b9f Mon Sep 17 00:00:00 2001 From: Ryan Bates Date: Thu, 10 May 2012 14:24:13 -0700 Subject: [PATCH 19/34] adding a .rbenv-version file --- .rbenv-version | 1 + 1 file changed, 1 insertion(+) create mode 100644 .rbenv-version diff --git a/.rbenv-version b/.rbenv-version new file mode 100644 index 0000000..651f0b9 --- /dev/null +++ b/.rbenv-version @@ -0,0 +1 @@ +1.8.7-p357 From 0bbe2e18028cc9b43dddc672abe612097add5e7f Mon Sep 17 00:00:00 2001 From: Nicholas Clark Date: Thu, 10 May 2012 19:03:51 -0400 Subject: [PATCH 20/34] Clarify readme for rails 2.3 users --- README.rdoc | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/README.rdoc b/README.rdoc index e5820d4..5074b82 100644 --- a/README.rdoc +++ b/README.rdoc @@ -31,6 +31,15 @@ User permissions are defined in an +Ability+ class. CanCan 1.5 includes a Rails rails g cancan:ability +In Rails 2.3, just add a new class in `app/models/ability.rb` with the folowing contents: + + class Ability + include CanCan::Ability + + def initialize(user) + end + end + See {Defining Abilities}[https://github.com/ryanb/cancan/wiki/defining-abilities] for details. From b347c7b78cc8db346a5b5aa4345b4f2a23f5d0e7 Mon Sep 17 00:00:00 2001 From: Chris Gunther Date: Tue, 31 Jan 2012 12:01:48 -0500 Subject: [PATCH 21/34] port fix for namespaced params from 2.0 back to 1.6 --- lib/cancan/controller_resource.rb | 15 ++++++++++----- spec/cancan/controller_resource_spec.rb | 12 ++++++++++++ 2 files changed, 22 insertions(+), 5 deletions(-) diff --git a/lib/cancan/controller_resource.rb b/lib/cancan/controller_resource.rb index b417d5c..83a77d1 100644 --- a/lib/cancan/controller_resource.rb +++ b/lib/cancan/controller_resource.rb @@ -82,10 +82,7 @@ module CanCan end def build_resource - params = @options[:class] \ - ? @params[@options[:class].to_s.underscore.gsub('/', '_')] \ - : @params[name] || {} - resource = resource_base.new(params) + resource = resource_base.new(resource_params || {}) resource.send("#{parent_name}=", parent_resource) if @options[:singleton] && parent_resource initial_attributes.each do |attr_name, value| resource.send("#{attr_name}=", value) @@ -95,7 +92,7 @@ module CanCan def initial_attributes current_ability.attributes_for(@params[:action].to_sym, resource_class).delete_if do |key, value| - @params[name] && @params[name].include?(key) + resource_params && resource_params.include?(key) end end @@ -210,6 +207,14 @@ module CanCan @name || name_from_controller end + def resource_params + if @options[:class] + @params[@options[:class].to_s.underscore.gsub('/', '_')] + else + @params[namespaced_name.to_s.underscore.gsub("/", "_")] + end + end + def namespaced_name @name || @params[:controller].sub("Controller", "").singularize.camelize.constantize rescue NameError diff --git a/spec/cancan/controller_resource_spec.rb b/spec/cancan/controller_resource_spec.rb index c89480c..eb79324 100644 --- a/spec/cancan/controller_resource_spec.rb +++ b/spec/cancan/controller_resource_spec.rb @@ -47,6 +47,18 @@ describe CanCan::ControllerResource do @controller.instance_variable_get(:@project).should == project end + # Rails includes namespace in params, see issue #349 + it "should create through the namespaced params" do + module MyEngine + class Project < ::Project; end + end + + @params.merge!(:controller => "MyEngine::ProjectsController", :action => "create", :my_engine_project => {:name => "foobar"}) + resource = CanCan::ControllerResource.new(@controller) + resource.load_resource + @controller.instance_variable_get(:@project).name.should == "foobar" + end + it "should properly load resource for namespaced controller when using '::' for namespace" do project = Project.create! @params.merge!