cancancan 1.9.2 → 1.10.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 72e7c59df453fdbf97f4f3f9daf1faa01f102af1
4
- data.tar.gz: a939e62999f39b20089742ebf5d12e1d384cabc4
3
+ metadata.gz: 2e578e1005885c6f192bb9796d1beaa98878b01e
4
+ data.tar.gz: 8f4f962696dedc14dd038489dc46054c523c55a2
5
5
  SHA512:
6
- metadata.gz: 32a8944af1356a883b6bb9365afddce4d89a66a3fbf3c84d5351531091f7d7533644e48b44515303dc2c5a19a39399b91189fb19dfd73574206f7ca06adf30b9
7
- data.tar.gz: 904cd58c86b3af22979dfe44cd802c44035e3a15c241efd0c35e65a8c3369bd88047e8731e180ad557fe820f19d113ff82a9f49644495a5b5e950f2e0b8a82e2
6
+ metadata.gz: 5737784c038345e4ff19c5dc519c828cb36268f77bafef9fa9d40ba3ae396fe030b2c3fc60f3e755903c9d398a59b450690cc0564b22aef1a1f46826c753aa35
7
+ data.tar.gz: b4faa7beedaba71e8303aafb358a4ecd02b8d4be7abb2730c2f7b8bc9e13c46650acfa77e0ab4ecd81da381e166ddd9ab9fb098c79e7a9d3fa95dbaf5e24c0e4
@@ -13,6 +13,7 @@ gemfile:
13
13
  - gemfiles/activerecord_3.2.gemfile
14
14
  - gemfiles/activerecord_4.0.gemfile
15
15
  - gemfiles/activerecord_4.1.gemfile
16
+ - gemfiles/activerecord_4.2.gemfile
16
17
  - gemfiles/datamapper_1.x.gemfile
17
18
  - gemfiles/mongoid_2.x.gemfile
18
19
  - gemfiles/sequel_3.x.gemfile
@@ -21,19 +22,27 @@ services:
21
22
  matrix:
22
23
  allow_failures:
23
24
  - rvm: rbx
25
+ - rvm: jruby
26
+ gemfile: gemfiles/datamapper_1.x.gemfile
24
27
  exclude:
25
28
  - rvm: 1.8.7
26
29
  gemfile: gemfiles/activerecord_4.0.gemfile
27
30
  - rvm: 1.8.7
28
31
  gemfile: gemfiles/activerecord_4.1.gemfile
32
+ - rvm: 1.8.7
33
+ gemfile: gemfiles/activerecord_4.2.gemfile
29
34
  - rvm: 1.9.2
30
35
  gemfile: gemfiles/activerecord_4.0.gemfile
31
36
  - rvm: 1.9.2
32
37
  gemfile: gemfiles/activerecord_4.1.gemfile
38
+ - rvm: 1.9.2
39
+ gemfile: gemfiles/activerecord_4.2.gemfile
33
40
  - rvm: ree
34
41
  gemfile: gemfiles/activerecord_4.0.gemfile
35
42
  - rvm: ree
36
43
  gemfile: gemfiles/activerecord_4.1.gemfile
44
+ - rvm: ree
45
+ gemfile: gemfiles/activerecord_4.2.gemfile
37
46
  notifications:
38
47
  recipients:
39
48
  - bryan@bryanrite.com
data/Appraisals CHANGED
@@ -1,6 +1,6 @@
1
1
  appraise "activerecord_3.0" do
2
2
  gem "activerecord", "~> 3.0.20", :require => "active_record"
3
- gem 'activesupport', '~> 3.0.20', :require => 'active_support/all'
3
+ gem "activesupport", "~> 3.0.20", :require => "active_support/all"
4
4
  gem "meta_where"
5
5
 
6
6
  gemfile.platforms :jruby do
@@ -16,6 +16,10 @@ end
16
16
  appraise "activerecord_3.1" do
17
17
  gem "activerecord", "~> 3.1.0", :require => "active_record"
18
18
 
19
+ gemfile.platforms :ruby_18, :ruby_19 do
20
+ gem "i18n", "< 0.7"
21
+ end
22
+
19
23
  gemfile.platforms :jruby do
20
24
  gem "activerecord-jdbcsqlite3-adapter"
21
25
  gem "jdbc-sqlite3"
@@ -29,6 +33,10 @@ end
29
33
  appraise "activerecord_3.2" do
30
34
  gem "activerecord", "~> 3.2.0", :require => "active_record"
31
35
 
36
+ gemfile.platforms :ruby_18, :ruby_19 do
37
+ gem "i18n", "< 0.7"
38
+ end
39
+
32
40
  gemfile.platforms :jruby do
33
41
  gem "activerecord-jdbcsqlite3-adapter"
34
42
  gem "jdbc-sqlite3"
@@ -41,7 +49,7 @@ end
41
49
 
42
50
  appraise "activerecord_4.0" do
43
51
  gem "activerecord", "~> 4.0.5", :require => "active_record"
44
- gem 'activesupport', '~> 4.0.5', :require => 'active_support/all'
52
+ gem "activesupport", "~> 4.0.5", :require => "active_support/all"
45
53
 
