cancancan 1.17.0 → 3.5.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (85) hide show
  1. checksums.yaml +5 -5
  2. data/cancancan.gemspec +10 -11
  3. data/init.rb +2 -0
  4. data/lib/cancan/ability/actions.rb +93 -0
  5. data/lib/cancan/ability/rules.rb +96 -0
  6. data/lib/cancan/ability/strong_parameter_support.rb +41 -0
  7. data/lib/cancan/ability.rb +87 -198
  8. data/lib/cancan/class_matcher.rb +30 -0
  9. data/lib/cancan/conditions_matcher.rb +147 -0
  10. data/lib/cancan/config.rb +101 -0
  11. data/lib/cancan/controller_additions.rb +13 -30
  12. data/lib/cancan/controller_resource.rb +33 -225
  13. data/lib/cancan/controller_resource_builder.rb +26 -0
  14. data/lib/cancan/controller_resource_finder.rb +42 -0
  15. data/lib/cancan/controller_resource_loader.rb +120 -0
  16. data/lib/cancan/controller_resource_name_finder.rb +23 -0
  17. data/lib/cancan/controller_resource_sanitizer.rb +32 -0
  18. data/lib/cancan/exceptions.rb +24 -4
  19. data/lib/cancan/matchers.rb +12 -1
  20. data/lib/cancan/model_adapters/abstract_adapter.rb +22 -1
  21. data/lib/cancan/model_adapters/active_record_4_adapter.rb +25 -44
  22. data/lib/cancan/model_adapters/active_record_5_adapter.rb +61 -0
  23. data/lib/cancan/model_adapters/active_record_adapter.rb +157 -83
  24. data/lib/cancan/model_adapters/conditions_extractor.rb +75 -0
  25. data/lib/cancan/model_adapters/conditions_normalizer.rb +49 -0
  26. data/lib/cancan/model_adapters/default_adapter.rb +2 -0
  27. data/lib/cancan/model_adapters/sti_normalizer.rb +47 -0
  28. data/lib/cancan/model_adapters/strategies/base.rb +40 -0
  29. data/lib/cancan/model_adapters/strategies/joined_alias_each_rule_as_exists_subquery.rb +93 -0
  30. data/lib/cancan/model_adapters/strategies/joined_alias_exists_subquery.rb +31 -0
  31. data/lib/cancan/model_adapters/strategies/left_join.rb +11 -0
  32. data/lib/cancan/model_adapters/strategies/subquery.rb +18 -0
  33. data/lib/cancan/model_additions.rb +6 -2
  34. data/lib/cancan/parameter_validators.rb +9 -0
  35. data/lib/cancan/relevant.rb +29 -0
  36. data/lib/cancan/rule.rb +67 -90
  37. data/lib/cancan/rules_compressor.rb +23 -0
  38. data/lib/cancan/sti_detector.rb +12 -0
  39. data/lib/cancan/unauthorized_message_resolver.rb +24 -0
  40. data/lib/cancan/version.rb +3 -1
  41. data/lib/cancan.rb +15 -10
  42. data/lib/cancancan.rb +2 -0
  43. data/lib/generators/cancan/ability/ability_generator.rb +3 -1
  44. data/lib/generators/cancan/ability/templates/ability.rb +9 -9
  45. metadata +64 -86
  46. data/.gitignore +0 -15
  47. data/.rspec +0 -1
  48. data/.rubocop.yml +0 -39
  49. data/.rubocop_todo.yml +0 -54
  50. data/.travis.yml +0 -39
  51. data/Appraisals +0 -105
  52. data/CHANGELOG.rdoc +0 -536
  53. data/CONTRIBUTING.md +0 -23
