cancan 1.1.0 → 1.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/CHANGELOG.rdoc +5 -0
- data/README.rdoc +5 -4
- data/lib/cancan/resource_authorization.rb +1 -1
- metadata +2 -2
data/CHANGELOG.rdoc
CHANGED
data/README.rdoc
CHANGED
@@ -4,7 +4,7 @@ Wiki[http://wiki.github.com/ryanb/cancan] | RDocs[http://rdoc.info/projects/ryan
|
|
4
4
|
|
5
5
|
CanCan is an authorization solution for Ruby on Rails. This restricts what a given user is allowed to access throughout the application. It is completely decoupled from any role based implementation and focusses on keeping permission logic in a single location (the +Ability+ class) so it is not duplicated across controllers, views, and database queries.
|
6
6
|
|
7
|
-
This assumes you already have authentication (such as Authlogic[http://github.com/binarylogic/authlogic] or Devise[http://github.com/plataformatec/devise])
|
7
|
+
This assumes you already have authentication (such as Authlogic[http://github.com/binarylogic/authlogic] or Devise[http://github.com/plataformatec/devise]) that provides a +current_user+ method which CanCan relies on. See {Changing Defaults}[http://wiki.github.com/ryanb/cancan/changing-defaults] if you need different behavior.
|
8
8
|
|
9
9
|
|
10
10
|
== Installation
|
@@ -51,7 +51,7 @@ The "authorize!" method in the controller will raise an exception if the user is
|
|
51
51
|
authorize! :read, @article
|
52
52
|
end
|
53
53
|
|
54
|
-
Setting this for every action can be tedious, therefore the +load_and_authorize_resource+ method is provided to automatically authorize all actions in a RESTful style resource controller. It will
|
54
|
+
Setting this for every action can be tedious, therefore the +load_and_authorize_resource+ method is provided to automatically authorize all actions in a RESTful style resource controller. It will use a before filter to load the resource into an instance variable and authorize it for each action.
|
55
55
|
|
56
56
|
class ArticlesController < ApplicationController
|
57
57
|
load_and_authorize_resource
|
@@ -63,7 +63,7 @@ Setting this for every action can be tedious, therefore the +load_and_authorize_
|
|
63
63
|
|
64
64
|
See {Authorizing Controller Actions}[http://wiki.github.com/ryanb/cancan/authorizing-controller-actions] for more information
|
65
65
|
|
66
|
-
If the user authorization fails a CanCan::AccessDenied exception will be raised. You can catch this and modify its behavior in the +ApplicationController+.
|
66
|
+
If the user authorization fails, a CanCan::AccessDenied exception will be raised. You can catch this and modify its behavior in the +ApplicationController+.
|
67
67
|
|
68
68
|
class ApplicationController < ActionController::Base
|
69
69
|
rescue_from CanCan::AccessDenied do |exception|
|
@@ -110,7 +110,7 @@ If the block returns true then the user has that :+update+ ability for that proj
|
|
110
110
|
|
111
111
|
== Aliasing Actions
|
112
112
|
|
113
|
-
You will usually be working with four actions when defining and checking permissions: :+read+, :+create+, :+update+, :+destroy+. These aren't the same as the 7 RESTful actions in Rails. CanCan adds some default aliases for mapping those actions.
|
113
|
+
You will usually be working with four actions when defining and checking permissions: :+read+, :+create+, :+update+, :+destroy+. These aren't the same as the 7 RESTful actions in Rails. CanCan automatically adds some default aliases for mapping those actions.
|
114
114
|
|
115
115
|
alias_action :index, :show, :to => :read
|
116
116
|
alias_action :new, :to => :create
|
@@ -139,6 +139,7 @@ See {Fetching Records}[http://wiki.github.com/ryanb/cancan/fetching-records] for
|
|
139
139
|
* {Upgrading to 1.1}[http://wiki.github.com/ryanb/cancan/upgrading-to-11]
|
140
140
|
* {Testing Abilities}[http://wiki.github.com/ryanb/cancan/testing-abilities]
|
141
141
|
* {Accessing Request Data}[http://wiki.github.com/ryanb/cancan/accessing-request-data]
|
142
|
+
* {Admin Namespace}[http://wiki.github.com/ryanb/cancan/admin-namespace]
|
142
143
|
* {See more}[http://wiki.github.com/ryanb/cancan/]
|
143
144
|
|
144
145
|
== Special Thanks
|
@@ -4,7 +4,7 @@ module CanCan
|
|
4
4
|
|
5
5
|
def self.add_before_filter(controller_class, method, options = {})
|
6
6
|
controller_class.before_filter(options.slice(:only, :except)) do |controller|
|
7
|
-
new(controller, controller.params, options.except(:only, :except)).send(method)
|
7
|
+
ResourceAuthorization.new(controller, controller.params, options.except(:only, :except)).send(method)
|
8
8
|
end
|
9
9
|
end
|
10
10
|
|