46
54
  gemfile.platforms :jruby do
47
55
  gem "activerecord-jdbcsqlite3-adapter"
@@ -55,7 +63,21 @@ end
55
63
 
56
64
  appraise "activerecord_4.1" do
57
65
  gem "activerecord", "~> 4.1.1", :require => "active_record"
58
- gem 'activesupport', '~> 4.1.1', :require => 'active_support/all'
66
+ gem "activesupport", "~> 4.1.1", :require => "active_support/all"
67
+
68
+ gemfile.platforms :jruby do
69
+ gem "activerecord-jdbcsqlite3-adapter"
70
+ gem "jdbc-sqlite3"
71
+ end
72
+
73
+ gemfile.platforms :ruby, :mswin, :mingw do
74
+ gem "sqlite3"
75
+ end
76
+ end
77
+
78
+ appraise "activerecord_4.2" do
79
+ gem "activerecord", "~> 4.2.0", :require => "active_record"
80
+ gem 'activesupport', '~> 4.2.0', :require => 'active_support/all'
59
81
 
60
82
  gemfile.platforms :jruby do
61
83
  gem "activerecord-jdbcsqlite3-adapter"
@@ -68,16 +90,24 @@ appraise "activerecord_4.1" do
68
90
  end
69
91
 
70
92
  appraise "datamapper_1.x" do
71
- gem 'activesupport', '~> 3.0', :require => 'active_support/all'
72
- gem "dm-core", "~> 1.0.2"
73
- gem "dm-sqlite-adapter", "~> 1.0.2"
74
- gem "dm-migrations", "~> 1.0.2"
93
+ gem "activesupport", "~> 3.0", :require => "active_support/all"
94
+ gem "dm-core", "~> 1.0"
95
+ gem "dm-sqlite-adapter", "~> 1.0"
96
+ gem "dm-migrations", "~> 1.0"
97
+
98
+ gemfile.platforms :ruby_18, :ruby_19 do
99
+ gem "i18n", "< 0.7"
100
+ end
75
101
  end
76
102
 
77
103
  appraise "mongoid_2.x" do
78
- gem 'activesupport', '~> 3.0', :require => 'active_support/all'
104
+ gem "activesupport", "~> 3.0", :require => "active_support/all"
79
105
  gem "mongoid", "~> 2.0.0"
80
106
 
107
+ gemfile.platforms :ruby_18, :ruby_19 do
108
+ gem "i18n", "< 0.7"
109
+ end
110
+
81
111
  gemfile.platforms :ruby, :mswin, :mingw do
82
112
  gem "bson_ext", "~> 1.1"
83
113
  end
@@ -89,7 +119,11 @@ end
89
119
 
90
120
  appraise "sequel_3.x" do
91
121
  gem "sequel", "~> 3.47.0"
92
- gem 'activesupport', '~> 3.0', :require => 'active_support/all'
122
+ gem "activesupport", "~> 3.0", :require => "active_support/all"
123
+
124
+ gemfile.platforms :ruby_18, :ruby_19 do
125
+ gem "i18n", "< 0.7"
126
+ end
93
127
 
94
128
  gemfile.platforms :jruby do
95
129
  gem "jdbc-sqlite3"
@@ -1,6 +1,17 @@
1
1
  Develop
2
2
 
3
3
 
4
+ 1.10.0 (January 7th, 2015)
5
+
6
+ * Fix i18n issue for Ruby < 1.9.3 (bryanrite)
7
+
8
+ * Fix cancancan#149 - Fix an issue loading namespaced models (darthjee)
9
+
10
+ * Fix cancancan#160 - Support for Rails 4.2 (marshall-lee)
11
+
12
+ * Fix cancancan#153 - More useful output in ability spec matchers (jondkinney)
13
+
14
+
4
15
  1.9.2 (August 8th, 2014)
5
16
 