  54. data/Gemfile +0 -3
  55. data/LICENSE +0 -22
  56. data/README.md +0 -234
  57. data/Rakefile +0 -13
  58. data/gemfiles/activerecord_3.2.gemfile +0 -18
  59. data/gemfiles/activerecord_4.0.gemfile +0 -19
  60. data/gemfiles/activerecord_4.1.gemfile +0 -19
  61. data/gemfiles/activerecord_4.2.gemfile +0 -21
  62. data/gemfiles/activerecord_5.0.gemfile +0 -20
  63. data/gemfiles/mongoid_2.x.gemfile +0 -18
  64. data/gemfiles/sequel_3.x.gemfile +0 -18
  65. data/lib/cancan/inherited_resource.rb +0 -20
  66. data/lib/cancan/model_adapters/active_record_3_adapter.rb +0 -16
  67. data/lib/cancan/model_adapters/mongoid_adapter.rb +0 -80
  68. data/lib/cancan/model_adapters/sequel_adapter.rb +0 -87
  69. data/spec/README.rdoc +0 -27
  70. data/spec/cancan/ability_spec.rb +0 -553
  71. data/spec/cancan/controller_additions_spec.rb +0 -164
  72. data/spec/cancan/controller_resource_spec.rb +0 -645
  73. data/spec/cancan/exceptions_spec.rb +0 -58
  74. data/spec/cancan/inherited_resource_spec.rb +0 -71
  75. data/spec/cancan/matchers_spec.rb +0 -29
  76. data/spec/cancan/model_adapters/active_record_4_adapter_spec.rb +0 -160
  77. data/spec/cancan/model_adapters/active_record_adapter_spec.rb +0 -415
  78. data/spec/cancan/model_adapters/default_adapter_spec.rb +0 -7
  79. data/spec/cancan/model_adapters/mongoid_adapter_spec.rb +0 -246
  80. data/spec/cancan/model_adapters/sequel_adapter_spec.rb +0 -129
  81. data/spec/cancan/rule_spec.rb +0 -52
  82. data/spec/matchers.rb +0 -13
  83. data/spec/spec.opts +0 -2
  84. data/spec/spec_helper.rb +0 -27
  85. data/spec/support/ability.rb +0 -6
data/CHANGELOG.rdoc DELETED
@@ -1,536 +0,0 @@
1
- Develop
2
-
3
- Unreleased
4
-
5
- 1.17.0 (March 26th, 2017)
6
-
7
- * Improve performance for the Mongoid Adapter
8
-
9
- 1.16.0 (February 2nd, 2017)
10
-
11
- * Introduce rubocop and fixes most of the issues
12
-
13
- 1.15.0 (June 13th, 2016)
14
-
15
- * Add support for Rails 5 (craig1410)
16
-
17
- 1.14.0 (May 14th, 2016)
18
-
19
- * Use cover for ranges
20
- * Add support for rails 4 enum's (markpmitchell)
21
-
22
- 1.13.1 (Oct 8th, 2015)
23
-
24
- * Fix #merge with empty Ability (jhawthorn)
25
-
26
- 1.13.0 (Oct 7th, 2015)
27
-
28
- * Significantly improve rule lookup time (amarshall)
29
- * Removed deprecation warnings for RSpec 3.2 (NekoNova)
30
- * Drop support for REE and Ruby 1.x and so Rails 2 (Richard Wilson)
31
-
32
- 1.12.0 (June 28th, 2015)
33
-
34
- * Add a permissions method to Ability (devaroop)
35
-
36
- 1.11.0 (June 15th, 2015)
37
-
38
- * Complete cancancan#115 - Specify authorization action for parent resources. (phallguy)
39
-
40
- 1.10.1 (January 13th, 2015)
41
-
42
- * Fix cancancan#168 - A bug with ActiveRecord 4.2 support causing ProtocolViolation due to named parameters not being passed in.
