ae_declarative_authorization 0.7.1 → 0.8.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/Appraisals +31 -21
- data/CHANGELOG +189 -189
- data/Gemfile +7 -7
- data/Gemfile.lock +68 -60
- data/LICENSE.txt +20 -20
- data/README.md +620 -620
- data/README.rdoc +597 -597
- data/Rakefile +35 -33
- data/authorization_rules.dist.rb +20 -20
- data/declarative_authorization.gemspec +24 -24
- data/gemfiles/rails4252.gemfile +10 -10
- data/gemfiles/rails4252.gemfile.lock +126 -0
- data/gemfiles/rails4271.gemfile +10 -10
- data/gemfiles/rails4271.gemfile.lock +126 -0
- data/gemfiles/rails507.gemfile +11 -11
- data/gemfiles/rails507.gemfile.lock +136 -0
- data/gemfiles/rails516.gemfile +11 -0
- data/gemfiles/rails516.gemfile.lock +136 -0
- data/gemfiles/rails521.gemfile +11 -0
- data/gemfiles/rails521.gemfile.lock +144 -0
- data/init.rb +5 -5
- data/lib/declarative_authorization.rb +18 -18
- data/lib/declarative_authorization/authorization.rb +821 -821
- data/lib/declarative_authorization/helper.rb +78 -78
- data/lib/declarative_authorization/in_controller.rb +713 -713
- data/lib/declarative_authorization/in_model.rb +156 -156
- data/lib/declarative_authorization/maintenance.rb +215 -215
- data/lib/declarative_authorization/obligation_scope.rb +348 -345
- data/lib/declarative_authorization/railsengine.rb +5 -5
- data/lib/declarative_authorization/reader.rb +549 -549
- data/lib/declarative_authorization/test/helpers.rb +261 -261
- data/lib/declarative_authorization/version.rb +3 -3
- data/lib/generators/authorization/install/install_generator.rb +77 -77
- data/lib/generators/authorization/rules/rules_generator.rb +13 -13
- data/lib/generators/authorization/rules/templates/authorization_rules.rb +27 -27
- data/lib/tasks/authorization_tasks.rake +89 -89
- data/log/test.log +15246 -0
- data/pkg/ae_declarative_authorization-0.7.1.gem +0 -0
- data/pkg/ae_declarative_authorization-0.8.0.gem +0 -0
- data/test/authorization_test.rb +1121 -1121
- data/test/controller_filter_resource_access_test.rb +573 -573
- data/test/controller_test.rb +478 -478
- data/test/database.yml +3 -3
- data/test/dsl_reader_test.rb +178 -178
- data/test/functional/filter_access_to_with_id_in_scope_test.rb +88 -88
- data/test/functional/no_filter_access_to_test.rb +79 -79
- data/test/functional/params_block_arity_test.rb +39 -39
- data/test/helper_test.rb +248 -248
- data/test/maintenance_test.rb +46 -46
- data/test/model_test.rb +1840 -1840
- data/test/profiles/access_checking +20 -0
- data/test/schema.sql +60 -60
- data/test/test_helper.rb +174 -174
- data/test/test_support/minitest_compatibility.rb +26 -26
- metadata +17 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 8e62642cf9fe998ece4ba143412287594b4a1d2f6e04dbc7f0eaf81a46f618ec
|
4
|
+
