cancan 1.2.0 → 1.3.2

data/spec/matchers.rb

@@ -0,0 +1,13 @@
+Spec::Matchers.define :orderlessly_match do |original_string|
+  match do |given_string|
+    original_string.split('').sort == given_string.split('').sort
+  end
+
+  failure_message_for_should do |given_string|
+    "expected \"#{given_string}\" to have the same characters as \"#{original_string}\""
+  end
+
+  failure_message_for_should_not do |given_string|
+    "expected \"#{given_string}\" not to have the same characters as \"#{original_string}\""
+  end
+end

data/spec/spec.opts

@@ -0,0 +1 @@
+--color

data/spec/spec_helper.rb

@@ -4,6 +4,7 @@ require 'active_support'
 require 'active_record'
 require 'action_controller'
 require 'action_view'
+require 'matchers'
 require 'cancan'
 require 'cancan/matchers'
 
@@ -18,6 +19,29 @@ class Ability
   end
 end
 
-# this class helps out in testing nesting
+# this class helps out in testing SQL conditions
 class Person
+  class << self
+    protected
+
+    def sanitize_sql(hash_cond)
+      case hash_cond
+      when Hash
+        sanitize_hash(hash_cond).join(' AND ')
+      when Array
+        hash_cond.shift.gsub('?'){"#{hash_cond.shift.inspect}"}
+      when String then hash_cond
+      end
+    end
+
+    def sanitize_hash(hash)
+      hash.map do |name, value|
+        if Hash === value
+          sanitize_hash(value).map{|cond| "#{name}.#{cond}"}
+        else
+          "#{name}=#{value}"
+        end
+      end.flatten
+    end
+  end
 end

metadata

@@ -1,12 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: cancan
 version: !ruby/object:Gem::Version 
-  prerelease: false
-  segments: 
-  - 1
-  - 2
-  - 0
-  version: 1.2.0
+  version: 1.3.2
 platform: ruby
 authors: 
 - Ryan Bates
@@ -14,11 +9,11 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-07-16 00:00:00 -07:00
+date: 2010-08-07 00:00:00 -07:00
 default_executable: 
 dependencies: []
 
-description: Simple authorization solution for Rails which is completely decoupled from the user's roles. All permissions are stored in a single location for convenience.
+description: Simple authorization solution for Rails which is decoupled from user roles. All permissions are stored in a single location.
 email: ryan@railscasts.com
 executables: []
 
@@ -34,7 +29,7 @@ files:
 - lib/cancan/controller_resource.rb
 - lib/cancan/exceptions.rb
 - lib/cancan/matchers.rb
-- lib/cancan/resource_authorization.rb
+- lib/cancan/query.rb
 - lib/cancan.rb
 - spec/cancan/ability_spec.rb
 - spec/cancan/active_record_additions_spec.rb
@@ -43,7 +38,9 @@ files:
 - spec/cancan/controller_resource_spec.rb
 - spec/cancan/exceptions_spec.rb
 - spec/cancan/matchers_spec.rb
-- spec/cancan/resource_authorization_spec.rb
+- spec/cancan/query_spec.rb
+- spec/matchers.rb
+- spec/spec.opts
 - spec/spec_helper.rb
 - CHANGELOG.rdoc
 - LICENSE
@@ -63,22 +60,18 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
-      segments: 
-      - 0
       version: "0"
+  version: 
 required_rubygems_version: !ruby/object:Gem::Requirement 
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
-      segments: 
-      - 1
-      - 3
-      - 4
       version: 1.3.4
+  version: 
 requirements: []
 
 rubyforge_project: cancan
-rubygems_version: 1.3.6
+rubygems_version: 1.3.5
 signing_key: 
 specification_version: 3
 summary: Simple authorization solution for Rails.

data/lib/cancan/resource_authorization.rb

@@ -1,70 +0,0 @@
-module CanCan
-  # Handle the load and authorization controller logic so we don't clutter up all controllers with non-interface methods.
-  # This class is used internally, so you do not need to call methods directly on it.
-  class ResourceAuthorization # :nodoc:
-    def self.add_before_filter(controller_class, method, options = {})
-      controller_class.before_filter(options.slice(:only, :except)) do |controller|
-        ResourceAuthorization.new(controller, controller.params, options.except(:only, :except)).send(method)
-      end
-    end
-
-    def initialize(controller, params, options = {})
-      @controller = controller
-      @params = params
-      @options = options
-    end
-
-    def load_and_authorize_resource
-      load_resource
-      authorize_resource
-    end
-
-    def load_resource
-      if collection_actions.include? @params[:action].to_sym
-        parent_resource
-      else
-        if new_actions.include? @params[:action].to_sym
-          resource.build(@params[model_name.to_sym])
-        elsif @params[:id]
-          resource.find(@params[:id])
-        end
-      end
-    end
-
-    def authorize_resource
-      @controller.authorize!(@params[:action].to_sym, resource.model_instance || resource.model_class)
-    end
-
-    private
-
-    def resource
-      @resource ||= ControllerResource.new(@controller, model_name, parent_resource, @options)
-    end
-
-    def parent_resource
-      parent = nil
-      [@options[:nested]].flatten.compact.each do |name|
-        id = @params["#{name}_id".to_sym]
-        if id
-          parent = ControllerResource.new(@controller, name, parent)
-          parent.find(id)
-        else
-          parent = nil
-        end
-      end
-      parent
-    end
-
-    def model_name
-      @options[:name] || @params[:controller].sub("Controller", "").underscore.split('/').last.singularize
-    end
-
-    def collection_actions
-      [:index] + [@options[:collection]].flatten
-    end
-
-    def new_actions
-      [:new, :create] + [@options[:new]].flatten
-    end
-  end
-end