43
-
44
-
45
- 1.10.0 (January 7th, 2015)
46
-
47
- * Fix i18n issue for Ruby < 1.9.3 (bryanrite)
48
-
49
- * Fix cancancan#149 - Fix an issue loading namespaced models (darthjee)
50
-
51
- * Fix cancancan#160 - Support for Rails 4.2 (marshall-lee)
52
-
53
- * Fix cancancan#153 - More useful output in ability spec matchers (jondkinney)
54
-
55
-
56
- 1.9.2 (August 8th, 2014)
57
-
58
- * Fix cancancan#77, 78 - Fix an issue with associations for namespaced models. (jjp)
59
-
60
-
61
- 1.9.1 (July 21st, 2014)
62
-
63
- * Fix cancancan#101 - Fixes an issue where overjealous use of references would cause issues with scopes when loading associations. (bryanrite)
64
-
65
-
66
- 1.9.0 (July 20th, 2014)
67
-
68
- * Fix cancancan#59 - Parameters are automatically detected and santitized for all actions, not just create and update. (bryanrite)
69
-
70
- * Fix cancancan#97, 72, 40, 39, 26 - Support Active Record 4 properly with references on nested permissions. (scpike, tdg5, Crystark)
71
-
72
-
73
- 1.8.4 (June 24th, 2014)
74
-
75
- * Fix cancancan#86 - Fixes previous RSpec 3 update as there was a bug in the fix for RSpec 2.99. (bryanrite)
76
-
77
-
78
- 1.8.3 (June 24th, 2014)
79
-
80
- * Fix cancancan#85 - Remove deprecation notices for RSpec 3 and continue backwards compatibility. (andypike, bryanrite, porteta)
81
-
82
-
83
- 1.8.2 (June 5th, 2014)
84
-
85
- * Fix cancancan#75 - More specific hash-like object check. (bryanrite)
86
-
87
-
88
- 1.8.1 (May 27th, 2014)
89
-
90
- * Fix cancancan#67 - Sequel tests are run properly for JRuby. (bryanrite)
91
-
92
- * Fix cancancan#68 - Checks for hash-like objects in subject better. (bryanrite)
93
-
94
-
95
- 1.8.0 (May 8th, 2014)
96
-
97
- * Feature cancan#884 - Add a Sequel model adapter (szetobo)
98
-
99
- * Feature cancancan#3 - Permit "can?" check multiple subjects (cefigueiredo)
100
-
101
- * Feature cancancan#29 - Add ability to use a String that will get instance_eval'd or a Proc that will get called as the parameter method option for strong_parameter santization (svoop)
102
-
103
- * Feature cancancan#48 - Define a CanCanCan module. Even though it is not used, it is standard practice to define the module, and helpful for determining between CanCanCan and CanCan for external libraries.
104
-
105
-
106
- 1.7.1 (March 19th, 2014)
107
-
108
- * Fix ryanb/cancan#992 - Remove Rails 4 deprecations for scoped (thejchap & hitendrasingh)
109
-
110
- * Fix cancancan#16 - RSpec expectations are not explicitly required in RSpec > 2.13 (justinaiken & bryanrite)
111
-
112
-
113
- 1.7.0 (February 19th, 2014)
114
-
115
- * Feature #988 Adds support for strong_parameters (bryanrite)
116
-
117
- * Fix #726 - Allow multiple abilities with associations (elabs-dev)
118
-
119
- * Fix #864 - Fix id_param in shallow routes (francocatena)
120
-
121
- * Fix #871 - Fixes nested ability conditions (ricec)
122
-
123
- * Fix #935 - Reduce unnecessary object allocations (grosser)
124
-
125
- * Fix #966 - Fixes a variable name collision in nested conditions (knoopx)
126
-
127
- * Fix #971 - Does not execute "empty?" scope when checking class rule (matt-glover)
128
-
129
- * Fix #974 - Avoid unnecessary sql execution (inkstak)
130
-
131
-
132
- 1.6.10 (May 7, 2013)
133
-
134
- * fix matches_conditons_hash for string values on 1.8 (thanks rrosen)
135
-
136
- * work around SQL injection vulnerability in older Rails versions (thanks steerio) - issue #800
137
-
138
- * add support for nested join conditions (thanks yuszuv) - issue #806
139
-
140
- * fix load_resource "find_by" in mongoid resources (thanks albertobajo) - issue #705
141
-
142
- * fix namespace split behavior (thanks xinuc) - issue #668
143
-
144
-
145
- 1.6.9 (February 4, 2013)
146
-
147
- * fix inserting AND (NULL) to end of SQL queries (thanks jonsgreen) - issue #687
148
-
149
- * fix merge_joins for nested association hashes (thanks DavidMikeSimon) - issues #655, #560
150
-
151
- * raise error on recursive alias_action (thanks fl00r) - issue #660
152
-
153
- * fix namespace controllers not loading params (thanks andhapp) - issues #670, #664
154
-
155
-
156
- 1.6.8 (June 25, 2012)
157
-
158
- * improved support for namespaced controllers and models
159
-
160
- * pass :if and :unless options for load and authorize resource (thanks mauriciozaffari)
161
-
162
- * Travis CI badge (thanks plentz)
163
-
164
- * adding Ability#merge for combining multiple abilities (thanks rogercampos)
165
-
166
- * support for multiple MetaWhere rules (thanks andhapp)
167
-
168
- * various fixes for DataMapper, Mongoid, and Inherited Resource integration
169
-
170
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.7...1.6.8]