data.tar.gz: 1929dd4c3e60164a8ec16031a74e75f72737f0befbb989b5c9f17efc4f210f2c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0a5a7bbc9d574269bd472d9831b160fe5f41749a0353b9141139c956d53424d20c213bc4cd3570cb066e6fc19dde495a05c80f6d0eaaa320ad4536b71ebb8b22
|
7
|
+
data.tar.gz: f7f119805d0ebedabc85b981f0bca3fa11c46e2feebea0a51a114244c3d3bdf2007a8ec0c825d5d4d95b8833c1661d358a4a4c916a5ca7e02667e7dcb7312435
|
data/Appraisals
CHANGED
@@ -1,21 +1,31 @@
|
|
1
|
-
case RUBY_VERSION
|
2
|
-
|
3
|
-
when '2.3.3' then
|
4
|
-
|
5
|
-
appraise 'rails4252' do
|
6
|
-
gem 'rails', '4.2.5.2'
|
7
|
-
end
|
8
|
-
|
9
|
-
appraise 'rails4271' do
|
10
|
-
gem 'rails', '4.2.7.1'
|
11
|
-
end
|
12
|
-
|
13
|
-
appraise 'rails507' do
|
14
|
-
gem 'rails', '5.0.7'
|
15
|
-
gem 'rails-controller-testing'
|
16
|
-
end
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
end
|
1
|
+
case RUBY_VERSION
|
2
|
+
|
3
|
+
when '2.3.3' then
|
4
|
+
|
5
|
+
appraise 'rails4252' do
|
6
|
+
gem 'rails', '4.2.5.2'
|
7
|
+
end
|
8
|
+
|
9
|
+
appraise 'rails4271' do
|
10
|
+
gem 'rails', '4.2.7.1'
|
11
|
+
end
|
12
|
+
|
13
|
+
appraise 'rails507' do
|
14
|
+
gem 'rails', '5.0.7'
|
15
|
+
gem 'rails-controller-testing'
|
16
|
+
end
|
17
|
+
|
18
|
+
appraise 'rails516' do
|
19
|
+
gem 'rails', '5.1.6'
|
20
|
+
gem 'rails-controller-testing'
|
21
|
+
end
|
22
|
+
|
23
|
+
appraise 'rails521' do
|
24
|
+
gem 'rails', '5.2.1'
|
25
|
+
gem 'rails-controller-testing'
|
26
|
+
end
|
27
|
+
|
28
|
+
else
|
29
|
+
raise "Unsupported Ruby version #{RUBY_VERSION}"
|
30
|
+
|
31
|
+
end
|
data/CHANGELOG
CHANGED
@@ -1,189 +1,189 @@
|
|
1
|
-
** RELEASE 0.5.7 (Mar 10, 2013)
|
2
|
-
|
3
|
-
* Ruby 2.0 compatibility [jhawthorn]
|
4
|
-
|
5
|
-
** RELEASE 0.5.6 (Sep 23, 2012)
|
6
|
-
|
7
|
-
* Fix handling of stray object associations [jhawthorn]
|
8
|
-
|
9
|
-
* Improve test infrastructure [jhawthorn]
|
10
|
-
|
11
|
-
* Allow decl_auth to be used without ActiveRecord [bterkuile]
|
12
|
-
|
13
|
-
* Rule reloading in development based on changes [urkle/sb]
|
14
|
-
|
15
|
-
** RELEASE 0.5.5 (Jan 10, 2012)
|
16
|
-
|
17
|
-
* Update of handling of association proxies for Rails 3.2
|
18
|
-
|
19
|
-
** RELEASE 0.5.4 (Nov 30, 2011)
|
20
|
-
|
21
|
-
* Cumulative loading of authorization rules [Damian Curso/sb]
|
22
|
-
|
23
|
-
* Improved used_privileges rake task [urkle]
|
24
|
-
|
25
|
-
* Performance improvements [John Hawthorn]
|
26
|
-
|
27
|
-
** RELEASE 0.5.3 (May 25, 2011)
|
28
|
-
|
29
|
-
* Bugfixes and documentation cleanup
|
30
|
-
|
31
|
-
* Rails 3.1.rc1 compatibility [sb]
|
32
|
-
|
33
|
-
* Added has_any_role?, has_any_role_with_hierarchy? [t.pickett66]
|
34
|
-
|
35
|
-
* Allow changing the default role [dbloete]
|
36
|
-
|
37
|
-
** RELEASE 0.5.2 (Dec 31, 2010) **
|
38
|
-
|
39
|
-
* Bugfixes and documentation updates
|
40
|
-
|
41
|
-
** RELEASE 0.5.1 (Sep 12, 2010) **
|
42
|
-
|
43
|
-
** RELEASE 0.5 (July 21, 2010) **
|
44
|
-
|
45
|
-
* Ruby 1.9.2 compatibility [sb]
