will/cancan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Commit Graph

  • 8f49f28713 don't stop at cannot definitions when there are no conditions - closes #161 Ryan Bates 2010-10-04 11:11:14 -07:00
  • 12037d7f43 should not allow to can? when raw sql without block is present Sokolov Yura 2010-09-24 17:15:09 +08:00
  • 1f81b8dd1e use 'send' to access controller current_ability in case it's private Ryan Bates 2010-09-23 11:58:55 -07:00
  • 3391c5a0d7 adding to changelog Ryan Bates 2010-09-21 12:03:16 -07:00
  • c11ffb6fd1 support loading resource :through method along with instance variable - closes #146 Ryan Bates 2010-09-21 11:42:47 -07:00
  • 264e2d2b68 raise AccessDenied error when loading child while parent is nil, pass :shallow => true to bypass Ryan Bates 2010-09-21 11:32:56 -07:00
  • ebef3cc745 consistency addition for ability check on Module Sokolov Yura 2010-09-20 04:39:06 +08:00
  • cef55c95e7 fetch cancan_resource_class through controller class from ControllerResource Ryan Bates 2010-09-16 16:01:58 -07:00
  • 7e0e72276e add specs to sql conditions by not Hash Sokolov Yura 2010-09-13 22:18:06 +08:00
  • ff9a91705b add specs for module definitions Sokolov Yura 2010-09-13 22:10:09 +08:00
  • a0f73fe0f7 fix error Sokolov Yura 2010-09-13 22:09:52 +08:00
  • e2c341b8d3 allow to check ability by common module Sokolov Yura 2010-09-13 22:02:30 +08:00
  • f236b1b5a4 resolve issue 149 Sokolov Yura 2010-09-13 20:15:38 +08:00
  • 0b270f2d0f Use cancan_resource_class for before filters instead of hardcoded ControllerResource class Juan Manuel Barreneche 2010-09-15 04:28:18 +08:00
  • 961df90ecd Controllers which use 'inherit_resources' instead of Inheritance may have inherited_resource's methods protected Juan Manuel Barreneche 2010-09-15 04:27:39 +08:00
  • 4eee637270 adding support for loading through Inherited Resources - closes #23 Ryan Bates 2010-09-09 16:28:00 -07:00
  • a5ff826e40 fix pluralize error on index action when passing resource name - closes #143 again Ryan Bates 2010-09-07 22:10:16 -07:00
  • 9d915457af load the collection instance variable on index action - closes #137 Ryan Bates 2010-09-07 16:25:02 -07:00
  • 158c908d3b adding action and subject variables to I18n unauthorized message - closes #142 Ryan Bates 2010-09-07 15:48:07 -07:00
  • bf9b8ad1a6 filling in some inline documentation for 1.4 Ryan Bates 2010-09-03 16:19:39 -07:00
  • 1af6c6f395 adding check_authorization and skip_authorization controller class methods to ensure authorization is triggered (thanks justinko) - closes #135 Ryan Bates 2010-09-03 14:38:55 -07:00
  • 7c5243321f have params hash override initial attributes when building a new resource Ryan Bates 2010-09-03 14:11:44 -07:00
  • 721939babd cleaning up some internal specs and names Ryan Bates 2010-09-03 14:00:46 -07:00
  • a744377ac9 the new and create actions will now build the resource with attributes based on ability conditions hash - closes #114 Ryan Bates 2010-09-03 11:53:47 -07:00
  • 1be5bf7a57 don't fail if association conditions aren't specified for nested association check Ryan Bates 2010-09-03 11:05:58 -07:00
  • c88cb8f459 passing a hash to can? will check permissions on association, this is done automatically in authorize_resource - closes #121 Ryan Bates 2010-09-03 11:01:55 -07:00
  • 737f8acff5 make it clear in readme that alias_action is an instance method - closes #139 Ryan Bates 2010-09-03 09:30:47 -07:00
  • a5f838a964 use I18n for unauthorization messages - closes #103 Ryan Bates 2010-09-02 17:01:10 -07:00
  • 66314a89f8 support no arguments to 'can' definition which always calls block Ryan Bates 2010-09-02 14:46:38 -07:00
  • b1fb179aaf don't pass action into can block with :manage option - closes #129 Ryan Bates 2010-09-02 14:29:49 -07:00
  • 6105edc6a7 skip block when only class is passed to ability check, also don't pass class to block for :all - closes #116 Ryan Bates 2010-09-02 14:23:00 -07:00
