RubyGems - cancancan - Versions diffs - 1.15.0 → 3.1.0 - Mend

cancancan 1.15.0 → 3.1.0

Files changed (74) hide show

checksums.yaml +5 -5
data/cancancan.gemspec +18 -18
data/init.rb +2 -0
data/lib/cancan.rb +9 -11
data/lib/cancan/ability.rb +90 -203
data/lib/cancan/ability/actions.rb +93 -0
data/lib/cancan/ability/rules.rb +93 -0
data/lib/cancan/ability/strong_parameter_support.rb +41 -0
data/lib/cancan/conditions_matcher.rb +106 -0
data/lib/cancan/controller_additions.rb +29 -36
data/lib/cancan/controller_resource.rb +46 -211
data/lib/cancan/controller_resource_builder.rb +26 -0
data/lib/cancan/controller_resource_finder.rb +42 -0
data/lib/cancan/controller_resource_loader.rb +120 -0
data/lib/cancan/controller_resource_name_finder.rb +23 -0
data/lib/cancan/controller_resource_sanitizer.rb +32 -0
data/lib/cancan/exceptions.rb +17 -5
data/lib/cancan/matchers.rb +12 -3
data/lib/cancan/model_adapters/abstract_adapter.rb +10 -8
data/lib/cancan/model_adapters/active_record_4_adapter.rb +39 -43
data/lib/cancan/model_adapters/active_record_5_adapter.rb +68 -0
data/lib/cancan/model_adapters/active_record_adapter.rb +77 -82
data/lib/cancan/model_adapters/conditions_extractor.rb +75 -0
data/lib/cancan/model_adapters/conditions_normalizer.rb +49 -0
data/lib/cancan/model_adapters/default_adapter.rb +2 -0
data/lib/cancan/model_additions.rb +2 -1
data/lib/cancan/parameter_validators.rb +9 -0
data/lib/cancan/relevant.rb +29 -0
data/lib/cancan/rule.rb +76 -106
data/lib/cancan/rules_compressor.rb +23 -0
data/lib/cancan/unauthorized_message_resolver.rb +24 -0
data/lib/cancan/version.rb +3 -1
data/lib/cancancan.rb +2 -0
data/lib/generators/cancan/ability/ability_generator.rb +4 -2
data/lib/generators/cancan/ability/templates/ability.rb +2 -0
metadata +66 -57
data/.gitignore +0 -15
data/.rspec +0 -1
data/.travis.yml +0 -33
data/Appraisals +0 -104
data/CHANGELOG.rdoc +0 -527
data/CONTRIBUTING.md +0 -23
data/Gemfile +0 -3
data/LICENSE +0 -22
data/README.md +0 -217
data/Rakefile +0 -9
data/gemfiles/activerecord_3.2.gemfile +0 -17
data/gemfiles/activerecord_4.0.gemfile +0 -18
data/gemfiles/activerecord_4.1.gemfile +0 -18
data/gemfiles/activerecord_4.2.gemfile +0 -19
data/gemfiles/activerecord_5.0.gemfile +0 -19
data/gemfiles/mongoid_2.x.gemfile +0 -17
data/gemfiles/sequel_3.x.gemfile +0 -17
data/lib/cancan/inherited_resource.rb +0 -20
data/lib/cancan/model_adapters/active_record_3_adapter.rb +0 -16
data/lib/cancan/model_adapters/mongoid_adapter.rb +0 -75
data/lib/cancan/model_adapters/sequel_adapter.rb +0 -87
data/spec/README.rdoc +0 -27
data/spec/cancan/ability_spec.rb +0 -544
data/spec/cancan/controller_additions_spec.rb +0 -151
data/spec/cancan/controller_resource_spec.rb +0 -643
data/spec/cancan/exceptions_spec.rb +0 -58
data/spec/cancan/inherited_resource_spec.rb +0 -71
data/spec/cancan/matchers_spec.rb +0 -29
data/spec/cancan/model_adapters/active_record_4_adapter_spec.rb +0 -154
data/spec/cancan/model_adapters/active_record_adapter_spec.rb +0 -405
data/spec/cancan/model_adapters/default_adapter_spec.rb +0 -7
data/spec/cancan/model_adapters/mongoid_adapter_spec.rb +0 -247
data/spec/cancan/model_adapters/sequel_adapter_spec.rb +0 -132
data/spec/cancan/rule_spec.rb +0 -52
data/spec/matchers.rb +0 -13
data/spec/spec.opts +0 -2
data/spec/spec_helper.rb +0 -27
data/spec/support/ability.rb +0 -7

