cancancan 1.15.0 → 3.1.0

data/lib/cancan/version.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module CanCan
-  VERSION = "1.15.0"
+  VERSION = '3.1.0'.freeze
 end

data/lib/cancancan.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'cancan'
 
 module CanCanCan

data/lib/generators/cancan/ability/ability_generator.rb

@@ -1,10 +1,12 @@
+# frozen_string_literal: true
+
 module Cancan
   module Generators
     class AbilityGenerator < Rails::Generators::Base
-      source_root File.expand_path('../templates', __FILE__)
+      source_root File.expand_path('templates', __dir__)
 
       def generate_ability
-        copy_file "ability.rb", "app/models/ability.rb"
+        copy_file 'ability.rb', 'app/models/ability.rb'
       end
     end
   end

data/lib/generators/cancan/ability/templates/ability.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class Ability
   include CanCan::Ability
 

metadata

@@ -1,36 +1,60 @@
 --- !ruby/object:Gem::Specification
 name: cancancan
 version: !ruby/object:Gem::Version
-  version: 1.15.0
+  version: 3.1.0
 platform: ruby
 authors:
+- Alessandro Rodi (Renuo AG)
 - Bryan Rite
 - Ryan Bates
 - Richard Wilson
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-06-13 00:00:00.000000000 Z
+date: 2020-03-15 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: appraisal
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.0.0
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.0.0
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '2.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.1'
+    - - ">="
       - !ruby/object:Gem::Version
         version: 10.1.1
   type: :development
@@ -38,100 +62,87 @@ dependencies:
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.1'
+    - - ">="
       - !ruby/object:Gem::Version
         version: 10.1.1
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: 3.2.0
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: 3.2.0
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
 - !ruby/object:Gem::Dependency
-  name: appraisal
+  name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.0.0
+        version: 0.63.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.0.0
-description: Continuation of the simple authorization solution for Rails which is
-  decoupled from user roles. All permissions are stored in a single location.
-email: r.crawfordwilson@gmail.com
+        version: 0.63.1
+description: Simple authorization solution for Rails. All permissions are stored in
+  a single location.
+email: alessandro.rodi@renuo.ch
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".gitignore"
-- ".rspec"
-- ".travis.yml"
-- Appraisals
-- CHANGELOG.rdoc
-- CONTRIBUTING.md
-- Gemfile
-- LICENSE
-- README.md
-- Rakefile
 - cancancan.gemspec
-- gemfiles/activerecord_3.2.gemfile
-- gemfiles/activerecord_4.0.gemfile
-- gemfiles/activerecord_4.1.gemfile
-- gemfiles/activerecord_4.2.gemfile
-- gemfiles/activerecord_5.0.gemfile
-- gemfiles/mongoid_2.x.gemfile
-- gemfiles/sequel_3.x.gemfile
 - init.rb
 - lib/cancan.rb
 - lib/cancan/ability.rb
+- lib/cancan/ability/actions.rb
+- lib/cancan/ability/rules.rb
+- lib/cancan/ability/strong_parameter_support.rb
+- lib/cancan/conditions_matcher.rb
 - lib/cancan/controller_additions.rb
 - lib/cancan/controller_resource.rb
+- lib/cancan/controller_resource_builder.rb
+- lib/cancan/controller_resource_finder.rb
+- lib/cancan/controller_resource_loader.rb
+- lib/cancan/controller_resource_name_finder.rb
+- lib/cancan/controller_resource_sanitizer.rb
 - lib/cancan/exceptions.rb
-- lib/cancan/inherited_resource.rb
 - lib/cancan/matchers.rb
 - lib/cancan/model_adapters/abstract_adapter.rb
-- lib/cancan/model_adapters/active_record_3_adapter.rb
 - lib/cancan/model_adapters/active_record_4_adapter.rb
+- lib/cancan/model_adapters/active_record_5_adapter.rb
 - lib/cancan/model_adapters/active_record_adapter.rb
+- lib/cancan/model_adapters/conditions_extractor.rb
+- lib/cancan/model_adapters/conditions_normalizer.rb
 - lib/cancan/model_adapters/default_adapter.rb
-- lib/cancan/model_adapters/mongoid_adapter.rb
-- lib/cancan/model_adapters/sequel_adapter.rb
 - lib/cancan/model_additions.rb
+- lib/cancan/parameter_validators.rb
+- lib/cancan/relevant.rb
 - lib/cancan/rule.rb
+- lib/cancan/rules_compressor.rb
+- lib/cancan/unauthorized_message_resolver.rb
 - lib/cancan/version.rb
 - lib/cancancan.rb
 - lib/generators/cancan/ability/USAGE
 - lib/generators/cancan/ability/ability_generator.rb
 - lib/generators/cancan/ability/templates/ability.rb
-- spec/README.rdoc
-- spec/cancan/ability_spec.rb
-- spec/cancan/controller_additions_spec.rb
-- spec/cancan/controller_resource_spec.rb
-- spec/cancan/exceptions_spec.rb
-- spec/cancan/inherited_resource_spec.rb
-- spec/cancan/matchers_spec.rb
-- spec/cancan/model_adapters/active_record_4_adapter_spec.rb
-- spec/cancan/model_adapters/active_record_adapter_spec.rb
-- spec/cancan/model_adapters/default_adapter_spec.rb
-- spec/cancan/model_adapters/mongoid_adapter_spec.rb
-- spec/cancan/model_adapters/sequel_adapter_spec.rb
-- spec/cancan/rule_spec.rb
-- spec/matchers.rb
-- spec/spec.opts
-- spec/spec_helper.rb
-- spec/support/ability.rb
 homepage: https://github.com/CanCanCommunity/cancancan
 licenses:
 - MIT
@@ -144,17 +155,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.0.0
+      version: 2.2.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.4.5.1
+rubygems_version: 3.0.6
 signing_key: 
 specification_version: 4
 summary: Simple authorization solution for Rails.
-test_files:
-- Appraisals
+test_files: []