6
17
  * Fix cancancan#77, 78 - Fix an issue with associations for namespaced models. (jjp)
@@ -0,0 +1,197 @@
1
+ # CanCanCan
2
+
3
+ [![Gem Version](https://badge.fury.io/rb/cancancan.svg)](http://badge.fury.io/rb/cancancan)
4
+ [![Travis badge](https://travis-ci.org/CanCanCommunity/cancancan.png?branch=master)](https://travis-ci.org/CanCanCommunity/cancancan)
5
+ [![Code Climate Badge](https://codeclimate.com/github/CanCanCommunity/cancancan.png)](https://codeclimate.com/github/CanCanCommunity/cancancan)
6
+ [![Inch CI](http://inch-ci.org/github/CanCanCommunity/cancancan.png)](http://inch-ci.org/github/CanCanCommunity/cancancan)
7
+
8
+ [Wiki](https://github.com/CanCanCommunity/cancancan/wiki) | [RDocs](http://rdoc.info/projects/CanCanCommunity/cancan) | [Screencast](http://railscasts.com/episodes/192-authorization-with-cancan)
9
+
10
+ CanCan is an authorization library for Ruby on Rails which restricts what resources a given user is allowed to access. All permissions are defined in a single location (the `Ability` class) and not duplicated across controllers, views, and database queries.
11
+
12
+
13
+ ## Mission
14
+
15
+ This repo is a continuation of the dead [CanCan](https://github.com/ryanb/cancan) project. Our mission is to keep CanCan alive and moving forward, with maintenance fixes and new features. Pull Requests are welcome!
16
+
17
+ I am currently focusing on the 1.x branch for the immediate future, making sure it is up to date as well as ensuring compatibility with Rails 4+. I will take a look into the 2.x branch and try to see what improvements, reorganizations and redesigns Ryan was attempting and go forward from there.
18
+
19
+ Any help is greatly appreciated, feel free to submit pull-requests or open issues.
20
+
21
+
22
+ ## Installation
23
+
24
+ In **Rails 3 and 4**, add this to your Gemfile and run the `bundle install` command.
25
+
26
+ gem 'cancancan', '~> 1.10'
27
+
28
+ In **Rails 2**, add this to your environment.rb file.
29
+
30
+ config.gem "cancancan"
31
+
32
+ Alternatively, you can install it as a plugin.
33
+
34
+ rails plugin install git://github.com/CanCanCommunity/cancancan.git
35
+
36
+ ## Getting Started
37
+
38
+ CanCanCan expects a `current_user` method to exist in the controller. First, set up some authentication (such as [Authlogic](https://github.com/binarylogic/authlogic) or [Devise](https://github.com/plataformatec/devise)). See [Changing Defaults](https://github.com/CanCanCommunity/cancancan/wiki/changing-defaults) if you need different behavior.
39
+
40
+
41
+ ### 1. Define Abilities
42
+
43
+ User permissions are defined in an `Ability` class. CanCan 1.5 includes a Rails 3 and 4 generator for creating this class.
44
+
45
+ rails g cancan:ability
46
+
47
+ In Rails 2.3, just add a new class in `app/models/ability.rb` with the following contents:
48
+
49
+ ```ruby
50
+ class Ability
51
+ include CanCan::Ability
52
+
53
+ def initialize(user)
54
+ end
55
+ end
56
+ ```
57
+
58
+ See [Defining Abilities](https://github.com/CanCanCommunity/cancancan/wiki/defining-abilities) for details.
59
+
60
+
61
+ ### 2. Check Abilities & Authorization
62
+
63
+ The current user's permissions can then be checked using the `can?` and `cannot?` methods in the view and controller.
64
+
65
+ ```erb
66
+ <% if can? :update, @article %>
67
+ <%= link_to "Edit", edit_article_path(@article) %>
68
+ <% end %>
69
+ ```
70
+
71
+ See [Checking Abilities](https://github.com/CanCanCommunity/cancancan/wiki/checking-abilities) for more information
72
+
73
+ The `authorize!` method in the controller will raise an exception if the user is not able to perform the given action.
74
+
75
+ ```ruby
76
+ def show
77
+ @article = Article.find(params[:id])
78
+ authorize! :read, @article
79
+ end
80
+ ```
81
+
82
+ Setting this for every action can be tedious, therefore the `load_and_authorize_resource` method is provided to automatically authorize all actions in a RESTful style resource controller. It will use a before filter to load the resource into an instance variable and authorize it for every action.
83
+
84
+ ```ruby
85
+ class ArticlesController < ApplicationController
86
+ load_and_authorize_resource
87
+
88
+ def show
89
+ # @article is already loaded and authorized
90
+ end
91
+ end
92
+ ```
93
+
94
+ See [Authorizing Controller Actions](https://github.com/CanCanCommunity/cancancan/wiki/authorizing-controller-actions) for more information.
95
+
96
+
97
+ #### Strong Parameters
98
+
99
+ When using `strong_parameters` or Rails 4+, you have to sanitize inputs before saving the record, in actions such as `:create` and `:update`.
100
+
101
+ By default, CanCan will try to sanitize the input on `:create` and `:update` routes by seeing if your controller will respond to the following methods (in order):
102
+
103
+ * `create_params` or `update_params` (depending on the action you are performing)
104
+ * `<model_name>_params` such as `article_params` (this is the default convention in rails for naming your param method)
105
+ * `resource_params` (a generically named method you could specify in each controller)
106
+
107
+ Additionally, `load_and_authorize_resource` can now take a `param_method` option to specify a custom method in the controller to run to sanitize input.
108
+
109
+ You can associate the `param_method` option with a symbol corresponding to the name of a method that will get called:
110
+
111
+ ```ruby
112
+ class ArticlesController < ApplicationController
113
+ load_and_authorize_resource param_method: :my_sanitizer
114
+
115
+ def create
116
+ if @article.save
117
+ # hurray
118
+ else
119
+ render :new
120
+ end
121
+ end
122
+
123
+ private
124
+
125
+ def my_sanitizer
126
+ params.require(:article).permit(:name)
127
+ end
128
+ end
129
+ ```
130
+
131
+ You can also use a string that will be evaluated in the context of the controller using `instance_eval` and needs to contain valid Ruby code. This does come in handy when using a PermittedParams class as suggested in Railscast 371:
132
+
133
+ load_and_authorize_resource param_method: 'permitted_params.article'
134
+
135
+ Finally, it's possible to associate `param_method` with a Proc object which will be called with the controller as the only argument:
136
+
137
+ load_and_authorize_resource param_method: Proc.new [ |c| c.params.require(:article).permit(:name) ]
138
+
139
+ See [Strong Parameters](https://github.com/CanCanCommunity/cancancan/wiki/Strong-Parameters) for more information.
140
+
141
+ ### 3. Handle Unauthorized Access
142
+
143
+ If the user authorization fails, a `CanCan::AccessDenied` exception will be raised. You can catch this and modify its behavior in the `ApplicationController`.
144
+
145
+ ```ruby
146
+ class ApplicationController < ActionController::Base
147
+ rescue_from CanCan::AccessDenied do |exception|
148
+ redirect_to root_url, :alert => exception.message
149
+ end
150
+ end
151
+ ```
152
+
153
+ See [Exception Handling](https://github.com/CanCanCommunity/cancancan/wiki/exception-handling) for more information.
154
+
155
+
156
+ ### 4. Lock It Down
157
+
158
+ If you want to ensure authorization happens on every action in your application, add `check_authorization` to your `ApplicationController`.
159
+
160
+ ```ruby
161
+ class ApplicationController < ActionController::Base
162
+ check_authorization
163
+ end
164
+ ```
165
+
166
+ This will raise an exception if authorization is not performed in an action. If you want to skip this add `skip_authorization_check` to a controller subclass. See [Ensure Authorization](https://github.com/CanCanCommunity/cancancan/wiki/Ensure-Authorization) for more information.
167
+
168
+
169
+ ## Wiki Docs
170
+
171
+ * [Upgrading to 1.6](https://github.com/CanCanCommunity/cancancan/wiki/Upgrading-to-1.6)
172
+ * [Defining Abilities](https://github.com/CanCanCommunity/cancancan/wiki/Defining-Abilities)
173
+ * [Checking Abilities](https://github.com/CanCanCommunity/cancancan/wiki/Checking-Abilities)
174
+ * [Authorizing Controller Actions](https://github.com/CanCanCommunity/cancancan/wiki/Authorizing-Controller-Actions)
175
+ * [Exception Handling](https://github.com/CanCanCommunity/cancancan/wiki/Exception-Handling)
176
+ * [Changing Defaults](https://github.com/CanCanCommunity/cancancan/wiki/Changing-Defaults)
177
+ * [See more](https://github.com/CanCanCommunity/cancancan/wiki)
178
+
179
+ ## Questions or Problems?
180
+
181
+ If you have any issues with CanCan which you cannot find the solution to in the [documentation](https://github.com/CanCanCommunity/cancancan/wiki) or our mailing list: http://groups.google.com/group/cancancan, please add an [issue on GitHub](https://github.com/CanCanCommunity/cancancan/issues) or fork the project and send a pull request.
182
+
183
+
184
+ ## Development
185
+
186
+ Cancancan uses [appraisals](https://github.com/thoughtbot/appraisal) to test the code base against multiple versions of rails, as well as the different model adapters.
187
+
188
+ When first developing, you may need to run `bundle install` and then `appraisal install`, to install the different sets.
189
+
190
+ You can then run all appraisal files (like CI does), with `appraisal rake` or just run a specific set `appraisal activerecord_3.0 rake`.
191
+
192
+ See the [CONTRIBUTING](https://github.com/CanCanCommunity/cancancan/blob/develop/CONTRIBUTING.md) and [spec/README](https://github.com/CanCanCommunity/cancancan/blob/master/spec/README.rdoc) for more information.
193
+
194
+
195
+ ## Special Thanks
196
+
197
+ CanCan was inspired by [declarative_authorization](https://github.com/stffn/declarative_authorization/) and [aegis](https://github.com/makandra/aegis). Also many thanks to the [CanCan contributors](https://github.com/CanCanCommunity/cancancan/contributors). See the [CHANGELOG](https://github.com/CanCanCommunity/cancancan/blob/master/CHANGELOG.rdoc) for the full list.
@@ -4,6 +4,10 @@ source "https://rubygems.org"
4
4
 