|
46
|
-
|
47
|
-
* Comparisons in authorization roles: lt, lte, gt, gte [aepstein,hollownest]
|
48
|
-
|
49
|
-
* DSL optimization: allow array being passed to to
|
50
|
-
|
51
|
-
* Omnipotent roles [timcharper]
|
52
|
-
|
53
|
-
* Meaningful error in case of missing authorization rules file [timcharper]
|
54
|
-
|
55
|
-
* Rails 3 support [sb]
|
56
|
-
|
57
|
-
* Support shallow nested resources [jjb]
|
58
|
-
|
59
|
-
* Allow multiple authorization rules files [kaichen]
|
60
|
-
|
61
|
-
** RELEASE 0.4 (November 15, 2009) **
|
62
|
-
|
63
|
-
* Implemented controller namespace handling [sb]
|
64
|
-
|
65
|
-
* Improved if_attribute to allow nesting of has_many associations [sb]
|
66
|
-
|
67
|
-
* Improved if_permitted_to: allow has_many associations and improved context inference [sb]
|
68
|
-
|
69
|
-
* Added option on handling non-existant auto-loaded object [sb]
|
70
|
-
|
71
|
-
* Added with_user as module method [sb]
|
72
|
-
|
73
|
-
* Change support i18n [sb]
|
74
|
-
|
75
|
-
** RELEASE 0.3.2.3 (October 12, 2009) **
|
76
|
-
|
77
|
-
* Switched to gemcutter [sb]
|
78
|
-
|
79
|
-
* Fixed has_role? for guest user. Closes #8 [sb]
|
80
|
-
|
81
|
-
* Fixed unnecessary DB query with named scopes [sb, ledermann]
|
82
|
-
|
83
|
-
* Change support: suggestions: grouping, sorting by affected users [sb]
|
84
|
-
|
85
|
-
* Fixed context inference from AR objects for STI by switching to #class.name.tableize [sb]
|
86
|
-
|
87
|
-
* Allow multiple contexts as arguments to has_permission_on [Jeroen van Dijk]
|
88
|
-
|
89
|
-
** RELEASE 0.3.2.2 (August 27, 2009) **
|
90
|
-
|
91
|
-
* Fix without_access_control test cases [sb]
|
92
|
-
|
93
|
-
* Fixed error on debug logging (Closes #6) [sb]
|
94
|
-
|
95
|
-
* Fixed without_access_control instance method in TestHelper [sb]
|
96
|
-
|
97
|
-
** RELEASE 0.3.2.1 (August 14, 2009) **
|
98
|
-
|
99
|
-
* Fix gemspec for Rdoc generation [sb]
|
100
|
-
|
101
|
-
** RELEASE 0.3.2 (August 13, 2009) **
|
102
|
-
|
103
|
-
* Fix for model-level permitted_to?/! [sb]
|
104
|
-
|
105
|
-
** RELEASE 0.3.1 (August 12, 2009) **
|
106
|
-
|
107
|
-
* Change Support: Suggestion grouping, sort by affected users [sb]
|
108
|
-
|
109
|
-
* Changed context derived from objects to #class.name.tableize to fix STI [sb]
|
110
|
-
|
111
|
-
* Simplified controller authorization with filter_resource_access [sb]
|
112
|
-
|
113
|
-
* Allow passing explicit context in addition to object in permitted_to? [Olly Lylo, sb]
|
114
|
-
|
115
|
-
* Change Supporter: suggest changes to authorization rules [sb]
|
116
|
-
|
117
|
-
* Added permitted_to!/? in model [Eike Carls]
|
118
|
-
|
119
|
-
* New test helper: should_(not_)_be_allowed_to(privilege, object_or_context) [sb]
|
120
|
-
|
121
|
-
** RELEASE 0.3 (April 20, 2009) **
|
122
|
-
|
123
|
-
