382 lines
13 KiB
Plaintext
382 lines
13 KiB
Plaintext
1.6.8 (June 25, 2012)
|
|
|
|
* improved support for namespaced controllers and models
|
|
|
|
* pass :if and :unless options for load and authorize resource (thanks mauriciozaffari)
|
|
|
|
* Travis CI badge (thanks plentz)
|
|
|
|
* adding Ability#merge for combining multiple abilities (thanks rogercampos)
|
|
|
|
* support for multiple MetaWhere rules (thanks andhapp)
|
|
|
|
* various fixes for DataMapper, Mongoid, and Inherited Resource integration
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.7...1.6.8]
|
|
|
|
|
|
1.6.7 (October 4, 2011)
|
|
|
|
* fixing nested resource problem caused by namespace addition - issue #482
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.6...1.6.7]
|
|
|
|
|
|
1.6.6 (September 28, 2011)
|
|
|
|
* correct "return cant jump across threads" error when using check_authorization (thanks codeprimate) - issues #463, #469
|
|
|
|
* fixing tests in development by specifying with_model version (thanks kirkconnell) - issue #476
|
|
|
|
* added travis.yml file for TravisCI support (thanks bai) - issue #427
|
|
|
|
* better support for namespaced models (thanks whilefalse) - issues #424
|
|
|
|
* adding :id_param option to load_and_authorize_resource (thanks skhisma) - issue #425
|
|
|
|
* make default unauthorized message translatable text (thanks nhocki) - issue #409
|
|
|
|
* improving DataMapper behavior (thanks psanford, maxsum-corin) - issue #410, #373
|
|
|
|
* allow :find_by option to be full find method name - issue #335
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.5...1.6.6]
|
|
|
|
|
|
1.6.5 (May 18, 2011)
|
|
|
|
* pass action and subject through AccessDenied exception when :through isn't found - issue #366
|
|
|
|
* many Mongoid adapter improvements (thanks rahearn, cardagin) - issues #363, #352, #343
|
|
|
|
* allow :through option to work with private controller methods - issue #360
|
|
|
|
* ensure Mongoid::Document is defined before loading Mongoid adapter - issue #359
|
|
|
|
* many DataMapper adapter improvements (thanks emmanuel) - issue #355
|
|
|
|
* handle checking nil attributes through associations (thanks thatothermitch) - issue #330
|
|
|
|
* improve scope merging - issue #328
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.4...1.6.5]
|
|
|
|
|
|
1.6.4 (March 29, 2011)
|
|
|
|
* Fixed mongoid 'or' error - see issue #322
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.3...1.6.4]
|
|
|
|
|
|
1.6.3 (March 25, 2011)
|
|
|
|
* Make sure ActiveRecord::Relation is defined before checking conditions against it so Rails 2 is supported again - see issue #312
|
|
|
|
* Return subject passed to authorize! - see issue #314
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.2...1.6.3]
|
|
|
|
|
|
1.6.2 (March 18, 2011)
|
|
|
|
* Fixed instance loading when :singleton option is used - see issue #310
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.1...1.6.2]
|
|
|
|
|
|
1.6.1 (March 15, 2011)
|
|
|
|
* Use Item.new instead of build_item for singleton resource so it doesn't effect database - see issue #304
|
|
|
|
* Made accessible_by action default to :index and parent action default to :show instead of :read - see issue #302
|
|
|
|
* Reverted Inherited Resources "collection" override since it doesn't seem to be working - see issue #305
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.0...1.6.1]
|
|
|
|
|
|
1.6.0 (March 11, 2011)
|
|
|
|
* Added MetaWhere support - see issue #194 and #261
|
|
|
|
* Allow Active Record scopes in Ability conditions - see issue #257
|
|
|
|
* Added :if and :unless options to check_authorization - see issue #284
|
|
|
|
* Several Inherited Resources fixes (thanks aq1018, tanordheim and stefanoverna)
|
|
|
|
* Pass action name to accessible_by call when loading a collection (thanks amw)
|
|
|
|
* Added :prepend option to load_and_authorize_resource to load before other filters - see issue #290
|
|
|
|
* Fixed spacing issue in I18n message for multi-word model names - see issue #292
|
|
|
|
* Load resource collection for any action which doesn't have an "id" parameter - see issue #296
|
|
|
|
* Raise an exception when trying to make a Ability condition with both a hash of conditions and a block - see issue #269
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.5.1...1.6.0]
|
|
|
|
|
|
1.5.1 (January 20, 2011)
|
|
|
|
* Fixing deeply nested conditions in Active Record adapter - see issue #246
|
|
|
|
* Improving Mongoid support for multiple can and cannot definitions (thanks stellard) - see issue #239
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.5.0...1.5.1]
|
|
|
|
|