171
-
172
-
173
- 1.6.7 (October 4, 2011)
174
-
175
- * fixing nested resource problem caused by namespace addition - issue #482
176
-
177
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.6...1.6.7]
178
-
179
-
180
- 1.6.6 (September 28, 2011)
181
-
182
- * correct "return cant jump across threads" error when using check_authorization (thanks codeprimate) - issues #463, #469
183
-
184
- * fixing tests in development by specifying with_model version (thanks kirkconnell) - issue #476
185
-
186
- * added travis.yml file for TravisCI support (thanks bai) - issue #427
187
-
188
- * better support for namespaced models (thanks whilefalse) - issues #424
189
-
190
- * adding :id_param option to load_and_authorize_resource (thanks skhisma) - issue #425
191
-
192
- * make default unauthorized message translatable text (thanks nhocki) - issue #409
193
-
194
- * improving DataMapper behavior (thanks psanford, maxsum-corin) - issue #410, #373
195
-
196
- * allow :find_by option to be full find method name - issue #335
197
-
198
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.5...1.6.6]
199
-
200
-
201
- 1.6.5 (May 18, 2011)
202
-
203
- * pass action and subject through AccessDenied exception when :through isn't found - issue #366
204
-
205
- * many Mongoid adapter improvements (thanks rahearn, cardagin) - issues #363, #352, #343
206
-
207
- * allow :through option to work with private controller methods - issue #360
208
-
209
- * ensure Mongoid::Document is defined before loading Mongoid adapter - issue #359
210
-
211
- * many DataMapper adapter improvements (thanks emmanuel) - issue #355
212
-
213
- * handle checking nil attributes through associations (thanks thatothermitch) - issue #330
214
-
215
- * improve scope merging - issue #328
216
-
217
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.4...1.6.5]
218
-
219
-
220
- 1.6.4 (March 29, 2011)
221
-
222
- * Fixed mongoid 'or' error - see issue #322
223
-
224
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.3...1.6.4]
225
-
226
-
227
- 1.6.3 (March 25, 2011)
228
-
229
- * Make sure ActiveRecord::Relation is defined before checking conditions against it so Rails 2 is supported again - see issue #312
230
-
231
- * Return subject passed to authorize! - see issue #314
232
-
233
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.2...1.6.3]
234
-
235
-
236
- 1.6.2 (March 18, 2011)
237
-
238
- * Fixed instance loading when :singleton option is used - see issue #310
239
-
240
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.1...1.6.2]
241
-
242
-
243
- 1.6.1 (March 15, 2011)
244
-
245
- * Use Item.new instead of build_item for singleton resource so it doesn't effect database - see issue #304
246
-
247
- * Made accessible_by action default to :index and parent action default to :show instead of :read - see issue #302
248
-
249
- * Reverted Inherited Resources "collection" override since it doesn't seem to be working - see issue #305
250
-
251
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.6.0...1.6.1]
252
-
253
-
254
- 1.6.0 (March 11, 2011)
255
-
256
- * Added MetaWhere support - see issue #194 and #261
257
-
258
- * Allow Active Record scopes in Ability conditions - see issue #257
259
-
260
- * Added :if and :unless options to check_authorization - see issue #284
261
-
262
- * Several Inherited Resources fixes (thanks aq1018, tanordheim and stefanoverna)
263
-
264
- * Pass action name to accessible_by call when loading a collection (thanks amw)
265
-
266
- * Added :prepend option to load_and_authorize_resource to load before other filters - see issue #290
267
-
268
- * Fixed spacing issue in I18n message for multi-word model names - see issue #292
269
-
270
- * Load resource collection for any action which doesn't have an "id" parameter - see issue #296
271
-
272
- * Raise an exception when trying to make a Ability condition with both a hash of conditions and a block - see issue #269
273
-
274
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.5.1...1.6.0]
275
-
276
-
277
- 1.5.1 (January 20, 2011)
278
-
279
- * Fixing deeply nested conditions in Active Record adapter - see issue #246
280
-
281
- * Improving Mongoid support for multiple can and cannot definitions (thanks stellard) - see issue #239
282
-
283
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.5.0...1.5.1]
284
-
285
-
286
- 1.5.0 (January 11, 2011)
287
-
288
- * Added an Ability generator - see issue #170
289
-
290
- * Added DataMapper support (thanks natemueller)
291
-
292
- * Added Mongoid support (thanks bowsersenior)
293
-
294
- * Added skip_load_and_authorize_resource methods to controller class - see issue #164