5
5
  gem "activerecord", "~> 3.1.0", :require => "active_record"
6
6
 
7
+ platforms :ruby_18, :ruby_19 do
8
+ gem "i18n", "< 0.7"
9
+ end
10
+
7
11
  platforms :jruby do
8
12
  gem "activerecord-jdbcsqlite3-adapter"
9
13
  gem "jdbc-sqlite3"
@@ -4,6 +4,10 @@ source "https://rubygems.org"
4
4
 
5
5
  gem "activerecord", "~> 3.2.0", :require => "active_record"
6
6
 
7
+ platforms :ruby_18, :ruby_19 do
8
+ gem "i18n", "< 0.7"
9
+ end
10
+
7
11
  platforms :jruby do
8
12
  gem "activerecord-jdbcsqlite3-adapter"
9
13
  gem "jdbc-sqlite3"
@@ -0,0 +1,17 @@
1
+ # This file was generated by Appraisal
2
+
3
+ source "https://rubygems.org"
4
+
5
+ gem "activerecord", "~> 4.2.0", :require => "active_record"
6
+ gem "activesupport", "~> 4.2.0", :require => "active_support/all"
7
+
8
+ platforms :jruby do
9
+ gem "activerecord-jdbcsqlite3-adapter"
10
+ gem "jdbc-sqlite3"
11
+ end
12
+
13
+ platforms :ruby, :mswin, :mingw do
14
+ gem "sqlite3"
15
+ end
16
+
17
+ gemspec :path => "../"
@@ -3,8 +3,12 @@
3
3
  source "https://rubygems.org"
4
4
 
