releasing gem v1.0.0 (backwards incompatible, see changelog)

This commit is contained in:
Ryan Bates 2009-12-13 13:47:49 -08:00
parent ffa677b2b0
commit f7480d1f5a
3 changed files with 34 additions and 6 deletions

View File

@ -1,3 +1,5 @@
1.0.0 (Dec 13, 2009)
* Don't set resource instance variable if it has been set already - see issue #13
* Allowing :nested option to accept an array for deep nesting
@ -10,6 +12,7 @@
* BACKWARDS INCOMPATIBLE: turning load and authorize resource methods into class methods which set up the before filter so they can accept additional arguments.
0.2.1 (Nov 26, 2009)
* many internal refactorings - see issues #11 and #12
@ -18,6 +21,7 @@
* support custom objects (usually symbols) in can definition - see issue #8
0.2.0 (Nov 17, 2009)
* fix behavior of load_and_authorize_resource for namespaced controllers - see issue #3

View File

@ -10,7 +10,7 @@ See the RDocs[http://rdoc.info/projects/ryanb/cancan] and Wiki[http://wiki.githu
You can set it up as a gem in your environment.rb file.
config.gem "cancan", :source => "http://gemcutter.org"
config.gem "cancan"
And then install the gem.
@ -21,7 +21,7 @@ Alternatively you can install it as a Rails plugin.
script/plugin install git://github.com/ryanb/cancan.git
== Setup
== Getting Started
First, define a class called Ability in "models/ability.rb".
@ -52,10 +52,10 @@ You can also use these methods in a controller along with the "unauthorized!" me
unauthorized! if cannot? :read, @article
end
Setting this for every action can be tedious, therefore a before filter is also provided to automatically authorize all actions in a RESTful style resource controller.
Setting this for every action can be tedious, therefore the load_and_authorize_resource method is also provided to automatically authorize all actions in a RESTful style resource controller. It will set up a before filter which loads the resource into the instance variable and authorizes it.
class ArticlesController < ApplicationController
before_filter :load_and_authorize_resource
load_and_authorize_resource
def show
# @article is already loaded
@ -150,6 +150,30 @@ The following aliases are added by default for conveniently mapping common contr
alias_action :edit, :to => :update
== Authorizing Controller Actions
As mentioned in the Getting Started section, you can use the +load_and_authorize_resource+ method in your controller to load the resource into an instance variable and authorize it. If you have a nested resource you can specify that as well.
load_and_authorize_resource :nested => :author
You can also pass an array to the :+nested+ attribute for deep nesting.
If you want to customize the loading behavior on certain actions, you can do so in a before filter.
class BooksController < ApplicationController
before_filter :find_book_by_permalink, :only => :show
load_and_authorize_resource
private
def find_book_by_permalink
@book = Book.find_by_permalink!(params[:id)
end
end
Here the @book instance variable is already set so it will not be loaded again for that action. This works for nested resources as well.
== Assumptions & Configuring
CanCan makes two assumptions about your application.

View File

@ -4,8 +4,8 @@ Gem::Specification.new do |s|
s.description = "Simple authorization solution for Rails which is completely decoupled from the user's roles. All permissions are stored in a single location for convenience."
s.homepage = "http://github.com/ryanb/cancan"
s.version = "0.2.1"
s.date = "2009-11-26"
s.version = "1.0.0"
s.date = "2009-12-13"
s.authors = ["Ryan Bates"]
s.email = "ryan@railscasts.com"