data/spec/cancan/resource_authorization_spec.rb

@@ -1,135 +0,0 @@
-require "spec_helper"
-
-describe CanCan::ResourceAuthorization do
-  before(:each) do
-    @controller = Object.new # simple stub for now
-  end
-
-  it "should load the resource into an instance variable if params[:id] is specified" do
-    stub(Ability).find(123) { :some_resource }
-    authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "show", :id => 123)
-    authorization.load_resource
-    @controller.instance_variable_get(:@ability).should == :some_resource
-  end
-
-  it "should properly load resource for namespaced controller" do
-    stub(Ability).find(123) { :some_resource }
-    authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "admin/abilities", :action => "show", :id => 123)
-    authorization.load_resource
-    @controller.instance_variable_get(:@ability).should == :some_resource
-  end
-
-  it "should properly load resource for namespaced controller when using '::' for namespace" do
-    stub(Ability).find(123) { :some_resource }
-    authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "Admin::AbilitiesController", :action => "show", :id => 123)
-    authorization.load_resource
-    @controller.instance_variable_get(:@ability).should == :some_resource
-  end
-
-  it "should build a new resource with hash if params[:id] is not specified" do
-    stub(Ability).new(:foo => "bar") { :some_resource }
-    authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "create", :ability => {:foo => "bar"})
-    authorization.load_resource
-    @controller.instance_variable_get(:@ability).should == :some_resource
-  end
-
-  it "should build a new resource even if attribute hash isn't specified" do
-    stub(Ability).new(nil) { :some_resource }
-    authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "new")
-    authorization.load_resource
-    @controller.instance_variable_get(:@ability).should == :some_resource
-  end
-
-  it "should not build a resource when on index action" do
-    authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "index")
-    authorization.load_resource
-    @controller.instance_variable_get(:@ability).should be_nil
-  end
-
-  it "should perform authorization using controller action and loaded model" do
-    @controller.instance_variable_set(:@ability, :some_resource)
-    stub(@controller).authorize!(:show, :some_resource) { raise CanCan::AccessDenied }
-    authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "show")
-    lambda { authorization.authorize_resource }.should raise_error(CanCan::AccessDenied)
-  end
-
-  it "should perform authorization using controller action and non loaded model" do
-    stub(@controller).authorize!(:show, Ability) { raise CanCan::AccessDenied }
-    authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "show")
-    lambda { authorization.authorize_resource }.should raise_error(CanCan::AccessDenied)
-  end
-
-  it "should call load_resource and authorize_resource for load_and_authorize_resource" do
-    authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "show")
-    mock(authorization).load_resource
-    mock(authorization).authorize_resource
-    authorization.load_and_authorize_resource
-  end
-
-  it "should not build a resource when on custom collection action" do
-    authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "sort"}, {:collection => [:sort, :list]})
-    authorization.load_resource
-    @controller.instance_variable_get(:@ability).should be_nil
-  end
-
-  it "should build a resource when on custom new action even when params[:id] exists" do
-    stub(Ability).new(nil) { :some_resource }
-    authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "build", :id => 123}, {:new => :build})
-    authorization.load_resource
-    @controller.instance_variable_get(:@ability).should == :some_resource
-  end
-
-  it "should not try to load resource for other action if params[:id] is undefined" do
-    authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "list")
-    authorization.load_resource
-    @controller.instance_variable_get(:@ability).should be_nil
-  end
-
-  it "should load nested resource and fetch other resource through the association" do
-    person = Object.new
-    stub(Person).find(456) { person }
-    stub(person).abilities.stub!.find(123) { :some_ability }
-    authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "show", :id => 123, :person_id => 456}, {:nested => :person})
-    authorization.load_resource
-    @controller.instance_variable_get(:@person).should == person
-    @controller.instance_variable_get(:@ability).should == :some_ability
-  end
-
-  it "should load nested resource for collection action" do
-    person = Object.new
-    stub(Person).find(456) { person }
-    authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "index", :person_id => 456}, {:nested => :person})
-    authorization.load_resource
-    @controller.instance_variable_get(:@person).should == person
-  end
-
-  it "should load nested resource and build resource through a deep association" do
-    stub(Person).find(456).stub!.behaviors.stub!.find(789).stub!.abilities.stub!.build(nil) { :some_ability }
-    authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "new", :person_id => 456, :behavior_id => 789}, {:nested => [:person, :behavior]})
-    authorization.load_resource
-    @controller.instance_variable_get(:@ability).should == :some_ability
-  end
-
-  it "should not load nested resource and build through this if *_id param isn't specified" do
-    stub(Person).find(456) { :some_person }
-    stub(Ability).new(nil) { :some_ability }
-    authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "new", :person_id => 456}, {:nested => [:person, :behavior]})
-    authorization.load_resource
-    @controller.instance_variable_get(:@person).should == :some_person
-    @controller.instance_variable_get(:@ability).should == :some_ability
-  end
-
-  it "should load the model using a custom class" do
-    stub(Person).find(123) { :some_resource }
-    authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "abilities", :action => "show", :id => 123}, {:resource => Person})
-    authorization.load_resource
-    @controller.instance_variable_get(:@ability).should == :some_resource
-  end
-
-  it "should use :name option to determine resource name" do
-    stub(Ability).find(123) { :some_resource }
-    authorization = CanCan::ResourceAuthorization.new(@controller, {:controller => "foo", :action => "show", :id => 123}, {:name => :ability})
-    authorization.load_resource
-    @controller.instance_variable_get(:@ability).should == :some_resource
-  end
-end