Commit Graph

270 Commits

Author SHA1 Message Date
Ryan Bates
b0cec5251c adding a couple things to the changelog 2010-10-05 12:00:50 -07:00
Ryan Bates
18b45d5cfc adding Gemfile, to get specs running just bundle and rake - closes #163 2010-10-05 10:09:37 -07:00
Ryan Bates
8f49f28713 don't stop at cannot definitions when there are no conditions - closes #161 2010-10-04 11:11:14 -07:00
Sokolov Yura
12037d7f43 should not allow to can? when raw sql without block is present 2010-10-05 02:01:48 +08:00
Ryan Bates
1f81b8dd1e use 'send' to access controller current_ability in case it's private 2010-09-23 11:58:55 -07:00
Ryan Bates
3391c5a0d7 adding to changelog 2010-09-21 12:03:16 -07:00
Ryan Bates
c11ffb6fd1 support loading resource :through method along with instance variable - closes #146 2010-09-21 11:42:47 -07:00
Ryan Bates
264e2d2b68 raise AccessDenied error when loading child while parent is nil, pass :shallow => true to bypass 2010-09-21 11:32:56 -07:00
Sokolov Yura
ebef3cc745 consistency addition for ability check on Module 2010-09-21 00:16:36 +08:00
Ryan Bates
cef55c95e7 fetch cancan_resource_class through controller class from ControllerResource 2010-09-16 16:01:58 -07:00
Sokolov Yura
7e0e72276e add specs to sql conditions by not Hash 2010-09-17 06:57:26 +08:00
Sokolov Yura
ff9a91705b add specs for module definitions 2010-09-17 06:57:25 +08:00
Sokolov Yura
a0f73fe0f7 fix error 2010-09-17 06:57:25 +08:00
Sokolov Yura
e2c341b8d3 allow to check ability by common module 2010-09-17 06:57:24 +08:00
Sokolov Yura
f236b1b5a4 resolve issue 149 2010-09-17 06:57:24 +08:00
Juan Manuel Barreneche
0b270f2d0f Use cancan_resource_class for before filters instead of hardcoded ControllerResource class 2010-09-17 06:40:16 +08:00
Juan Manuel Barreneche
961df90ecd Controllers which use 'inherit_resources' instead of Inheritance may have inherited_resource's methods protected 2010-09-17 06:40:15 +08:00
Ryan Bates
4eee637270 adding support for loading through Inherited Resources - closes #23 2010-09-09 16:28:00 -07:00
Ryan Bates
a5ff826e40 fix pluralize error on index action when passing resource name - closes #143 again 2010-09-07 22:10:16 -07:00
Ryan Bates
9d915457af load the collection instance variable on index action - closes #137 2010-09-07 16:25:02 -07:00
Ryan Bates
158c908d3b adding action and subject variables to I18n unauthorized message - closes #142 2010-09-07 15:48:07 -07:00
Ryan Bates
bf9b8ad1a6 filling in some inline documentation for 1.4 2010-09-03 16:19:39 -07:00
Ryan Bates
1af6c6f395 adding check_authorization and skip_authorization controller class methods to ensure authorization is triggered (thanks justinko) - closes #135 2010-09-03 14:38:55 -07:00
Ryan Bates
7c5243321f have params hash override initial attributes when building a new resource 2010-09-03 14:11:44 -07:00
Ryan Bates
721939babd cleaning up some internal specs and names 2010-09-03 14:00:46 -07:00
Ryan Bates
a744377ac9 the new and create actions will now build the resource with attributes based on ability conditions hash - closes #114 2010-09-03 11:53:47 -07:00
Ryan Bates
1be5bf7a57 don't fail if association conditions aren't specified for nested association check 2010-09-03 11:05:58 -07:00
Ryan Bates
c88cb8f459 passing a hash to can? will check permissions on association, this is done automatically in authorize_resource - closes #121 2010-09-03 11:01:55 -07:00
Ryan Bates
737f8acff5 make it clear in readme that alias_action is an instance method - closes #139 2010-09-03 09:30:47 -07:00
Ryan Bates
a5f838a964 use I18n for unauthorization messages - closes #103 2010-09-02 17:01:10 -07:00
Ryan Bates
66314a89f8 support no arguments to 'can' definition which always calls block 2010-09-02 14:46:38 -07:00
Ryan Bates
b1fb179aaf don't pass action into can block with :manage option - closes #129 2010-09-02 14:29:49 -07:00
Ryan Bates
6105edc6a7 skip block when only class is passed to ability check, also don't pass class to block for :all - closes #116 2010-09-02 14:23:00 -07:00
Ryan Bates
04b523eea4 releasing version 1.3.4 2010-08-31 15:46:26 -07:00
Ryan Bates
5a353c1cba don't stop at cannot definition when checking class - closes #131 2010-08-30 15:20:06 -07:00
Ryan Bates
4fe44af45d be more clear about blocks not working with accessible_by - closes #130 2010-08-30 13:40:31 -07:00
Ryan Bates
a10a38c82f releasing version 1.3.3 2010-08-20 16:27:25 -07:00
Ryan Bates
caed4fcee5 use RSpec namespace for matcher - closes #119 2010-08-18 16:22:43 -07:00
Ryan Bates
e893e12260 fixing broken spec and minor improvements to tableized_conditions method 2010-08-18 16:04:08 -07:00
McClain Looney
3d7742ea43 fix for bug 123 2010-08-17 09:33:11 -05:00
Ryan Bates
a566ea0f4f releasing version 1.3.2 which fixes slice error when passing custom resource name 2010-08-07 08:38:35 -07:00
Ryan Bates
333ddf1970 properly pass along resource name without slice error - closes #112 2010-08-07 08:33:31 -07:00
Ryan Bates
cd74267364 releasing version 1.3.1 with sanitize_sql fix 2010-08-06 23:28:51 -07:00
Ryan Bates
f8631dcc93 fixing error on protected sanitize_sql - closes #111 2010-08-06 23:24:04 -07:00
Ryan Bates
7a17586eb3 releasing version 1.3.0 2010-08-06 16:00:52 -07:00
Ryan Bates
13427e18d5 updating readme 2010-08-06 15:54:25 -07:00
Ryan Bates
1dccc0252a removing :resource option from rdocs since it's not longer used 2010-08-06 15:05:24 -07:00
Ryan Bates
75ce2bdefa allow :parent => false option to work in load/authorize resource 2010-08-06 14:26:57 -07:00
Ryan Bates
c9e0f4e3ef renaming :singular resource option to :singleton 2010-08-06 13:06:18 -07:00
Ryan Bates
7d9e710f05 updating changelog 2010-08-06 11:42:30 -07:00