RubyGems - cancan - Versions diffs - 1.2.0 → 1.3.2 - Mend

cancan 1.2.0 → 1.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (22) hide show

data/CHANGELOG.rdoc +38 -0
data/README.rdoc +14 -9
data/Rakefile +12 -12
data/lib/cancan.rb +1 -1
data/lib/cancan/ability.rb +32 -35
data/lib/cancan/active_record_additions.rb +3 -4
data/lib/cancan/can_definition.rb +37 -47
data/lib/cancan/controller_additions.rb +58 -26
data/lib/cancan/controller_resource.rb +115 -40
data/lib/cancan/query.rb +97 -0
data/spec/cancan/ability_spec.rb +94 -43
data/spec/cancan/active_record_additions_spec.rb +27 -4
data/spec/cancan/can_definition_spec.rb +7 -7
data/spec/cancan/controller_additions_spec.rb +12 -6
data/spec/cancan/controller_resource_spec.rb +218 -26
data/spec/cancan/query_spec.rb +107 -0
data/spec/matchers.rb +13 -0
data/spec/spec.opts +1 -0
data/spec/spec_helper.rb +25 -1
metadata +10 -17
data/lib/cancan/resource_authorization.rb +0 -70
data/spec/cancan/resource_authorization_spec.rb +0 -135

data/spec/matchers.rb ADDED Viewed

@@ -0,0 +1,13 @@
+Spec::Matchers.define :orderlessly_match do |original_string|
+  match do |given_string|
+    original_string.split('').sort == given_string.split('').sort
+  end
+  failure_message_for_should do |given_string|
+    "expected \"#{given_string}\" to have the same characters as \"#{original_string}\""
+  end
+  failure_message_for_should_not do |given_string|
+    "expected \"#{given_string}\" not to have the same characters as \"#{original_string}\""
+  end
+end

data/spec/spec.opts ADDED Viewed

	@@ -0,0 +1 @@
1	+ --color

data/spec/spec_helper.rb CHANGED Viewed

@@ -4,6 +4,7 @@ require 'active_support'
 require 'active_record'
 require 'action_controller'
 require 'action_view'
+require 'matchers'
 require 'cancan'
 require 'cancan/matchers'
@@ -18,6 +19,29 @@ class Ability
   end
 end
-# this class helps out in testing nesting
+# this class helps out in testing SQL conditions
 class Person
+  class << self
+    protected
+    def sanitize_sql(hash_cond)
+      case hash_cond
+      when Hash
+        sanitize_hash(hash_cond).join(' AND ')
+      when Array
+        hash_cond.shift.gsub('?'){"#{hash_cond.shift.inspect}"}
+      when String then hash_cond
+      end
+    end
+    def sanitize_hash(hash)
+      hash.map do |name, value|
+        if Hash === value
+          sanitize_hash(value).map{|cond| "#{name}.#{cond}"}
+        else
+          "#{name}=#{value}"
+        end
+      end.flatten
+    end
+  end
 end

metadata CHANGED Viewed

@@ -1,12 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: cancan
 version: !ruby/object:Gem::Version
-  prerelease: false
-  segments:
-  - 1
-  - 2
-  - 0
-  version: 1.2.0
+  version: 1.3.2
 platform: ruby
 authors:
 - Ryan Bates
@@ -14,11 +9,11 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2010-07-16 00:00:00 -07:00
+date: 2010-08-07 00:00:00 -07:00
 default_executable:
 dependencies: []
-description: Simple authorization solution for Rails which is completely decoupled from the user's roles. All permissions are stored in a single location for convenience.
+description: Simple authorization solution for Rails which is decoupled from user roles. All permissions are stored in a single location.
 email: ryan@railscasts.com
 executables: []
@@ -34,7 +29,7 @@ files:
 - lib/cancan/controller_resource.rb
 - lib/cancan/exceptions.rb
 - lib/cancan/matchers.rb
-- lib/cancan/resource_authorization.rb
+- lib/cancan/query.rb
 - lib/cancan.rb
 - spec/cancan/ability_spec.rb
 - spec/cancan/active_record_additions_spec.rb
@@ -43,7 +38,9 @@ files:
 - spec/cancan/controller_resource_spec.rb
 - spec/cancan/exceptions_spec.rb
 - spec/cancan/matchers_spec.rb
-- spec/cancan/resource_authorization_spec.rb
+- spec/cancan/query_spec.rb
+- spec/matchers.rb
+- spec/spec.opts
 - spec/spec_helper.rb
 - CHANGELOG.rdoc
 - LICENSE
@@ -63,22 +60,18 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      segments:
-      - 0
       version: "0"
+  version:
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      segments:
-      - 1
-      - 3
-      - 4
       version: 1.3.4
+  version:
 requirements: []
 rubyforge_project: cancan
-rubygems_version: 1.3.6
+rubygems_version: 1.3.5
 signing_key:
 specification_version: 3
 summary: Simple authorization solution for Rails.

