releasing version 1.3.2 which fixes slice error when passing custom resource name

properly pass along resource name without slice error - closes #112
releasing version 1.3.1 with sanitize_sql fix
2010-08-07 08:38:35 -07:00 · 2010-08-07 08:33:31 -07:00 · 2010-08-06 23:28:51 -07:00 · 2010-08-06 23:24:04 -07:00
6 changed files with 47 additions and 25 deletions
--- a/CHANGELOG.rdoc
+++ b/CHANGELOG.rdoc
@@ -1,3 +1,13 @@
 1.3.2 (August 7, 2010)
 * Fixing slice error when passing in custom resource name - see issue #112
 1.3.1 (August 6, 2010)
 * Fixing protected sanitize_sql error - see issue #111
 1.3.0 (August 6, 2010)
 * Adding :find_by option to load_resource - see issue #19
--- a/cancan.gemspec
+++ b/cancan.gemspec
@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
  s.name        = "cancan"
-  s.version     = "1.3.0"
+  s.version     = "1.3.2"
  s.author      = "Ryan Bates"
  s.email       = "ryan@railscasts.com"
  s.homepage    = "http://github.com/ryanb/cancan"
--- a/lib/cancan/controller_resource.rb
+++ b/lib/cancan/controller_resource.rb
@@ -2,9 +2,11 @@ module CanCan
  # Handle the load and authorization controller logic so we don't clutter up all controllers with non-interface methods.
  # This class is used internally, so you do not need to call methods directly on it.
  class ControllerResource # :nodoc:
-    def self.add_before_filter(controller_class, method, options = {})
+    def self.add_before_filter(controller_class, method, *args)
      options = args.extract_options!
      resource_name = args.first
      controller_class.before_filter(options.slice(:only, :except)) do |controller|
-        ControllerResource.new(controller, options.except(:only, :except)).send(method)
+        ControllerResource.new(controller, resource_name, options.except(:only, :except)).send(method)
      end
    end
--- a/lib/cancan/query.rb
+++ b/lib/cancan/query.rb
@@ -71,7 +71,7 @@ module CanCan
    end
    def sanitize_sql(conditions)
-      @sanitizer.sanitize_sql(conditions)
+      @sanitizer.send(:sanitize_sql, conditions)
    end
    # Takes two hashes and does a deep merge.
--- a/spec/cancan/controller_additions_spec.rb
+++ b/spec/cancan/controller_additions_spec.rb
@@ -53,19 +53,25 @@ describe CanCan::ControllerAdditions do
  end
  it "load_and_authorize_resource should setup a before filter which passes call to ControllerResource" do
-    stub(CanCan::ControllerResource).new(@controller, :foo => :bar).mock!.load_and_authorize_resource
+    stub(CanCan::ControllerResource).new(@controller, nil, :foo => :bar).mock!.load_and_authorize_resource
    mock(@controller_class).before_filter({}) { |options, block| block.call(@controller) }
    @controller_class.load_and_authorize_resource :foo => :bar
  end
  it "load_and_authorize_resource should properly pass first argument as the resource name" do
    stub(CanCan::ControllerResource).new(@controller, :project, :foo => :bar).mock!.load_and_authorize_resource
    mock(@controller_class).before_filter({}) { |options, block| block.call(@controller) }
    @controller_class.load_and_authorize_resource :project, :foo => :bar
  end
  it "authorize_resource should setup a before filter which passes call to ControllerResource" do
-    stub(CanCan::ControllerResource).new(@controller, :foo => :bar).mock!.authorize_resource
+    stub(CanCan::ControllerResource).new(@controller, nil, :foo => :bar).mock!.authorize_resource
    mock(@controller_class).before_filter(:except => :show) { |options, block| block.call(@controller) }
    @controller_class.authorize_resource :foo => :bar, :except => :show
  end
  it "load_resource should setup a before filter which passes call to ControllerResource" do
-    stub(CanCan::ControllerResource).new(@controller, :foo => :bar).mock!.load_resource
+    stub(CanCan::ControllerResource).new(@controller, nil, :foo => :bar).mock!.load_resource
    mock(@controller_class).before_filter(:only => [:show, :index]) { |options, block| block.call(@controller) }
    @controller_class.load_resource :foo => :bar, :only => [:show, :index]
  end
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -19,25 +19,29 @@ class Ability
  end
 end
-# this class helps out in testing nesting and SQL conditions
+# this class helps out in testing SQL conditions
 class Person
-  def self.sanitize_sql(hash_cond)
+  class << self
-    case hash_cond
+    protected
-    when Hash
+
-      sanitize_hash(hash_cond).join(' AND ')
+    def sanitize_sql(hash_cond)
-    when Array
+      case hash_cond
-      hash_cond.shift.gsub('?'){"#{hash_cond.shift.inspect}"}
+      when Hash
-    when String then hash_cond
+        sanitize_hash(hash_cond).join(' AND ')
      when Array
        hash_cond.shift.gsub('?'){"#{hash_cond.shift.inspect}"}
      when String then hash_cond
      end
    end
    def sanitize_hash(hash)
      hash.map do |name, value|
        if Hash === value
          sanitize_hash(value).map{|cond| "#{name}.#{cond}"}
        else
          "#{name}=#{value}"
        end
      end.flatten
    end
  end
  def self.sanitize_hash(hash)
    hash.map do |name, value|
      if Hash === value
        sanitize_hash(value).map{|cond| "#{name}.#{cond}"}
      else
        "#{name}=#{value}"
      end
    end.flatten
  end
 end
Author	SHA1	Message	Date
Ryan Bates	a566ea0f4f	releasing version 1.3.2 which fixes slice error when passing custom resource name	2010-08-07 08:38:35 -07:00
Ryan Bates	333ddf1970	properly pass along resource name without slice error - closes #112	2010-08-07 08:33:31 -07:00
Ryan Bates	cd74267364	releasing version 1.3.1 with sanitize_sql fix	2010-08-06 23:28:51 -07:00
Ryan Bates	f8631dcc93	fixing error on protected sanitize_sql - closes #111	2010-08-06 23:24:04 -07:00