Ryan Bates
346ca2c74e
check authorization is sufficient in an after_filter when doing enable_authorization
2011-03-25 14:11:59 -07:00
Ryan Bates
242e912519
refactoring fully authorized check and catching bug
2011-03-25 13:30:45 -07:00
Ryan Bates
488cc2dfdd
require attributes to be checked on create/update action in order to be fully authorized
2011-03-25 13:23:05 -07:00
Ryan Bates
0f3753491d
adding fully_authorized? method to Ability to check if conditions are considered in authorize! call
2011-03-25 12:01:53 -07:00
Ryan Bates
85efbdb8d0
adding attributes as 3rd argument to can and can? calls
2011-03-25 11:24:10 -07:00
Ryan Bates
a03d35272b
allow strings along with symbols in Ability definition and checking
2011-03-24 11:52:54 -07:00
Ryan Bates
7ee942c334
adding enable_authorization method and deprecating some other controller methods
2011-03-24 11:22:32 -07:00
Ryan Bates
3a825ed0d1
getting all specs passing again
2011-03-23 19:47:34 -07:00
Ryan Bates
98ed39264e
modifying Ability to use symbol for subject instead of class, also adding subject aliases
2011-03-23 17:00:33 -07:00
Ryan Bates
7688025404
fixing instance loading with :singleton option - closes #310
2011-03-18 09:42:30 -07:00
Ryan Bates
3efa069349
fixing failing MetaWhere spec
2011-03-18 09:14:17 -07:00
Ryan Bates
3f6cecbfcf
use Item.new instead of build_item for singleton resource so it doesn't mess up database - closes #304
2011-03-15 23:37:05 -07:00
Ryan Bates
fdd5ad022d
making accessible_by action default to :index and parent action default to :show so we don't check :read action directly - closes #302
2011-03-15 23:00:40 -07:00
Adam Wróbel
3639ca90eb
Fixes inherited_resources collection authorization
...
This reverts e3eab13b86
I don't know what was the idea of that, but it turned out REAL bad.
`collection` sets the collection instance variable. `resource_base` is used all
over CanCan. It's also used inside `load_collection?` which is checked before
`load_collection` is called. That means we actually set the collection instance
variable through inherited_resources (without any authorization whatsoever) before trying to load it through CanCan using `accessible_by`.
1. def load_resource
2. unless skip?(:load)
3. if load_instance?
4. self.resource_instance ||= load_resource_instance
5. elsif load_collection?
6. self.collection_instance ||= load_collection
7. end
8. end
9. end
`collection_instance` is set on line 5 instead of line 6.
2011-03-16 01:20:35 +01:00
Ryan Bates
9bee4a8d4b
adding any/all support for MetaWhere conditions
2011-03-08 23:19:56 -08:00
Ryan Bates
eb2826f135
adding more MetaWhere comparison operators
2011-03-08 22:21:42 -08:00
Ryan Bates
a49269175e
Merge branch 'master' into meta_where
2011-03-08 22:05:40 -08:00
Ryan Bates
0de43c445b
raise an error when trying to make a rule with both hash conditions and a block - closes #269
2011-03-08 17:20:32 -08:00
Ryan Bates
f9b181af05
allow Active Record scope to be passed as Ability conditions - closes #257
2011-03-08 17:08:26 -08:00
Ryan Bates
80f1ab20fb
adding :if and :unless options to check_authorization - closes #284
2011-03-08 16:35:01 -08:00
Ryan Bates
37102fe6f8
load collection resources in custom controller actions with no id param - closes #296
2011-03-08 16:10:40 -08:00
Ryan Bates
ba999970b1
add space in multiword model in I18n unauthorized message - closes #292
2011-03-08 15:56:23 -08:00
Ryan Bates
951d70e057
adding :prepend option to load_and_authorize_resource - closes #290
2011-03-08 15:50:34 -08:00
Ryan Bates
3a07d62782
fixing spec for Inherited Resource parent loading
2011-03-08 15:39:15 -08:00
Ryan Bates
07088a0cdc
making it easier to test all MetaWhere conditions
2011-03-08 10:52:49 -08:00
Ryan Bates
ff5aaf543b
adding initial MetaWhere support
2011-03-08 10:37:25 -08:00
Trond Arve Nordheim
e3eab13b86
Use collection instead of end_of_association_chain in the inherited_resources integration, as per suggested by aq1018
2011-03-08 10:45:34 +01:00
Ryan Bates
3901cbe499
fixing tests for passing action name through to accessible_by call
2011-02-14 10:33:53 -08:00
Sam Pohlenz
f23bbe04ef
Fix rule check on Hash-like subjects
2011-02-04 16:46:57 +10:30
Ryan Bates
f9ad4858f5
handle deeply nested conditions properly in active record adapter - closes #246
2011-01-20 10:12:46 -08:00
stellard
cff922915e
improved test assertion
2011-01-18 21:47:33 +00:00
stellard
55c8a5045b
added cannot support and multiple can support
2011-01-18 18:28:03 +00:00
Ryan Bates
3885f469d5
updating changelog
2011-01-08 13:06:00 -08:00
Ryan Bates
57327119a8
adding skip load and authorize behavior - closes #164
2011-01-08 12:04:55 -08:00
Mani Tadayon
9a14c706d2
Add MongoidAdapter specs for unsaved instances
2011-01-06 08:09:37 -08:00
Mani Tadayon
12b0bff0b6
Use Mongoid::Matchers#matches?
instead of a database query in MongoidAdapter#matches_conditions_hash?
2011-01-05 23:12:59 -08:00
Ryan Bates
bc9ecb226d
don't authorize uncountable instance in collection action - closes #193
2011-01-05 13:47:38 -08:00
Ryan Bates
15ca8ade3b
improving DataMapper adapter and specs
2011-01-05 13:22:06 -08:00
Ryan Bates
cef6c21232
allow model adapter to override condition hash matching in Rule, also clean up Mongoid adapter and specs
2011-01-04 11:43:41 -08:00
Ryan Bates
685e926d96
moving with_model rspec configuration into Active Record model adapter spec
2011-01-04 10:55:48 -08:00
Ryan Bates
bd9480cb51
removing unused sanitization code in mongoid spec
2011-01-04 10:53:31 -08:00
Mani Tadayon
f759ab7e54
Automatically add accessible_by
to Mongoid Documents to match CanCan behavior for ActiveRecord and DataMapper.
...
Previously, CanCan::ModelAdditions had to be included in each and every Mongoid document separately. Also removed manual include of CanCan::ModelAdditions from Mongoid documents in Mongoid adapter specs.
2011-01-03 12:32:44 -08:00
Ryan Bates
6ccb4dd684
adding spec_all rake task to spec readme
2010-12-30 15:51:57 -08:00
Ryan Bates
ec616ae75b
moving accessible_by out into ModelAdditions module
2010-12-30 15:40:53 -08:00
Ryan Bates
f7a494dc51
switching mongoid over to new adapter
2010-12-30 15:06:59 -08:00
Ryan Bates
f5dce44697
switching data mapper to new adapter
2010-12-30 14:53:56 -08:00
Ryan Bates
e8d298c223
removing fake sanitize methods in specs because we're using Active Record now
2010-12-30 14:44:31 -08:00
Ryan Bates
8628aa0038
cleanup whitespace
2010-12-30 14:43:25 -08:00
Ryan Bates
bbb02f7c8f
dynamically detect which model adapter to use given a class
2010-12-30 14:42:19 -08:00
Ryan Bates
cc30e838c0
fixing active record adapter behavior and improving specs for it
2010-12-30 00:43:22 -08:00