Mani Tadayon
|
dbcd93e095
|
Fix bug with Mongoid document where :manage :all caused accessible_by to return nothing and add specs to test for :manage :all.
|
2010-10-14 18:21:59 -07:00 |
|
Mani Tadayon
|
d256aeb26e
|
Fix bug with CanDefinition#tableized_conditions being used with Mongoid documents and add more specs for accesible_by with Mongoid.
|
2010-10-14 17:39:19 -07:00 |
|
Mani Tadayon
|
25bf479f48
|
Fix accessible_by for Mongoid documents when no ability is defined.
The previous spec that checked for this was not right, since there were no documents in the collection, so every query would return an empty result.
|
2010-10-13 19:41:30 -07:00 |
|
Mani Tadayon
|
ab82dcbc8f
|
Add support for Mongoid::Criteria Symbol extensions (:age.gt => 10) along with specs.
|
2010-10-13 15:22:53 -07:00 |
|
Mani Tadayon
|
be74df0548
|
Add support for Mongoid documents along with basic specs.
|
2010-10-13 14:41:29 -07:00 |
|
Ryan Bates
|
6c3e87eea9
|
updating readme and documentation
|
2010-10-05 16:18:35 -07:00 |
|
Ryan Bates
|
b0cec5251c
|
adding a couple things to the changelog
|
2010-10-05 12:00:50 -07:00 |
|
Ryan Bates
|
8f49f28713
|
don't stop at cannot definitions when there are no conditions - closes #161
|
2010-10-04 11:11:14 -07:00 |
|
Sokolov Yura
|
12037d7f43
|
should not allow to can? when raw sql without block is present
|
2010-10-05 02:01:48 +08:00 |
|
Ryan Bates
|
1f81b8dd1e
|
use 'send' to access controller current_ability in case it's private
|
2010-09-23 11:58:55 -07:00 |
|
Ryan Bates
|
c11ffb6fd1
|
support loading resource :through method along with instance variable - closes #146
|
2010-09-21 11:42:47 -07:00 |
|
Ryan Bates
|
264e2d2b68
|
raise AccessDenied error when loading child while parent is nil, pass :shallow => true to bypass
|
2010-09-21 11:32:56 -07:00 |
|
Sokolov Yura
|
ebef3cc745
|
consistency addition for ability check on Module
|
2010-09-21 00:16:36 +08:00 |
|
Ryan Bates
|
cef55c95e7
|
fetch cancan_resource_class through controller class from ControllerResource
|
2010-09-16 16:01:58 -07:00 |
|
Sokolov Yura
|
a0f73fe0f7
|
fix error
|
2010-09-17 06:57:25 +08:00 |
|
Sokolov Yura
|
e2c341b8d3
|
allow to check ability by common module
|
2010-09-17 06:57:24 +08:00 |
|
Sokolov Yura
|
f236b1b5a4
|
resolve issue 149
|
2010-09-17 06:57:24 +08:00 |
|
Juan Manuel Barreneche
|
0b270f2d0f
|
Use cancan_resource_class for before filters instead of hardcoded ControllerResource class
|
2010-09-17 06:40:16 +08:00 |
|
Juan Manuel Barreneche
|
961df90ecd
|
Controllers which use 'inherit_resources' instead of Inheritance may have inherited_resource's methods protected
|
2010-09-17 06:40:15 +08:00 |
|
Ryan Bates
|
4eee637270
|
adding support for loading through Inherited Resources - closes #23
|
2010-09-09 16:28:00 -07:00 |
|
Ryan Bates
|
a5ff826e40
|
fix pluralize error on index action when passing resource name - closes #143 again
|
2010-09-07 22:10:16 -07:00 |
|
Ryan Bates
|
9d915457af
|
load the collection instance variable on index action - closes #137
|
2010-09-07 16:25:02 -07:00 |
|
Ryan Bates
|
158c908d3b
|
adding action and subject variables to I18n unauthorized message - closes #142
|
2010-09-07 15:48:07 -07:00 |
|
Ryan Bates
|
bf9b8ad1a6
|
filling in some inline documentation for 1.4
|
2010-09-03 16:19:39 -07:00 |
|
Ryan Bates
|
1af6c6f395
|
adding check_authorization and skip_authorization controller class methods to ensure authorization is triggered (thanks justinko) - closes #135
