RubyGems - cancancan - Versions diffs - 1.13.1 → 3.1.0 - Mend

cancancan 1.13.1 → 3.1.0

Files changed (73) hide show

checksums.yaml +5 -5
data/cancancan.gemspec +18 -18
data/init.rb +2 -0
data/lib/cancan.rb +9 -11
data/lib/cancan/ability.rb +93 -194
data/lib/cancan/ability/actions.rb +93 -0
data/lib/cancan/ability/rules.rb +93 -0
data/lib/cancan/ability/strong_parameter_support.rb +41 -0
data/lib/cancan/conditions_matcher.rb +106 -0
data/lib/cancan/controller_additions.rb +38 -41
data/lib/cancan/controller_resource.rb +52 -211
data/lib/cancan/controller_resource_builder.rb +26 -0
data/lib/cancan/controller_resource_finder.rb +42 -0
data/lib/cancan/controller_resource_loader.rb +120 -0
data/lib/cancan/controller_resource_name_finder.rb +23 -0
data/lib/cancan/controller_resource_sanitizer.rb +32 -0
data/lib/cancan/exceptions.rb +17 -5
data/lib/cancan/matchers.rb +12 -3
data/lib/cancan/model_adapters/abstract_adapter.rb +10 -8
data/lib/cancan/model_adapters/active_record_4_adapter.rb +39 -13
data/lib/cancan/model_adapters/active_record_5_adapter.rb +68 -0
data/lib/cancan/model_adapters/active_record_adapter.rb +77 -82
data/lib/cancan/model_adapters/conditions_extractor.rb +75 -0
data/lib/cancan/model_adapters/conditions_normalizer.rb +49 -0
data/lib/cancan/model_adapters/default_adapter.rb +2 -0
data/lib/cancan/model_additions.rb +2 -1
data/lib/cancan/parameter_validators.rb +9 -0
data/lib/cancan/relevant.rb +29 -0
data/lib/cancan/rule.rb +76 -105
data/lib/cancan/rules_compressor.rb +23 -0
data/lib/cancan/unauthorized_message_resolver.rb +24 -0
data/lib/cancan/version.rb +3 -1
data/lib/cancancan.rb +2 -0
data/lib/generators/cancan/ability/ability_generator.rb +4 -2
data/lib/generators/cancan/ability/templates/ability.rb +2 -0
metadata +66 -56
data/.gitignore +0 -15
data/.rspec +0 -1
data/.travis.yml +0 -28
data/Appraisals +0 -81
data/CHANGELOG.rdoc +0 -518
data/CONTRIBUTING.md +0 -23
data/Gemfile +0 -3
data/LICENSE +0 -22
data/README.md +0 -214
data/Rakefile +0 -9
data/gemfiles/activerecord_3.2.gemfile +0 -16
data/gemfiles/activerecord_4.0.gemfile +0 -17
data/gemfiles/activerecord_4.1.gemfile +0 -17
data/gemfiles/activerecord_4.2.gemfile +0 -18
data/gemfiles/mongoid_2.x.gemfile +0 -16
data/gemfiles/sequel_3.x.gemfile +0 -16
data/lib/cancan/inherited_resource.rb +0 -20
data/lib/cancan/model_adapters/active_record_3_adapter.rb +0 -16
data/lib/cancan/model_adapters/mongoid_adapter.rb +0 -54
data/lib/cancan/model_adapters/sequel_adapter.rb +0 -87
data/spec/README.rdoc +0 -27
data/spec/cancan/ability_spec.rb +0 -521
data/spec/cancan/controller_additions_spec.rb +0 -141
data/spec/cancan/controller_resource_spec.rb +0 -632
data/spec/cancan/exceptions_spec.rb +0 -58
data/spec/cancan/inherited_resource_spec.rb +0 -71
data/spec/cancan/matchers_spec.rb +0 -29
data/spec/cancan/model_adapters/active_record_4_adapter_spec.rb +0 -85
data/spec/cancan/model_adapters/active_record_adapter_spec.rb +0 -384
data/spec/cancan/model_adapters/default_adapter_spec.rb +0 -7
data/spec/cancan/model_adapters/mongoid_adapter_spec.rb +0 -227
data/spec/cancan/model_adapters/sequel_adapter_spec.rb +0 -132
data/spec/cancan/rule_spec.rb +0 -52
data/spec/matchers.rb +0 -13
data/spec/spec.opts +0 -2
data/spec/spec_helper.rb +0 -27
data/spec/support/ability.rb +0 -7

