Commit Graph

290 Commits

Author SHA1 Message Date
Mani Tadayon
2ee6908a2a Remove commented-out line from gemspec 2010-11-17 09:52:44 -08:00
Mani Tadayon
84c590e8c7 Add comments clarifying alias_method in MongoidAdditions 2010-11-17 09:52:30 -08:00
Mani Tadayon
5ebca1f9bf Update specs for MongoidAdditions to use rr mocks 2010-11-16 15:47:07 -08:00
Tyler Gannon
f6aaa581ef can? should only go to db if there are mongoid criteria in the conditions.
Easier to just do a simple comparison on the object in memory
than to search the database.  Also this allows method calls
and other attributes that might not be found in the database.
2010-11-15 19:43:54 -08:00
Ryan Bates
872e4cfba8 releasing version 1.4.1 2010-11-12 10:51:29 -08:00
Ryan Bates
787511a208 renaming skip_authorization to skip_authorization_check - closes #169 2010-11-12 10:46:03 -08:00
Ryan Bates
92995d791e adding :through_association option to load_resource (thanks hunterae) - closes #171 2010-11-12 10:42:26 -08:00
Ryan Bates
ebf77ed647 fixing specs due to joins method check in active record additions 2010-11-12 10:31:36 -08:00
Nanda Lopes
9a7c427373 Fix NoMethodError
Raises NoMethodError when using ":singleton => true, :shallow => true" and parent_resource is nil
2010-11-13 02:24:31 +08:00
Ramon Tayag
cf263c105d checks if active record responds to 'joins', so this can work with internuity's quick_scopes gem; added .swp files to git ignore 2010-11-13 02:21:56 +08:00
Michael Halliday
79180de372 This fixes an odd error I was seeing in development mode when cache_classes = false (the default), specifically when loading an object throught the parent in load_and_authorize_resource.
Assume Photo model and User model where user has many photos:

@photo = current_user.photos.find(1) # this returns a photo
@photo1 = Photo.find(1)

@photo.kind_of?(Photo) is not always true for some reason when class_cacheing is false.  Where as @photo1.kind_of?(Photo) always appears to be true.  Of interesting note, in the above example @photo != @photo1 if kind_of? is false.  Very odd.
 