|
2010-09-03 14:38:55 -07:00 |
|
Ryan Bates
|
7c5243321f
|
have params hash override initial attributes when building a new resource
|
2010-09-03 14:11:44 -07:00 |
|
Ryan Bates
|
721939babd
|
cleaning up some internal specs and names
|
2010-09-03 14:00:46 -07:00 |
|
Ryan Bates
|
a744377ac9
|
the new and create actions will now build the resource with attributes based on ability conditions hash - closes #114
|
2010-09-03 11:53:47 -07:00 |
|
Ryan Bates
|
1be5bf7a57
|
don't fail if association conditions aren't specified for nested association check
|
2010-09-03 11:05:58 -07:00 |
|
Ryan Bates
|
c88cb8f459
|
passing a hash to can? will check permissions on association, this is done automatically in authorize_resource - closes #121
|
2010-09-03 11:01:55 -07:00 |
|
Ryan Bates
|
a5f838a964
|
use I18n for unauthorization messages - closes #103
|
2010-09-02 17:01:10 -07:00 |
|
Ryan Bates
|
66314a89f8
|
support no arguments to 'can' definition which always calls block
|
2010-09-02 14:46:38 -07:00 |
|
Ryan Bates
|
b1fb179aaf
|
don't pass action into can block with :manage option - closes #129
|
2010-09-02 14:29:49 -07:00 |
|
Ryan Bates
|
6105edc6a7
|
skip block when only class is passed to ability check, also don't pass class to block for :all - closes #116
|
2010-09-02 14:23:00 -07:00 |
|
Ryan Bates
|
5a353c1cba
|
don't stop at cannot definition when checking class - closes #131
|
2010-08-30 15:20:06 -07:00 |
|
Ryan Bates
|
4fe44af45d
|
be more clear about blocks not working with accessible_by - closes #130
|
2010-08-30 13:40:31 -07:00 |
|
Ryan Bates
|
caed4fcee5
|
use RSpec namespace for matcher - closes #119
|
2010-08-18 16:22:43 -07:00 |
|
Ryan Bates
|
e893e12260
|
fixing broken spec and minor improvements to tableized_conditions method
|
2010-08-18 16:04:08 -07:00 |
|
McClain Looney
|
3d7742ea43
|
fix for bug 123
|
2010-08-17 09:33:11 -05:00 |
|
Ryan Bates
|
333ddf1970
|
properly pass along resource name without slice error - closes #112
|
2010-08-07 08:33:31 -07:00 |
|
Ryan Bates
|
f8631dcc93
|
fixing error on protected sanitize_sql - closes #111
|
2010-08-06 23:24:04 -07:00 |
|
Ryan Bates
|
1dccc0252a
|
removing :resource option from rdocs since it's not longer used
|
2010-08-06 15:05:24 -07:00 |
|
Ryan Bates
|
75ce2bdefa
|
allow :parent => false option to work in load/authorize resource
|
2010-08-06 14:26:57 -07:00 |
|
Ryan Bates
|
c9e0f4e3ef
|
renaming :singular resource option to :singleton
|
2010-08-06 13:06:18 -07:00 |
|
Ryan Bates
|
236cece3b3
|
adding :find_by option to load_resource - closes #19
|
2010-08-06 11:18:54 -07:00 |
|
Ryan Bates
|
84f4c904b7
|
adding :singular option to support has_one associations in load/authorize resource - closes #93
|
2010-08-06 11:03:10 -07:00 |
|
Ryan Bates
|
6998e8bdd1
|
support multiple resources in :through option of load_resource, this makes polymorphic associations possible - closes #73
|
2010-08-06 10:35:42 -07:00 |
|
Ryan Bates
|
961b8c2477
|
consider ancestors when matching classes in Ability#can, this way it works with STI - closes #55
|
2010-08-06 10:06:37 -07:00 |
|
Ryan Bates
|
a157b65fbf
|
adding :instance_name option to load/authorize_resource - closes #44
|
2010-08-06 09:35:07 -07:00 |
|
Ryan Bates
|
47f0aa597e
|
change how params are passed to ControllerResource and use HashWithIndifferentAccess in tests
|
2010-08-06 09:24:01 -07:00 |
|