* New option :join_by for has_permission_on to allow AND'ing of statements in one has_permission_on block [sb]
|
124
|
-
|
125
|
-
* Allow using_access_control to be called directly on ActiveRecord::Base, globally enabling model security [sb]
|
126
|
-
|
127
|
-
* New operator: intersects_with, comparing two Enumerables in if_attribute [sb]
|
128
|
-
|
129
|
-
* Improved if_permitted_to syntax: if the attribute is left out, permissions are checked on for the current object [sb]
|
130
|
-
|
131
|
-
* Added #has_role_with_hierarchy? method to retrieve explicit and calculated roles [jeremyf]
|
132
|
-
|
133
|
-
* Added a simple rules analyzer to help improve authorization rules [sb]
|
134
|
-
|
135
|
-
* Gemified plugin. Needed to restructure the lib path contents [sb]
|
136
|
-
|
137
|
-
* Added handling of Authorization::AuthorizationInController::ClassMethods.filter_access_to parameters that are of the form [:show, :update] instead of just :show, :update. [jeremyf]
|
138
|
-
|
139
|
-
* Added authorization usage helper for checking filter_access_to usage in controllers [sb]
|
140
|
-
|
141
|
-
* Added a authorization rules browser. See README for more information [sb]
|
142
|
-
|
143
|
-
* Added Model.using_access_control? to check if a model has model security activated [sb]
|
144
|
-
|
145
|
-
* Changed Authorization::ObligationScope#map_table_alias_for [Brian Langenfeld]
|
146
|
-
* Fixed to prevent bad aliases from being produced.
|
147
|
-
|
148
|
-
* Changed Authorization::Attribute#validate? [Brian Langenfeld]
|
149
|
-
* Encountering a nil value when evaluating an attribute now raises a NilAttributeValueError, instead of an AuthorizationError. We leave it to the caller to decide what to do about it.
|
150
|
-
|
151
|
-
* Changed Authorization::Engine#permit! [Brian Langenfeld]
|
152
|
-
* We now convert incoming privileges to symbols (e.g. 'read' is made equivalent to :read). This ensures the privileges will match those defined in the authorization rules file.
|
153
|
-
* The method now properly infers context when checking against an association (e.g. user.posts). We do this by leveraging ActiveRecord builder method 'new' to instantiate a proper object we can work with.
|
154
|
-
* When testing rules for positive results (via Authorization::Attribute#validate?), we now rescue NilAttributeValueError exceptions, simply causing the rule to return a negative result (instead of barfing).
|
155
|
-
|
156
|
-
* Changed Authorization::ObligationScope#rebuild_join_options! [Brian Langenfeld]
|
157
|
-
* If we're dealing with multiple obligations we have to check (i.e. ones that result in OR'd conditions), we now use :include instead of :joins for our generated scope. This does seem like a kludge, but until ActiveRecord scopes support unions (for checking obligations individually and consolidating the results), we don't have much choice. Something to revisit later, for sure.