5
5
  gem "activesupport", "~> 3.0", :require => "active_support/all"
6
- gem "dm-core", "~> 1.0.2"
7
- gem "dm-sqlite-adapter", "~> 1.0.2"
8
- gem "dm-migrations", "~> 1.0.2"
6
+ gem "dm-core", "~> 1.0"
7
+ gem "dm-sqlite-adapter", "~> 1.0"
8
+ gem "dm-migrations", "~> 1.0"
9
+
10
+ platforms :ruby_18, :ruby_19 do
11
+ gem "i18n", "< 0.7"
12
+ end
9
13
 
10
14
  gemspec :path => "../"
@@ -5,6 +5,10 @@ source "https://rubygems.org"
5
5
  gem "activesupport", "~> 3.0", :require => "active_support/all"
6
6
  gem "mongoid", "~> 2.0.0"
7
7
 
8
+ platforms :ruby_18, :ruby_19 do
9
+ gem "i18n", "< 0.7"
10
+ end
11
+
8
12
  platforms :ruby, :mswin, :mingw do
9
13
  gem "bson_ext", "~> 1.1"
10
14
  end
@@ -5,6 +5,10 @@ source "https://rubygems.org"
5
5
  gem "sequel", "~> 3.47.0"
6
6
  gem "activesupport", "~> 3.0", :require => "active_support/all"
7
7
 
8
+ platforms :ruby_18, :ruby_19 do
9
+ gem "i18n", "< 0.7"
10
+ end
11
+
8
12
  platforms :jruby do
9
13
  gem "jdbc-sqlite3"
10
14
  end
@@ -263,7 +263,7 @@ module CanCan
263
263
  end
264
264
 
265
265
  def namespaced_name
266
- [namespace, name.camelize].join('::').singularize.camelize.constantize
266
+ [namespace, name.camelize].flatten.map(&:camelize).join('::').singularize.constantize
267
267
  rescue NameError
268
268
  name
269
269
  end
@@ -1,10 +1,10 @@
1
- rspec_module = defined?(RSpec::Core) ? 'RSpec' : 'Spec' # for RSpec 1 compatability
1
+ rspec_module = defined?(RSpec::Core) ? 'RSpec' : 'Spec' # RSpec 1 compatability
2
2
 
3
3
  if rspec_module == 'RSpec'
4
4
  require 'rspec/core'
5
5
  require 'rspec/expectations'
6
6
  else
7
- ActiveSupport::Deprecation.warn("RSpec < 3 will not be supported in the CanCanCan >= 2.0.0")
7
+ ActiveSupport::Deprecation.warn('RSpec < 3 will not be supported in the CanCanCan >= 2.0.0')
8
8
  end
9
9
 
10
10
  Kernel.const_get(rspec_module)::Matchers.define :be_able_to do |*args|
@@ -18,11 +18,25 @@ Kernel.const_get(rspec_module)::Matchers.define :be_able_to do |*args|
18
18
  alias :failure_message_when_negated :failure_message_for_should_not
19
19
  end
20
20
 
21
- failure_message do |ability|
22
- "expected to be able to #{args.map(&:inspect).join(" ")}"
21
+ failure_message do
22
+ resource = args[1]
23
+ if resource.instance_of?(Class)
24
+ "expected to be able to #{args.map(&:to_s).join(' ')}"
25
+ else
26
+ "expected to be able to #{args.map(&:inspect).join(' ')}"
27
+ end
23
28
  end
24
29
 
25
- failure_message_when_negated do |ability|
26
- "expected not to be able to #{args.map(&:inspect).join(" ")}"
30
+ failure_message_when_negated do
31
+ resource = args[1]
32
+ if resource.instance_of?(Class)
33
+ "expected not to be able to #{args.map(&:to_s).join(' ')}"
34
+ else
35
+ "expected not to be able to #{args.map(&:inspect).join(' ')}"
36
+ end
37
+ end
38
+
39
+ description do
40
+ "be able to #{args.map(&:to_s).join(' ')}"
27
41
  end
28
42
  end
@@ -17,6 +17,18 @@ module CanCan
17
17
  relation = relation.includes(joins).references(joins) if joins.present?
18
18
  relation
19
19
  end
20
+
21
+ # Rails 4.2 deprecates `sanitize_sql_hash_for_conditions`
22
+ def sanitize_sql(conditions)
23
+ if ActiveRecord::VERSION::MINOR >= 2 && Hash === conditions
24
+ relation = @model_class.unscoped.where(conditions)
25
+ predicates = relation.where_values
26
+ bind_values = relation.bind_values
27
+ query = Arel::Nodes::And.new(predicates).to_sql
28
+ conditions = [query, *bind_values.map { |col, val| val }]
29
+ end
30
+ @model_class.send(:sanitize_sql, conditions)
31
+ end
20
32
  end
21
33
  end
22
34
  end
@@ -1,3 +1,3 @@
1
1
  module CanCan
2
- VERSION = "1.9.2"
2
+ VERSION = "1.10.0"
3
3
  end
@@ -6,7 +6,7 @@ To run the specs first run the +bundle+ command to install the necessary gems an
6
6
 
