Ryan Bates
e24d5d146b
merging master into 2.0
2011-05-19 16:01:06 -04:00
Ryan Bates
843fe89c63
pass action and subject through AccessDenied exception when :through isn't found - closes #366
2011-05-18 12:58:02 -04:00
Ryan Bates
74c9d582b2
Merge pull request #363 from rahearn/mongoid-conditions-empty
...
Fixes bug in mongoid_adapter with empty conditions hash
2011-05-17 10:22:19 -07:00
Ryan Bates
4e4c5a9a7f
adding current_ability to helper methods - closes #361
2011-05-17 13:21:11 -04:00
Ryan Bates
dde88c92b7
allow :through option to work with private controller methods - closes #360
2011-05-17 13:18:31 -04:00
Ryan Bates
cb9777be5f
ensure Mongoid::Document is defined before loading Mongoid adapter - closes #359
2011-05-17 13:16:33 -04:00
Ryan Ahearn
0882450232
Processes can rules only if no empty conditions rules are present
...
1) remove all empty conditions hashes from the rules, they are included
in the records through `@model_class.all`
2) only process can rules if the new and old rules lists are the same
length (meaning there were no empty conditions hashes)
3) always process cannot rules
2011-05-12 09:24:38 -04:00
Ryan Ahearn
ad62d60b20
Fixes bug in mongoid_adapter with empty conditions hash
...
* adds mongoid query that matches every record when
rule.conditions.empty? is true
2011-05-10 11:52:29 -04:00
Emmanuel Gomez
16bdb8d42e
Return empty set early if no can rules are present.
...
Thanks dkubb!
2011-04-29 12:04:19 -07:00
Emmanuel Gomez
d6851debd4
Fix pending spec for DataMapper adapter.
2011-04-29 00:46:38 -07:00
Emmanuel Gomez
6d39b0ae07
Use dkubb's suggestion for evaluating conditions against a Resource.
2011-04-29 00:31:27 -07:00
John Feminella
17c52a7983
Augments Mongoid adapter by handling case where attribute is an array
2011-04-27 09:54:37 -04:00
Ryan Bates
63865cc7d8
allow SQL conditions to be used with a block
2011-04-21 00:46:06 -07:00
Ryan Ahearn
2b6204117f
Adds ability to use Scope query with Mongoid
...
Same limitations apply as with active record
* can not be OR'd with other rules for same ability/controller
2011-04-15 16:58:19 -04:00
Ryan Bates
b1424dfa49
Merge branch 'optional-associations' of https://github.com/socialcast/cancan into socialcast-optional-associations
2011-04-01 15:13:02 -07:00
Mitch Williams
6aaab9e440
Fixed bug where conditions on an optionally associated object would throw exceptions if the associated object was not present at the rule match time.
2011-04-01 13:20:25 -07:00
Florent Piteau
a10243a569
When using an existing scope, it should be merged properly to the class. May fix ryanb/cancan#328 :)
2011-04-01 21:25:19 +02:00
Ryan Bates
e96cf5bea4
fixing mongoid 'or' error - closes #322
2011-03-29 17:49:18 -07:00
Ryan Bates
c6f9abb6ab
updating some documentation for CanCan 2.0
2011-03-25 18:48:37 -07:00
Ryan Bates
e5b76210e4
fixing marking fully_authorized on an object instance
2011-03-25 17:05:36 -07:00
Ryan Bates
baa1dacc21
authorize params passed in create and update action
2011-03-25 17:01:12 -07:00
Ryan Bates
f41b39406c
don't authorize based on resource name in authorize_resource since this is already handled by enable_authorization
2011-03-25 16:40:20 -07:00
Ryan Bates
27eba72e4b
mark index action as fully authorized when fetching records through accessible_by
2011-03-25 16:34:13 -07:00
Ryan Bates
5d68caefd0
removing skipping feature in ControllerResource for now
2011-03-25 16:29:04 -07:00
Ryan Bates
35fbee578f
passing block to enable_authorization will be executed when CanCan::Unauthorized exception is raised
2011-03-25 16:08:09 -07:00
Ryan Bates
cf2896f011
renaming AccessDenied exception to Unauthorized
2011-03-25 14:43:36 -07:00