data/.gitignore

@@ -1,15 +0,0 @@
-.DS_Store
-.idea/*
-*.swp
-**/*.swp
-*.gem
-.bundle
-
-gemfiles/*.lock
-Gemfile.lock
-
-.rvmrc
-.rbenv-version
-.ruby-version
-.ruby-gemset
-/tmp

data/.rspec

@@ -1 +0,0 @@
---color

data/.travis.yml

@@ -1,33 +0,0 @@
-language: ruby
-cache: bundler
-sudo: false
-rvm:
-  - 2.0.0
-  - 2.1.0
-  - 2.2.0
-  - 2.2.2
-  - jruby-9.0.5.0
-gemfile:
-  - gemfiles/activerecord_3.2.gemfile
-  - gemfiles/activerecord_4.0.gemfile
-  - gemfiles/activerecord_4.1.gemfile
-  - gemfiles/activerecord_4.2.gemfile
-  - gemfiles/activerecord_5.0.gemfile
-  - gemfiles/mongoid_2.x.gemfile
-  - gemfiles/sequel_3.x.gemfile
-services:
-  - mongodb
-matrix:
-  fast_finish: true
-  exclude:
-    - rvm: 2.0.0
-      gemfile: gemfiles/activerecord_5.0.gemfile
-    - rvm: 2.1.0
-      gemfile: gemfiles/activerecord_5.0.gemfile
-    - rvm: 2.2.0
-      gemfile: gemfiles/activerecord_5.0.gemfile
-    - rvm: jruby-9.0.5.0
-      gemfile: gemfiles/activerecord_5.0.gemfile
-notifications:
-  recipients:
-    - bryan@bryanrite.com