data/CONTRIBUTING.md DELETED

@@ -1,23 +0,0 @@
-## Contributing to CanCanCan
-### Reporting an Issue
-1. If you have any questions about CanCanCan, search the [Wiki](https://github.com/cancancommunity/cancancan/wiki), use [Stack Overflow](http://stackoverflow.com/questions/tagged/cancancan), or [our mailing list](https://groups.google.com/forum/#!forum/cancancan). Do not post questions here.
-1. If you find a security bug, **DO NOT** submit an issue here. Please send an e-mail to the current maintainer instead.
-1. Do a small search on the issues tracker before submitting your issue to see if it was already reported / fixed.
-1. Create your report including Rails and CanCanCan versions. If you are getting exceptions, please include the full backtrace.
-That's it! The more information you give, the more easy it becomes for us to track it down and fix it. Ideal scenario would be adding the issue to CanCanCan test suite or to a sample application.
-### Adding new Features or Bugfixes
-CanCanCan uses a [git-flow](http://nvie.com/posts/a-successful-git-branching-model/) development model.  The latest "released" version of CanCanCan, the latest gem version, can always be found on `master`, while the next version or nightly is on `develop`.
-Please make sure you have test coverage for anything you add or fix!
-Please add a CHANGELOG entry with any relevant tags for issues, pull-requests, and authors.
-Thanks!

data/Gemfile DELETED

@@ -1,3 +0,0 @@
-source "https://rubygems.org"
-gemspec

data/LICENSE DELETED

@@ -1,22 +0,0 @@
-Copyright (c) 2011 Ryan Bates
-MIT License
-Permission is hereby granted, free of charge, to any person obtaining
-a copy of this software and associated documentation files (the
-"Software"), to deal in the Software without restriction, including
-without limitation the rights to use, copy, modify, merge, publish,
-distribute, sublicense, and/or sell copies of the Software, and to
-permit persons to whom the Software is furnished to do so, subject to
-the following conditions:
-The above copyright notice and this permission notice shall be
-included in all copies or substantial portions of the Software.
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
-LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
-OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md DELETED