7
7
  bundle
8
8
 
9
- Then run the appraisal command to install all the necssary test sets:
9
+ Then run the appraisal command to install all the necessary test sets:
10
10
 
11
11
  appraisal install
12
12
 
@@ -103,6 +103,17 @@ describe CanCan::ControllerResource do
103
103
  expect(controller.instance_variable_get(:@sub_model).name).to eq("foobar")
104
104
  end
105
105
 
106
+ it "builds a new resource for namespaced controller given through folder format" do
107
+ module Admin
108
+ module SubModule
109
+ class HiddenModel < ::Model; end
110
+ end
111
+ end
112
+ params.merge!(:controller => "admin/sub_module/hidden_models")
113
+ resource = CanCan::ControllerResource.new(controller)
114
+ expect { resource.load_resource }.not_to raise_error
115
+ end
116
+
106
117
  it "does not build record through has_one association with :singleton option because it can cause it to delete it in the database" do
107
118
  category = Class.new
108
119
  allow_any_instance_of(Model).to receive('category=').with(category)
@@ -7,11 +7,11 @@ if defined? CanCan::ModelAdapters::ActiveRecord4Adapter
7
7
  ActiveRecord::Migration.verbose = false
8
8
  ActiveRecord::Schema.define do
9
9
  create_table(:parents) do |t|
10
- t.timestamps
10
+ t.timestamps :null => false
11
11
  end
12
12
 
13
13
  create_table(:children) do |t|
14
- t.timestamps
14
+ t.timestamps :null => false
15
15
  t.integer :parent_id
16
16
  end
17
17
  end
@@ -11,17 +11,17 @@ if defined? CanCan::ModelAdapters::ActiveRecordAdapter
11
11
  create_table(:categories) do |t|
12
12
  t.string :name
13
13
  t.boolean :visible
14
- t.timestamps
14
+ t.timestamps :null => false
15
15
  end
16
16
 
17
17
  create_table(:projects) do |t|
18
18
  t.string :name
19
- t.timestamps
19
+ t.timestamps :null => false
20
20
  end
21
21
 
22
22
  create_table(:articles) do |t|
23
23
  t.string :name
24
- t.timestamps
24
+ t.timestamps :null => false
25
25
  t.boolean :published
26
26
  t.boolean :secret
27
27
  t.integer :priority
@@ -32,17 +32,17 @@ if defined? CanCan::ModelAdapters::ActiveRecordAdapter
32
32
  create_table(:comments) do |t|
33
33
  t.boolean :spam
34
34
  t.integer :article_id
35
- t.timestamps
35
+ t.timestamps :null => false
36
36
  end
37
37
 
38
38
  create_table(:legacy_mentions) do |t|
39
39
  t.integer :user_id
40
40
  t.integer :article_id
41
- t.timestamps
41
+ t.timestamps :null => false
42
42
  end
43
43
 
44
44
  create_table(:users) do |t|
45
- t.timestamps
45
+ t.timestamps :null => false
46
46
  end
47
47
  end
48
48
 
@@ -346,13 +346,13 @@ if defined? CanCan::ModelAdapters::ActiveRecordAdapter
346
346
  before :each do
347
347
  ActiveRecord::Schema.define do
348
348
  create_table( :table_xes ) do |t|
349
- t.timestamps
349
+ t.timestamps :null => false
350
350
  end
351
351
 