data/lib/cancan/resource_authorization.rb DELETED Viewed

@@ -1,70 +0,0 @@
-module CanCan
-  # Handle the load and authorization controller logic so we don't clutter up all controllers with non-interface methods.
-  # This class is used internally, so you do not need to call methods directly on it.
-  class ResourceAuthorization # :nodoc:
-    def self.add_before_filter(controller_class, method, options = {})
-      controller_class.before_filter(options.slice(:only, :except)) do |controller|
-        ResourceAuthorization.new(controller, controller.params, options.except(:only, :except)).send(method)
-      end
-    end
-    def initialize(controller, params, options = {})
-      @controller = controller
-      @params = params
-      @options = options
-    end
-    def load_and_authorize_resource
-      load_resource
-      authorize_resource
-    end
-    def load_resource
-      if collection_actions.include? @params[:action].to_sym
-        parent_resource
-      else
-        if new_actions.include? @params[:action].to_sym
-          resource.build(@params[model_name.to_sym])
-        elsif @params[:id]
-          resource.find(@params[:id])
-        end
-      end
-    end
-    def authorize_resource
-      @controller.authorize!(@params[:action].to_sym, resource.model_instance || resource.model_class)
-    end
-    private
-    def resource
-      @resource ||= ControllerResource.new(@controller, model_name, parent_resource, @options)
-    end
-    def parent_resource
-      parent = nil
-      [@options[:nested]].flatten.compact.each do |name|
-        id = @params["#{name}_id".to_sym]
-        if id
-          parent = ControllerResource.new(@controller, name, parent)
-          parent.find(id)
-        else
-          parent = nil
-        end
-      end
-      parent
-    end
-    def model_name
-      @options[:name] || @params[:controller].sub("Controller", "").underscore.split('/').last.singularize
-    end
-    def collection_actions
-      [:index] + [@options[:collection]].flatten
-    end
-    def new_actions
-      [:new, :create] + [@options[:new]].flatten
-    end
-  end
-end

