cancan 1.6.5 → 1.6.7

data/CHANGELOG.rdoc

@@ -1,3 +1,27 @@
+1.6.7 (October 4, 2011)
+
+* fixing nested resource problem caused by namespace addition - issue #482
+
+
+1.6.6 (September 28, 2011)
+
+* correct "return cant jump across threads" error when using check_authorization (thanks codeprimate) - issues #463, #469
+
+* fixing tests in development by specifying with_model version  (thanks kirkconnell) - issue #476
+
+* added travis.yml file for TravisCI support (thanks bai) - issue #427
+
+* better support for namespaced models (thanks whilefalse) - issues #424
+
+* adding :id_param option to load_and_authorize_resource (thanks skhisma) - issue #425
+
+* make default unauthorized message translatable text (thanks nhocki) - issue #409
+
+* improving DataMapper behavior (thanks psanford, maxsum-corin) - issue #410, #373
+
+* allow :find_by option to be full find method name - issue #335
+
+
 1.6.5 (May 18, 2011)
 
 * pass action and subject through AccessDenied exception when :through isn't found - issue #366
@@ -15,7 +39,6 @@
 * improve scope merging - issue #328
 
 
-
 1.6.4 (March 29, 2011)
 
 * Fixed mongoid 'or' error - see issue #322

data/Gemfile

@@ -3,8 +3,8 @@ source "http://rubygems.org"
 case ENV["MODEL_ADAPTER"]
 when nil, "active_record"
   gem "sqlite3"
-  gem "activerecord", :require => "active_record"
-  gem "with_model"
+  gem "activerecord", '~> 3.0.9', :require => "active_record"
+  gem "with_model", '~> 0.1.5'
   gem "meta_where"
 when "data_mapper"
   gem "dm-core", "~> 1.0.2"

data/lib/cancan/controller_additions.rb

@@ -186,7 +186,7 @@ module CanCan
         skip_authorize_resource(*args)
       end
 
-      # Skip both the loading behavior of CanCan. This is useful when using +load_and_authorize_resource+ but want to
+      # Skip the loading behavior of CanCan. This is useful when using +load_and_authorize_resource+ but want to
       # only do authorization on certain actions. You can pass :only and :except options to specify which actions to
       # skip the effects on. It will apply to all actions by default.
       #
@@ -202,7 +202,7 @@ module CanCan
         cancan_skipper[:load][name] = options
       end
 
-      # Skip both the authorization behavior of CanCan. This is useful when using +load_and_authorize_resource+ but want to
+      # Skip the authorization behavior of CanCan. This is useful when using +load_and_authorize_resource+ but want to
       # only do loading on certain actions. You can pass :only and :except options to specify which actions to
       # skip the effects on. It will apply to all actions by default.
       #
@@ -247,9 +247,9 @@ module CanCan
       #
       def check_authorization(options = {})
         self.after_filter(options.slice(:only, :except)) do |controller|
-          return if controller.instance_variable_defined?(:@_authorized)
-          return if options[:if] && !controller.send(options[:if])
-          return if options[:unless] && controller.send(options[:unless])
+          next if controller.instance_variable_defined?(:@_authorized)
+          next if options[:if] && !controller.send(options[:if])
+          next if options[:unless] && controller.send(options[:unless])
           raise AuthorizationNotPerformed, "This action failed the check_authorization because it does not authorize_resource. Add skip_authorization_check to bypass this check."
         end
       end

data/lib/cancan/controller_resource.rb

@@ -100,20 +100,36 @@ module CanCan
       if @options[:singleton] && parent_resource.respond_to?(name)
         parent_resource.send(name)
       else
-        @options[:find_by] ? resource_base.send("find_by_#{@options[:find_by]}!", id_param) : resource_base.find(id_param)
+        if @options[:find_by]
+          if resource_base.respond_to? "find_by_#{@options[:find_by]}!"
+            resource_base.send("find_by_#{@options[:find_by]}!", id_param)
+          else
+            resource_base.send(@options[:find_by], id_param)
+          end
+        else
+          adapter.find(resource_base, id_param)
+        end
       end
     end
 