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module CanCan
-  VERSION = "1.13.1"
+  VERSION = '3.1.0'.freeze
 end

data/lib/cancancan.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'cancan'
 module CanCanCan

data/lib/generators/cancan/ability/ability_generator.rb CHANGED

@@ -1,10 +1,12 @@
+# frozen_string_literal: true
 module Cancan
   module Generators
     class AbilityGenerator < Rails::Generators::Base
-      source_root File.expand_path('../templates', __FILE__)
+      source_root File.expand_path('templates', __dir__)
       def generate_ability
-        copy_file "ability.rb", "app/models/ability.rb"
+        copy_file 'ability.rb', 'app/models/ability.rb'
       end
     end
   end

data/lib/generators/cancan/ability/templates/ability.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 class Ability
   include CanCan::Ability

metadata CHANGED

@@ -1,36 +1,60 @@
 --- !ruby/object:Gem::Specification
 name: cancancan
 version: !ruby/object:Gem::Version
-  version: 1.13.1
+  version: 3.1.0
 platform: ruby
 authors:
+- Alessandro Rodi (Renuo AG)
 - Bryan Rite
 - Ryan Bates
 - Richard Wilson
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-10-08 00:00:00.000000000 Z
+date: 2020-03-15 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: appraisal
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.0.0
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.0.0
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '2.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.1'
+    - - ">="
       - !ruby/object:Gem::Version
         version: 10.1.1
   type: :development
@@ -38,99 +62,87 @@ dependencies:
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.1'
+    - - ">="
       - !ruby/object:Gem::Version
         version: 10.1.1
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: 3.2.0
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: 3.2.0
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
 - !ruby/object:Gem::Dependency
-  name: appraisal
+  name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.0.0
+        version: 0.63.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.0.0
-description: Continuation of the simple authorization solution for Rails which is
-  decoupled from user roles. All permissions are stored in a single location.
-email: r.crawfordwilson@gmail.com
+        version: 0.63.1
+description: Simple authorization solution for Rails. All permissions are stored in
+  a single location.
+email: alessandro.rodi@renuo.ch
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".gitignore"
-- ".rspec"
-- ".travis.yml"
-- Appraisals
-- CHANGELOG.rdoc
-- CONTRIBUTING.md
-- Gemfile
-- LICENSE
-- README.md
-- Rakefile
 - cancancan.gemspec
-- gemfiles/activerecord_3.2.gemfile
-- gemfiles/activerecord_4.0.gemfile
-- gemfiles/activerecord_4.1.gemfile
-- gemfiles/activerecord_4.2.gemfile
-- gemfiles/mongoid_2.x.gemfile
-- gemfiles/sequel_3.x.gemfile
 - init.rb
 - lib/cancan.rb
 - lib/cancan/ability.rb
+- lib/cancan/ability/actions.rb
+- lib/cancan/ability/rules.rb
+- lib/cancan/ability/strong_parameter_support.rb
+- lib/cancan/conditions_matcher.rb
 - lib/cancan/controller_additions.rb
 - lib/cancan/controller_resource.rb
+- lib/cancan/controller_resource_builder.rb
+- lib/cancan/controller_resource_finder.rb
+- lib/cancan/controller_resource_loader.rb
+- lib/cancan/controller_resource_name_finder.rb
+- lib/cancan/controller_resource_sanitizer.rb
 - lib/cancan/exceptions.rb
-- lib/cancan/inherited_resource.rb
 - lib/cancan/matchers.rb
 - lib/cancan/model_adapters/abstract_adapter.rb
-- lib/cancan/model_adapters/active_record_3_adapter.rb
 - lib/cancan/model_adapters/active_record_4_adapter.rb
+- lib/cancan/model_adapters/active_record_5_adapter.rb
 - lib/cancan/model_adapters/active_record_adapter.rb
+- lib/cancan/model_adapters/conditions_extractor.rb
+- lib/cancan/model_adapters/conditions_normalizer.rb
 - lib/cancan/model_adapters/default_adapter.rb
-- lib/cancan/model_adapters/mongoid_adapter.rb
-- lib/cancan/model_adapters/sequel_adapter.rb
 - lib/cancan/model_additions.rb
+- lib/cancan/parameter_validators.rb
+- lib/cancan/relevant.rb
 - lib/cancan/rule.rb
+- lib/cancan/rules_compressor.rb
+- lib/cancan/unauthorized_message_resolver.rb
 - lib/cancan/version.rb
 - lib/cancancan.rb
 - lib/generators/cancan/ability/USAGE
 - lib/generators/cancan/ability/ability_generator.rb
 - lib/generators/cancan/ability/templates/ability.rb
-- spec/README.rdoc
-- spec/cancan/ability_spec.rb
-- spec/cancan/controller_additions_spec.rb
-- spec/cancan/controller_resource_spec.rb
-- spec/cancan/exceptions_spec.rb
-- spec/cancan/inherited_resource_spec.rb
-- spec/cancan/matchers_spec.rb
-- spec/cancan/model_adapters/active_record_4_adapter_spec.rb
-- spec/cancan/model_adapters/active_record_adapter_spec.rb
-- spec/cancan/model_adapters/default_adapter_spec.rb
-- spec/cancan/model_adapters/mongoid_adapter_spec.rb
-- spec/cancan/model_adapters/sequel_adapter_spec.rb
-- spec/cancan/rule_spec.rb
-- spec/matchers.rb
-- spec/spec.opts
-- spec/spec_helper.rb
-- spec/support/ability.rb
 homepage: https://github.com/CanCanCommunity/cancancan
 licenses:
 - MIT
@@ -143,17 +155,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.0.0
+      version: 2.2.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 2.2.3
+rubygems_version: 3.0.6
 signing_key:
 specification_version: 4
 summary: Simple authorization solution for Rails.
-test_files:
-- Appraisals
+test_files: []