(:controller => "Admin::ProjectsController", :action => "show", :id => project.id) From c27ead5b9f734913fda2136aeaa3823fc60e2723 Mon Sep 17 00:00:00 2001 From: Anuj Dutta Date: Sat, 26 May 2012 18:00:50 +0100 Subject: [PATCH 22/34] Fix to handle MetaWhere and non-MetaWhere conditions correctly. --- lib/cancan/model_adapters/active_record_adapter.rb | 7 ++++++- lib/cancan/rule.rb | 4 ++++ .../model_adapters/active_record_adapter_spec.rb | 10 ++++++++++ spec/cancan/rule_spec.rb | 7 +++++++ 4 files changed, 27 insertions(+), 1 deletion(-) diff --git a/lib/cancan/model_adapters/active_record_adapter.rb b/lib/cancan/model_adapters/active_record_adapter.rb index a98cae2..f20da17 100644 --- a/lib/cancan/model_adapters/active_record_adapter.rb +++ b/lib/cancan/model_adapters/active_record_adapter.rb @@ -89,7 +89,12 @@ module CanCan if override_scope @model_class.scoped.merge(override_scope) elsif @model_class.respond_to?(:where) && @model_class.respond_to?(:joins) - @model_class.where(conditions).joins(joins) + mergeable_conditions = @rules.select {|rule| rule.unmergeable? }.blank? + if mergeable_conditions + @model_class.where(conditions).joins(joins) + else + @model_class.where(*(@rules.map(&:conditions))).joins(joins) + end else @model_class.scoped(:conditions => conditions, :joins => joins) end diff --git a/lib/cancan/rule.rb b/lib/cancan/rule.rb index 081079c..82758ba 100644 --- a/lib/cancan/rule.rb +++ b/lib/cancan/rule.rb @@ -54,6 +54,10 @@ module CanCan @conditions == {} || @conditions.nil? end + def unmergeable? + @conditions.respond_to?(:keys) && (! @conditions.keys.first.kind_of? Symbol) + end + def associations_hash(conditions = @conditions) hash = {} conditions.map do |name, value| diff --git a/spec/cancan/model_adapters/active_record_adapter_spec.rb b/spec/cancan/model_adapters/active_record_adapter_spec.rb index 0c82c02..a9debdd 100644 --- a/spec/cancan/model_adapters/active_record_adapter_spec.rb +++ b/spec/cancan/model_adapters/active_record_adapter_spec.rb @@ -236,6 +236,16 @@ if ENV["MODEL_ADAPTER"].nil? || ENV["MODEL_ADAPTER"] == "active_record" @ability.should_not be_able_to(:read, article2) end + it "should merge MetaWhere and non-MetaWhere conditions" do + @ability.can :read, Article, :priority.lt => 2 + @ability.can :read, Article, :priority => 1 + article1 = Article.create!(:priority => 1) + article2 = Article.create!(:priority => 3) + Article.accessible_by(@ability).should == [article1] + @ability.should be_able_to(:read, article1) + @ability.should_not be_able_to(:read, article2) + end + it "should match any MetaWhere condition" do adapter = CanCan::ModelAdapters::ActiveRecordAdapter article1 = Article.new(:priority => 1, :name => "Hello World") diff --git a/spec/cancan/rule_spec.rb b/spec/cancan/rule_spec.rb index ca2464e..42f67af 100644 --- a/spec/cancan/rule_spec.rb +++ b/spec/cancan/rule_spec.rb @@ -36,4 +36,11 @@ describe CanCan::Rule do rule = CanCan::Rule.new(true, :read, Integer, nil, nil) rule.associations_hash.should == {} end + + it "should not be mergeable if conditions are not simple hashes" do + meta_where = OpenStruct.new(:name => 'metawhere', :column => 'test') + @conditions[meta_where] = :bar + + @rule.should be_unmergeable + end end From da663aaed10439d9844cbcf917cf8cec10690844 Mon Sep 17 00:00:00 2001 From: Anuj Dutta Date: Sun, 10 Jun 2012 22:54:45 +0100 Subject: [PATCH 23/34] Fix for issue-644 to allow users to specify a mix of can and cannot rules with mongo. --- lib/cancan/model_adapters/mongoid_adapter.rb | 3 ++- .../cancan/model_adapters/mongoid_adapter_spec.rb | 15 +++++++++++++-- 2 files changed, 15 insertions(+), 3 deletions(-) diff --git a/lib/cancan/model_adapters/mongoid_adapter.rb b/lib/cancan/model_adapters/mongoid_adapter.rb index 7993252..6c7f37d 100644 --- a/lib/cancan/model_adapters/mongoid_adapter.rb +++ b/lib/cancan/model_adapters/mongoid_adapter.rb @@ -30,8 +30,9 @@ module CanCan else # we only need to process can rules if # there are no rules with empty conditions - rules = @rules.reject { |rule| rule.conditions.empty? } + rules = @rules.reject { |rule| rule.conditions.empty? && rule.base_behavior } process_can_rules = @rules.count == rules.count + rules.inject(@model_class.all) do |records, rule| if