|
1.5.0 (January 11, 2011)
|
|
|
|
* Added an Ability generator - see issue #170
|
|
|
|
* Added DataMapper support (thanks natemueller)
|
|
|
|
* Added Mongoid support (thanks bowsersenior)
|
|
|
|
* Added skip_load_and_authorize_resource methods to controller class - see issue #164
|
|
|
|
* Added support for uncountable resources in index action - see issue #193
|
|
|
|
* Cleaned up README and added spec/README
|
|
|
|
* Internal: renamed CanDefinition to Rule
|
|
|
|
* Internal: added a model adapter layer for easily supporting more ORMs
|
|
|
|
* Internal: added .rvmrc to auto-switch to 1.8.7 with gemset - see issue #231
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.4.1...1.5.0]
|
|
|
|
|
|
1.4.1 (November 12, 2010)
|
|
|
|
* Renaming skip_authorization to skip_authorization_check - see issue #169
|
|
|
|
* Adding :through_association option to load_resource (thanks hunterae) - see issue #171
|
|
|
|
* The :shallow option now works with the :singleton option (thanks nandalopes) - see issue #187
|
|
|
|
* Play nicely with quick_scopes gem (thanks ramontayag) - see issue #183
|
|
|
|
* Fix odd behavior when "cache_classes = false" (thanks mphalliday) - see issue #174
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.4.0...1.4.1]
|
|
|
|
|
|
1.4.0 (October 5, 2010)
|
|
|
|
* Adding Gemfile; to get specs running just +bundle+ and +rake+ - see issue #163
|
|
|
|
* Stop at 'cannot' definition when there are no conditions - see issue #161
|
|
|
|
* The :through option will now call a method with that name if instance variable doesn't exist - see issue #146
|
|
|
|
* Adding :shallow option to load_resource to bring back old behavior of fetching a child without a parent
|
|
|
|
* Raise AccessDenied error when loading a child and parent resource isn't found
|
|
|
|
* Abilities defined on a module will apply to anything that includes that module - see issue #150 and #152
|
|
|
|
* Abilities can be defined with a string of SQL in addition to a block so accessible_by works with a block - see issue #150
|
|
|
|
* Adding better support for InheritedResource - see issue #23
|
|
|
|
* Loading the collection instance variable (for index action) using accessible_by - see issue #137
|
|
|
|
* Adding action and subject variables to I18n unauthorized message - closes #142
|
|
|
|
* Adding check_authorization and skip_authorization controller class methods to ensure authorization is performed (thanks justinko) - see issue #135
|
|
|
|
* Setting initial attributes based on ability conditions in new/create actions - see issue #114
|
|
|
|
* Check parent attributes for nested association in index action - see issue #121
|
|
|
|
* Supporting nesting in can? method using hash - see issue #121
|
|
|
|
* Adding I18n support for Access Denied messages (thanks EppO) - see issue #103
|
|
|
|
* Passing no arguments to +can+ definition will pass action, class, and object to block - see issue #129
|
|
|
|
* Don't pass action to block in +can+ definition when using :+manage+ option - see issue #129
|
|
|
|
* No longer calling block in +can+ definition when checking on class - see issue #116
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.4...1.4.0]
|
|
|
|
|
|
1.3.4 (August 31, 2010)
|
|
|
|
* Don't stop at +cannot+ with hash conditions when checking class (thanks tamoya) - see issue #131
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.3...1.3.4]
|
|
|
|
|
|
1.3.3 (August 20, 2010)
|
|
|
|
* Switching to Rspec namespace to remove deprecation warning in Rspec 2 - see issue #119
|
|
|
|
* Pluralize nested associations for conditions in accessible_by (thanks mlooney) - see issue #123
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.2...1.3.3]
|
|
|
|
|
|
1.3.2 (August 7, 2010)
|
|
|
|
* Fixing slice error when passing in custom resource name - see issue #112
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.1...1.3.2]
|
|
|
|
|
|
1.3.1 (August 6, 2010)
|
|
|
|
* Fixing protected sanitize_sql error - see issue #111
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.0...1.3.1]
|
|
|
|
|
|
1.3.0 (August 6, 2010)
|
|
|
|
* Adding :find_by option to load_resource - see issue #19
|
|
|
|
* Adding :singleton option to load_resource - see issue #93
|
|
|
|
* Supporting multiple resources in :through option for polymorphic associations - see issue #73
|
|
|
|
* Supporting Single Table Inheritance for "can" comparisons - see issue #55
|
|
|
|
* Adding :instance_name option to load/authorize_resource - see issue #44
|
|
|
|
* Don't pass nil to "new" to keep MongoMapper happy - see issue #63
|
|
|
|
* Parent resources are now authorized with :read action.