data/.gitignore DELETED

@@ -1,15 +0,0 @@
-.DS_Store
-.idea/*
-*.swp
-**/*.swp
-*.gem
-.bundle
-gemfiles/*.lock
-Gemfile.lock
-.rvmrc
-.rbenv-version
-.ruby-version
-.ruby-gemset
-/tmp

data/.rspec DELETED

	@@ -1 +0,0 @@
1	- --color

data/.travis.yml DELETED

@@ -1,28 +0,0 @@
-language: ruby
-cache: bundler
-sudo: false
-rvm:
-  - 2.0.0
-  - 2.1.0
-  - 2.2.0
-  - jruby
-  - rbx
-gemfile:
-  - gemfiles/activerecord_3.2.gemfile
-  - gemfiles/activerecord_4.0.gemfile
-  - gemfiles/activerecord_4.1.gemfile
-  - gemfiles/activerecord_4.2.gemfile
-  - gemfiles/mongoid_2.x.gemfile
-  - gemfiles/sequel_3.x.gemfile
-services:
-  - mongodb
-matrix:
-  fast_finish: true
-  allow_failures:
-    - rvm: rbx
-  exclude:
-    - rvm: 2.2.0
-      gemfile: gemfiles/activerecord_3.2.gemfile
-notifications:
-  recipients:
-    - bryan@bryanrite.com

data/Appraisals DELETED

@@ -1,81 +0,0 @@
-appraise "activerecord_3.2" do
-  gem "activerecord", "~> 3.2.0", :require => "active_record"
-  gemfile.platforms :jruby do
-    gem "activerecord-jdbcsqlite3-adapter"
-    gem "jdbc-sqlite3"
-  end
-  gemfile.platforms :ruby, :mswin, :mingw do
-    gem "sqlite3"
-  end
-end
-appraise "activerecord_4.0" do
-  gem "activerecord", "~> 4.0.5", :require => "active_record"
-  gem "activesupport", "~> 4.0.5", :require => "active_support/all"
-  gemfile.platforms :jruby do
-    gem "activerecord-jdbcsqlite3-adapter"
-    gem "jdbc-sqlite3"
-  end
-  gemfile.platforms :ruby, :mswin, :mingw do
-    gem "sqlite3"
-  end
-end
-appraise "activerecord_4.1" do
-  gem "activerecord", "~> 4.1.1", :require => "active_record"
-  gem "activesupport", "~> 4.1.1", :require => "active_support/all"
-  gemfile.platforms :jruby do
-    gem "activerecord-jdbcsqlite3-adapter"
-    gem "jdbc-sqlite3"
-  end
-  gemfile.platforms :ruby, :mswin, :mingw do
-    gem "sqlite3"
-  end
-end
-appraise "activerecord_4.2" do
-  gem "activerecord", "~> 4.2.0", :require => "active_record"
-  gem 'activesupport', '~> 4.2.0', :require => 'active_support/all'
-  gemfile.platforms :jruby do
-    gem "activerecord-jdbcsqlite3-adapter"
-    gem "jdbc-sqlite3"
-  end
-  gemfile.platforms :ruby, :mswin, :mingw do
-    gem "sqlite3"
-    gem "pg"
-  end
-end
-appraise "mongoid_2.x" do
-  gem "activesupport", "~> 3.0", :require => "active_support/all"
-  gem "mongoid", "~> 2.0.0"
-  gemfile.platforms :ruby, :mswin, :mingw do
-    gem "bson_ext", "~> 1.1"
-  end
-  gemfile.platforms :jruby do
-    gem "mongo", "~> 1.9.2"
-  end
-end
-appraise "sequel_3.x" do
-  gem "sequel", "~> 3.47.0"
-  gem "activesupport", "~> 3.0", :require => "active_support/all"
-  gemfile.platforms :jruby do
-    gem "jdbc-sqlite3"
-  end
-  gemfile.platforms :ruby, :mswin, :mingw do
-    gem "sqlite3"
-  end
-end