Again, this only appears to be when loading and object through an association.
2010-11-13 02:09:06 +08:00
Mani Tadayon
dbcd93e095 Fix bug with Mongoid document where :manage :all caused accessible_by to return nothing and add specs to test for :manage :all. 2010-10-14 18:21:59 -07:00
Mani Tadayon
d256aeb26e Fix bug with CanDefinition#tableized_conditions being used with Mongoid documents and add more specs for accesible_by with Mongoid. 2010-10-14 17:39:19 -07:00
Mani Tadayon
25bf479f48 Fix accessible_by for Mongoid documents when no ability is defined.
The previous spec that checked for this was not right, since there were no documents in the collection, so every query would return an empty result.
2010-10-13 19:41:30 -07:00
Mani Tadayon
ab82dcbc8f Add support for Mongoid::Criteria Symbol extensions (:age.gt => 10) along with specs. 2010-10-13 15:22:53 -07:00
Mani Tadayon
be74df0548 Add support for Mongoid documents along with basic specs. 2010-10-13 14:41:29 -07:00
Ryan Bates
f901c367fc using supermodel in specs to remove some of the model stubs 2010-10-08 11:46:41 -07:00
Ryan Bates
67cd83dd96 releasing version 1.4.0 2010-10-05 16:25:04 -07:00
Ryan Bates
6c3e87eea9 updating readme and documentation 2010-10-05 16:18:35 -07:00
Ryan Bates
fa766e71ed looks like Bundler automatically requires cancan for the specs 2010-10-05 14:02:01 -07:00
Ryan Bates
b0cec5251c adding a couple things to the changelog 2010-10-05 12:00:50 -07:00
Ryan Bates
18b45d5cfc adding Gemfile, to get specs running just bundle and rake - closes #163 2010-10-05 10:09:37 -07:00
Ryan Bates
8f49f28713 don't stop at cannot definitions when there are no conditions - closes #161 2010-10-04 11:11:14 -07:00
Sokolov Yura
12037d7f43 should not allow to can? when raw sql without block is present 2010-10-05 02:01:48 +08:00
Ryan Bates
1f81b8dd1e use 'send' to access controller current_ability in case it's private 2010-09-23 11:58:55 -07:00
Ryan Bates
3391c5a0d7 adding to changelog 2010-09-21 12:03:16 -07:00
Ryan Bates
c11ffb6fd1 support loading resource :through method along with instance variable - closes #146 2010-09-21 11:42:47 -07:00
Ryan Bates
264e2d2b68 raise AccessDenied error when loading child while parent is nil, pass :shallow => true to bypass 2010-09-21 11:32:56 -07:00
Sokolov Yura
ebef3cc745 consistency addition for ability check on Module 2010-09-21 00:16:36 +08:00
Ryan Bates
cef55c95e7 fetch cancan_resource_class through controller class from ControllerResource 2010-09-16 16:01:58 -07:00
Sokolov Yura
7e0e72276e add specs to sql conditions by not Hash 2010-09-17 06:57:26 +08:00
Sokolov Yura
ff9a91705b add specs for module definitions 2010-09-17 06:57:25 +08:00
Sokolov Yura
a0f73fe0f7 fix error 2010-09-17 06:57:25 +08:00
Sokolov Yura
e2c341b8d3 allow to check ability by common module 2010-09-17 06:57:24 +08:00
Sokolov Yura
f236b1b5a4 resolve issue 149 2010-09-17 06:57:24 +08:00
Juan Manuel Barreneche
0b270f2d0f Use cancan_resource_class for before filters instead of hardcoded ControllerResource class 2010-09-17 06:40:16 +08:00
Juan Manuel Barreneche
961df90ecd Controllers which use 'inherit_resources' instead of Inheritance may have inherited_resource's methods protected 2010-09-17 06:40:15 +08:00
Ryan Bates
4eee637270 adding support for loading through Inherited Resources - closes #23 2010-09-09 16:28:00 -07:00
Ryan Bates
a5ff826e40 fix pluralize error on index action when passing resource name - closes #143 again 2010-09-07 22:10:16 -07:00
Ryan Bates
9d915457af load the collection instance variable on index action - closes #137 2010-09-07 16:25:02 -07:00
Ryan Bates
158c908d3b adding action and subject variables to I18n unauthorized message - closes #142 2010-09-07 15:48:07 -07:00
Ryan Bates
bf9b8ad1a6 filling in some inline documentation for 1.4 2010-09-03 16:19:39 -07:00
Ryan Bates
1af6c6f395 adding check_authorization and skip_authorization controller class methods to ensure authorization is triggered (thanks justinko) - closes #135 2010-09-03 14:38:55 -07:00
Ryan Bates
7c5243321f have params hash override initial attributes when building a new resource 2010-09-03 14:11:44 -07:00
Ryan Bates
721939babd cleaning up some internal specs and names 2010-09-03 14:00:46 -07:00
Ryan Bates
a744377ac9 the new and create actions will now build the resource with attributes based on ability conditions hash - closes #114 2010-09-03 11:53:47 -07:00
Ryan Bates
1be5bf7a57 don't fail if association conditions aren't specified for nested association check 2010-09-03 11:05:58 -07:00
Ryan Bates
c88cb8f459 passing a hash to can? will check permissions on association, this is done automatically in authorize_resource - closes #121 2010-09-03 11:01:55 -07:00
Ryan Bates
737f8acff5 make it clear in readme that alias_action is an instance method - closes #139 2010-09-03 09:30:47 -07:00
Ryan Bates
a5f838a964 use I18n for unauthorization messages - closes #103 2010-09-02 17:01:10 -07:00