|
|
|
|
* Changing :resource option in load/authorize_resource back to :class with ability to pass false
|
|
|
|
* Removing :nested option in favor of :through option with separate load/authorize call
|
|
|
|
* Moving internal logic from ResourceAuthorization to ControllerResource class
|
|
|
|
* Supporting multiple "can" and "cannot" calls with accessible_by (thanks funny-falcon) - see issue #71
|
|
|
|
* Supporting deeply nested aliases - see issue #98
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.2.0...1.3.0]
|
|
|
|
|
|
1.2.0 (July 16, 2010)
|
|
|
|
* Load nested parent resources on collection actions such as "index" (thanks dohzya)
|
|
|
|
* Adding :name option to load_and_authorize_resource if it does not match controller - see issue #65
|
|
|
|
* Fixing issue when using accessible_by with nil can conditions (thanks jrallison) - see issue #66
|
|
|
|
* Pluralize table name for belongs_to associations in can conditions hash (thanks logandk) - see issue #62
|
|
|
|
* Support has_many association or arrays in can conditions hash
|
|
|
|
* Adding joins clause to accessible_by when conditions are across associations
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.1.1...1.2.0]
|
|
|
|
|
|
1.1.1 (April 17, 2010)
|
|
|
|
* Fixing behavior in Rails 3 by properly initializing ResourceAuthorization
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.1...1.1.1]
|
|
|
|
|
|
1.1.0 (April 17, 2010)
|
|
|
|
* Supporting arrays, ranges, and nested hashes in ability conditions
|
|
|
|
* Removing "unauthorized!" method in favor of "authorize!" in controllers
|
|
|
|
* Adding action, subject and default_message abilities to AccessDenied exception - see issue #40
|
|
|
|
* Adding caching to current_ability controller method, if you're overriding this be sure to add caching too.
|
|
|
|
* Adding "accessible_by" method to Active Record for fetching records matching a specific ability
|
|
|
|
* Adding conditions behavior to Ability#can and fetch with Ability#conditions - see issue #53
|
|
|
|
* Renaming :class option to :resource for load_and_authorize_resource which now supports a symbol for non models - see issue #45
|
|
|
|
* Properly handle Admin::AbilitiesController in params[:controller] - see issue #46
|
|
|
|
* Adding be_able_to RSpec matcher (thanks dchelimsky), requires Ruby 1.8.7 or higher - see issue #54
|
|
|
|
* Support additional arguments to can? which get passed to the block - see issue #48
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.0.2...1.1]
|
|
|
|
|
|
1.0.2 (Dec 30, 2009)
|
|
|
|
* Adding clear_aliased_actions to Ability which removes previously defined actions including defaults - see issue #20
|
|
|
|
* Append aliased actions (don't overwrite them) - see issue #20
|
|
|
|
* Adding custom message argument to unauthorized! method (thanks tjwallace) - see issue #18
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.0.1...1.0.2]
|
|
|
|
|
|
1.0.1 (Dec 14, 2009)
|
|
|
|
* Adding :class option to load_resource so one can customize which class to use for the model - see issue #17
|
|
|
|
* Don't fetch parent of nested resource if *_id parameter is missing so it works with shallow nested routes - see issue #14
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.0.0...1.0.1]
|
|
|
|
|
|
1.0.0 (Dec 13, 2009)
|
|
|
|
* Don't set resource instance variable if it has been set already - see issue #13
|
|
|
|
* Allowing :nested option to accept an array for deep nesting
|
|
|
|
* Adding :nested option to load resource method - see issue #10
|
|
|
|
* Pass :only and :except options to before filters for load/authorize resource methods.
|
|
|
|
* Adding :collection and :new options to load_resource method so we can specify behavior of additional actions if needed.
|
|
|
|
* BACKWARDS INCOMPATIBLE: turning load and authorize resource methods into class methods which set up the before filter so they can accept additional arguments.
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/0.2.1...1.0.0]
|
|
|
|
|
|
0.2.1 (Nov 26, 2009)
|
|
|
|
* many internal refactorings - see issues #11 and #12
|
|
|
|
* adding "cannot" method to define which abilities cannot be done - see issue #7
|
|
|
|
* support custom objects (usually symbols) in can definition - see issue #8
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/0.2.0...0.2.1]
|
|
|
|
|
|
0.2.0 (Nov 17, 2009)
|
|
|
|
* fix behavior of load_and_authorize_resource for namespaced controllers - see issue #3
|
|
|
|
* support arrays being passed to "can" to specify multiple actions or classes - see issue #2
|
|
|
|
* adding "cannot?" method to ability, controller, and view which is inverse of "can?" - see issue #1
|
|
|
|
* BACKWARDS INCOMPATIBLE: use Ability#initialize instead of 'prepare' to set up abilities - see issue #4
|
|
|
|
* {see the full list of changes}[https://github.com/ryanb/cancan/compare/0.1.0...0.2.0]
|
|
|
|
|
|
0.1.0 (Nov 16, 2009)
|
|
|
|
* initial release
|