data/CHANGELOG.rdoc DELETED

@@ -1,518 +0,0 @@
-Develop
-Unreleased
-1.13.1 (Oct 8th, 2015)
-* Fix #merge with empty Ability (jhawthorn)
-1.13.0 (Oct 7th, 2015)
-* Significantly improve rule lookup time (amarshall)
-* Removed deprecation warnings for RSpec 3.2 (NekoNova)
-1.12.0 (June 28th, 2015)
-* Add a permissions method to Ability (devaroop)
-1.11.0 (June 15th, 2015)
-* Complete cancancan#115 - Specify authorization action for parent resources. (phallguy)
-1.10.1 (January 13th, 2015)
-* Fix cancancan#168 - A bug with ActiveRecord 4.2 support causing ProtocolViolation due to named parameters not being passed in.
-1.10.0 (January 7th, 2015)
-* Fix i18n issue for Ruby < 1.9.3 (bryanrite)
-* Fix cancancan#149 - Fix an issue loading namespaced models (darthjee)
-* Fix cancancan#160 - Support for Rails 4.2 (marshall-lee)
-* Fix cancancan#153 - More useful output in ability spec matchers (jondkinney)
-1.9.2 (August 8th, 2014)
-* Fix cancancan#77, 78 - Fix an issue with associations for namespaced models. (jjp)
-1.9.1 (July 21st, 2014)
-* Fix cancancan#101 - Fixes an issue where overjealous use of references would cause issues with scopes when loading associations. (bryanrite)
-1.9.0 (July 20th, 2014)
-* Fix cancancan#59 - Parameters are automatically detected and santitized for all actions, not just create and update. (bryanrite)
-* Fix cancancan#97, 72, 40, 39, 26 - Support Active Record 4 properly with references on nested permissions. (scpike, tdg5, Crystark)
-1.8.4 (June 24th, 2014)
-* Fix cancancan#86 - Fixes previous RSpec 3 update as there was a bug in the fix for RSpec 2.99. (bryanrite)
-1.8.3 (June 24th, 2014)
-* Fix cancancan#85 - Remove deprecation notices for RSpec 3 and continue backwards compatibility. (andypike, bryanrite, porteta)
-1.8.2 (June 5th, 2014)
-* Fix cancancan#75 - More specific hash-like object check. (bryanrite)
-1.8.1 (May 27th, 2014)
-* Fix cancancan#67 - Sequel tests are run properly for JRuby. (bryanrite)
-* Fix cancancan#68 - Checks for hash-like objects in subject better. (bryanrite)
-1.8.0 (May 8th, 2014)
-* Feature cancan#884 - Add a Sequel model adapter (szetobo)
-* Feature cancancan#3 - Permit "can?" check multiple subjects (cefigueiredo)
-* Feature cancancan#29 - Add ability to use a String that will get instance_eval'd or a Proc that will get called as the parameter method option for strong_parameter santization (svoop)
-* Feature cancancan#48 - Define a CanCanCan module. Even though it is not used, it is standard practice to define the module, and helpful for determining between CanCanCan and CanCan for external libraries.
-1.7.1 (March 19th, 2014)
-* Fix ryanb/cancan#992 - Remove Rails 4 deprecations for scoped (thejchap & hitendrasingh)
-* Fix cancancan#16 - RSpec expectations are not explicitly required in RSpec > 2.13 (justinaiken & bryanrite)
-1.7.0 (February 19th, 2014)
-* Feature #988 Adds support for strong_parameters (bryanrite)
-* Fix #726 - Allow multiple abilities with associations (elabs-dev)
-* Fix #864 - Fix id_param in shallow routes (francocatena)
-* Fix #871 - Fixes nested ability conditions (ricec)
-* Fix #935 - Reduce unnecessary object allocations (grosser)
-* Fix #966 - Fixes a variable name collision in nested conditions (knoopx)
-* Fix #971 - Does not execute "empty?" scope when checking class rule (matt-glover)
-* Fix #974 - Avoid unnecessary sql execution (inkstak)
-1.6.10 (May 7, 2013)
-* fix matches_conditons_hash for string values on 1.8 (thanks rrosen)
-* work around SQL injection vulnerability in older Rails versions (thanks steerio) - issue #800
-* add support for nested join conditions (thanks yuszuv) - issue #806
-* fix load_resource "find_by" in mongoid resources (thanks albertobajo) - issue #705
-* fix namespace split behavior (thanks xinuc) - issue #668
-1.6.9 (February 4, 2013)
-* fix inserting AND (NULL) to end of SQL queries (thanks jonsgreen) - issue #687
-* fix merge_joins for nested association hashes (thanks DavidMikeSimon) - issues #655, #560
-* raise error on recursive alias_action (thanks fl00r) - issue #660
-* fix namespace controllers not loading params (thanks andhapp) - issues #670, #664
-1.6.8 (June 25, 2012)
-* improved support for namespaced controllers and models