|
158
|
-
|
159
|
-
** RELEASE 0.2 (February 2, 2009) **
|
160
|
-
|
161
|
-
* added negative operators: is_not, not_in, does_not_contain [sb]
|
162
|
-
|
163
|
-
* changed user.roles to user.role_symbols to reduce interferance with associations [sb]
|
164
|
-
|
165
|
-
* Ruby 1.9 and Rails 2.3 compatibility [sb]
|
166
|
-
|
167
|
-
* if_permitted_to for has_permission_on blocks for DRYer auth rules [sb]
|
168
|
-
|
169
|
-
* ObligationScope rewrite of query rewriting [Brian Langenfeld]
|
170
|
-
|
171
|
-
* changed exception hierarchy to begin at StandardError [sb]
|
172
|
-
|
173
|
-
* :is_in operator [sb]
|
174
|
-
|
175
|
-
* added has_role? helper [sb]
|
176
|
-
|
177
|
-
* made plugin thread-safe [sb]
|
178
|
-
|
179
|
-
* added maintenance and test helpers [sb]
|
180
|
-
|
181
|
-
* changed default permission denied response to 403 Forbidden [sb]
|
182
|
-
|
183
|
-
* descriptions for titles and roles [sb]
|
184
|
-
|
185
|
-
* fixed for PostgreSQL [Mark Mansour]
|
186
|
-
|
187
|
-
* improved DSL syntax: allow for array of contexts in has_permission_on [sb]
|
188
|
-
|
189
|
-
** RELEASE 0.1 (August 22, 2008) **
|
1
|
+
** RELEASE 0.5.7 (Mar 10, 2013)
|
2
|
+
|
3
|
+
* Ruby 2.0 compatibility [jhawthorn]
|
4
|
+
|
5
|
+
** RELEASE 0.5.6 (Sep 23, 2012)
|
6
|
+
|
7
|
+
* Fix handling of stray object associations [jhawthorn]
|
8
|
+
|
9
|
+
* Improve test infrastructure [jhawthorn]
|
10
|
+
|
11
|
+
* Allow decl_auth to be used without ActiveRecord [bterkuile]
|
12
|
+
|
13
|
+
* Rule reloading in development based on changes [urkle/sb]
|
14
|
+
|
15
|
+
** RELEASE 0.5.5 (Jan 10, 2012)
|
16
|
+
|
17
|
+
* Update of handling of association proxies for Rails 3.2
|
18
|
+
|
19
|
+
** RELEASE 0.5.4 (Nov 30, 2011)
|
20
|
+
|
21
|
+
* Cumulative loading of authorization rules [Damian Curso/sb]
|
22
|
+
|
23
|
+
* Improved used_privileges rake task [urkle]
|
24
|
+
|
25
|
+
* Performance improvements [John Hawthorn]
|
26
|
+
|
27
|
+
** RELEASE 0.5.3 (May 25, 2011)
|
28
|
+
|
29
|
+
* Bugfixes and documentation cleanup
|
30
|
+
|
31
|
+
* Rails 3.1.rc1 compatibility [sb]
|
32
|
+
|
33
|
+
* Added has_any_role?, has_any_role_with_hierarchy? [t.pickett66]
|
34
|
+
|
35
|
+
* Allow changing the default role [dbloete]
|
36
|
+
|
37
|
+
** RELEASE 0.5.2 (Dec 31, 2010) **
|
38
|
+
|
39
|
+
* Bugfixes and documentation updates
|
40
|
+
|
41
|
+
** RELEASE 0.5.1 (Sep 12, 2010) **
|
42
|
+
|
43
|
+
** RELEASE 0.5 (July 21, 2010) **
|
44
|
+
|
45
|
+
* Ruby 1.9.2 compatibility [sb]
|
46
|
+
|
47
|
+
* Comparisons in authorization roles: lt, lte, gt, gte [aepstein,hollownest]
|
48
|
+
|
49
|
+
* DSL optimization: allow array being passed to to
|
50
|
+
|
51
|
+
* Omnipotent roles [timcharper]
|
52
|
+
|
53
|
+
* Meaningful error in case of missing authorization rules file [timcharper]
|
54
|
+
|
55
|
+
* Rails 3 support [sb]
|
56
|
+
|
57
|
+
* Support shallow nested resources [jjb]
|
58
|
+
|
59
|
+
* Allow multiple authorization rules files [kaichen]
|
60
|
+
|
61
|
+
** RELEASE 0.4 (November 15, 2009) **
|
62
|
+
|
63
|
+
* Implemented controller namespace handling [sb]
|
64
|
+
|
65
|
+
* Improved if_attribute to allow nesting of has_many associations [sb]
|
66
|
+
|
67
|
+
* Improved if_permitted_to: allow has_many associations and improved context inference [sb]
|
68
|
+
|
69
|
+
* Added option on handling non-existant auto-loaded object [sb]
