Commit Graph

249 Commits

Author SHA1 Message Date
Ryan Bates
c94de4ab18 include namespace in params when creating/updating resource - closes #349 2011-09-28 16:00:46 -07:00
Ryan Bates
6de9e4675a consider specificity when finding relevant rules so generic rules will not override specific ones - closes #321 2011-09-28 15:34:08 -07:00
Ryan Bates
1fb2c0160c ignore cannot clause with attributes when not checking for with attributes - closes #406 2011-09-28 14:48:26 -07:00
Ryan Bates
67c93619c1 Merge branch 'master' into 2.0 2011-09-28 13:45:49 -07:00
Ryan Bates
610d7e3ec4 Merge pull request #425 from skhisma/master
Allow custom IDs to be specified when calling load_resource
2011-09-28 13:44:19 -07:00
Ryan Bates
2160183e86 Merge branch 'master' into 2.0 2011-09-28 13:35:52 -07:00
Ryan Bates
cfb801ed8d Merge pull request #424 from whilefalse/master
Support for namespaced models and engines
2011-09-28 13:34:30 -07:00
Ryan Bates
86063e4846 merging 1.6 additions into 2.0 branch 2011-09-28 11:39:26 -07:00
Ryan Bates
987dce0dc2 Merge pull request #421 from amc-projects/master
Compatibility fix for rspec-instafail and rspec1
2011-07-23 14:46:37 -07:00
Manuel Meurer
e561532bab Fixed typos. 2011-07-21 05:12:09 -07:00
Geoff Parsons
7937a282a3 :id_param option to load_resource allows specification of the param name to find members 2011-07-20 13:42:24 -04:00
Steven Anderson
d35419fa4c Added the needed camelize to recent patch for engines and namespaced models 2011-07-20 10:03:50 +01:00
Steven Anderson
6c497b8dd9 Added support for engines and namespaced models. 2011-07-20 09:31:53 +01:00
Michael MacDonald
3b33b36de9 Compatibility fix for using cancan with rspec-instafail and rspec1 2011-07-19 10:27:08 +10:00
psanford
ccd7a94d40 Load datamapper class methods via append_extensions.
This relaxes the previous requirement that cancan has to be loaded
before any models are. append_extensions will apply to all
previously loaded models as well as ones loaded after.
2011-07-01 12:48:20 -07:00
Nicolás Hock Isaza
1c3e61725f Change the i18n default name to :"unauthorized.default" 2011-07-01 13:10:20 -05:00
Nicolás Hock Isaza
596ad235a9 Make CanCan Default Message a translatable text. Default to the one you had. 2011-06-30 13:22:49 -07:00
Ryan Bates
b8ff2dbc6a load member through method instead of instance variable to improve decent_exposure support 2011-06-13 15:16:08 -07:00
Ryan Bates
613ab1c1ab delegating ControllerResource find to model adapter, uses 'get' for DataMapper - closes #373 2011-05-21 13:57:17 -07:00
Ryan Bates
c031f82dd2 allow :find_by option to be full find method name - closes #335 2011-05-19 23:37:36 -04:00
Ryan Bates
f6c2054f7e set resource attributes in update action and authorize after set - closes #141 2011-05-19 17:12:30 -04:00
Ryan Bates
a29e31606b changing the interface for ControllerResource load/authorize so they can be intertwined 2011-05-19 16:38:33 -04:00
Ryan Bates
e24d5d146b merging master into 2.0 2011-05-19 16:01:06 -04:00
Ryan Bates
843fe89c63 pass action and subject through AccessDenied exception when :through isn't found - closes #366 2011-05-18 12:58:02 -04:00
Ryan Bates
74c9d582b2 Merge pull request #363 from rahearn/mongoid-conditions-empty
Fixes bug in mongoid_adapter with empty conditions hash
2011-05-17 10:22:19 -07:00
Ryan Bates
4e4c5a9a7f adding current_ability to helper methods - closes #361 2011-05-17 13:21:11 -04:00
Ryan Bates
dde88c92b7 allow :through option to work with private controller methods - closes #360 2011-05-17 13:18:31 -04:00
Ryan Ahearn
0882450232 Processes can rules only if no empty conditions rules are present
1) remove all empty conditions hashes from the rules, they are included
 in the records through `@model_class.all`
2) only process can rules if the new and old rules lists are the same
  length (meaning there were no empty conditions hashes)
3) always process cannot rules
2011-05-12 09:24:38 -04:00
Ryan Ahearn
ad62d60b20 Fixes bug in mongoid_adapter with empty conditions hash
* adds mongoid query that matches every record when
rule.conditions.empty? is true
2011-05-10 11:52:29 -04:00
Emmanuel Gomez
16bdb8d42e Return empty set early if no can rules are present.