data/Appraisals

@@ -1,104 +0,0 @@
-appraise "activerecord_3.2" do
-  gem "activerecord", "~> 3.2.0", :require => "active_record"
-  gem "actionpack", "~> 3.2.0", :require => "action_pack"
-
-  gemfile.platforms :jruby do
-    gem "activerecord-jdbcsqlite3-adapter"
-    gem "jdbc-sqlite3"
-  end
-
-  gemfile.platforms :ruby, :mswin, :mingw do
-    gem "sqlite3"
-  end
-end
-
-appraise "activerecord_4.0" do
-  gem "activerecord", "~> 4.0.5", :require => "active_record"
-  gem "activesupport", "~> 4.0.5", :require => "active_support/all"
-  gem "actionpack", "~> 4.0.5", :require => "action_pack"
-
-
-  gemfile.platforms :jruby do
-    gem "activerecord-jdbcsqlite3-adapter"
-    gem "jdbc-sqlite3"
-  end
-
-  gemfile.platforms :ruby, :mswin, :mingw do
-    gem "sqlite3"
-  end
-end
-
-appraise "activerecord_4.1" do
-  gem "activerecord", "~> 4.1.1", :require => "active_record"
-  gem "activesupport", "~> 4.1.1", :require => "active_support/all"
-  gem "actionpack", "~> 4.1.1", :require => "action_pack"
-
-  gemfile.platforms :jruby do
-    gem "activerecord-jdbcsqlite3-adapter"
-    gem "jdbc-sqlite3"
-  end
-
-  gemfile.platforms :ruby, :mswin, :mingw do
-    gem "sqlite3"
-  end
-end
-
-appraise "activerecord_4.2" do
-  gem "activerecord", "~> 4.2.0", :require => "active_record"
-  gem 'activesupport', '~> 4.2.0', :require => 'active_support/all'
-  gem "actionpack", "~> 4.2.0", :require => "action_pack"
-
-  gemfile.platforms :jruby do
-    gem "activerecord-jdbcsqlite3-adapter"
-    gem "jdbc-sqlite3"
-  end
-
-  gemfile.platforms :ruby, :mswin, :mingw do
-    gem "sqlite3"
-    gem "pg"
-  end
-end
-
-appraise "activerecord_5.0" do
-  gem "activerecord", "~> 5.0.0.rc1", :require => "active_record"
-  gem 'activesupport', '~> 5.0.0.rc1', :require => 'active_support/all'
-  gem "actionpack", "~> 5.0.0.rc1", :require => "action_pack"
-
-  gemfile.platforms :jruby do
-    gem "activerecord-jdbcsqlite3-adapter"
-    gem "jdbc-sqlite3"
-  end
-
-  gemfile.platforms :ruby, :mswin, :mingw do
-    gem "sqlite3"
-    gem "pg"
-  end
-end
-
-appraise "mongoid_2.x" do
-  gem "activesupport", "~> 3.0", :require => "active_support/all"
-  gem "actionpack", "~> 3.0", :require => "action_pack"
-  gem "mongoid", "~> 2.0.0"
-
-  gemfile.platforms :ruby, :mswin, :mingw do
-    gem "bson_ext", "~> 1.1"
-  end
-
-  gemfile.platforms :jruby do
-    gem "mongo", "~> 1.9.2"
-  end
-end
-
-appraise "sequel_3.x" do
-  gem "sequel", "~> 3.48.0"
-  gem "activesupport", "~> 3.0", :require => "active_support/all"
-  gem "actionpack", "~> 3.0", :require => "action_pack"
-
-  gemfile.platforms :jruby do
-    gem "jdbc-sqlite3"
-  end
-
-  gemfile.platforms :ruby, :mswin, :mingw do
-    gem "sqlite3"
-  end
-end