|
70
|
+
|
71
|
+
* Added with_user as module method [sb]
|
72
|
+
|
73
|
+
* Change support i18n [sb]
|
74
|
+
|
75
|
+
** RELEASE 0.3.2.3 (October 12, 2009) **
|
76
|
+
|
77
|
+
* Switched to gemcutter [sb]
|
78
|
+
|
79
|
+
* Fixed has_role? for guest user. Closes #8 [sb]
|
80
|
+
|
81
|
+
* Fixed unnecessary DB query with named scopes [sb, ledermann]
|
82
|
+
|
83
|
+
* Change support: suggestions: grouping, sorting by affected users [sb]
|
84
|
+
|
85
|
+
* Fixed context inference from AR objects for STI by switching to #class.name.tableize [sb]
|
86
|
+
|
87
|
+
* Allow multiple contexts as arguments to has_permission_on [Jeroen van Dijk]
|
88
|
+
|
89
|
+
** RELEASE 0.3.2.2 (August 27, 2009) **
|
90
|
+
|
91
|
+
* Fix without_access_control test cases [sb]
|
92
|
+
|
93
|
+
* Fixed error on debug logging (Closes #6) [sb]
|
94
|
+
|
95
|
+
* Fixed without_access_control instance method in TestHelper [sb]
|
96
|
+
|
97
|
+
** RELEASE 0.3.2.1 (August 14, 2009) **
|
98
|
+
|
99
|
+
* Fix gemspec for Rdoc generation [sb]
|
100
|
+
|
101
|
+
** RELEASE 0.3.2 (August 13, 2009) **
|
102
|
+
|
103
|
+
* Fix for model-level permitted_to?/! [sb]
|
104
|
+
|
105
|
+
** RELEASE 0.3.1 (August 12, 2009) **
|
106
|
+
|
107
|
+
* Change Support: Suggestion grouping, sort by affected users [sb]
|
108
|
+
|
109
|
+
* Changed context derived from objects to #class.name.tableize to fix STI [sb]
|
110
|
+
|
111
|
+
* Simplified controller authorization with filter_resource_access [sb]
|
112
|
+
|
113
|
+
* Allow passing explicit context in addition to object in permitted_to? [Olly Lylo, sb]
|
114
|
+
|
115
|
+
* Change Supporter: suggest changes to authorization rules [sb]
|
116
|
+
|
117
|
+
* Added permitted_to!/? in model [Eike Carls]
|
118
|
+
|
119
|
+
* New test helper: should_(not_)_be_allowed_to(privilege, object_or_context) [sb]
|
120
|
+
|
121
|
+
** RELEASE 0.3 (April 20, 2009) **
|
122
|
+
|
123
|
+
* New option :join_by for has_permission_on to allow AND'ing of statements in one has_permission_on block [sb]
|
124
|
+
|
125
|
+
* Allow using_access_control to be called directly on ActiveRecord::Base, globally enabling model security [sb]
|
126
|
+
|
127
|
+
* New operator: intersects_with, comparing two Enumerables in if_attribute [sb]
|
128
|
+
|
129
|
+
* Improved if_permitted_to syntax: if the attribute is left out, permissions are checked on for the current object [sb]
|
130
|
+
|
131
|
+
* Added #has_role_with_hierarchy? method to retrieve explicit and calculated roles [jeremyf]
|
132
|
+
|
133
|
+
* Added a simple rules analyzer to help improve authorization rules [sb]
|
134
|
+
|
135
|
+
* Gemified plugin. Needed to restructure the lib path contents [sb]
|
136
|
+
|
137
|
+
* Added handling of Authorization::AuthorizationInController::ClassMethods.filter_access_to parameters that are of the form [:show, :update] instead of just :show, :update. [jeremyf]
|
138
|
+
|
139
|
+
* Added authorization usage helper for checking filter_access_to usage in controllers [sb]
|
140
|
+
|
141
|
+
* Added a authorization rules browser. See README for more information [sb]
|
142
|
+
|
143
|
+
* Added Model.using_access_control? to check if a model has model security activated [sb]
|
144
|
+
|
145
|
+
* Changed Authorization::ObligationScope#map_table_alias_for [Brian Langenfeld]
|
146
|
+
* Fixed to prevent bad aliases from being produced.