-* pass :if and :unless options for load and authorize resource (thanks mauriciozaffari)
-* Travis CI badge (thanks plentz)
-* adding Ability#merge for combining multiple abilities (thanks rogercampos)
-* support for multiple MetaWhere rules (thanks andhapp)
-* various fixes for DataMapper, Mongoid, and Inherited Resource integration
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.7...1.6.8]
-1.6.7 (October 4, 2011)
-* fixing nested resource problem caused by namespace addition - issue #482
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.6...1.6.7]
-1.6.6 (September 28, 2011)
-* correct "return cant jump across threads" error when using check_authorization (thanks codeprimate) - issues #463, #469
-* fixing tests in development by specifying with_model version  (thanks kirkconnell) - issue #476
-* added travis.yml file for TravisCI support (thanks bai) - issue #427
-* better support for namespaced models (thanks whilefalse) - issues #424
-* adding :id_param option to load_and_authorize_resource (thanks skhisma) - issue #425
-* make default unauthorized message translatable text (thanks nhocki) - issue #409
-* improving DataMapper behavior (thanks psanford, maxsum-corin) - issue #410, #373
-* allow :find_by option to be full find method name - issue #335
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.5...1.6.6]
-1.6.5 (May 18, 2011)
-* pass action and subject through AccessDenied exception when :through isn't found - issue #366
-* many Mongoid adapter improvements (thanks rahearn, cardagin) - issues #363, #352, #343
-* allow :through option to work with private controller methods - issue #360
-* ensure Mongoid::Document is defined before loading Mongoid adapter - issue #359
-* many DataMapper adapter improvements (thanks emmanuel) - issue #355
-* handle checking nil attributes through associations (thanks thatothermitch) - issue #330
-* improve scope merging - issue #328
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.4...1.6.5]
-1.6.4 (March 29, 2011)
-* Fixed mongoid 'or' error - see issue #322
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.3...1.6.4]
-1.6.3 (March 25, 2011)
-* Make sure ActiveRecord::Relation is defined before checking conditions against it so Rails 2 is supported again - see issue #312
-* Return subject passed to authorize! - see issue #314
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.2...1.6.3]
-1.6.2 (March 18, 2011)
-* Fixed instance loading when :singleton option is used - see issue #310
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.1...1.6.2]
-1.6.1 (March 15, 2011)
-* Use Item.new instead of build_item for singleton resource so it doesn't effect database - see issue #304
-* Made accessible_by action default to :index and parent action default to :show instead of :read - see issue #302
-* Reverted Inherited Resources "collection" override since it doesn't seem to be working - see issue #305
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.0...1.6.1]
-1.6.0 (March 11, 2011)
-* Added MetaWhere support - see issue #194 and #261
-* Allow Active Record scopes in Ability conditions - see issue #257
-* Added :if and :unless options to check_authorization - see issue #284
-* Several Inherited Resources fixes (thanks aq1018, tanordheim and stefanoverna)
-* Pass action name to accessible_by call when loading a collection (thanks amw)
-* Added :prepend option to load_and_authorize_resource to load before other filters - see issue #290
-* Fixed spacing issue in I18n message for multi-word model names - see issue #292
-* Load resource collection for any action which doesn't have an "id" parameter - see issue #296
-* Raise an exception when trying to make a Ability condition with both a hash of conditions and a block - see issue #269
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.5.1...1.6.0]
-1.5.1 (January 20, 2011)
-* Fixing deeply nested conditions in Active Record adapter - see issue #246
-* Improving Mongoid support for multiple can and cannot definitions (thanks stellard) - see issue #239
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.5.0...1.5.1]
-1.5.0 (January 11, 2011)
-* Added an Ability generator - see issue #170
-* Added DataMapper support (thanks natemueller)
-* Added Mongoid support (thanks bowsersenior)