  • 04b523eea4 releasing version 1.3.4 1.3.4 Ryan Bates 2010-08-31 15:46:26 -07:00
  • 5a353c1cba don't stop at cannot definition when checking class - closes #131 Ryan Bates 2010-08-30 15:20:06 -07:00
  • 4fe44af45d be more clear about blocks not working with accessible_by - closes #130 Ryan Bates 2010-08-30 13:40:31 -07:00
  • a10a38c82f releasing version 1.3.3 1.3.3 Ryan Bates 2010-08-20 16:27:25 -07:00
  • caed4fcee5 use RSpec namespace for matcher - closes #119 Ryan Bates 2010-08-18 16:22:43 -07:00
  • e893e12260 fixing broken spec and minor improvements to tableized_conditions method Ryan Bates 2010-08-18 16:04:08 -07:00
  • 3d7742ea43 fix for bug 123 McClain Looney 2010-08-17 09:33:11 -05:00
  • a566ea0f4f releasing version 1.3.2 which fixes slice error when passing custom resource name 1.3.2 Ryan Bates 2010-08-07 08:38:35 -07:00
  • 333ddf1970 properly pass along resource name without slice error - closes #112 Ryan Bates 2010-08-07 08:33:31 -07:00
  • cd74267364 releasing version 1.3.1 with sanitize_sql fix 1.3.1 Ryan Bates 2010-08-06 23:28:51 -07:00
  • f8631dcc93 fixing error on protected sanitize_sql - closes #111 Ryan Bates 2010-08-06 23:24:04 -07:00
  • 7a17586eb3 releasing version 1.3.0 1.3.0 Ryan Bates 2010-08-06 16:00:52 -07:00
  • 13427e18d5 updating readme Ryan Bates 2010-08-06 15:54:25 -07:00
  • 1dccc0252a removing :resource option from rdocs since it's not longer used Ryan Bates 2010-08-06 15:05:24 -07:00
  • 75ce2bdefa allow :parent => false option to work in load/authorize resource Ryan Bates 2010-08-06 14:26:57 -07:00
  • c9e0f4e3ef renaming :singular resource option to :singleton Ryan Bates 2010-08-06 13:06:18 -07:00
  • 7d9e710f05 updating changelog Ryan Bates 2010-08-06 11:42:30 -07:00
  • 236cece3b3 adding :find_by option to load_resource - closes #19 Ryan Bates 2010-08-06 11:18:54 -07:00
  • 84f4c904b7 adding :singular option to support has_one associations in load/authorize resource - closes #93 Ryan Bates 2010-08-06 11:03:10 -07:00
  • 6998e8bdd1 support multiple resources in :through option of load_resource, this makes polymorphic associations possible - closes #73 Ryan Bates 2010-08-06 10:35:42 -07:00
  • 961b8c2477 consider ancestors when matching classes in Ability#can, this way it works with STI - closes #55 Ryan Bates 2010-08-06 10:06:37 -07:00
  • a157b65fbf adding :instance_name option to load/authorize_resource - closes #44 Ryan Bates 2010-08-06 09:35:07 -07:00
  • 47f0aa597e change how params are passed to ControllerResource and use HashWithIndifferentAccess in tests Ryan Bates 2010-08-06 09:24:01 -07:00
  • 67b069579e don't pass nil to 'new' call when no params are specified - closes #63 Ryan Bates 2010-08-05 16:52:37 -07:00
  • 156839b73e only use the :read action when authorizing parent resources Ryan Bates 2010-08-05 16:24:08 -07:00
  • 25a1c553bf adding :through option to replace :nesting option and moving ResourceAuthorization class code into ControllerResource Ryan Bates 2010-08-05 16:12:30 -07:00
  • 8dee01195d improving inline documentation for Query Ryan Bates 2010-07-21 12:16:08 -07:00
  • 5eae169d7b mentioning CanCan contributors in README Ryan Bates 2010-07-21 12:06:28 -07:00
  • 66ff1f2ea3 removing metrics link in readme, farewell Caliper :( Ryan Bates 2010-07-21 12:02:27 -07:00
  • 18dcf2a121 mention Rails 3 installation in README - closes #56 Ryan Bates 2010-07-21 11:59:24 -07:00
  • 9b26f4d767 fixing specs for older versions of ruby and rspec Ryan Bates 2010-07-21 11:56:19 -07:00
  • 25637bb33a removing extra white space at end of lines Ryan Bates 2010-07-21 11:45:26 -07:00
  • c5737f6d28 adding thanks to changelog Ryan Bates 2010-07-20 17:11:05 -07:00
  • 1659f21bb3 updating changelong with support for multiple can calls in accessible_by - closes #71 Ryan Bates 2010-07-20 17:09:46 -07:00