+    def adapter
+      ModelAdapters::AbstractAdapter.adapter_class(resource_class)
+    end
+
     def authorization_action
       parent? ? :show : @params[:action].to_sym
     end
 
     def id_param
-      @params[parent? ? :"#{name}_id" : :id]
+      if @options[:id_param]
+        @params[@options[:id_param]]
+      else
+        @params[parent? ? :"#{name}_id" : :id]
+      end
     end
 
     def member_action?
-      new_actions.include?(@params[:action].to_sym) || @options[:singleton] || (@params[:id] && !collection_actions.include?(@params[:action].to_sym))
+      new_actions.include?(@params[:action].to_sym) || @options[:singleton] || ( (@params[:id] || @params[@options[:id_param]]) && !collection_actions.include?(@params[:action].to_sym))
     end
 
     # Returns the class used for this resource. This can be overriden by the :class option.
@@ -122,7 +138,7 @@ module CanCan
     def resource_class
       case @options[:class]
       when false  then name.to_sym
-      when nil    then name.to_s.camelize.constantize
+      when nil    then namespaced_name.to_s.camelize.constantize
       when String then @options[:class].constantize
       else @options[:class]
       end
@@ -191,6 +207,12 @@ module CanCan
       @name || name_from_controller
     end
 
+    def namespaced_name
+      @name || @params[:controller].sub("Controller", "").singularize.camelize.constantize
+    rescue NameError
+      name
+    end
+
     def name_from_controller
       @params[:controller].sub("Controller", "").underscore.split('/').last.singularize
     end

data/lib/cancan/exceptions.rb

@@ -40,7 +40,7 @@ module CanCan
       @message = message
       @action = action
       @subject = subject
-      @default_message = "You are not authorized to access this page."
+      @default_message = I18n.t(:"unauthorized.default", :default => "You are not authorized to access this page.")
     end
 
     def to_s

data/lib/cancan/matchers.rb

@@ -1,5 +1,5 @@
-RSpec = Spec unless defined? RSpec # for RSpec 1 compatability
-RSpec::Matchers.define :be_able_to do |*args|
+rspec_module = defined?(RSpec::Core) ? 'RSpec' : 'Spec'  # for RSpec 1 compatability
+Kernel.const_get(rspec_module)::Matchers.define :be_able_to do |*args|
   match do |ability|
     ability.can?(*args)
   end

data/lib/cancan/model_adapters/abstract_adapter.rb

@@ -15,6 +15,11 @@ module CanCan
         false # override in subclass
       end
 
+      # Override if you need custom find behavior
+      def self.find(model_class, id)
+        model_class.find(id)
+      end
+
       # Used to determine if this model adapter will override the matching behavior for a hash of conditions.
       # If this returns true then matches_conditions_hash? will be called. See Rule#matches_conditions_hash
       def self.override_conditions_hash_matching?(subject, conditions)

data/lib/cancan/model_adapters/data_mapper_adapter.rb

@@ -5,6 +5,10 @@ module CanCan
         model_class <= DataMapper::Resource
       end
 
+      def self.find(model_class, id)
+        model_class.get(id)
+      end
+
       def self.override_conditions_hash_matching?(subject, conditions)
         conditions.any? { |k,v| !k.kind_of?(Symbol) }
       end
@@ -27,6 +31,4 @@ module CanCan
   end # module ModelAdapters
 end # module CanCan
 
-DataMapper::Model.class_eval do
-  include CanCan::ModelAdditions::ClassMethods
-end
+DataMapper::Model.append_extensions(CanCan::ModelAdditions::ClassMethods)

data/spec/cancan/controller_resource_spec.rb

@@ -35,6 +35,18 @@ describe CanCan::ControllerResource do
     @controller.instance_variable_get(:@project).should == project
   end
 