295
-
296
- * Added support for uncountable resources in index action - see issue #193
297
-
298
- * Cleaned up README and added spec/README
299
-
300
- * Internal: renamed CanDefinition to Rule
301
-
302
- * Internal: added a model adapter layer for easily supporting more ORMs
303
-
304
- * Internal: added .rvmrc to auto-switch to 1.8.7 with gemset - see issue #231
305
-
306
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.4.1...1.5.0]
307
-
308
-
309
- 1.4.1 (November 12, 2010)
310
-
311
- * Renaming skip_authorization to skip_authorization_check - see issue #169
312
-
313
- * Adding :through_association option to load_resource (thanks hunterae) - see issue #171
314
-
315
- * The :shallow option now works with the :singleton option (thanks nandalopes) - see issue #187
316
-
317
- * Play nicely with quick_scopes gem (thanks ramontayag) - see issue #183
318
-
319
- * Fix odd behavior when "cache_classes = false" (thanks mphalliday) - see issue #174
320
-
321
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.4.0...1.4.1]
322
-
323
-
324
- 1.4.0 (October 5, 2010)
325
-
326
- * Adding Gemfile; to get specs running just +bundle+ and +rake+ - see issue #163
327
-
328
- * Stop at 'cannot' definition when there are no conditions - see issue #161
329
-
330
- * The :through option will now call a method with that name if instance variable doesn't exist - see issue #146
331
-
332
- * Adding :shallow option to load_resource to bring back old behavior of fetching a child without a parent
333
-
334
- * Raise AccessDenied error when loading a child and parent resource isn't found
335
-
336
- * Abilities defined on a module will apply to anything that includes that module - see issue #150 and #152
337
-
338
- * Abilities can be defined with a string of SQL in addition to a block so accessible_by works with a block - see issue #150
339
-
340
- * Adding better support for InheritedResource - see issue #23
341
-
342
- * Loading the collection instance variable (for index action) using accessible_by - see issue #137
343
-
344
- * Adding action and subject variables to I18n unauthorized message - closes #142
345
-
346
- * Adding check_authorization and skip_authorization controller class methods to ensure authorization is performed (thanks justinko) - see issue #135
347
-
348
- * Setting initial attributes based on ability conditions in new/create actions - see issue #114
349
-
350
- * Check parent attributes for nested association in index action - see issue #121
351
-
352
- * Supporting nesting in can? method using hash - see issue #121
353
-
354
- * Adding I18n support for Access Denied messages (thanks EppO) - see issue #103
355
-
356
- * Passing no arguments to +can+ definition will pass action, class, and object to block - see issue #129
357
-
358
- * Don't pass action to block in +can+ definition when using :+manage+ option - see issue #129
359
-
360
- * No longer calling block in +can+ definition when checking on class - see issue #116
361
-
362
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.4...1.4.0]
363
-
364
-
365
- 1.3.4 (August 31, 2010)
366
-
367
- * Don't stop at +cannot+ with hash conditions when checking class (thanks tamoya) - see issue #131
368
-
369
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.3...1.3.4]
370
-
371
-
372
- 1.3.3 (August 20, 2010)
373
-
374
- * Switching to Rspec namespace to remove deprecation warning in Rspec 2 - see issue #119
375
-
376
- * Pluralize nested associations for conditions in accessible_by (thanks mlooney) - see issue #123
377
-
378
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.2...1.3.3]
379
-
380
-
381
- 1.3.2 (August 7, 2010)
382
-
383
- * Fixing slice error when passing in custom resource name - see issue #112
384
-
385
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.1...1.3.2]
386
-
387
-
388
- 1.3.1 (August 6, 2010)
389
-
390
- * Fixing protected sanitize_sql error - see issue #111
391
-
392
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.3.0...1.3.1]
393
-
394
-
395
- 1.3.0 (August 6, 2010)
396
-
397
- * Adding :find_by option to load_resource - see issue #19
398
-
399
- * Adding :singleton option to load_resource - see issue #93
400
-
401
- * Supporting multiple resources in :through option for polymorphic associations - see issue #73
402
-
403
- * Supporting Single Table Inheritance for "can" comparisons - see issue #55
404
-
405
- * Adding :instance_name option to load/authorize_resource - see issue #44
406
-
407
- * Don't pass nil to "new" to keep MongoMapper happy - see issue #63
408
-
409
- * Parent resources are now authorized with :read action.