data/CHANGELOG.rdoc

@@ -1,527 +0,0 @@
-Develop
-
-Unreleased
-
-1.15.0 (June 13th, 2016)
-
-* Add support for Rails 5 (craig1410)
-
-1.14.0 (May 14th, 2016)
-
-* Use cover for ranges
-* Add support for rails 4 enum's (markpmitchell)
-
-1.13.1 (Oct 8th, 2015)
-
-* Fix #merge with empty Ability (jhawthorn)
-
-1.13.0 (Oct 7th, 2015)
-
-* Significantly improve rule lookup time (amarshall)
-* Removed deprecation warnings for RSpec 3.2 (NekoNova)
-
-1.12.0 (June 28th, 2015)
-
-* Add a permissions method to Ability (devaroop)
-
-1.11.0 (June 15th, 2015)
-
-* Complete cancancan#115 - Specify authorization action for parent resources. (phallguy)
-
-1.10.1 (January 13th, 2015)
-
-* Fix cancancan#168 - A bug with ActiveRecord 4.2 support causing ProtocolViolation due to named parameters not being passed in.
-
-
-1.10.0 (January 7th, 2015)
-
-* Fix i18n issue for Ruby < 1.9.3 (bryanrite)
-
-* Fix cancancan#149 - Fix an issue loading namespaced models (darthjee)
-
-* Fix cancancan#160 - Support for Rails 4.2 (marshall-lee)
-
-* Fix cancancan#153 - More useful output in ability spec matchers (jondkinney)
-
-
-1.9.2 (August 8th, 2014)
-
-* Fix cancancan#77, 78 - Fix an issue with associations for namespaced models. (jjp)
-
-
-1.9.1 (July 21st, 2014)
-
-* Fix cancancan#101 - Fixes an issue where overjealous use of references would cause issues with scopes when loading associations. (bryanrite)
-
-
-1.9.0 (July 20th, 2014)
-
-* Fix cancancan#59 - Parameters are automatically detected and santitized for all actions, not just create and update. (bryanrite)
-
-* Fix cancancan#97, 72, 40, 39, 26 - Support Active Record 4 properly with references on nested permissions. (scpike, tdg5, Crystark)
-
-
-1.8.4 (June 24th, 2014)
-
-* Fix cancancan#86 - Fixes previous RSpec 3 update as there was a bug in the fix for RSpec 2.99. (bryanrite)
-
-
-1.8.3 (June 24th, 2014)
-
-* Fix cancancan#85 - Remove deprecation notices for RSpec 3 and continue backwards compatibility. (andypike, bryanrite, porteta)
-
-
-1.8.2 (June 5th, 2014)
-
-* Fix cancancan#75 - More specific hash-like object check. (bryanrite)
-
-
-1.8.1 (May 27th, 2014)
-
-* Fix cancancan#67 - Sequel tests are run properly for JRuby. (bryanrite)
-
-* Fix cancancan#68 - Checks for hash-like objects in subject better. (bryanrite)
-
-
-1.8.0 (May 8th, 2014)
-
-* Feature cancan#884 - Add a Sequel model adapter (szetobo)
-
-* Feature cancancan#3 - Permit "can?" check multiple subjects (cefigueiredo)
-
-* Feature cancancan#29 - Add ability to use a String that will get instance_eval'd or a Proc that will get called as the parameter method option for strong_parameter santization (svoop)
-
-* Feature cancancan#48 - Define a CanCanCan module. Even though it is not used, it is standard practice to define the module, and helpful for determining between CanCanCan and CanCan for external libraries.
-
-
-1.7.1 (March 19th, 2014)
-
-* Fix ryanb/cancan#992 - Remove Rails 4 deprecations for scoped (thejchap & hitendrasingh)
-
-* Fix cancancan#16 - RSpec expectations are not explicitly required in RSpec > 2.13 (justinaiken & bryanrite)
-
-
-1.7.0 (February 19th, 2014)
-
-* Feature #988 Adds support for strong_parameters (bryanrite)
-
-* Fix #726 - Allow multiple abilities with associations (elabs-dev)
-
-* Fix #864 - Fix id_param in shallow routes (francocatena)
-
-* Fix #871 - Fixes nested ability conditions (ricec)
-
-* Fix #935 - Reduce unnecessary object allocations (grosser)
-
-* Fix #966 - Fixes a variable name collision in nested conditions (knoopx)
-
-* Fix #971 - Does not execute "empty?" scope when checking class rule (matt-glover)
-
-* Fix #974 - Avoid unnecessary sql execution (inkstak)
-
-
-1.6.10 (May 7, 2013)
-
-* fix matches_conditons_hash for string values on 1.8 (thanks rrosen)
-
-* work around SQL injection vulnerability in older Rails versions (thanks steerio) - issue #800
-
-* add support for nested join conditions (thanks yuszuv) - issue #806
-
-* fix load_resource "find_by" in mongoid resources (thanks albertobajo) - issue #705
-
-* fix namespace split behavior (thanks xinuc) - issue #668
-
-
-1.6.9 (February 4, 2013)
-
-* fix inserting AND (NULL) to end of SQL queries (thanks jonsgreen) - issue #687
-
-* fix merge_joins for nested association hashes (thanks DavidMikeSimon) - issues #655, #560
-
-* raise error on recursive alias_action (thanks fl00r) - issue #660
-
-* fix namespace controllers not loading params (thanks andhapp) - issues #670, #664
