Roger Campos
7797b37c7e
Adding Ability#merge
2011-10-31 14:08:50 +01:00
Ryan Bates
1ac8099f7a
return subject passed to authorize! - closes #314
2011-03-25 14:24:43 -07:00
Ryan Bates
ba999970b1
add space in multiword model in I18n unauthorized message - closes #292
2011-03-08 15:56:23 -08:00
Ryan Bates
bbb02f7c8f
dynamically detect which model adapter to use given a class
2010-12-30 14:42:19 -08:00
Ryan Bates
af9e77a79e
adding initial active record adapter
2010-12-29 16:24:06 -08:00
Ryan Bates
37c149182c
renaming CanDefinition to Rule
2010-12-21 10:41:55 -08:00
Ryan Bates
b0cec5251c
adding a couple things to the changelog
2010-10-05 12:00:50 -07:00
Sokolov Yura
12037d7f43
should not allow to can? when raw sql without block is present
2010-10-05 02:01:48 +08:00
Ryan Bates
9d915457af
load the collection instance variable on index action - closes #137
2010-09-07 16:25:02 -07:00
Ryan Bates
158c908d3b
adding action and subject variables to I18n unauthorized message - closes #142
2010-09-07 15:48:07 -07:00
Ryan Bates
bf9b8ad1a6
filling in some inline documentation for 1.4
2010-09-03 16:19:39 -07:00
Ryan Bates
721939babd
cleaning up some internal specs and names
2010-09-03 14:00:46 -07:00
Ryan Bates
a744377ac9
the new and create actions will now build the resource with attributes based on ability conditions hash - closes #114
2010-09-03 11:53:47 -07:00
Ryan Bates
a5f838a964
use I18n for unauthorization messages - closes #103
2010-09-02 17:01:10 -07:00
Ryan Bates
66314a89f8
support no arguments to 'can' definition which always calls block
2010-09-02 14:46:38 -07:00
Ryan Bates
4fe44af45d
be more clear about blocks not working with accessible_by - closes #130
2010-08-30 13:40:31 -07:00
Ryan Bates
25637bb33a
removing extra white space at end of lines
2010-07-21 11:45:26 -07:00
Ryan Bates
e098ddaacd
refactoring query.conditions
2010-07-20 16:00:22 -07:00
Ryan Bates
964a4765b1
removing need to pass tableize option around for query conditions
2010-07-20 13:43:43 -07:00
Ryan Bates
a42e067f3b
extracting out Query class for generating sql conditions and association joins
2010-07-20 13:20:01 -07:00
Ryan Bates
60848143b7
refactoring can definition matching behavior
2010-07-20 11:04:03 -07:00
Ryan Bates
5d8f04363d
merging with master and resolving a couple conflicts
2010-07-19 16:36:01 -07:00
Ryan Bates
cad425989e
supporting deeply nested aliases - closes #98
2010-07-19 16:03:09 -07:00
Yura Sokolov
5fd793090a
fix logic error for single cannot
condition - it should return no records
2010-05-25 14:09:01 +04:00
Yura Sokolov
9c0346b90b
can accept array for sql sanitizing in conditions
2010-05-25 14:01:53 +04:00
Yura Sokolov
b473d8827f
CanDefinition#only_block?
2010-05-25 12:23:39 +04:00
Yura Sokolov
bcab8d6369
fix error with single cannot condition
2010-05-25 12:14:01 +04:00
Yura Sokolov
dbc1538054
small refactoring: CanDefinition #definitive? #conditions_empty?
2010-05-24 18:15:20 +04:00
Yura Sokolov
46f03013f3
Merge remote branch 'upstream/master'
...
Conflicts:
lib/cancan/ability.rb
lib/cancan/active_record_additions.rb
lib/cancan/can_definition.rb
spec/cancan/ability_spec.rb
2010-05-24 15:17:10 +04:00
Ryan Bates
dfd84a10ed
improving inline documentation
2010-05-21 13:41:24 -07:00
Logan Raarup
605063b974
Make sure conditions on associations are pluralized
2010-05-21 07:31:29 +08:00
Sokolov Yura
7d7d249182
passing throw matching rules with not matching conditions
...
Main goal is to allow:
cannot :manage, :all
can :read, :all
can :manage, User, :id=>user.id
can :manage, User, :manager_id=>user.id
Signed-off-by: Sokolov Yura <funny.falcon@gmail.com>
2010-05-16 22:13:02 +04:00
Ryan Bates
e20081454f
adding joins clause to accessible_by when conditions are across associations
2010-04-20 17:02:28 -07:00
Ryan Bates
4da31c0709
can has cheezburger? (thanks Seivan)
2010-04-20 14:24:26 -07:00
Ryan Bates
5aa6252df6
removing unused methods and a bit more refactoring
2010-04-18 00:44:42 -07:00
Ryan Bates
bbbc8a68e0
refactoring much of Ability class into separate CanDefinition class
2010-04-18 00:11:15 -07:00
Ryan Bates
f1ba76b61b
supporting arrays, ranges, and nested hashes in ability conditions
2010-04-17 11:54:27 -07:00
Ryan Bates
f46696348e
allow access to classes when using hash conditions since you'll generally want to narrow it down with a database query
2010-04-16 15:56:07 -07:00
Ryan Bates
ecf2818a9e
removing apparently unnecessary user attr_accessor in Ability
2010-04-16 08:57:10 -07:00
Ryan Bates
d9f3c8b0ae
renaming noun to subject internally
2010-04-16 08:55:36 -07:00
Ryan Bates
240c281061
renaming ActiveRecordAdditions#can method to accessible_by since it flows better and makes more sense
2010-04-15 23:54:45 -07:00
Ryan Bates
37f482e8d5
default ActiveRecordAdditions#can method action to :read and use 'scoped' if 'where' is not available
2010-04-15 23:18:49 -07:00
Ryan Bates
baeef0b9dd
adding conditions behavior to Ability#can and fetch with Ability#conditions - closes #53
2010-04-15 16:50:47 -07:00
Ryan Bates
510cf509ee
adding documentation for passing additional arguments to can?
2010-04-15 11:28:58 -07:00
Ryan Bates
69f7a65914
support additional arguments to can? which get passed to the block - closes #48
2010-04-15 11:21:44 -07:00
Ryan Bates
7d3b4cdbc2
Adding clear_aliased_actions to Ability which removes previously defined actions including defaults
2009-12-30 18:01:40 -08:00
Ryan Bates
f99d506050
Append aliased actions (don't overwrite them) - closes #20
2009-12-30 17:49:49 -08:00
Ryan Bates
e32c5d0dfb
calling controller's load_resource and authorize_resource from load_and_authorize_resource to maintain backwards compatability, even though it's not the most efficient way
2009-11-26 09:53:16 -08:00
Ryan Bates
c40490d672
refactoring ability can? method - closes #12
2009-11-25 17:31:40 -08:00
Ryan Bates
d4405e6070
adding cannot method to define which abilities cannot be done - closes #7
2009-11-25 10:25:58 -08:00