process_can_rules && rule.base_behavior records.or rule.conditions diff --git a/spec/cancan/model_adapters/mongoid_adapter_spec.rb b/spec/cancan/model_adapters/mongoid_adapter_spec.rb index fc53d23..81ce4a6 100644 --- a/spec/cancan/model_adapters/mongoid_adapter_spec.rb +++ b/spec/cancan/model_adapters/mongoid_adapter_spec.rb @@ -73,6 +73,17 @@ if ENV["MODEL_ADAPTER"] == "mongoid" MongoidProject.accessible_by(@ability, :read).entries.should == [sir] end + it "should return the correct records when a mix of can and cannot rules in defined ability" do + @ability.can :manage, MongoidProject, :title => 'Sir' + @ability.cannot :destroy, MongoidProject + + sir = MongoidProject.create(:title => 'Sir') + lord = MongoidProject.create(:title => 'Lord') + dude = MongoidProject.create(:title => 'Dude') + + MongoidProject.accessible_by(@ability, :destroy).entries.should == [sir] + end + it "should be able to mix empty conditions and hashes" do @ability.can :read, MongoidProject @ability.can :read, MongoidProject, :title => 'Sir' @@ -185,7 +196,7 @@ if ENV["MODEL_ADAPTER"] == "mongoid" @ability.can :read, MongoidProject, :foo => {:bar => 1} MongoidProject.accessible_by(@ability, :read).entries.first.should == obj end - + it "should exclude from the result if set to cannot" do obj = MongoidProject.create(:bar => 1) obj2 = MongoidProject.create(:bar => 2) @@ -202,7 +213,7 @@ if ENV["MODEL_ADAPTER"] == "mongoid" @ability.can :read, MongoidProject, :bar => 2 MongoidProject.accessible_by(@ability, :read).entries.should =~ [obj, obj2] end - + it "should not allow to fetch records when ability with just block present" do @ability.can :read, MongoidProject do false From d5baed6281b4628071f8737090eaaec5168eacbf Mon Sep 17 00:00:00 2001 From: Mark Sim Date: Wed, 5 Oct 2011 11:45:24 -0500 Subject: [PATCH 24/34] Fixes Nested Resource Loading --- lib/cancan/controller_resource.rb | 6 +++++- spec/cancan/controller_resource_spec.rb | 8 ++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/lib/cancan/controller_resource.rb b/lib/cancan/controller_resource.rb index 83a77d1..53cd910 100644 --- a/lib/cancan/controller_resource.rb +++ b/lib/cancan/controller_resource.rb @@ -215,8 +215,12 @@ module CanCan end end + def namespace + @params[:controller].split("::")[0..-2] + end + def namespaced_name - @name || @params[:controller].sub("Controller", "").singularize.camelize.constantize + [namespace, name.camelize].join('::').singularize.camelize.constantize rescue NameError name end diff --git a/spec/cancan/controller_resource_spec.rb b/spec/cancan/controller_resource_spec.rb index eb79324..34f3868 100644 --- a/spec/cancan/controller_resource_spec.rb +++ b/spec/cancan/controller_resource_spec.rb @@ -215,6 +215,14 @@ describe CanCan::ControllerResource do resource.should_not be_parent end + it "should have the specified resource_class if 'name' is passed to load_resource" do + class Section + end + + resource = CanCan::ControllerResource.new(@controller, :section) + resource.send(:resource_class).should == Section + end + it "should load parent resource through proper id parameter" do project = Project.create! @params.merge!(:controller => "categories", :action => "index", :project_id => project.id) From c2c0b86c3a6ded6fb8ccbd85d2faa5e2221d5c23 Mon Sep 17 00:00:00 2001 From: mccraig mccraig of the clan mccraig Date: Wed, 11 Jan 2012 17:23:35 +0000 Subject: [PATCH 25/34] initialise attributes after a resource is created by an InheritedResources controller --- lib/cancan/inherited_resource.rb | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/lib/cancan/inherited_resource.rb b/lib/cancan/inherited_resource.rb index 81bca5b..301724a 100644 --- a/lib/cancan/inherited_resource.rb +++ b/lib/cancan/inherited_resource.rb @@ -6,7 +6,13 @@ module CanCan @controller.send :association_chain @controller.instance_variable_get("@#{instance_name}") elsif new_actions.include? @params[:action].to_sym - @controller.send :build_resource + + resource = @controller.send :build_resource + initial_attributes.each do |attr_name, value| + resource.send("#{attr_name}=", value) + end + resource + else @controller.send :resource end From b965f5bab40071e7e8c0764994ba2a6524ad523f Mon Sep 17 00:00:00 2001 From: Mike Pack Date: Mon, 4 Jun 2012 22:13:57 -0600 Subject: [PATCH 26/34] Add specs for resource attributes. Remove inconsistent line breaks. --- lib/cancan/inherited_resource.rb | 2 -- spec/cancan/inherited_resource_spec.rb | 18 ++++++++++++++++++ 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/lib/cancan/inherited_resource.rb b/lib/cancan/inherited_resource.rb index 301724a..098675f 100644 --- a/lib/cancan/inherited_resource.rb +++ b/lib/cancan/inherited_resource.rb @@ -6,13 +6,11 @@ module CanCan @controller.send :association_chain @controller.instance_variable_get("@#{instance_name}") elsif new_actions.include? @params[:action].to_sym - resource = @controller.send :build_resource initial_attributes.each do |attr_name, value| resource.send("#{attr_name}=", value) end resource - else @controller.send :resource end diff --git a/spec/cancan/inherited_resource_spec.rb b/spec/cancan/inherited_resource_spec.rb index dc4cc58..3779fe6 100644 --- a/spec/cancan/inherited_resource_spec.rb +++ b/spec/cancan/inherited_resource_spec.rb @@ -39,4 +39,22 @@ describe CanCan::InheritedResource do CanCan::InheritedResource.new(@controller).load_resource @controller.instance_variable_get(:@projects).should == :projects end + + it "should build a new resource with attributes from current ability" do + @params[:action] = "new" + @ability.can(:create, Project, :name => "from conditions") + stub(@controller).build_resource { Struct.new(:name).new } + resource = CanCan::InheritedResource.new(@controller) + resource.load_resource + @controller.instance_variable_get(:@project).name.should == "from conditions" + end + + it "should override initial attributes with params" do + @params.merge!(:action => "new", :project => {:name => "from params"}) + @ability.can(:create, Project, :name => "from conditions") + stub(@controller).build_resource { Struct.new(:name).new } + resource = CanCan::ControllerResource.new(@controller) + resource.load_resource + @controller.instance_variable_get(:@project).name.should == "from params" + end end From 88aba4664aa15b11d54c55ebb7c30af31a59b97b Mon Sep 17 00:00:00 2001 From: Mike Pack Date: Thu, 7 Jun 2012 20:11:17 -0600 Subject: [PATCH 27/34] Refactor out attribute assignment --- lib/cancan/inherited_resource.rb | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/lib/cancan/inherited_resource.rb b/lib/cancan/inherited_resource.rb index 098675f..61bd333 100644 --- a/lib/cancan/inherited_resource.rb +++ b/lib/cancan/inherited_resource.rb @@ -7,10 +7,7 @@ module CanCan @controller.instance_variable_get("@#{instance_name}") elsif new_actions.include? @params[:action].to_sym resource = @controller.send :build_resource - initial_attributes.each do |attr_name, value| - resource.send("#{attr_name}=", value) - end - resource + assign_attributes(resource) else @controller.send :resource end From a1254ca1c63276adab09d03d12413972da7ac837 Mon Sep 17 00:00:00 2001 From: Anuj Dutta Date: Tue, 19 Jun 2012 00:13:19 +0100 Subject: [PATCH 28/34] Fix pull request 640. For some reason github didn't allow a clean merge althought there weren't any conflicts. Fix it so that it's easier to just merge via the UI. --- lib/cancan/controller_resource.rb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/cancan/controller_resource.rb b/lib/cancan/controller_resource.rb index 83a77d1..f91a10e 100644 --- a/lib/cancan/controller_resource.rb +++ b/lib/cancan/controller_resource.rb @@ -83,6 +83,10 @@ module CanCan def build_resource resource = resource_base.new(resource_params || {}) + assign_attributes(resource) + end + + def assign_attributes(resource) resource.send("#{parent_name}=", parent_resource) if @options[:singleton] && parent_resource initial_attributes.each do |attr_name, value| resource.send("#{attr_name}=", value) From 944804183e2c6da9c04946308742721f5b5ffb57 Mon Sep 17 00:00:00 2001 From: Ryan Bates Date: Tue, 19 Jun 2012 11:35:58 -0700 Subject: [PATCH 29/34] load ostruct for OpenStruct used in spec --- spec/cancan/rule_spec.