-
-
-1.6.8 (June 25, 2012)
-
-* improved support for namespaced controllers and models
-
-* pass :if and :unless options for load and authorize resource (thanks mauriciozaffari)
-
-* Travis CI badge (thanks plentz)
-
-* adding Ability#merge for combining multiple abilities (thanks rogercampos)
-
-* support for multiple MetaWhere rules (thanks andhapp)
-
-* various fixes for DataMapper, Mongoid, and Inherited Resource integration
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.7...1.6.8]
-
-
-1.6.7 (October 4, 2011)
-
-* fixing nested resource problem caused by namespace addition - issue #482
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.6...1.6.7]
-
-
-1.6.6 (September 28, 2011)
-
-* correct "return cant jump across threads" error when using check_authorization (thanks codeprimate) - issues #463, #469
-
-* fixing tests in development by specifying with_model version  (thanks kirkconnell) - issue #476
-
-* added travis.yml file for TravisCI support (thanks bai) - issue #427
-
-* better support for namespaced models (thanks whilefalse) - issues #424
-
-* adding :id_param option to load_and_authorize_resource (thanks skhisma) - issue #425
-
-* make default unauthorized message translatable text (thanks nhocki) - issue #409
-
-* improving DataMapper behavior (thanks psanford, maxsum-corin) - issue #410, #373
-
-* allow :find_by option to be full find method name - issue #335
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.5...1.6.6]
-
-
-1.6.5 (May 18, 2011)
-
-* pass action and subject through AccessDenied exception when :through isn't found - issue #366
-
-* many Mongoid adapter improvements (thanks rahearn, cardagin) - issues #363, #352, #343
-
-* allow :through option to work with private controller methods - issue #360
-
-* ensure Mongoid::Document is defined before loading Mongoid adapter - issue #359
-
-* many DataMapper adapter improvements (thanks emmanuel) - issue #355
-
-* handle checking nil attributes through associations (thanks thatothermitch) - issue #330
-
-* improve scope merging - issue #328
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.4...1.6.5]
-
-
-1.6.4 (March 29, 2011)
-
-* Fixed mongoid 'or' error - see issue #322
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.3...1.6.4]
-
-
-1.6.3 (March 25, 2011)
-
-* Make sure ActiveRecord::Relation is defined before checking conditions against it so Rails 2 is supported again - see issue #312
-
-* Return subject passed to authorize! - see issue #314
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.2...1.6.3]
-
-
-1.6.2 (March 18, 2011)
-
-* Fixed instance loading when :singleton option is used - see issue #310
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.1...1.6.2]
-
-
-1.6.1 (March 15, 2011)
-
-* Use Item.new instead of build_item for singleton resource so it doesn't effect database - see issue #304
-
-* Made accessible_by action default to :index and parent action default to :show instead of :read - see issue #302
-
-* Reverted Inherited Resources "collection" override since it doesn't seem to be working - see issue #305
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.0...1.6.1]
-
-
-1.6.0 (March 11, 2011)
-
-* Added MetaWhere support - see issue #194 and #261
-
-* Allow Active Record scopes in Ability conditions - see issue #257
-
-* Added :if and :unless options to check_authorization - see issue #284
-
-* Several Inherited Resources fixes (thanks aq1018, tanordheim and stefanoverna)
-
-* Pass action name to accessible_by call when loading a collection (thanks amw)
-
-* Added :prepend option to load_and_authorize_resource to load before other filters - see issue #290
-
-* Fixed spacing issue in I18n message for multi-word model names - see issue #292
-
-* Load resource collection for any action which doesn't have an "id" parameter - see issue #296
-
-* Raise an exception when trying to make a Ability condition with both a hash of conditions and a block - see issue #269
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.5.1...1.6.0]
-
-
-1.5.1 (January 20, 2011)
-
-* Fixing deeply nested conditions in Active Record adapter - see issue #246
-
-* Improving Mongoid support for multiple can and cannot definitions (thanks stellard) - see issue #239
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.5.0...1.5.1]
-
-
-1.5.0 (January 11, 2011)
-
-* Added an Ability generator - see issue #170
-
-* Added DataMapper support (thanks natemueller)
