releasing version 1.3.1 with sanitize_sql fix

CHANGELOG.rdoc

@@ -1,3 +1,8 @@
+1.3.1 (August 6, 2010)
+
+* Fixing protected sanitize_sql error - see issue #111
+
+
 1.3.0 (August 6, 2010)
 
 * Adding :find_by option to load_resource - see issue #19

cancan.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name        = "cancan"
-  s.version     = "1.3.0"
+  s.version     = "1.3.1"
   s.author      = "Ryan Bates"
   s.email       = "ryan@railscasts.com"
   s.homepage    = "http://github.com/ryanb/cancan"

lib/cancan/query.rb

@@ -71,7 +71,7 @@ module CanCan
     end
 
     def sanitize_sql(conditions)
-      @sanitizer.sanitize_sql(conditions)
+      @sanitizer.send(:sanitize_sql, conditions)
     end
 
     # Takes two hashes and does a deep merge.

spec/spec_helper.rb

@@ -19,25 +19,29 @@ class Ability
   end
 end
 
-# this class helps out in testing nesting and SQL conditions
+# this class helps out in testing SQL conditions
 class Person
-  def self.sanitize_sql(hash_cond)
-    case hash_cond
-    when Hash
-      sanitize_hash(hash_cond).join(' AND ')
-    when Array
-      hash_cond.shift.gsub('?'){"#{hash_cond.shift.inspect}"}
-    when String then hash_cond
+  class << self
+    protected
+
+    def sanitize_sql(hash_cond)
+      case hash_cond
+      when Hash
+        sanitize_hash(hash_cond).join(' AND ')
+      when Array
+        hash_cond.shift.gsub('?'){"#{hash_cond.shift.inspect}"}
+      when String then hash_cond
+      end
+    end
+
+    def sanitize_hash(hash)
+      hash.map do |name, value|
+        if Hash === value
+          sanitize_hash(value).map{|cond| "#{name}.#{cond}"}
+        else
+          "#{name}=#{value}"
+        end
+      end.flatten
     end
   end
-
-  def self.sanitize_hash(hash)
-    hash.map do |name, value|
-      if Hash === value
-        sanitize_hash(value).map{|cond| "#{name}.#{cond}"}
-      else
-        "#{name}=#{value}"
-      end
-    end.flatten
-  end
 end