-* Added skip_load_and_authorize_resource methods to controller class - see issue #164
-* Added support for uncountable resources in index action - see issue #193
-* Cleaned up README and added spec/README
-* Internal: renamed CanDefinition to Rule
-* Internal: added a model adapter layer for easily supporting more ORMs
-* Internal: added .rvmrc to auto-switch to 1.8.7 with gemset - see issue #231
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.4.1...1.5.0]
-1.4.1 (November 12, 2010)
-* Renaming skip_authorization to skip_authorization_check - see issue #169
-* Adding :through_association option to load_resource (thanks hunterae) - see issue #171
-* The :shallow option now works with the :singleton option (thanks nandalopes) - see issue #187
-* Play nicely with quick_scopes gem (thanks ramontayag) - see issue #183
-* Fix odd behavior when "cache_classes = false" (thanks mphalliday) - see issue #174
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.4.0...1.4.1]
-1.4.0 (October 5, 2010)
-* Adding Gemfile; to get specs running just +bundle+ and +rake+ - see issue #163
-* Stop at 'cannot' definition when there are no conditions - see issue #161
-* The :through option will now call a method with that name if instance variable doesn't exist - see issue #146
-* Adding :shallow option to load_resource to bring back old behavior of fetching a child without a parent
-* Raise AccessDenied error when loading a child and parent resource isn't found
-* Abilities defined on a module will apply to anything that includes that module - see issue #150 and #152
-* Abilities can be defined with a string of SQL in addition to a block so accessible_by works with a block - see issue #150
-* Adding better support for InheritedResource - see issue #23
-* Loading the collection instance variable (for index action) using accessible_by - see issue #137
-* Adding action and subject variables to I18n unauthorized message - closes #142
-* Adding check_authorization and skip_authorization controller class methods to ensure authorization is performed (thanks justinko) - see issue #135
-* Setting initial attributes based on ability conditions in new/create actions - see issue #114
-* Check parent attributes for nested association in index action - see issue #121
-* Supporting nesting in can? method using hash - see issue #121
-* Adding I18n support for Access Denied messages (thanks EppO) - see issue #103
-* Passing no arguments to +can+ definition will pass action, class, and object to block - see issue #129
-* Don't pass action to block in +can+ definition when using :+manage+ option - see issue #129
-* No longer calling block in +can+ definition when checking on class - see issue #116
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.4...1.4.0]
-1.3.4 (August 31, 2010)
-* Don't stop at +cannot+ with hash conditions when checking class (thanks tamoya) - see issue #131
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.3...1.3.4]
-1.3.3 (August 20, 2010)
-* Switching to Rspec namespace to remove deprecation warning in Rspec 2 - see issue #119
-* Pluralize nested associations for conditions in accessible_by (thanks mlooney) - see issue #123
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.2...1.3.3]
-1.3.2 (August 7, 2010)
-* Fixing slice error when passing in custom resource name - see issue #112
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.1...1.3.2]
-1.3.1 (August 6, 2010)
-* Fixing protected sanitize_sql error - see issue #111
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.0...1.3.1]
-1.3.0 (August 6, 2010)
-* Adding :find_by option to load_resource - see issue #19
-* Adding :singleton option to load_resource - see issue #93
-* Supporting multiple resources in :through option for polymorphic associations - see issue #73
-* Supporting Single Table Inheritance for "can" comparisons - see issue #55
-* Adding :instance_name option to load/authorize_resource - see issue #44
-* Don't pass nil to "new" to keep MongoMapper happy - see issue #63
-* Parent resources are now authorized with :read action.
-* Changing :resource option in load/authorize_resource back to :class with ability to pass false
-* Removing :nested option in favor of :through option with separate load/authorize call
-* Moving internal logic from ResourceAuthorization to ControllerResource class
