Commit Graph

89 Commits

Author SHA1 Message Date
Ryan Bates
c9e0f4e3ef renaming :singular resource option to :singleton 2010-08-06 13:06:18 -07:00
Ryan Bates
236cece3b3 adding :find_by option to load_resource - closes #19 2010-08-06 11:18:54 -07:00
Ryan Bates
84f4c904b7 adding :singular option to support has_one associations in load/authorize resource - closes #93 2010-08-06 11:03:10 -07:00
Ryan Bates
6998e8bdd1 support multiple resources in :through option of load_resource, this makes polymorphic associations possible - closes #73 2010-08-06 10:35:42 -07:00
Ryan Bates
961b8c2477 consider ancestors when matching classes in Ability#can, this way it works with STI - closes #55 2010-08-06 10:06:37 -07:00
Ryan Bates
a157b65fbf adding :instance_name option to load/authorize_resource - closes #44 2010-08-06 09:35:07 -07:00
Ryan Bates
47f0aa597e change how params are passed to ControllerResource and use HashWithIndifferentAccess in tests 2010-08-06 09:24:01 -07:00
Ryan Bates
67b069579e don't pass nil to 'new' call when no params are specified - closes #63 2010-08-05 16:52:37 -07:00
Ryan Bates
156839b73e only use the :read action when authorizing parent resources 2010-08-05 16:24:08 -07:00
Ryan Bates
25a1c553bf adding :through option to replace :nesting option and moving ResourceAuthorization class code into ControllerResource 2010-08-05 16:12:30 -07:00
Ryan Bates
8dee01195d improving inline documentation for Query 2010-07-21 12:16:08 -07:00
Ryan Bates
25637bb33a removing extra white space at end of lines 2010-07-21 11:45:26 -07:00
Ryan Bates
ba8cb3cf6d refactoring query.joins 2010-07-20 17:05:17 -07:00
Ryan Bates
e098ddaacd refactoring query.conditions 2010-07-20 16:00:22 -07:00
Ryan Bates
964a4765b1 removing need to pass tableize option around for query conditions 2010-07-20 13:43:43 -07:00
Ryan Bates
a42e067f3b extracting out Query class for generating sql conditions and association joins 2010-07-20 13:20:01 -07:00
Ryan Bates
60848143b7 refactoring can definition matching behavior 2010-07-20 11:04:03 -07:00
Ryan Bates
5d8f04363d merging with master and resolving a couple conflicts 2010-07-19 16:36:01 -07:00
Ryan Bates
cad425989e supporting deeply nested aliases - closes #98 2010-07-19 16:03:09 -07:00
Yura Sokolov
5fd793090a fix logic error for single cannot condition - it should return no records 2010-05-25 14:09:01 +04:00
Yura Sokolov
9c0346b90b can accept array for sql sanitizing in conditions 2010-05-25 14:01:53 +04:00
Yura Sokolov
b473d8827f CanDefinition#only_block? 2010-05-25 12:23:39 +04:00
Yura Sokolov
bcab8d6369 fix error with single cannot condition 2010-05-25 12:14:01 +04:00
Yura Sokolov
dbc1538054 small refactoring: CanDefinition #definitive? #conditions_empty? 2010-05-24 18:15:20 +04:00
Yura Sokolov
46f03013f3 Merge remote branch 'upstream/master'
Conflicts:
	lib/cancan/ability.rb
	lib/cancan/active_record_additions.rb
	lib/cancan/can_definition.rb
	spec/cancan/ability_spec.rb
2010-05-24 15:17:10 +04:00
Ryan Bates
1ade44221a load parent resources for collection actions such 'index' 2010-05-21 15:22:21 -07:00
Ryan Bates
2a3dd85a18 adding :name option to load_and_authorize_resource if it does not match controller - closes #65 2010-05-21 14:20:45 -07:00
Ryan Bates
dfd84a10ed improving inline documentation 2010-05-21 13:41:24 -07:00
John Allison
7543eedd6a fixing issue when using accessible_by with nil can conditions - closes #66 2010-05-20 17:06:10 -07:00
Logan Raarup
605063b974 Make sure conditions on associations are pluralized 2010-05-21 07:31:29 +08:00
Sokolov Yura
7d7d249182 passing throw matching rules with not matching conditions
Main goal is to allow:

cannot :manage, :all
can :read, :all
can :manage, User, :id=>user.id
can :manage, User, :manager_id=>user.id

Signed-off-by: Sokolov Yura <funny.falcon@gmail.com>
2010-05-16 22:13:02 +04:00
Ryan Bates
06296b0a40 support has_many association or arrays in can conditions hash 2010-04-22 17:39:22 -07:00
Ryan Bates
e20081454f adding joins clause to accessible_by when conditions are across associations 2010-04-20 17:02:28 -07:00
Ryan Bates
4da31c0709 can has cheezburger? (thanks Seivan) 2010-04-20 14:24:26 -07:00
Ryan Bates
5aa6252df6 removing unused methods and a bit more refactoring 2010-04-18 00:44:42 -07:00
Ryan Bates
bbbc8a68e0 refactoring much of Ability class into separate CanDefinition class 2010-04-18 00:11:15 -07:00
Ryan Bates
232ecd5b4b releasing 1.1.1 which fixes behavior in Rails 3 by properly initializing ResourceAuthorization 2010-04-17 14:01:20 -07:00
Ryan Bates
f1ba76b61b supporting arrays, ranges, and nested hashes in ability conditions 2010-04-17 11:54:27 -07:00
Ryan Bates
283f58ee16 improving readme with links to wiki 2010-04-17 11:45:41 -07:00
Ryan Bates
f46696348e allow access to classes when using hash conditions since you'll generally want to narrow it down with a database query 2010-04-16 15:56:07 -07:00
Ryan Bates
8903feee70 removing unauthorized! in favor of authorize! and including more information in AccessDenied exception - closes #40 2010-04-16 14:54:18 -07:00
Ryan Bates
ecf2818a9e removing apparently unnecessary user attr_accessor in Ability 2010-04-16 08:57:10 -07:00
Ryan Bates
d9f3c8b0ae renaming noun to subject internally 2010-04-16 08:55:36 -07:00
Ryan Bates
240c281061 renaming ActiveRecordAdditions#can method to accessible_by since it flows better and makes more sense 2010-04-15 23:54:45 -07:00
Ryan Bates
ef5900c5b1 adding caching to current_ability class method, if you're overriding this be sure to add caching there too 2010-04-15 23:28:04 -07:00
Ryan Bates
37f482e8d5 default ActiveRecordAdditions#can method action to :read and use 'scoped' if 'where' is not available 2010-04-15 23:18:49 -07:00
Ryan Bates
3c68a911d0 adding can method to Active Record for fetching records matching a specific ability, still needs documentation 2010-04-15 17:04:36 -07:00
Ryan Bates
baeef0b9dd adding conditions behavior to Ability#can and fetch with Ability#conditions - closes #53 2010-04-15 16:50:47 -07:00
Ryan Bates
23a5888fe0 renaming :class option to :resource for load_and_authorize_resource which now supports a symbol for non models - closes #45 2010-04-15 14:14:22 -07:00
Ryan Bates
f2a1695636 properly handle Admin::AbilitiesController in params[:controller] - closes #46 2010-04-15 13:10:12 -07:00