will/cancan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
175 Commits 2 Branches 29 Tags
Commit Graph

36 Commits

Author SHA1 Message Date
Michael Halliday
79180de372 This fixes an odd error I was seeing in development mode when cache_classes = false (the default), specifically when loading an object throught the parent in load_and_authorize_resource. 
Assume Photo model and User model where user has many photos:

@photo = current_user.photos.find(1) # this returns a photo
@photo1 = Photo.find(1)

@photo.kind_of?(Photo) is not always true for some reason when class_cacheing is false.  Where as @photo1.kind_of?(Photo) always appears to be true.  Of interesting note, in the above example @photo != @photo1 if kind_of? is false.  Very odd.
 
Again, this only appears to be when loading and object through an association.
 2010-11-13 02:09:06 +08:00
Ryan Bates
b0cec5251c adding a couple things to the changelog 2010-10-05 12:00:50 -07:00
Ryan Bates
8f49f28713 don't stop at cannot definitions when there are no conditions - closes #161 2010-10-04 11:11:14 -07:00
Sokolov Yura
12037d7f43 should not allow to can? when raw sql without block is present 2010-10-05 02:01:48 +08:00
Sokolov Yura
ebef3cc745 consistency addition for ability check on Module 2010-09-21 00:16:36 +08:00
Sokolov Yura
a0f73fe0f7 fix error 2010-09-17 06:57:25 +08:00
Sokolov Yura
e2c341b8d3 allow to check ability by common module 2010-09-17 06:57:24 +08:00
Sokolov Yura
f236b1b5a4 resolve issue 149 2010-09-17 06:57:24 +08:00
Ryan Bates
721939babd cleaning up some internal specs and names 2010-09-03 14:00:46 -07:00
Ryan Bates
a744377ac9 the new and create actions will now build the resource with attributes based on ability conditions hash - closes #114 2010-09-03 11:53:47 -07:00
Ryan Bates
1be5bf7a57 don't fail if association conditions aren't specified for nested association check 2010-09-03 11:05:58 -07:00
Ryan Bates
c88cb8f459 passing a hash to can? will check permissions on association, this is done automatically in authorize_resource - closes #121 2010-09-03 11:01:55 -07:00
Ryan Bates
a5f838a964 use I18n for unauthorization messages - closes #103 2010-09-02 17:01:10 -07:00
Ryan Bates
66314a89f8 support no arguments to 'can' definition which always calls block 2010-09-02 14:46:38 -07:00
Ryan Bates
b1fb179aaf don't pass action into can block with :manage option - closes #129 2010-09-02 14:29:49 -07:00
Ryan Bates
6105edc6a7 skip block when only class is passed to ability check, also don't pass class to block for :all - closes #116 2010-09-02 14:23:00 -07:00
Ryan Bates
5a353c1cba don't stop at cannot definition when checking class - closes #131 2010-08-30 15:20:06 -07:00
Ryan Bates
e893e12260 fixing broken spec and minor improvements to tableized_conditions method 2010-08-18 16:04:08 -07:00
McClain Looney
3d7742ea43 fix for bug 123 2010-08-17 09:33:11 -05:00
Ryan Bates
961b8c2477 consider ancestors when matching classes in Ability#can, this way it works with STI - closes #55 2010-08-06 10:06:37 -07:00
Ryan Bates
ba8cb3cf6d refactoring query.joins 2010-07-20 17:05:17 -07:00
Ryan Bates
964a4765b1 removing need to pass tableize option around for query conditions 2010-07-20 13:43:43 -07:00
Ryan Bates
60848143b7 refactoring can definition matching behavior 2010-07-20 11:04:03 -07:00
Ryan Bates
5d8f04363d merging with master and resolving a couple conflicts 2010-07-19 16:36:01 -07:00
Ryan Bates
cad425989e supporting deeply nested aliases - closes #98 2010-07-19 16:03:09 -07:00
Yura Sokolov
b473d8827f CanDefinition#only_block? 2010-05-25 12:23:39 +04:00
Yura Sokolov
dbc1538054 small refactoring: CanDefinition #definitive? #conditions_empty? 2010-05-24 18:15:20 +04:00
Yura Sokolov
46f03013f3 Merge remote branch 'upstream/master' 
Conflicts:
	lib/cancan/ability.rb
	lib/cancan/active_record_additions.rb
	lib/cancan/can_definition.rb
	spec/cancan/ability_spec.rb
 2010-05-24 15:17:10 +04:00
Ryan Bates
dfd84a10ed improving inline documentation 2010-05-21 13:41:24 -07:00
John Allison
7543eedd6a fixing issue when using accessible_by with nil can conditions - closes #66 2010-05-20 17:06:10 -07:00
Logan Raarup
605063b974 Make sure conditions on associations are pluralized 2010-05-21 07:31:29 +08:00
Sokolov Yura
7d7d249182 passing throw matching rules with not matching conditions 
Main goal is to allow:

cannot :manage, :all
can :read, :all
can :manage, User, :id=>user.id
can :manage, User, :manager_id=>user.id

Signed-off-by: Sokolov Yura <funny.falcon@gmail.com>
 2010-05-16 22:13:02 +04:00
Ryan Bates
06296b0a40 support has_many association or arrays in can conditions hash 2010-04-22 17:39:22 -07:00
Ryan Bates
e20081454f adding joins clause to accessible_by when conditions are across associations 2010-04-20 17:02:28 -07:00
Ryan Bates
5aa6252df6 removing unused methods and a bit more refactoring 2010-04-18 00:44:42 -07:00
Ryan Bates
bbbc8a68e0 refactoring much of Ability class into separate CanDefinition class 2010-04-18 00:11:15 -07:00