@@ -1,217 +0,0 @@
-# CanCanCan
-[![Gem Version](https://badge.fury.io/rb/cancancan.svg)](http://badge.fury.io/rb/cancancan)
-[![Travis badge](https://travis-ci.org/CanCanCommunity/cancancan.svg?branch=develop)](https://travis-ci.org/CanCanCommunity/cancancan)
-[![Code Climate Badge](https://codeclimate.com/github/CanCanCommunity/cancancan.svg)](https://codeclimate.com/github/CanCanCommunity/cancancan)
-[![Inch CI](http://inch-ci.org/github/CanCanCommunity/cancancan.svg)](http://inch-ci.org/github/CanCanCommunity/cancancan)
-[Wiki](https://github.com/CanCanCommunity/cancancan/wiki) | [RDocs](http://rdoc.info/projects/CanCanCommunity/cancancan) | [Screencast](http://railscasts.com/episodes/192-authorization-with-cancan) | [IRC: #cancancan (freenode)](http://webchat.freenode.net/?channels=cancancan)
-CanCan is an authorization library for Ruby on Rails which restricts what resources a given user is allowed to access. All permissions are defined in a single location (the `Ability` class) and not duplicated across controllers, views, and database queries.
-## This is the master branch!
-This branch represents work towards version 2.0. Please checkout the 1.x branch for the stable release. Use master at your own risk.
-## Mission
-This repo is a continuation of the dead [CanCan](https://github.com/ryanb/cancan) project. Our mission is to keep CanCan alive and moving forward, with maintenance fixes and new features. Pull Requests are welcome!
-I am currently focusing on the 1.x branch for the immediate future, making sure it is up to date as well as ensuring compatibility with Rails 4+. I will take a look into the 2.x branch and try to see what improvements, reorganizations and redesigns Ryan was attempting and go forward from there.
-Any help is greatly appreciated, feel free to submit pull-requests or open issues.
-## Installation
-In **Rails 3 and 4**, add this to your Gemfile and run the `bundle install` command.
-    gem 'cancancan', '~> 1.10'
-## Getting Started
-CanCanCan expects a `current_user` method to exist in the controller. First, set up some authentication (such as [Authlogic](https://github.com/binarylogic/authlogic) or [Devise](https://github.com/plataformatec/devise)). See [Changing Defaults](https://github.com/CanCanCommunity/cancancan/wiki/changing-defaults) if you need different behavior.
-When using [rails-api](https://github.com/rails-api/rails-api), you have to manually include the controller methods for CanCan:
-```ruby
-class ApplicationController < ActionController::API
-  include CanCan::ControllerAdditions
-end
-```
-### 1. Define Abilities
-User permissions are defined in an `Ability` class. CanCan 1.5 includes a Rails 3 and 4 generator for creating this class.
-    rails g cancan:ability
-In Rails 2.3, just add a new class in `app/models/ability.rb` with the following contents:
-```ruby
-class Ability
-  include CanCan::Ability
-  def initialize(user)
-  end
-end
-```
-See [Defining Abilities](https://github.com/CanCanCommunity/cancancan/wiki/defining-abilities) for details.
-### 2. Check Abilities & Authorization
-The current user's permissions can then be checked using the `can?` and `cannot?` methods in the view and controller.
-```erb
-<% if can? :update, @article %>
-  <%= link_to "Edit", edit_article_path(@article) %>
-<% end %>
-```
-See [Checking Abilities](https://github.com/CanCanCommunity/cancancan/wiki/checking-abilities) for more information
-The `authorize!` method in the controller will raise an exception if the user is not able to perform the given action.
-```ruby
-def show
-  @article = Article.find(params[:id])
-  authorize! :read, @article
-end
-```
-Setting this for every action can be tedious, therefore the `load_and_authorize_resource` method is provided to automatically authorize all actions in a RESTful style resource controller. It will use a before filter to load the resource into an instance variable and authorize it for every action.
-```ruby
-class ArticlesController < ApplicationController
-  load_and_authorize_resource
-  def show
-    # @article is already loaded and authorized
-  end
-end
-```
-See [Authorizing Controller Actions](https://github.com/CanCanCommunity/cancancan/wiki/authorizing-controller-actions) for more information.
-#### Strong Parameters
-When using `strong_parameters` or Rails 4+, you have to sanitize inputs before saving the record, in actions such as `:create` and `:update`.
-For the `:update` action, CanCan will load and authorize the resource but *not* change it automatically, so the typical usage would be something like:
-```ruby
-def update
-  if @article.update_attributes(update_params)
-    # hurray
-  else
-    render :edit
-  end
-end
-...
-def update_params
-  params.require(:article).permit(:body)
-end
-```
-For the `:create` action, CanCan will try to initialize a new instance with sanitized input by seeing if your controller will respond to the following methods (in order):
-1. `create_params`
-2. `<model_name>_params` such as `article_params` (this is the default convention in rails for naming your param method)
-3. `resource_params` (a generically named method you could specify in each controller)
-Additionally, `load_and_authorize_resource` can now take a `param_method` option to specify a custom method in the controller to run to sanitize input.
-You can associate the `param_method` option with a symbol corresponding to the name of a method that will get called:
-```ruby
-class ArticlesController < ApplicationController
-  load_and_authorize_resource param_method: :my_sanitizer
-  def create
-    if @article.save
-      # hurray
-    else
-      render :new
-    end
-  end
-  private
-  def my_sanitizer
-    params.require(:article).permit(:name)
-  end
-end
-```
-You can also use a string that will be evaluated in the context of the controller using `instance_eval` and needs to contain valid Ruby code. This does come in handy when using a PermittedParams class as suggested in Railscast 371:
-    load_and_authorize_resource param_method: 'permitted_params.article'
-Finally, it's possible to associate `param_method` with a Proc object which will be called with the controller as the only argument:
-    load_and_authorize_resource param_method: Proc.new { |c| c.params.require(:article).permit(:name) }
-See [Strong Parameters](https://github.com/CanCanCommunity/cancancan/wiki/Strong-Parameters) for more information.
-### 3. Handle Unauthorized Access
-If the user authorization fails, a `CanCan::AccessDenied` exception will be raised. You can catch this and modify its behavior in the `ApplicationController`.
-```ruby
-class ApplicationController < ActionController::Base
-  rescue_from CanCan::AccessDenied do |exception|
-    redirect_to root_url, :alert => exception.message
-  end
-end
-```
-See [Exception Handling](https://github.com/CanCanCommunity/cancancan/wiki/exception-handling) for more information.
-### 4. Lock It Down
-If you want to ensure authorization happens on every action in your application, add `check_authorization` to your `ApplicationController`.
-```ruby
-class ApplicationController < ActionController::Base
-  check_authorization
-end
-```
-This will raise an exception if authorization is not performed in an action. If you want to skip this, add `skip_authorization_check` to a controller subclass. See [Ensure Authorization](https://github.com/CanCanCommunity/cancancan/wiki/Ensure-Authorization) for more information.
-## Wiki Docs
-* [Upgrading to 1.6](https://github.com/CanCanCommunity/cancancan/wiki/Upgrading-to-1.6)
-* [Defining Abilities](https://github.com/CanCanCommunity/cancancan/wiki/Defining-Abilities)
-* [Checking Abilities](https://github.com/CanCanCommunity/cancancan/wiki/Checking-Abilities)
-* [Authorizing Controller Actions](https://github.com/CanCanCommunity/cancancan/wiki/Authorizing-Controller-Actions)
-* [Exception Handling](https://github.com/CanCanCommunity/cancancan/wiki/Exception-Handling)
-* [Changing Defaults](https://github.com/CanCanCommunity/cancancan/wiki/Changing-Defaults)
-* [See more](https://github.com/CanCanCommunity/cancancan/wiki)
-## Questions?
-If you have any question or doubt regarding CanCanCan which you cannot find the solution to in the [documentation](https://github.com/CanCanCommunity/cancancan/wiki) or our [mailing list](http://groups.google.com/group/cancancan), please [open a question on Stackoverflow](http://stackoverflow.com/questions/ask?tags=cancancan) with tag [cancancan](http://stackoverflow.com/questions/tagged/cancancan)
-## Bugs?
-If you find a bug please add an [issue on GitHub](https://github.com/CanCanCommunity/cancancan/issues) or fork the project and send a pull request.
-## Development
-Cancancan uses [appraisals](https://github.com/thoughtbot/appraisal) to test the code base against multiple versions of Rails, as well as the different model adapters.
-When first developing, you may need to run `bundle install` and then `appraisal install`, to install the different sets.
-You can then run all appraisal files (like CI does), with `appraisal rake` or just run a specific set `appraisal activerecord_3.0 rake`.
-See the [CONTRIBUTING](https://github.com/CanCanCommunity/cancancan/blob/develop/CONTRIBUTING.md) and [spec/README](https://github.com/CanCanCommunity/cancancan/blob/master/spec/README.rdoc) for more information.
-## Special Thanks
-CanCan was inspired by [declarative_authorization](https://github.com/stffn/declarative_authorization/) and [aegis](https://github.com/makandra/aegis). Also many thanks to the [CanCan contributors](https://github.com/CanCanCommunity/cancancan/contributors). See the [CHANGELOG](https://github.com/CanCanCommunity/cancancan/blob/master/CHANGELOG.rdoc) for the full list.