data/spec/cancan/resource_authorization_spec.rb DELETED Viewed

@@ -1,135 +0,0 @@
-require "spec_helper"
-describe CanCan::ResourceAuthorization do
-  before(:each) do
-    @controller = Object.new # simple stub for now
-  end
-  it "should load the resource into an instance variable if params[:id] is specified" do
-    stub(Ability).find(123) { :some_resource }
-    authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "show", :id => 123)
-    authorization.load_resource
-    @controller.instance_variable_get(:@ability).should == :some_resource
-  end
-  it "should properly load resource for namespaced controller" do
-    stub(Ability).find(123) { :some_resource }
-    authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "admin/abilities", :action => "show", :id => 123)
-    authorization.load_resource
-    @controller.instance_variable_get(:@ability).should == :some_resource
-  end
-  it "should properly load resource for namespaced controller when using '::' for namespace" do
-    stub(Ability).find(123) { :some_resource }
-    authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "Admin::AbilitiesController", :action => "show", :id => 123)
-    authorization.load_resource
-    @controller.instance_variable_get(:@ability).should == :some_resource
-  end
-  it "should build a new resource with hash if params[:id] is not specified" do
-    stub(Ability).new(:foo => "bar") { :some_resource }
-    authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "create", :ability => {:foo => "bar"})
-    authorization.load_resource
-    @controller.instance_variable_get(:@ability).should == :some_resource
-  end
-  it "should build a new resource even if attribute hash isn't specified" do
-    stub(Ability).new(nil) { :some_resource }
-    authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "new")
-    authorization.load_resource
-    @controller.instance_variable_get(:@ability).should == :some_resource
-  end
-  it "should not build a resource when on index action" do
-    authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "index")
-    authorization.load_resource
-    @controller.instance_variable_get(:@ability).should be_nil
-  end
-  it "should perform authorization using controller action and loaded model" do
-    @controller.instance_variable_set(:@ability, :some_resource)
-    stub(@controller).authorize!(:show, :some_resource) { raise CanCan::AccessDenied }
-    authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "show")
-    lambda { authorization.authorize_resource }.should raise_error(CanCan::AccessDenied)
-  end
-  it "should perform authorization using controller action and non loaded model" do
-    stub(@controller).authorize!(:show, Ability) { raise CanCan::AccessDenied }
-    authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "show")
-    lambda { authorization.authorize_resource }.should raise_error(CanCan::AccessDenied)
-  end
-  it "should call load_resource and authorize_resource for load_and_authorize_resource" do
-    authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "show")
-    mock(authorization).load_resource
-    mock(authorization).authorize_resource
-    authorization.load_and_authorize_resource
-  end
-  it "should not build a resource when on custom collection action" do
-    authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "sort"}, {:collection => [:sort, :list]})
-    authorization.load_resource
-    @controller.instance_variable_get(:@ability).should be_nil
-  end
-  it "should build a resource when on custom new action even when params[:id] exists" do
-    stub(Ability).new(nil) { :some_resource }
-    authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "build", :id => 123}, {:new => :build})
-    authorization.load_resource
-    @controller.instance_variable_get(:@ability).should == :some_resource
-  end
-  it "should not try to load resource for other action if params[:id] is undefined" do
-    authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "list")
-    authorization.load_resource
-    @controller.instance_variable_get(:@ability).should be_nil
-  end
-  it "should load nested resource and fetch other resource through the association" do
-    person = Object.new
-    stub(Person).find(456) { person }
-    stub(person).abilities.stub!.find(123) { :some_ability }
-    authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "show", :id => 123, :person_id => 456}, {:nested => :person})
-    authorization.load_resource
-    @controller.instance_variable_get(:@person).should == person
-    @controller.instance_variable_get(:@ability).should == :some_ability
-  end
-  it "should load nested resource for collection action" do
-    person = Object.new
-    stub(Person).find(456) { person }
-    authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "index", :person_id => 456}, {:nested => :person})
-    authorization.load_resource
-    @controller.instance_variable_get(:@person).should == person
-  end
-  it "should load nested resource and build resource through a deep association" do
-    stub(Person).find(456).stub!.behaviors.stub!.find(789).stub!.abilities.stub!.build(nil) { :some_ability }
-    authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "new", :person_id => 456, :behavior_id => 789}, {:nested => [:person, :behavior]})
-    authorization.load_resource
-    @controller.instance_variable_get(:@ability).should == :some_ability
-  end
-  it "should not load nested resource and build through this if *_id param isn't specified" do
-    stub(Person).find(456) { :some_person }
-    stub(Ability).new(nil) { :some_ability }
-    authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "new", :person_id => 456}, {:nested => [:person, :behavior]})
-    authorization.load_resource
-    @controller.instance_variable_get(:@person).should == :some_person
-    @controller.instance_variable_get(:@ability).should == :some_ability
-  end
-  it "should load the model using a custom class" do
-    stub(Person).find(123) { :some_resource }
-    authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "show", :id => 123}, {:resource => Person})
-    authorization.load_resource
-    @controller.instance_variable_get(:@ability).should == :some_resource
-  end
-  it "should use :name option to determine resource name" do
-    stub(Ability).find(123) { :some_resource }
-    authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "foo", :action => "show", :id => 123}, {:name => :ability})
-    authorization.load_resource
-    @controller.instance_variable_get(:@ability).should == :some_resource
-  end
-end