+  it "should attempt to load a resource with the same namespace as the controller when using :: for namespace" do
+    module MyEngine
+      class Project < ::Project; end
+    end
+
+    project = MyEngine::Project.create!
+    @params.merge!(:controller => "MyEngine::ProjectsController", :action => "show", :id => project.id)
+    resource = CanCan::ControllerResource.new(@controller)
+    resource.load_resource
+    @controller.instance_variable_get(:@project).should == project
+  end
+
   it "should properly load resource for namespaced controller when using '::' for namespace" do
     project = Project.create!
     @params.merge!(:controller => "Admin::ProjectsController", :action => "show", :id => project.id)
@@ -185,8 +197,8 @@ describe CanCan::ControllerResource do
 
   it "should load parent resource through proper id parameter" do
     project = Project.create!
-    @params.merge!(:action => "index", :project_id => project.id)
-    resource = CanCan::ControllerResource.new(@controller, :project, :parent => true)
+    @params.merge!(:controller => "categories", :action => "index", :project_id => project.id)
+    resource = CanCan::ControllerResource.new(@controller, :project)
     resource.load_resource
     @controller.instance_variable_get(:@project).should == project
   end
@@ -327,7 +339,15 @@ describe CanCan::ControllerResource do
     lambda { resource.load_and_authorize_resource }.should raise_error(CanCan::AccessDenied)
     @controller.instance_variable_get(:@custom_project).should == project
   end
-
+  
+  it "should load resource using custom ID param" do
+    project = Project.create!
+    @params.merge!(:action => "show", :the_project => project.id)
+    resource = CanCan::ControllerResource.new(@controller, :id_param => :the_project)
+    resource.load_resource
+    @controller.instance_variable_get(:@project).should == project
+  end
+  
   it "should load resource using custom find_by attribute" do
     project = Project.create!(:name => "foo")
     @params.merge!(:action => "show", :id => "foo")
@@ -336,6 +356,14 @@ describe CanCan::ControllerResource do
     @controller.instance_variable_get(:@project).should == project
   end
 
+  it "should allow full find method to be passed into find_by option" do
+    project = Project.create!(:name => "foo")
+    @params.merge!(:action => "show", :id => "foo")
+    resource = CanCan::ControllerResource.new(@controller, :find_by => :find_by_name)
+    resource.load_resource
+    @controller.instance_variable_get(:@project).should == project
+  end
+
   it "should raise ImplementationRemoved when adding :name option" do
     lambda {
       CanCan::ControllerResource.new(@controller, :name => :foo)

data/spec/cancan/exceptions_spec.rb

@@ -32,4 +32,27 @@ describe CanCan::AccessDenied do
       @exception.message.should == "Access denied!"
     end
   end
+  
+  describe "i18n in the default message" do
+    after(:each) do
+      I18n.backend = nil
+    end
+    
+    it "uses i18n for the default message" do
+      I18n.backend.store_translations :en, :unauthorized => {:default => "This is a different message"}
+      @exception = CanCan::AccessDenied.new
+      @exception.message.should == "This is a different message"
+    end
+    
+    it "defaults to a nice message" do
+      @exception = CanCan::AccessDenied.new
+      @exception.message.should == "You are not authorized to access this page."
+    end
+    
+    it "does not use translation if a message is given" do
+      @exception = CanCan::AccessDenied.new("Hey! You're not welcome here")
+      @exception.message.should == "Hey! You're not welcome here"
+      @exception.message.should_not == "You are not authorized to access this page."
+    end
+  end
 end

data/spec/cancan/model_adapters/active_record_adapter_spec.rb

@@ -1,10 +1,6 @@
 if ENV["MODEL_ADAPTER"].nil? || ENV["MODEL_ADAPTER"] == "active_record"
   require "spec_helper"
 
-  RSpec.configure do |config|
-    config.extend WithModel
-  end
-
   ActiveRecord::Base.establish_connection(:adapter => "sqlite3", :database => ":memory:")
 
   describe CanCan::ModelAdapters::ActiveRecordAdapter do
@@ -56,6 +52,11 @@ if ENV["MODEL_ADAPTER"].nil? || ENV["MODEL_ADAPTER"] == "active_record"
       CanCan::ModelAdapters::AbstractAdapter.adapter_class(Article).should == CanCan::ModelAdapters::ActiveRecordAdapter
     end
 