Thanks dkubb!
2011-04-29 12:04:19 -07:00
Emmanuel Gomez
d6851debd4 Fix pending spec for DataMapper adapter. 2011-04-29 00:46:38 -07:00
Emmanuel Gomez
6d39b0ae07 Use dkubb's suggestion for evaluating conditions against a Resource. 2011-04-29 00:31:27 -07:00
John Feminella
17c52a7983 Augments Mongoid adapter by handling case where attribute is an array 2011-04-27 09:54:37 -04:00
Ryan Bates
63865cc7d8 allow SQL conditions to be used with a block 2011-04-21 00:46:06 -07:00
Ryan Ahearn
2b6204117f Adds ability to use Scope query with Mongoid
Same limitations apply as with active record
* can not be OR'd with other rules for same ability/controller
2011-04-15 16:58:19 -04:00
Ryan Bates
b1424dfa49 Merge branch 'optional-associations' of https://github.com/socialcast/cancan into socialcast-optional-associations 2011-04-01 15:13:02 -07:00
Mitch Williams
6aaab9e440 Fixed bug where conditions on an optionally associated object would throw exceptions if the associated object was not present at the rule match time. 2011-04-01 13:20:25 -07:00
Florent Piteau
a10243a569 When using an existing scope, it should be merged properly to the class. May fix ryanb/cancan#328 :) 2011-04-01 21:25:19 +02:00
Ryan Bates
e96cf5bea4 fixing mongoid 'or' error - closes #322 2011-03-29 17:49:18 -07:00
Ryan Bates
c6f9abb6ab updating some documentation for CanCan 2.0 2011-03-25 18:48:37 -07:00
Ryan Bates
e5b76210e4 fixing marking fully_authorized on an object instance 2011-03-25 17:05:36 -07:00
Ryan Bates
baa1dacc21 authorize params passed in create and update action 2011-03-25 17:01:12 -07:00
Ryan Bates
f41b39406c don't authorize based on resource name in authorize_resource since this is already handled by enable_authorization 2011-03-25 16:40:20 -07:00
Ryan Bates
27eba72e4b mark index action as fully authorized when fetching records through accessible_by 2011-03-25 16:34:13 -07:00
Ryan Bates
5d68caefd0 removing skipping feature in ControllerResource for now 2011-03-25 16:29:04 -07:00
Ryan Bates
35fbee578f passing block to enable_authorization will be executed when CanCan::Unauthorized exception is raised 2011-03-25 16:08:09 -07:00
Ryan Bates
cf2896f011 renaming AccessDenied exception to Unauthorized 2011-03-25 14:43:36 -07:00
Ryan Bates
bcac159b3e merging with master 2011-03-25 14:32:29 -07:00
Ryan Bates
89e40987d8 make sure ActiveRecord::Relation is defined before checking conditions against it so Rails 2 is supported again - closes #312 2011-03-25 14:26:33 -07:00
Ryan Bates
1ac8099f7a return subject passed to authorize! - closes #314 2011-03-25 14:24:43 -07:00