|
147
|
+
|
148
|
+
* Changed Authorization::Attribute#validate? [Brian Langenfeld]
|
149
|
+
* Encountering a nil value when evaluating an attribute now raises a NilAttributeValueError, instead of an AuthorizationError. We leave it to the caller to decide what to do about it.
|
150
|
+
|
151
|
+
* Changed Authorization::Engine#permit! [Brian Langenfeld]
|
152
|
+
* We now convert incoming privileges to symbols (e.g. 'read' is made equivalent to :read). This ensures the privileges will match those defined in the authorization rules file.
|
153
|
+
* The method now properly infers context when checking against an association (e.g. user.posts). We do this by leveraging ActiveRecord builder method 'new' to instantiate a proper object we can work with.
|
154
|
+
* When testing rules for positive results (via Authorization::Attribute#validate?), we now rescue NilAttributeValueError exceptions, simply causing the rule to return a negative result (instead of barfing).
|
155
|
+
|
156
|
+
* Changed Authorization::ObligationScope#rebuild_join_options! [Brian Langenfeld]
|
157
|
+
* If we're dealing with multiple obligations we have to check (i.e. ones that result in OR'd conditions), we now use :include instead of :joins for our generated scope. This does seem like a kludge, but until ActiveRecord scopes support unions (for checking obligations individually and consolidating the results), we don't have much choice. Something to revisit later, for sure.
|
158
|
+
|
159
|
+
** RELEASE 0.2 (February 2, 2009) **
|
160
|
+
|
161
|
+
* added negative operators: is_not, not_in, does_not_contain [sb]
|
162
|
+
|
163
|
+
* changed user.roles to user.role_symbols to reduce interferance with associations [sb]
|
164
|
+
|
165
|
+
* Ruby 1.9 and Rails 2.3 compatibility [sb]
|
166
|
+
|
167
|
+
* if_permitted_to for has_permission_on blocks for DRYer auth rules [sb]
|
168
|
+
|
169
|
+
* ObligationScope rewrite of query rewriting [Brian Langenfeld]
|
170
|
+
|
171
|
+
* changed exception hierarchy to begin at StandardError [sb]
|
172
|
+
|
173
|
+
* :is_in operator [sb]
|
174
|
+
|
175
|
+
* added has_role? helper [sb]
|
176
|
+
|
177
|
+
* made plugin thread-safe [sb]
|
178
|
+
|
179
|
+
* added maintenance and test helpers [sb]
|
180
|
+
|
181
|
+
* changed default permission denied response to 403 Forbidden [sb]
|
182
|
+
|
183
|
+
* descriptions for titles and roles [sb]
|
184
|
+
|
185
|
+
* fixed for PostgreSQL [Mark Mansour]
|
186
|
+
|
187
|
+
* improved DSL syntax: allow for array of contexts in has_permission_on [sb]
|
188
|
+
|
189
|
+
** RELEASE 0.1 (August 22, 2008) **
|
data/Gemfile
CHANGED
@@ -1,7 +1,7 @@
|
|
1
|
-
source 'http://rubygems.org'
|
2
|
-
|
3
|
-
gemspec
|
4
|
-
|
5
|
-
gem 'appraisal', '~> 2.1'
|
6
|
-
gem 'mocha', '~> 1.0', require: false
|
7
|
-
gem 'sqlite3'
|
1
|
+
source 'http://rubygems.org'
|
2
|
+
|
3
|
+
gemspec
|
4
|
+
|
5
|
+
gem 'appraisal', '~> 2.1'
|
6
|
+
gem 'mocha', '~> 1.0', require: false
|
7
|
+
gem 'sqlite3'
|