123 lines
4.3 KiB
Plaintext
123 lines
4.3 KiB
Plaintext
* Adding :find_by option to load_resource - see issue #19
|
|
|
|
* Adding :singleton option to load_resource - see issue #93
|
|
|
|
* Supporting multiple resources in :through option for polymorphic
|
|
associations - see issue #73
|
|
|
|
* Supporting Single Table Inheritance for "can" comparisons - see issue #55
|
|
|
|
* Adding :instance_name option to load/authorize_resource - see issue #44
|
|
|
|
* Don't pass nil to "new" to keep MongoMapper happy - see issue #63
|
|
|
|
* Parent resources are now authorized with :read action.
|
|
|
|
* Changing :resource option in load/authorize_resource back to :class with ability to pass false
|
|
|
|
* Removing :nested option in favor of :through option with separate load/authorize call
|
|
|
|
* Moving internal logic from ResourceAuthorization to ControllerResource class
|
|
|
|
* Supporting multiple "can" and "cannot" calls with accessible_by (thanks funny-falcon) - see issue #71
|
|
|
|
* Supporting deeply nested aliases - see issue #98
|
|
|
|
1.2.0 (July 16, 2010)
|
|
|
|
* Load nested parent resources on collection actions such as "index" (thanks dohzya)
|
|
|
|
* Adding :name option to load_and_authorize_resource if it does not match controller - see issue #65
|
|
|
|
* Fixing issue when using accessible_by with nil can conditions (thanks jrallison) - see issue #66
|
|
|
|
* Pluralize table name for belongs_to associations in can conditions hash (thanks logandk) - see issue #62
|
|
|
|
* Support has_many association or arrays in can conditions hash
|
|
|
|
* Adding joins clause to accessible_by when conditions are across associations
|
|
|
|
|
|
1.1.1 (April 17, 2010)
|
|
|
|
* Fixing behavior in Rails 3 by properly initializing ResourceAuthorization
|
|
|
|
|
|
1.1.0 (April 17, 2010)
|
|
|
|
* Supporting arrays, ranges, and nested hashes in ability conditions
|
|
|
|
* Removing "unauthorized!" method in favor of "authorize!" in controllers
|
|
|
|
* Adding action, subject and default_message abilities to AccessDenied exception - see issue #40
|
|
|
|
* Adding caching to current_ability controller method, if you're overriding this be sure to add caching too.
|
|
|
|
* Adding "accessible_by" method to Active Record for fetching records matching a specific ability
|
|
|
|
* Adding conditions behavior to Ability#can and fetch with Ability#conditions - see issue #53
|
|
|
|
* Renaming :class option to :resource for load_and_authorize_resource which now supports a symbol for non models - see issue #45
|
|
|
|
* Properly handle Admin::AbilitiesController in params[:controller] - see issue #46
|
|
|
|
* Adding be_able_to RSpec matcher (thanks dchelimsky), requires Ruby 1.8.7 or higher - see issue #54
|
|
|
|
* Support additional arguments to can? which get passed to the block - see issue #48
|
|
|
|
|
|
1.0.2 (Dec 30, 2009)
|
|
|
|
* Adding clear_aliased_actions to Ability which removes previously defined actions including defaults - see issue #20
|
|
|
|
* Append aliased actions (don't overwrite them) - see issue #20
|
|
|
|
* Adding custom message argument to unauthorized! method (thanks tjwallace) - see issue #18
|
|
|
|
|
|
1.0.1 (Dec 14, 2009)
|
|
|
|
* Adding :class option to load_resource so one can customize which class to use for the model - see issue #17
|
|
|
|
* Don't fetch parent of nested resource if *_id parameter is missing so it works with shallow nested routes - see issue #14
|
|
|
|
|
|
1.0.0 (Dec 13, 2009)
|
|
|
|
* Don't set resource instance variable if it has been set already - see issue #13
|
|
|
|
* Allowing :nested option to accept an array for deep nesting
|
|
|
|
* Adding :nested option to load resource method - see issue #10
|
|
|
|
* Pass :only and :except options to before filters for load/authorize resource methods.
|
|
|
|
* Adding :collection and :new options to load_resource method so we can specify behavior of additional actions if needed.
|
|
|
|
* BACKWARDS INCOMPATIBLE: turning load and authorize resource methods into class methods which set up the before filter so they can accept additional arguments.
|
|
|
|
|
|
0.2.1 (Nov 26, 2009)
|
|
|
|
* many internal refactorings - see issues #11 and #12
|
|
|
|
* adding "cannot" method to define which abilities cannot be done - see issue #7
|
|
|
|
* support custom objects (usually symbols) in can definition - see issue #8
|
|
|
|
|
|
0.2.0 (Nov 17, 2009)
|
|
|
|
* fix behavior of load_and_authorize_resource for namespaced controllers - see issue #3
|
|
|
|
* support arrays being passed to "can" to specify multiple actions or classes - see issue #2
|
|
|
|
* adding "cannot?" method to ability, controller, and view which is inverse of "can?" - see issue #1
|
|
|
|
* BACKWARDS INCOMPATIBLE: use Ability#initialize instead of 'prepare' to set up abilities - see issue #4
|
|
|
|
|
|
0.1.0 (Nov 16, 2009)
|
|
|
|
* initial release
|