data/Rakefile DELETED

@@ -1,9 +0,0 @@
-require "bundler/gem_tasks"
-require 'rspec/core/rake_task'
-desc "Run RSpec"
-RSpec::Core::RakeTask.new do |t|
-  t.verbose = false
-end
-task :default => :spec

data/gemfiles/activerecord_3.2.gemfile DELETED

@@ -1,17 +0,0 @@
-# This file was generated by Appraisal
-source "https://rubygems.org"
-gem "activerecord", "~> 3.2.0", :require => "active_record"
-gem "actionpack", "~> 3.2.0", :require => "action_pack"
-platforms :jruby do
-  gem "activerecord-jdbcsqlite3-adapter"
-  gem "jdbc-sqlite3"
-end
-platforms :ruby, :mswin, :mingw do
-  gem "sqlite3"
-end
-gemspec :path => "../"

data/gemfiles/activerecord_4.0.gemfile DELETED

@@ -1,18 +0,0 @@
-# This file was generated by Appraisal
-source "https://rubygems.org"
-gem "activerecord", "~> 4.0.5", :require => "active_record"
-gem "activesupport", "~> 4.0.5", :require => "active_support/all"
-gem "actionpack", "~> 4.0.5", :require => "action_pack"
-platforms :jruby do
-  gem "activerecord-jdbcsqlite3-adapter"
-  gem "jdbc-sqlite3"
-end
-platforms :ruby, :mswin, :mingw do
-  gem "sqlite3"
-end
-gemspec :path => "../"