+    it "should find record" do
+      article = Article.create!
+      CanCan::ModelAdapters::ActiveRecordAdapter.find(Article, article.id).should == article
+    end
+
     it "should not fetch any records when no abilities are defined" do
       Article.create!
       Article.accessible_by(@ability).should be_empty

data/spec/cancan/model_adapters/data_mapper_adapter_spec.rb

@@ -36,6 +36,11 @@ if ENV["MODEL_ADAPTER"] == "data_mapper"
       CanCan::ModelAdapters::AbstractAdapter.adapter_class(Article).should == CanCan::ModelAdapters::DataMapperAdapter
     end
 
+    it "should find record" do
+      article = Article.create
+      CanCan::ModelAdapters::DataMapperAdapter.find(Article, article.id).should == article
+    end
+
     it "should not fetch any records when no abilities are defined" do
       Article.create
       Article.accessible_by(@ability).should be_empty

data/spec/cancan/model_adapters/mongoid_adapter_spec.rb

@@ -36,6 +36,11 @@ if ENV["MODEL_ADAPTER"] == "mongoid"
         CanCan::ModelAdapters::AbstractAdapter.adapter_class(MongoidProject).should == CanCan::ModelAdapters::MongoidAdapter
       end
 
+      it "should find record" do
+        project = MongoidProject.create
+        CanCan::ModelAdapters::MongoidAdapter.find(MongoidProject, project.id).should == project
+      end
+
       it "should compare properties on mongoid documents with the conditions hash" do
         model = MongoidProject.new
         @ability.can :read, MongoidProject, :id => model.id

data/spec/spec_helper.rb

@@ -9,11 +9,15 @@ require 'matchers'
 require 'cancan/matchers'
 
 RSpec.configure do |config|
+  config.treat_symbols_as_metadata_keys_with_true_values = true
+  config.filter_run :focus => true
+  config.run_all_when_everything_filtered = true
   config.mock_with :rr
   config.before(:each) do
     Project.delete_all
     Category.delete_all
   end
+  config.extend WithModel
 end
 
 class Ability
@@ -30,4 +34,12 @@ end
 class Project < SuperModel::Base
   belongs_to :category
   attr_accessor :category # why doesn't SuperModel do this automatically?
+
+  def self.respond_to?(method, include_private = false)
+    if method.to_s == "find_by_name!" # hack to simulate ActiveRecord
+      true
+    else
+      super
+    end
+  end
 end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: cancan
 version: !ruby/object:Gem::Version 
-  hash: 5
+  hash: 1
   prerelease: 
   segments: 
   - 1
   - 6
-  - 5
-  version: 1.6.5
+  - 7
+  version: 1.6.7
 platform: ruby
 authors: 
 - Ryan Bates
@@ -15,8 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-05-18 00:00:00 -04:00
-default_executable: 
+date: 2011-10-04 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: rspec
@@ -26,12 +25,12 @@ dependencies:
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
-        hash: 11
+        hash: 23
         segments: 
         - 2
-        - 1
+        - 6
         - 0
-        version: 2.1.0
+        version: 2.6.0
   type: :development
   version_requirements: *id001
 - !ruby/object:Gem::Dependency 
@@ -42,12 +41,12 @@ dependencies:
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
-        hash: 7
+        hash: 21
         segments: 
         - 3
         - 0
-        - 0
-        version: 3.0.0
+        - 9
+        version: 3.0.9
   type: :development
   version_requirements: *id002
 - !ruby/object:Gem::Dependency 
@@ -129,7 +128,6 @@ files:
 - Rakefile
 - README.rdoc
 - init.rb
-has_rdoc: true
 homepage: http://github.com/ryanb/cancan
 licenses: []
 
@@ -161,7 +159,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
 requirements: []
 
 rubyforge_project: cancan
-rubygems_version: 1.5.3
+rubygems_version: 1.8.6
 signing_key: 
 specification_version: 3
 summary: Simple authorization solution for Rails.