410
-
411
- * Changing :resource option in load/authorize_resource back to :class with ability to pass false
412
-
413
- * Removing :nested option in favor of :through option with separate load/authorize call
414
-
415
- * Moving internal logic from ResourceAuthorization to ControllerResource class
416
-
417
- * Supporting multiple "can" and "cannot" calls with accessible_by (thanks funny-falcon) - see issue #71
418
-
419
- * Supporting deeply nested aliases - see issue #98
420
-
421
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.2.0...1.3.0]
422
-
423
-
424
- 1.2.0 (July 16, 2010)
425
-
426
- * Load nested parent resources on collection actions such as "index" (thanks dohzya)
427
-
428
- * Adding :name option to load_and_authorize_resource if it does not match controller - see issue #65
429
-
430
- * Fixing issue when using accessible_by with nil can conditions (thanks jrallison) - see issue #66
431
-
432
- * Pluralize table name for belongs_to associations in can conditions hash (thanks logandk) - see issue #62
433
-
434
- * Support has_many association or arrays in can conditions hash
435
-
436
- * Adding joins clause to accessible_by when conditions are across associations
437
-
438
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.1.1...1.2.0]
439
-
440
-
441
- 1.1.1 (April 17, 2010)
442
-
443
- * Fixing behavior in Rails 3 by properly initializing ResourceAuthorization
444
-
445
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.1...1.1.1]
446
-
447
-
448
- 1.1.0 (April 17, 2010)
449
-
450
- * Supporting arrays, ranges, and nested hashes in ability conditions
451
-
452
- * Removing "unauthorized!" method in favor of "authorize!" in controllers
453
-
454
- * Adding action, subject and default_message abilities to AccessDenied exception - see issue #40
455
-
456
- * Adding caching to current_ability controller method, if you're overriding this be sure to add caching too.
457
-
458
- * Adding "accessible_by" method to Active Record for fetching records matching a specific ability
459
-
460
- * Adding conditions behavior to Ability#can and fetch with Ability#conditions - see issue #53
461
-
462
- * Renaming :class option to :resource for load_and_authorize_resource which now supports a symbol for non models - see issue #45
463
-
464
- * Properly handle Admin::AbilitiesController in params[:controller] - see issue #46
465
-
466
- * Adding be_able_to RSpec matcher (thanks dchelimsky), requires Ruby 1.8.7 or higher - see issue #54
467
-
468
- * Support additional arguments to can? which get passed to the block - see issue #48
469
-
470
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.0.2...1.1]
471
-
472
-
473
- 1.0.2 (Dec 30, 2009)
474
-
475
- * Adding clear_aliased_actions to Ability which removes previously defined actions including defaults - see issue #20
476
-
477
- * Append aliased actions (don't overwrite them) - see issue #20
478
-
479
- * Adding custom message argument to unauthorized! method (thanks tjwallace) - see issue #18
480
-
481
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.0.1...1.0.2]
482
-
483
-
484
- 1.0.1 (Dec 14, 2009)
485
-
486
- * Adding :class option to load_resource so one can customize which class to use for the model - see issue #17
487
-
488
- * Don't fetch parent of nested resource if *_id parameter is missing so it works with shallow nested routes - see issue #14
489
-
490
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/1.0.0...1.0.1]
491
-
492
-
493
- 1.0.0 (Dec 13, 2009)
494
-
495
- * Don't set resource instance variable if it has been set already - see issue #13
496
-
497
- * Allowing :nested option to accept an array for deep nesting
498
-
499
- * Adding :nested option to load resource method - see issue #10
500
-
501
- * Pass :only and :except options to before filters for load/authorize resource methods.