-
-* Added Mongoid support (thanks bowsersenior)
-
-* Added skip_load_and_authorize_resource methods to controller class - see issue #164
-
-* Added support for uncountable resources in index action - see issue #193
-
-* Cleaned up README and added spec/README
-
-* Internal: renamed CanDefinition to Rule
-
-* Internal: added a model adapter layer for easily supporting more ORMs
-
-* Internal: added .rvmrc to auto-switch to 1.8.7 with gemset - see issue #231
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.4.1...1.5.0]
-
-
-1.4.1 (November 12, 2010)
-
-* Renaming skip_authorization to skip_authorization_check - see issue #169
-
-* Adding :through_association option to load_resource (thanks hunterae) - see issue #171
-
-* The :shallow option now works with the :singleton option (thanks nandalopes) - see issue #187
-
-* Play nicely with quick_scopes gem (thanks ramontayag) - see issue #183
-
-* Fix odd behavior when "cache_classes = false" (thanks mphalliday) - see issue #174
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.4.0...1.4.1]
-
-
-1.4.0 (October 5, 2010)
-
-* Adding Gemfile; to get specs running just +bundle+ and +rake+ - see issue #163
-
-* Stop at 'cannot' definition when there are no conditions - see issue #161
-
-* The :through option will now call a method with that name if instance variable doesn't exist - see issue #146
-
-* Adding :shallow option to load_resource to bring back old behavior of fetching a child without a parent
-
-* Raise AccessDenied error when loading a child and parent resource isn't found
-
-* Abilities defined on a module will apply to anything that includes that module - see issue #150 and #152
-
-* Abilities can be defined with a string of SQL in addition to a block so accessible_by works with a block - see issue #150
-
-* Adding better support for InheritedResource - see issue #23
-
-* Loading the collection instance variable (for index action) using accessible_by - see issue #137
-
-* Adding action and subject variables to I18n unauthorized message - closes #142
-
-* Adding check_authorization and skip_authorization controller class methods to ensure authorization is performed (thanks justinko) - see issue #135
-
-* Setting initial attributes based on ability conditions in new/create actions - see issue #114
-
-* Check parent attributes for nested association in index action - see issue #121
-
-* Supporting nesting in can? method using hash - see issue #121
-
-* Adding I18n support for Access Denied messages (thanks EppO) - see issue #103
-
-* Passing no arguments to +can+ definition will pass action, class, and object to block - see issue #129
-
-* Don't pass action to block in +can+ definition when using :+manage+ option - see issue #129
-
-* No longer calling block in +can+ definition when checking on class - see issue #116
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.4...1.4.0]
-
-
-1.3.4 (August 31, 2010)
-
-* Don't stop at +cannot+ with hash conditions when checking class (thanks tamoya) - see issue #131
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.3...1.3.4]
-
-
-1.3.3 (August 20, 2010)
-
-* Switching to Rspec namespace to remove deprecation warning in Rspec 2 - see issue #119
-
-* Pluralize nested associations for conditions in accessible_by (thanks mlooney) - see issue #123
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.2...1.3.3]
-
-
-1.3.2 (August 7, 2010)
-
-* Fixing slice error when passing in custom resource name - see issue #112
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.1...1.3.2]
-
-
-1.3.1 (August 6, 2010)
-
-* Fixing protected sanitize_sql error - see issue #111
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.0...1.3.1]
-
-
-1.3.0 (August 6, 2010)
-
-* Adding :find_by option to load_resource - see issue #19
-
-* Adding :singleton option to load_resource - see issue #93
-
-* Supporting multiple resources in :through option for polymorphic associations - see issue #73
-
-* Supporting Single Table Inheritance for "can" comparisons - see issue #55
-
-* Adding :instance_name option to load/authorize_resource - see issue #44
-
-* Don't pass nil to "new" to keep MongoMapper happy - see issue #63
-
-* Parent resources are now authorized with :read action.
-
-* Changing :resource option in load/authorize_resource back to :class with ability to pass false
-
-* Removing :nested option in favor of :through option with separate load/authorize call
-