-* Supporting multiple "can" and "cannot" calls with accessible_by (thanks funny-falcon) - see issue #71
-* Supporting deeply nested aliases - see issue #98
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.2.0...1.3.0]
-1.2.0 (July 16, 2010)
-* Load nested parent resources on collection actions such as "index" (thanks dohzya)
-* Adding :name option to load_and_authorize_resource if it does not match controller - see issue #65
-* Fixing issue when using accessible_by with nil can conditions (thanks jrallison) - see issue #66
-* Pluralize table name for belongs_to associations in can conditions hash (thanks logandk) - see issue #62
-* Support has_many association or arrays in can conditions hash
-* Adding joins clause to accessible_by when conditions are across associations
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.1.1...1.2.0]
-1.1.1 (April 17, 2010)
-* Fixing behavior in Rails 3 by properly initializing ResourceAuthorization
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.1...1.1.1]
-1.1.0 (April 17, 2010)
-* Supporting arrays, ranges, and nested hashes in ability conditions
-* Removing "unauthorized!" method in favor of "authorize!" in controllers
-* Adding action, subject and default_message abilities to AccessDenied exception - see issue #40
-* Adding caching to current_ability controller method, if you're overriding this be sure to add caching too.
-* Adding "accessible_by" method to Active Record for fetching records matching a specific ability
-* Adding conditions behavior to Ability#can and fetch with Ability#conditions - see issue #53
-* Renaming :class option to :resource for load_and_authorize_resource which now supports a symbol for non models - see issue #45
-* Properly handle Admin::AbilitiesController in params[:controller] - see issue #46
-* Adding be_able_to RSpec matcher (thanks dchelimsky), requires Ruby 1.8.7 or higher - see issue #54
-* Support additional arguments to can? which get passed to the block - see issue #48
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.0.2...1.1]
-1.0.2 (Dec 30, 2009)
-* Adding clear_aliased_actions to Ability which removes previously defined actions including defaults - see issue #20
-* Append aliased actions (don't overwrite them) - see issue #20
-* Adding custom message argument to unauthorized! method (thanks tjwallace) - see issue #18
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.0.1...1.0.2]
-1.0.1 (Dec 14, 2009)
-* Adding :class option to load_resource so one can customize which class to use for the model - see issue #17
-* Don't fetch parent of nested resource if *_id parameter is missing so it works with shallow nested routes - see issue #14
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.0.0...1.0.1]
-1.0.0 (Dec 13, 2009)
-* Don't set resource instance variable if it has been set already - see issue #13
-* Allowing :nested option to accept an array for deep nesting
-* Adding :nested option to load resource method - see issue #10
-* Pass :only and :except options to before filters for load/authorize resource methods.
-* Adding :collection and :new options to load_resource method so we can specify behavior of additional actions if needed.
-* BACKWARDS INCOMPATIBLE: turning load and authorize resource methods into class methods which set up the before filter so they can accept additional arguments.
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/0.2.1...1.0.0]
-0.2.1 (Nov 26, 2009)
-* many internal refactorings - see issues #11 and #12
-* adding "cannot" method to define which abilities cannot be done - see issue #7
-* support custom objects (usually symbols) in can definition - see issue #8
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/0.2.0...0.2.1]
-0.2.0 (Nov 17, 2009)
-* fix behavior of load_and_authorize_resource for namespaced controllers - see issue #3
-* support arrays being passed to "can" to specify multiple actions or classes - see issue #2
-* adding "cannot?" method to ability, controller, and view which is inverse of "can?" - see issue #1
-* BACKWARDS INCOMPATIBLE: use Ability#initialize instead of 'prepare' to set up abilities - see issue #4
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/0.1.0...0.2.0]
-0.1.0 (Nov 16, 2009)
-* initial release