502
-
503
- * Adding :collection and :new options to load_resource method so we can specify behavior of additional actions if needed.
504
-
505
- * BACKWARDS INCOMPATIBLE: turning load and authorize resource methods into class methods which set up the before filter so they can accept additional arguments.
506
-
507
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/0.2.1...1.0.0]
508
-
509
-
510
- 0.2.1 (Nov 26, 2009)
511
-
512
- * many internal refactorings - see issues #11 and #12
513
-
514
- * adding "cannot" method to define which abilities cannot be done - see issue #7
515
-
516
- * support custom objects (usually symbols) in can definition - see issue #8
517
-
518
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/0.2.0...0.2.1]
519
-
520
-
521
- 0.2.0 (Nov 17, 2009)
522
-
523
- * fix behavior of load_and_authorize_resource for namespaced controllers - see issue #3
524
-
525
- * support arrays being passed to "can" to specify multiple actions or classes - see issue #2
526
-
527
- * adding "cannot?" method to ability, controller, and view which is inverse of "can?" - see issue #1
528
-
529
- * BACKWARDS INCOMPATIBLE: use Ability#initialize instead of 'prepare' to set up abilities - see issue #4
530
-
531
- * {see the full list of changes}[https://github.com/ryanb/cancan/compare/0.1.0...0.2.0]
532
-
533
-
534
- 0.1.0 (Nov 16, 2009)
535
-
536
- * initial release
data/CONTRIBUTING.md DELETED
@@ -1,23 +0,0 @@
1
- ## Contributing to CanCanCan
2
-
3
- ### Reporting an Issue
4
-
5
- 1. If you have any questions about CanCanCan, search the [Wiki](https://github.com/cancancommunity/cancancan/wiki), use [Stack Overflow](http://stackoverflow.com/questions/tagged/cancancan), or [our mailing list](https://groups.google.com/forum/#!forum/cancancan). Do not post questions here.
6
-
7
- 1. If you find a security bug, **DO NOT** submit an issue here. Please send an e-mail to the current maintainer instead.
8
-
9
- 1. Do a small search on the issues tracker before submitting your issue to see if it was already reported / fixed.
10
-
11
- 1. Create your report including Rails and CanCanCan versions. If you are getting exceptions, please include the full backtrace.
12
-
13
- That's it! The more information you give, the more easy it becomes for us to track it down and fix it. Ideal scenario would be adding the issue to CanCanCan test suite or to a sample application.
14
-
15
- ### Adding new Features or Bugfixes
16
-
17
- CanCanCan uses a [git-flow](http://nvie.com/posts/a-successful-git-branching-model/) development model. The latest "released" version of CanCanCan, the latest gem version, can always be found on `master`, while the next version or nightly is on `develop`.
18
-
19
- Please make sure you have test coverage for anything you add or fix!
20
-
21
- Please add a CHANGELOG entry with any relevant tags for issues, pull-requests, and authors.
22
-
23
- Thanks!
data/Gemfile DELETED
@@ -1,3 +0,0 @@
1
- source 'https://rubygems.org'
2
-
3
- gemspec
data/LICENSE DELETED
@@ -1,22 +0,0 @@
1
- Copyright (c) 2011 Ryan Bates
2
-
3
- MIT License
4
-
5
- Permission is hereby granted, free of charge, to any person obtaining
6
- a copy of this software and associated documentation files (the
7
- "Software"), to deal in the Software without restriction, including
8
- without limitation the rights to use, copy, modify, merge, publish,
9
- distribute, sublicense, and/or sell copies of the Software, and to
10
- permit persons to whom the Software is furnished to do so, subject to
11
- the following conditions:
12
-
13
- The above copyright notice and this permission notice shall be
14
- included in all copies or substantial portions of the Software.
15
-
16
- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17
- EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18
- MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19
- NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20
- LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21
- OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22
- WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.