-* Moving internal logic from ResourceAuthorization to ControllerResource class
-
-* Supporting multiple "can" and "cannot" calls with accessible_by (thanks funny-falcon) - see issue #71
-
-* Supporting deeply nested aliases - see issue #98
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.2.0...1.3.0]
-
-
-1.2.0 (July 16, 2010)
-
-* Load nested parent resources on collection actions such as "index" (thanks dohzya)
-
-* Adding :name option to load_and_authorize_resource if it does not match controller - see issue #65
-
-* Fixing issue when using accessible_by with nil can conditions (thanks jrallison) - see issue #66
-
-* Pluralize table name for belongs_to associations in can conditions hash (thanks logandk) - see issue #62
-
-* Support has_many association or arrays in can conditions hash
-
-* Adding joins clause to accessible_by when conditions are across associations
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.1.1...1.2.0]
-
-
-1.1.1 (April 17, 2010)
-
-* Fixing behavior in Rails 3 by properly initializing ResourceAuthorization
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.1...1.1.1]
-
-
-1.1.0 (April 17, 2010)
-
-* Supporting arrays, ranges, and nested hashes in ability conditions
-
-* Removing "unauthorized!" method in favor of "authorize!" in controllers
-
-* Adding action, subject and default_message abilities to AccessDenied exception - see issue #40
-
-* Adding caching to current_ability controller method, if you're overriding this be sure to add caching too.
-
-* Adding "accessible_by" method to Active Record for fetching records matching a specific ability
-
-* Adding conditions behavior to Ability#can and fetch with Ability#conditions - see issue #53
-
-* Renaming :class option to :resource for load_and_authorize_resource which now supports a symbol for non models - see issue #45
-
-* Properly handle Admin::AbilitiesController in params[:controller] - see issue #46
-
-* Adding be_able_to RSpec matcher (thanks dchelimsky), requires Ruby 1.8.7 or higher - see issue #54
-
-* Support additional arguments to can? which get passed to the block - see issue #48
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.0.2...1.1]
-
-
-1.0.2 (Dec 30, 2009)
-
-* Adding clear_aliased_actions to Ability which removes previously defined actions including defaults - see issue #20
-
-* Append aliased actions (don't overwrite them) - see issue #20
-
-* Adding custom message argument to unauthorized! method (thanks tjwallace) - see issue #18
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.0.1...1.0.2]
-
-
-1.0.1 (Dec 14, 2009)
-
-* Adding :class option to load_resource so one can customize which class to use for the model - see issue #17
-
-* Don't fetch parent of nested resource if *_id parameter is missing so it works with shallow nested routes - see issue #14
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.0.0...1.0.1]
-
-
-1.0.0 (Dec 13, 2009)
-
-* Don't set resource instance variable if it has been set already - see issue #13
-
-* Allowing :nested option to accept an array for deep nesting
-
-* Adding :nested option to load resource method - see issue #10
-
-* Pass :only and :except options to before filters for load/authorize resource methods.
-
-* Adding :collection and :new options to load_resource method so we can specify behavior of additional actions if needed.
-
-* BACKWARDS INCOMPATIBLE: turning load and authorize resource methods into class methods which set up the before filter so they can accept additional arguments.
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/0.2.1...1.0.0]
-
-
-0.2.1 (Nov 26, 2009)
-
-* many internal refactorings - see issues #11 and #12
-
-* adding "cannot" method to define which abilities cannot be done - see issue #7
-
-* support custom objects (usually symbols) in can definition - see issue #8
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/0.2.0...0.2.1]
-
-
-0.2.0 (Nov 17, 2009)
-
-* fix behavior of load_and_authorize_resource for namespaced controllers - see issue #3
-
-* support arrays being passed to "can" to specify multiple actions or classes - see issue #2
-
-* adding "cannot?" method to ability, controller, and view which is inverse of "can?" - see issue #1
-
-* BACKWARDS INCOMPATIBLE: use Ability#initialize instead of 'prepare' to set up abilities - see issue #4
-
-* {see the full list of changes}[https://github.com/ryanb/cancan/compare/0.1.0...0.2.0]
-
-
-0.1.0 (Nov 16, 2009)
-
-* initial release