352
352
  create_table( :table_zs ) do |t|
353
353
  t.integer :table_x_id
354
354
  t.integer :user_id
355
- t.timestamps
355
+ t.timestamps :null => false
356
356
  end
357
357
  end
358
358
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cancancan
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.9.2
4
+ version: 1.10.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Bryan Rite
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2014-08-08 00:00:00.000000000 Z
12
+ date: 2015-01-07 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: bundler
@@ -82,7 +82,7 @@ files:
82
82
  - CONTRIBUTING.md
83
83
  - Gemfile
84
84
  - LICENSE
85
- - README.rdoc
85
+ - README.md
86
86
  - Rakefile
87
87
  - cancancan.gemspec
88
88
  - gemfiles/activerecord_3.0.gemfile
@@ -90,6 +90,7 @@ files:
90
90
  - gemfiles/activerecord_3.2.gemfile
91
91
  - gemfiles/activerecord_4.0.gemfile
92
92
  - gemfiles/activerecord_4.1.gemfile
93
+ - gemfiles/activerecord_4.2.gemfile
93
94
  - gemfiles/datamapper_1.x.gemfile
94
95
  - gemfiles/mongoid_2.x.gemfile
95
96
  - gemfiles/sequel_3.x.gemfile
@@ -154,7 +155,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
154
155
  version: 1.3.4
155
156
  requirements: []
156
157
  rubyforge_project: cancancan
157
- rubygems_version: 2.2.2
158
+ rubygems_version: 2.4.3
158
159
  signing_key:
159
160
  specification_version: 4
160
161
  summary: Simple authorization solution for Rails.
@@ -165,6 +166,7 @@ test_files:
165
166
  - gemfiles/activerecord_3.2.gemfile
166
167
  - gemfiles/activerecord_4.0.gemfile
167
168
  - gemfiles/activerecord_4.1.gemfile
169
+ - gemfiles/activerecord_4.2.gemfile
168
170
  - gemfiles/datamapper_1.x.gemfile
169
171
  - gemfiles/mongoid_2.x.gemfile
170
172
  - gemfiles/sequel_3.x.gemfile
@@ -1,183 +0,0 @@
1
- = CanCanCan
2
- {<img src="https://badge.fury.io/rb/cancancan.png" alt="Gem Version" />}[http://badge.fury.io/rb/cancancan]
3
- {<img src="https://travis-ci.org/CanCanCommunity/cancancan.png?branch=master" alt="Build Status" />}[https://travis-ci.org/CanCanCommunity/cancancan]
4
- {<img src="https://codeclimate.com/github/CanCanCommunity/cancancan.png" />}[https://codeclimate.com/github/CanCanCommunity/cancancan]
5
- {<img src="http://inch-ci.org/github/CanCanCommunity/cancancan.png" alt="Inline docs" />}[http://inch-ci.org/github/CanCanCommunity/cancancan]
6
-
7
- Wiki[https://github.com/bryanrite/cancancan/wiki] | RDocs[http://rdoc.info/projects/ryanb/cancan] | Screencast[http://railscasts.com/episodes/192-authorization-with-cancan]
8
-
9
- CanCan is an authorization library for Ruby on Rails which restricts what resources a given user is allowed to access. All permissions are defined in a single location (the +Ability+ class) and not duplicated across controllers, views, and database queries.
10
-
11
-
12
- == Mission
13
-
14
- This repo is a continuation of the dead CanCan[https://github.com/ryanb/cancan] project. Our mission is to keep CanCan alive and moving forward, with maintenance fixes and new features. Pull Requests are welcome!
15
-
16
- I am currently focusing on the 1.x branch for the immediate future, making sure it is up to date as well as ensuring compatibility with Rails 4+. I will take a look into the 2.x branch and try to see what improvements, reorganizations and redesigns Ryan was attempting and go forward from there.
17
-
18
- Any help is greatly appreciated, feel free to submit pull-requests or open issues.
19
-
20
-
21
- == Installation
22
-
23
- In <b>Rails 3 and 4</b>, add this to your Gemfile and run the +bundle+ command.
24
-
25
- gem 'cancancan', '~> 1.9'
26
-
27
- In <b>Rails 2</b>, add this to your environment.rb file.
28
-
29
- config.gem "cancancan"
30
-
31
- Alternatively, you can install it as a plugin.
32
-
33
- rails plugin install git://github.com/bryanrite/cancancan.git
34
-
35
-
36
- == Getting Started
37
-
38
- CanCanCan expects a +current_user+ method to exist in the controller. First, set up some authentication (such as Authlogic[https://github.com/binarylogic/authlogic] or Devise[https://github.com/plataformatec/devise]). See {Changing Defaults}[https://github.com/bryanrite/cancancan/wiki/changing-defaults] if you need different behavior.
39
-
40
-
41
- === 1. Define Abilities
42
-
43
- User permissions are defined in an +Ability+ class. CanCan 1.5 includes a Rails 3 and 4 generator for creating this class.
44
-
45
- rails g cancan:ability
46
-
47
- In Rails 2.3, just add a new class in <tt>app/models/ability.rb</tt> with the following contents:
48
-
49
- class Ability
50
- include CanCan::Ability
51
-
52
- def initialize(user)
53
- end
54
- end
55
-
56
- See {Defining Abilities}[https://github.com/bryanrite/cancancan/wiki/defining-abilities] for details.
57
-
58
-
59
- === 2. Check Abilities & Authorization
60
-
61
- The current user's permissions can then be checked using the <tt>can?</tt> and <tt>cannot?</tt> methods in the view and controller.
62
-
63
- <% if can? :update, @article %>
64
- <%= link_to "Edit", edit_article_path(@article) %>
65
- <% end %>
66
-
67
- See {Checking Abilities}[https://github.com/bryanrite/cancancan/wiki/checking-abilities] for more information
68
-
69
- The <tt>authorize!</tt> method in the controller will raise an exception if the user is not able to perform the given action.
70
-
71
- def show
72
- @article = Article.find(params[:id])
73
- authorize! :read, @article
74
- end
75
-
76
- Setting this for every action can be tedious, therefore the +load_and_authorize_resource+ method is provided to automatically authorize all actions in a RESTful style resource controller. It will use a before filter to load the resource into an instance variable and authorize it for every action.
77
-
78