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/spec/cancan/rule_spec.rb b/spec/cancan/rule_spec.rb index 42f67af..0fba0ed 100644 --- a/spec/cancan/rule_spec.rb +++ b/spec/cancan/rule_spec.rb @@ -1,4 +1,5 @@ require "spec_helper" +require "ostruct" # for OpenStruct below # Most of Rule functionality is tested in Ability specs describe CanCan::Rule do From 112a9953276a960f788f19f3e2792ccaf1cadee5 Mon Sep 17 00:00:00 2001 From: Ryan Bates Date: Tue, 19 Jun 2012 11:36:59 -0700 Subject: [PATCH 30/34] clearing leftover whitespace --- spec/cancan/ability_spec.rb | 6 +++--- spec/cancan/exceptions_spec.rb | 8 ++++---- spec/cancan/model_adapters/active_record_adapter_spec.rb | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/spec/cancan/ability_spec.rb b/spec/cancan/ability_spec.rb index cb60d3e..c7c489f 100644 --- a/spec/cancan/ability_spec.rb +++ b/spec/cancan/ability_spec.rb @@ -305,15 +305,15 @@ describe CanCan::Ability do @ability.can?(:read, "foobar" => Range).should be_false @ability.can?(:read, 123 => Range).should be_true end - + it "passing a hash of subjects with multiple definitions should check permissions correctly" do @ability.can :read, Range, :string => {:length => 4} @ability.can [:create, :read], Range, :string => {:upcase => 'FOO'} @ability.can?(:read, "foo" => Range).should be_true @ability.can?(:read, "foobar" => Range).should be_false @ability.can?(:read, 1234 => Range).should be_true - end - + end + it "should allow to check ability on Hash-like object" do class Container < Hash; end @ability.can :read, Container diff --git a/spec/cancan/exceptions_spec.rb b/spec/cancan/exceptions_spec.rb index 62e4360..58e65b7 100644 --- a/spec/cancan/exceptions_spec.rb +++ b/spec/cancan/exceptions_spec.rb @@ -32,23 +32,23 @@ describe CanCan::AccessDenied do @exception.message.should == "Access denied!" end end - + describe "i18n in the default message" do after(:each) do I18n.backend = nil end - + it "uses i18n for the default message" do I18n.backend.store_translations :en, :unauthorized => {:default => "This is a different message"} @exception = CanCan::AccessDenied.new @exception.message.should == "This is a different message" end - + it "defaults to a nice message" do @exception = CanCan::AccessDenied.new @exception.message.should == "You are not authorized to access this page." end - + it "does not use translation if a message is given" do @exception = CanCan::AccessDenied.new("Hey! You're not welcome here") @exception.message.should == "Hey! You're not welcome here" diff --git a/spec/cancan/model_adapters/active_record_adapter_spec.rb b/spec/cancan/model_adapters/active_record_adapter_spec.rb index a9debdd..ae83a89 100644 --- a/spec/cancan/model_adapters/active_record_adapter_spec.rb +++ b/spec/cancan/model_adapters/active_record_adapter_spec.rb @@ -133,7 +133,7 @@ if ENV["MODEL_ADAPTER"].nil? || ENV["MODEL_ADAPTER"] == "active_record" article1 = Article.create!(:secret => true, :category => category1) article2 = Article.create!(:secret => true, :category => category2) category1.articles.accessible_by(@ability).should == [article1] - end + end it "should raise an exception when trying to merge scope with other conditions" do @ability.can :read, Article, :published => true From a0200166cc9523c7f60361f8ac19d32455d0aacd Mon Sep 17 00:00:00 2001 From: Ryan Bates Date: Tue, 19 Jun 2012 11:37:45 -0700 Subject: [PATCH 31/34] removing project status section from readme since contributors are now kind enough to keep tabs on the issue tracker --- README.rdoc | 5 ----- 1 file changed, 5 deletions(-) diff --git a/README.rdoc b/README.rdoc index 5074b82..d454376 100644 --- a/README.rdoc +++ b/README.rdoc @@ -108,11 +108,6 @@ This will raise an exception if authorization is not performed in an action. If * {See more}[https://github.com/ryanb/cancan/wiki] -== Project Status - -Unfortunately I have not had time to actively work on this project recently. If you find a critical issue where it does not work as documented please {ping me on twitter}[http://twitter.com/rbates] and I'll take a look. - - == Questions or Problems? If you have any issues with CanCan which you cannot find the solution to in the documentation[https://github.com/ryanb/cancan/wiki], please add an {issue on GitHub}[https://github.com/ryanb/cancan/issues] or fork the project and send a pull request. From 6d7bce78fc316f12885d671134c86b62689c5e42 Mon Sep 17 00:00:00 2001 From: Ryan Bates Date: Tue, 19 Jun 2012 11:58:59 -0700 Subject: [PATCH 32/34] updating changelog --- CHANGELOG.rdoc | 67 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) diff --git a/CHANGELOG.rdoc b/CHANGELOG.rdoc index c2440fc..3f960c2 100644 --- a/CHANGELOG.rdoc +++ b/CHANGELOG.rdoc @@ -1,7 +1,26 @@ +1.6.8 (unreleased) + +* improved support for namespaced controllers and models + +* pass :if and :unless options for load and authorize resource (thanks mauriciozaffari) + +* Travis CI badge (thanks plentz) + +* adding Ability#merge for combining multiple abilities (thanks rogercampos) + +* support for multiple MetaWhere rules (thanks andhapp) + +* various fixes for DataMapper, Mongoid, and Inherited Resource integration + +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.7...master] + + 1.6.7 (October 4, 2011) * fixing nested resource problem caused by namespace addition - issue #482 +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.6...1.6.7] + 1.6.6 (September 28, 2011) @@ -21,6 +40,8 @@ * allow :find_by option to be full find method name - issue #335 +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.5...1.6.6] + 1.6.5 (May 18, 2011) @@ -38,11 +59,15 @@ * improve scope merging - issue #328 +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.4...1.6.5] + 1.6.4 (March 29, 2011) * Fixed mongoid 'or' error - see issue #322 +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.3...1.6.4] + 1.6.3 (March 25, 2011) @@ -50,11 +75,15 @@ * Return subject passed to authorize! - see issue #314 +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.2...1.6.3] + 1.6.2 (March 18, 2011) * Fixed instance loading when :singleton option is used - see issue #310 +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.1...1.6.2] + 1.6.1 (March 15, 2011) @@ -64,6 +93,8 @@ * Reverted Inherited Resources "collection" override since it doesn't seem to be working - see issue #305 +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.0...1.6.1] + 1.6.0 (March 11, 2011) @@ -85,6 +116,8 @@ * Raise an exception when trying to make a Ability condition with both a hash of conditions and a block - see issue #269 +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.5.1...1.6.0] + 1.5.1 (January 20, 2011) @@ -92,6 +125,8 @@ * Improving Mongoid support for multiple can and cannot definitions (thanks stellard) - see issue #239 +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.5.0...1.5.1] + 1.5.0 (January 11, 2011) @@ -113,6 +148,8 @@ * Internal: added .rvmrc to auto-switch to 1.8.7 with gemset - see issue #231 +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.4.1...1.5.0] + 1.4.1 (November 12, 2010) @@ -126,6 +163,8 @@ * Fix odd behavior when "cache_classes = false" (thanks mphalliday) - see issue #174 +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.4.0...1.4.1] + 1.4.0 (October 5, 2010) @@ -165,11 +204,15 @@ * No longer calling block in +can+ definition when checking on class - see issue #116 +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.4...1.4.0] + 1.3.4 (August 31, 2010) * Don't stop at +cannot+ with hash conditions when checking class (thanks tamoya) - see issue #131 +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.3...1.3.4] + 1.3.3 (August 20, 2010) @@ -177,16 +220,22 @@ * Pluralize nested associations for conditions in accessible_by (thanks mlooney) - see issue #123 +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.2...1.3.3] + 1.3.2 (August 7, 2010) * Fixing slice error when passing in custom resource name - see issue #112 +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.1...1.3.2] + 1.3.1 (August 6, 2010) * Fixing protected sanitize_sql error - see issue #111 +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.0...1.3.1] + 1.3.0 (August 6, 2010) @@ -214,6 +263,8 @@ * Supporting deeply nested aliases - see issue #98 +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.2.0...1.3.0] + 1.2.0 (July 16, 2010) @@ -229,11 +280,15 @@ * Adding joins clause to accessible_by when conditions are across associations +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.1.1...1.2.0] + 1.1.1 (April 17, 2010) * Fixing behavior in Rails 3 by properly initializing ResourceAuthorization +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.1...1.1.1] + 1.1.0 (April 17, 2010) @@ -257,6 +312,8 @@ * Support additional arguments to can? which get passed to the block - see issue #48 +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.0.2...1.1] + 1.0.2 (Dec 30, 2009) @@ -266,6 +323,8 @@ * Adding custom message argument to unauthorized! method (thanks tjwallace) - see issue #18 +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.0.1...1.0.2] + 1.0.1 (Dec 14, 2009) @@ -273,6 +332,8 @@ * Don't fetch parent of nested resource if *_id parameter is missing so it works with shallow nested routes - see issue #14 +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.0.0...1.0.1] + 1.0.0 (Dec 13, 2009) @@ -288,6 +349,8 @@ * BACKWARDS INCOMPATIBLE: turning load and authorize resource methods into class methods which set up the before filter so they can accept additional arguments. +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/0.2.1...1.0.0] + 0.2.1 (Nov 26, 2009) @@ -297,6 +360,8 @@ * support custom objects (usually symbols) in can definition - see issue #8 +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/0.2.0...0.2.1] + 0.2.0 (Nov 17, 2009) @@ -308,6 +373,8 @@ * BACKWARDS INCOMPATIBLE: use Ability#initialize instead of 'prepare' to set up abilities - see issue #4 +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/0.1.0...0.2.0] + 0.1.0 (Nov 16, 2009) From 5f1be2541912be2aa9d1a839933f2118ae5c84ea Mon Sep 17 00:00:00 2001 From: Ryan Bates Date: Tue, 19 Jun 2012 12:56:51 -0700 Subject: [PATCH 33/34] preparing for 1.6.8 --- cancan.gemspec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cancan.gemspec b/cancan.gemspec index bb86976..2bae712 100644 --- a/cancan.gemspec +++ b/cancan.gemspec @@ -1,6 +1,6 @@ Gem::Specification.new do |s| s.name = "cancan" - s.version = "1.6.7" + s.version = "1.6.8.rc1" s.author = "Ryan Bates" s.email = "ryan@railscasts.com" s.homepage = "http://github.com/ryanb/cancan" From 1e89b31badecd735faf8387666216bf8c66698c4 Mon Sep 17 00:00:00 2001 From: Ryan Bates Date: Mon, 25 Jun 2012 16:17:32 -0700 Subject: [PATCH 34/34] releasing 1.6.8 --- CHANGELOG.rdoc | 4 ++-- cancan.gemspec | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.rdoc b/CHANGELOG.rdoc index 3f960c2..9496deb 100644 --- a/CHANGELOG.rdoc +++ b/CHANGELOG.rdoc @@ -1,4 +1,4 @@ -1.6.8 (unreleased) +1.6.8 (June 25, 2012) * improved support for namespaced controllers and models @@ -12,7 +12,7 @@ * various fixes for DataMapper, Mongoid, and Inherited Resource integration -* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.7...master] +* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.7...1.6.8] 1.6.7 (October 4, 2011) diff --git a/cancan.gemspec b/cancan.gemspec index 2bae712..f48458f 100644 --- a/cancan.gemspec +++ b/cancan.gemspec @@ -1,6 +1,6 @@ Gem::Specification.new do |s| s.name = "cancan" - s.version = "1.6.8.rc1" + s.version = "1.6.8" s.author = "Ryan Bates" s.email = "ryan@railscasts.com" s.homepage = "http://github.com/ryanb/cancan"