Ryan Bates
bcac159b3e
merging with master
2011-03-25 14:32:29 -07:00
Ryan Bates
89e40987d8
make sure ActiveRecord::Relation is defined before checking conditions against it so Rails 2 is supported again - closes #312
2011-03-25 14:26:33 -07:00
Ryan Bates
1ac8099f7a
return subject passed to authorize! - closes #314
2011-03-25 14:24:43 -07:00
Ryan Bates
346ca2c74e
check authorization is sufficient in an after_filter when doing enable_authorization
2011-03-25 14:11:59 -07:00
Ryan Bates
242e912519
refactoring fully authorized check and catching bug
2011-03-25 13:30:45 -07:00
Ryan Bates
488cc2dfdd
require attributes to be checked on create/update action in order to be fully authorized
2011-03-25 13:23:05 -07:00
Ryan Bates
0f3753491d
adding fully_authorized? method to Ability to check if conditions are considered in authorize! call
2011-03-25 12:01:53 -07:00
Ryan Bates
85efbdb8d0
adding attributes as 3rd argument to can and can? calls
2011-03-25 11:24:10 -07:00
Ryan Bates
a03d35272b
allow strings along with symbols in Ability definition and checking
2011-03-24 11:52:54 -07:00
Ryan Bates
7ee942c334
adding enable_authorization method and deprecating some other controller methods
2011-03-24 11:22:32 -07:00
Ryan Bates
3a825ed0d1
getting all specs passing again
2011-03-23 19:47:34 -07:00
Ryan Bates
98ed39264e
modifying Ability to use symbol for subject instead of class, also adding subject aliases
2011-03-23 17:00:33 -07:00
Ryan Bates
7688025404
fixing instance loading with :singleton option - closes #310
2011-03-18 09:42:30 -07:00
Ryan Bates
3f6cecbfcf
use Item.new instead of build_item for singleton resource so it doesn't mess up database - closes #304
2011-03-15 23:37:05 -07:00
Ryan Bates
fdd5ad022d
making accessible_by action default to :index and parent action default to :show so we don't check :read action directly - closes #302
2011-03-15 23:00:40 -07:00
Adam Wróbel
3639ca90eb
Fixes inherited_resources collection authorization
...
This reverts e3eab13b86
I don't know what was the idea of that, but it turned out REAL bad.
`collection` sets the collection instance variable. `resource_base` is used all
over CanCan. It's also used inside `load_collection?` which is checked before
`load_collection` is called. That means we actually set the collection instance
variable through inherited_resources (without any authorization whatsoever) before trying to load it through CanCan using `accessible_by`.
1. def load_resource
2. unless skip?(:load)
3. if load_instance?
4. self.resource_instance ||= load_resource_instance
5. elsif load_collection?
6. self.collection_instance ||= load_collection
7. end
8. end
9. end
`collection_instance` is set on line 5 instead of line 6.
2011-03-16 01:20:35 +01:00
Ryan Bates
9bee4a8d4b
adding any/all support for MetaWhere conditions
2011-03-08 23:19:56 -08:00
Ryan Bates
eb2826f135
adding more MetaWhere comparison operators
2011-03-08 22:21:42 -08:00
Ryan Bates
a49269175e
Merge branch 'master' into meta_where
2011-03-08 22:05:40 -08:00
Ryan Bates
0de43c445b
raise an error when trying to make a rule with both hash conditions and a block - closes #269
2011-03-08 17:20:32 -08:00
Ryan Bates
f9b181af05
allow Active Record scope to be passed as Ability conditions - closes #257
2011-03-08 17:08:26 -08:00
Ryan Bates
80f1ab20fb
adding :if and :unless options to check_authorization - closes #284
2011-03-08 16:35:01 -08:00
Ryan Bates
37102fe6f8
load collection resources in custom controller actions with no id param - closes #296
2011-03-08 16:10:40 -08:00
Ryan Bates
ba999970b1
add space in multiword model in I18n unauthorized message - closes #292
2011-03-08 15:56:23 -08:00