- class ArticlesController < ApplicationController
79
- load_and_authorize_resource
80
-
81
- def show
82
- # @article is already loaded and authorized
83
- end
84
- end
85
-
86
- See {Authorizing Controller Actions}[https://github.com/bryanrite/cancancan/wiki/authorizing-controller-actions] for more information.
87
-
88
-
89
- ==== Strong Parameters
90
-
91
- When using <tt>strong_parameters</tt> or Rails 4+, you have to sanitize inputs before saving the record, in actions such as <tt>:create</tt> and <tt>:update</tt>.
92
-
93
- By default, CanCan will try to sanitize the input on <tt>:create</tt> and <tt>:update</tt> routes by seeing if your controller will respond to the following methods (in order):
94
-
95
- * <tt>create_params</tt> or <tt>update_params</tt> (depending on the action you are performing)
96
- * <tt><model_name>_params</tt> such as <tt>article_params</tt> (this is the default convention in rails for naming your param method)
97
- * <tt>resource_params</tt> (a generically named method you could specify in each controller)
98
-
99
- Additionally, <tt>load_and_authorize_resource</tt> can now take a <tt>param_method</tt> option to specify a custom method in the controller to run to sanitize input.
100
-
101
- You can associate the <tt>param_method</tt> option with a symbol corresponding to the name of a method that will get called:
102
-
103
- class ArticlesController < ApplicationController
104
- load_and_authorize_resource param_method: :my_sanitizer
105
-
106
- def create
107
- if @article.save
108
- # hurray
109
- else
110
- render :new
111
- end
112
- end
113
-
114
- private
115
-
116
- def my_sanitizer
117
- params.require(:article).permit(:name)
118
- end
119
- end
120
-
121
- You can also use a string that will be evaluated in the context of the controller using <tt>instance_eval</tt> and needs to contain valid Ruby code. This does come in handy when using a PermittedParams class as suggested in Railscast 371:
122
-
123
- load_and_authorize_resource param_method: 'permitted_params.article'
124
-
125
- Finally, it's possible to associate <tt>param_method</tt> with a Proc object which will be called with the controller as the only argument:
126
-
127
- load_and_authorize_resource param_method: Proc.new { |c| c.params.require(:article).permit(:name) }
128
-
129
- See {Strong Parameters}[https://github.com/bryanrite/cancancan/wiki/Strong-Parameters] for more information.
130
-
131
- === 3. Handle Unauthorized Access
132
-
133
- If the user authorization fails, a <tt>CanCan::AccessDenied</tt> exception will be raised. You can catch this and modify its behavior in the +ApplicationController+.
134
-
135
- class ApplicationController < ActionController::Base
136
- rescue_from CanCan::AccessDenied do |exception|
137
- redirect_to root_url, :alert => exception.message
138
- end
139
- end
140
-
141
- See {Exception Handling}[https://github.com/bryanrite/cancancan/wiki/exception-handling] for more information.
142
-
143
-
144
- === 4. Lock It Down
145
-
146
- If you want to ensure authorization happens on every action in your application, add +check_authorization+ to your ApplicationController.
147
-
148
- class ApplicationController < ActionController::Base
149
- check_authorization
150
- end
151
-
152
- This will raise an exception if authorization is not performed in an action. If you want to skip this add +skip_authorization_check+ to a controller subclass. See {Ensure Authorization}[https://github.com/bryanrite/cancancan/wiki/Ensure-Authorization] for more information.
153
-
154
-
155
- == Wiki Docs
156
-
157
- * {Upgrading to 1.6}[https://github.com/bryanrite/cancancan/wiki/Upgrading-to-1.6]
158
- * {Defining Abilities}[https://github.com/bryanrite/cancancan/wiki/Defining-Abilities]
159
- * {Checking Abilities}[https://github.com/bryanrite/cancancan/wiki/Checking-Abilities]
160
- * {Authorizing Controller Actions}[https://github.com/bryanrite/cancancan/wiki/Authorizing-Controller-Actions]
161
- * {Exception Handling}[https://github.com/bryanrite/cancancan/wiki/Exception-Handling]
162
- * {Changing Defaults}[https://github.com/bryanrite/cancancan/wiki/Changing-Defaults]
163
- * {See more}[https://github.com/bryanrite/cancancan/wiki]
164
-
165
- == Questions or Problems?
166
-
167
- If you have any issues with CanCan which you cannot find the solution to in the documentation[https://github.com/bryanrite/cancancan/wiki] or our mailing list: http://groups.google.com/group/cancancan, please add an {issue on GitHub}[https://github.com/bryanrite/cancancan/issues] or fork the project and send a pull request.
168
-
169
-
170
- == Development
171
-
172
- Cancancan uses {appraisals}[https://github.com/thoughtbot/appraisal] to test the code base against multiple versions of rails, as well as the different model adapters.
173
-
174
- When first developing, you may need to run <tt>bundle install</tt> and then <tt>appraisal install</tt>, to install the different sets.
175
-
176
- You can then run all appraisal files (like CI does), with <tt>appraisal rake</tt> or just run a specific set <tt>appraisal activerecord_3.0 rake</tt>.
177
-
178
- See the {CONTRIBUTING}[https://github.com/CanCanCommunity/cancancan/blob/develop/CONTRIBUTING.md] and {spec/README}[https://github.com/bryanrite/cancancan/blob/master/spec/README.rdoc] for more information.
179
-
180
-
181
- == Special Thanks
182
-
183
- CanCan was inspired by declarative_authorization[https://github.com/stffn/declarative_authorization/] and aegis[https://github.com/makandra/aegis]. Also many thanks to the CanCan contributors[https://github.com/bryanrite/cancancan/contributors]. See the CHANGELOG[https://github.com/bryanrite/cancancan/blob/master/CHANGELOG.rdoc] for the full list.