  • ba8cb3cf6d refactoring query.joins Ryan Bates 2010-07-20 17:05:17 -07:00
  • e098ddaacd refactoring query.conditions Ryan Bates 2010-07-20 16:00:22 -07:00
  • 964a4765b1 removing need to pass tableize option around for query conditions Ryan Bates 2010-07-20 13:43:43 -07:00
  • a42e067f3b extracting out Query class for generating sql conditions and association joins Ryan Bates 2010-07-20 13:20:01 -07:00
  • 60848143b7 refactoring can definition matching behavior Ryan Bates 2010-07-20 11:04:03 -07:00
  • 5d8f04363d merging with master and resolving a couple conflicts Ryan Bates 2010-07-19 16:36:01 -07:00
  • cad425989e supporting deeply nested aliases - closes #98 Ryan Bates 2010-07-19 16:03:09 -07:00
  • 1b4377cbf3 releasing version 1.2.0 1.2.0 Ryan Bates 2010-07-19 09:21:14 -07:00
  • 75eb1917f9 add test for single cannot definition Yura Sokolov 2010-05-25 14:28:29 +04:00
  • 5fd793090a fix logic error for single cannot condition - it should return no records Yura Sokolov 2010-05-25 14:09:01 +04:00
  • ac19422a90 add tests for merging conditions and joins Yura Sokolov 2010-05-25 14:02:26 +04:00
  • 9c0346b90b can accept array for sql sanitizing in conditions Yura Sokolov 2010-05-25 14:01:53 +04:00
  • b473d8827f CanDefinition#only_block? Yura Sokolov 2010-05-25 12:23:39 +04:00
  • bcab8d6369 fix error with single cannot condition Yura Sokolov 2010-05-25 12:14:01 +04:00
  • dbc1538054 small refactoring: CanDefinition #definitive? #conditions_empty? Yura Sokolov 2010-05-24 18:15:20 +04:00
  • 46f03013f3 Merge remote branch 'upstream/master' Yura Sokolov 2010-05-24 15:17:10 +04:00
  • 1ade44221a load parent resources for collection actions such 'index' Ryan Bates 2010-05-21 15:22:21 -07:00
  • 2a3dd85a18 adding :name option to load_and_authorize_resource if it does not match controller - closes #65 Ryan Bates 2010-05-21 14:20:45 -07:00
  • dfd84a10ed improving inline documentation Ryan Bates 2010-05-21 13:41:24 -07:00
  • 7543eedd6a fixing issue when using accessible_by with nil can conditions - closes #66 John Allison 2010-05-20 17:06:10 -07:00
  • 605063b974 Make sure conditions on associations are pluralized Logan Raarup 2010-05-11 19:30:28 +08:00
  • 7d7d249182 passing throw matching rules with not matching conditions Sokolov Yura 2010-05-16 22:13:02 +04:00
  • 06296b0a40 support has_many association or arrays in can conditions hash Ryan Bates 2010-04-22 17:39:22 -07:00
  • e20081454f adding joins clause to accessible_by when conditions are across associations Ryan Bates 2010-04-20 17:02:28 -07:00
  • 4da31c0709 can has cheezburger? (thanks Seivan) Ryan Bates 2010-04-20 14:24:26 -07:00
  • 5aa6252df6 removing unused methods and a bit more refactoring Ryan Bates 2010-04-18 00:44:42 -07:00
  • bbbc8a68e0 refactoring much of Ability class into separate CanDefinition class Ryan Bates 2010-04-18 00:11:15 -07:00
  • 232ecd5b4b releasing 1.1.1 which fixes behavior in Rails 3 by properly initializing ResourceAuthorization 1.1.1 Ryan Bates 2010-04-17 14:01:20 -07:00
  • e1652ea424 adding admin namespace wiki page link to readme Ryan Bates 2010-04-17 13:27:01 -07:00
  • b9995c6147 minor changes to readme Ryan Bates 2010-04-17 12:37:32 -07:00
  • ff8c11cfc5 releasing version 1.1, see wiki and changelog for details 1.1 Ryan Bates 2010-04-17 12:06:06 -07:00
  • f1ba76b61b supporting arrays, ranges, and nested hashes in ability conditions Ryan Bates 2010-04-17 11:54:27 -07:00
  • 283f58ee16 improving readme with links to wiki Ryan Bates 2010-04-17 11:45:41 -07:00
  • f46696348e allow access to classes when using hash conditions since you'll generally want to narrow it down with a database query Ryan Bates 2010-04-16 15:56:07 -07:00
  • 8903feee70 removing unauthorized! in favor of authorize! and including more information in AccessDenied exception - closes #40 Ryan Bates 2010-04-16 14:54:18 -07:00