will/cancan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

allow access to classes when using hash conditions since you'll generally want to narrow it down with a database query

Browse Source
This commit is contained in:
Ryan Bates 2010-04-16 15:56:07 -07:00
parent 8903feee70
commit f46696348e
4 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.rdoc
View File

@ -1,6 +1,6 @@
1.1.0 (not released) 1.1.0 (not released)
* Removing "unauthorized!" method in favor of "authorize!" * Removing "unauthorized!" method in favor of "authorize!" in controllers
* Adding action, subject and default_message abilities to AccessDenied exception - see issue #40 * Adding action, subject and default_message abilities to AccessDenied exception - see issue #40

5
README.rdoc
View File

@ -2,9 +2,10 @@
RDocs[http://rdoc.info/projects/ryanb/cancan] | Wiki[http://wiki.github.com/ryanb/cancan] | Screencast[http://railscasts.com/episodes/192-authorization-with-cancan] | Metrics[http://getcaliper.com/caliper/project?repo=git%3A%2F%2Fgithub.com%2Fryanb%2Fcancan.git] RDocs[http://rdoc.info/projects/ryanb/cancan] | Wiki[http://wiki.github.com/ryanb/cancan] | Screencast[http://railscasts.com/episodes/192-authorization-with-cancan] | Metrics[http://getcaliper.com/caliper/project?repo=git%3A%2F%2Fgithub.com%2Fryanb%2Fcancan.git]
This is a simple authorization solution for Ruby on Rails to restrict what a given user is allowed to access in the application. This is completely decoupled from any role based implementation allowing you to define user roles the way you want. All permissions are stored in a single location and not duplicated across the controller, view, and database. This is a simple authorization solution for Ruby on Rails to restrict what a given user is allowed to access. This is completely decoupled from any role based implementation allowing you to define user roles the way you want. All permissions are stored in a single location and not duplicated across the controller, view, and database.
This assumes you already have authentication (such as Authlogic[http://github.com/binarylogic/authlogic] or Devise[http://github.com/plataformatec/devise]). Either of these will define a +current_user+ model in the controller which CanCan requires.
This assumes you already have authentication (such as Authlogic[http://github.com/binarylogic/authlogic] or Devise[http://github.com/plataformatec/devise]) which provides a +current_user+ model.
== Installation == Installation

4
lib/cancan/ability.rb
View File

@ -241,7 +241,9 @@ module CanCan
block_args += extra_args block_args += extra_args
defined_block.call(*block_args) defined_block.call(*block_args)
elsif defined_conditions elsif defined_conditions
if subject.class != Class if subject.class == Class
true
else
defined_conditions.all? do |name, value| defined_conditions.all? do |name, value|
subject.send(name) == value subject.send(name) == value
end end

2
spec/cancan/ability_spec.rb
View File

@ -145,7 +145,7 @@ describe CanCan::Ability do
@ability.can :read, Array, :first => 1, :last => 3 @ability.can :read, Array, :first => 1, :last => 3
@ability.can?(:read, [1, 2, 3]).should be_true @ability.can?(:read, [1, 2, 3]).should be_true
@ability.can?(:read, [1, 2, 3, 4]).should be_false @ability.can?(:read, [1, 2, 3, 4]).should be_false
@ability.can?(:read, Array).should be_false @ability.can?(:read, Array).should be_true
end end
it "should return conditions for a given ability" do it "should return conditions for a given ability" do