data/gemfiles/activerecord_4.1.gemfile DELETED

@@ -1,18 +0,0 @@
-# This file was generated by Appraisal
-source "https://rubygems.org"
-gem "activerecord", "~> 4.1.1", :require => "active_record"
-gem "activesupport", "~> 4.1.1", :require => "active_support/all"
-gem "actionpack", "~> 4.1.1", :require => "action_pack"
-platforms :jruby do
-  gem "activerecord-jdbcsqlite3-adapter"
-  gem "jdbc-sqlite3"
-end
-platforms :ruby, :mswin, :mingw do
-  gem "sqlite3"
-end
-gemspec :path => "../"

data/gemfiles/activerecord_4.2.gemfile DELETED

@@ -1,19 +0,0 @@
-# This file was generated by Appraisal
-source "https://rubygems.org"
-gem "activerecord", "~> 4.2.0", :require => "active_record"
-gem "activesupport", "~> 4.2.0", :require => "active_support/all"
-gem "actionpack", "~> 4.2.0", :require => "action_pack"
-platforms :jruby do
-  gem "activerecord-jdbcsqlite3-adapter"
-  gem "jdbc-sqlite3"
-end
-platforms :ruby, :mswin, :mingw do
-  gem "sqlite3"
-  gem "pg"
-end
-gemspec :path => "../"

data/gemfiles/activerecord_5.0.gemfile DELETED

@@ -1,19 +0,0 @@
-# This file was generated by Appraisal
-source "https://rubygems.org"
-gem "activerecord", "~> 5.0.0.rc1", :require => "active_record"
-gem "activesupport", "~> 5.0.0.rc1", :require => "active_support/all"
-gem "actionpack", "~> 5.0.0.rc1", :require => "action_pack"
-platforms :jruby do
-  gem "activerecord-jdbcsqlite3-adapter"
-  gem "jdbc-sqlite3"
-end
-platforms :ruby, :mswin, :mingw do
-  gem "sqlite3"
-  gem "pg"
-end
-gemspec :path => "../"

data/gemfiles/mongoid_2.x.gemfile DELETED

@@ -1,17 +0,0 @@
-# This file was generated by Appraisal
-source "https://rubygems.org"
-gem "activesupport", "~> 3.0", :require => "active_support/all"
-gem "actionpack", "~> 3.0", :require => "action_pack"
-gem "mongoid", "~> 2.0.0"
-platforms :ruby, :mswin, :mingw do
-  gem "bson_ext", "~> 1.1"
-end
-platforms :jruby do
-  gem "mongo", "~> 1.9.2"
-end
-gemspec :path => "../"

data/gemfiles/sequel_3.x.gemfile DELETED

@@ -1,17 +0,0 @@
-# This file was generated by Appraisal
-source "https://rubygems.org"
-gem "sequel", "~> 3.48.0"
-gem "activesupport", "~> 3.0", :require => "active_support/all"
-gem "actionpack", "~> 3.0", :require => "action_pack"
-platforms :jruby do
-  gem "jdbc-sqlite3"
-end
-platforms :ruby, :mswin, :mingw do
-  gem "sqlite3"
-end
-gemspec :path => "../"

data/lib/cancan/inherited_resource.rb DELETED

@@ -1,20 +0,0 @@
-module CanCan
-  # For use with Inherited Resources
-  class InheritedResource < ControllerResource # :nodoc:
-    def load_resource_instance
-      if parent?
-        @controller.send :association_chain
-        @controller.instance_variable_get("@#{instance_name}")
-      elsif new_actions.include? @params[:action].to_sym
-        resource = @controller.send :build_resource
-        assign_attributes(resource)
-      else
-        @controller.send :resource
-      end
-    end
-    def resource_base
-      @controller.send :end_of_association_chain
-    end
-  end
-end

data/lib/cancan/model_adapters/active_record_3_adapter.rb DELETED

@@ -1,16 +0,0 @@
-module CanCan
-  module ModelAdapters
-    class ActiveRecord3Adapter < AbstractAdapter
-      include ActiveRecordAdapter
-      def self.for_class?(model_class)
-        model_class <= ActiveRecord::Base
-      end
-      private
-      def build_relation(*where_conditions)
-        @model_class.where(*where_conditions).includes(joins)
-      end
-    end
-  end
-end