cancancan 2.1.4 → 2.2.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 6cb217274c85fd48abb32dd84f46bd09e32189bb50e945eed2bc1bdc17311004
4
- data.tar.gz: 04bf927a117ecefa9375e01f0e170b284103562b4da0a1d72b8b8a56adf4f702
3
+ metadata.gz: cd789707449c90277a31d5808e55c36140b88b3aa3c2b9035640d777220b2d27
4
+ data.tar.gz: 64fbbaa5657ae8b334e7096f33eb12b975a224ea7c516c0091d3d7ac94c0acbd
5
5
  SHA512:
6
- metadata.gz: d470789a6f4ad54825af660f82888b17b00b60a12ee9caa8473a522ed2ddbdf745121bab1d1eb65fb28de4ba6771ae03994641e257d46933de0455211f6949c3
7
- data.tar.gz: 5b6c1bdf71f64d07c77c8362c6d43ed5e869fc7e8fd58be9951e4c7dc6d4492a6713c8975fff3269baa7e79fd3f06094ee30d58f50c5ec134ef4e620052552ba
6
+ metadata.gz: 70ba8098042c7114a7cf419a892c12794089da88046873fb6abf1c45dac3854731adb860ff95d2556f7e9ffad4543b5f53dc05579defd5ff8273bcf51476e0ce
7
+ data.tar.gz: 5d390ebd7fa75ffbff3783502d6bf329d5949787b70ccd26559d40be4471c61efb8f4ea4adc2d53b6bac81f9e32e619d3569c268ff8a6277f16cab72ea162bf5
@@ -12,4 +12,5 @@ require 'cancan/model_adapters/default_adapter'
12
12
  if defined? ActiveRecord
13
13
  require 'cancan/model_adapters/active_record_adapter'
14
14
  require 'cancan/model_adapters/active_record_4_adapter'
15
+ require 'cancan/model_adapters/active_record_5_adapter'
15
16
  end
@@ -173,7 +173,7 @@ module CanCan
173
173
  end
174
174
  if cannot?(action, subject, *args)
175
175
  message ||= unauthorized_message(action, subject)
176
- raise AccessDenied.new(message, action, subject)
176
+ raise AccessDenied.new(message, action, subject, args)
177
177
  end
178
178
  subject
179
179
  end
@@ -384,14 +384,6 @@ module CanCan
384
384
  end
385
385
  end
386
386
 
387
- if defined? ActionController::Base
388
- ActionController::Base.class_eval do
389
- include CanCan::ControllerAdditions
390
- end
391
- end
392
-
393
- if defined? ActionController::API
394
- ActionController::API.class_eval do
395
- include CanCan::ControllerAdditions
396
- end
387
+ ActiveSupport.on_load(:action_controller) do
388
+ include CanCan::ControllerAdditions
397
389
  end
@@ -33,13 +33,14 @@ module CanCan
33
33
  # See ControllerAdditions#authorized! for more information on rescuing from this exception
34
34
  # and customizing the message using I18n.
35
35
  class AccessDenied < Error
36
- attr_reader :action, :subject
36
+ attr_reader :action, :subject, :conditions
37
37
  attr_writer :default_message
38
38
 
39
- def initialize(message = nil, action = nil, subject = nil)
39
+ def initialize(message = nil, action = nil, subject = nil, conditions = nil)
40
40
  @message = message
41
41
  @action = action
42
42
  @subject = subject
43
+ @conditions = conditions
43
44
  @default_message = I18n.t(:"unauthorized.default", default: 'You are not authorized to access this page.')
44
45
  end
45
46
 
@@ -3,7 +3,7 @@ module CanCan
3
3
  class ActiveRecord4Adapter < AbstractAdapter
4
4
  include ActiveRecordAdapter
5
5
  def self.for_class?(model_class)
6
- model_class <= ActiveRecord::Base
6
+ ActiveRecord::VERSION::MAJOR == 4 && model_class <= ActiveRecord::Base
7
7
  end
8
8
 
9
9
  # TODO: this should be private
@@ -39,11 +39,8 @@ module CanCan
39
39
 
40
40
  # Rails 4.2 deprecates `sanitize_sql_hash_for_conditions`
41
41
  def sanitize_sql(conditions)
42
- if ActiveRecord::VERSION::MAJOR > 4 && conditions.is_a?(Hash)
43
- sanitize_sql_activerecord5(conditions)
44
- elsif ActiveRecord::VERSION::MINOR >= 2 && conditions.is_a?(Hash)
42
+ if ActiveRecord::VERSION::MINOR >= 2 && conditions.is_a?(Hash)
45
43
  sanitize_sql_activerecord4(conditions)
46
-
47
44
  else
48
45
  @model_class.send(:sanitize_sql, conditions)
49
46
  end
@@ -59,21 +56,6 @@ module CanCan
59
56
  @model_class.send(:connection).visitor.compile b
60
57
  end.join(' AND ')
61
58
  end
62
-
63
- def sanitize_sql_activerecord5(conditions)
64
- table = @model_class.send(:arel_table)
65
- table_metadata = ActiveRecord::TableMetadata.new(@model_class, table)
66
- predicate_builder = ActiveRecord::PredicateBuilder.new(table_metadata)
67
-
68
- conditions = predicate_builder.resolve_column_aliases(conditions)
69
- conditions = @model_class.send(:expand_hash_conditions_for_aggregates, conditions)
70
-
71
- conditions.stringify_keys!
72
-
73
- predicate_builder.build_from_hash(conditions).map do |b|
74
- @model_class.send(:connection).visitor.compile b
75
- end.join(' AND ')
76
- end
77
59
  end
78
60
  end
79
61
  end
@@ -0,0 +1,70 @@
1
+ module CanCan
2
+ module ModelAdapters
3
+ class ActiveRecord5Adapter < ActiveRecord4Adapter
4
+ AbstractAdapter.inherited(self)
5
+
6
+ def self.for_class?(model_class)
7
+ ActiveRecord::VERSION::MAJOR == 5 && model_class <= ActiveRecord::Base
8
+ end
9
+
10
+ # rails 5 is capable of using strings in enum
11
+ # but often people use symbols in rules
12
+ def self.matches_condition?(subject, name, value)
13
+ return super if Array.wrap(value).all? { |x| x.is_a? Integer }
14
+
15
+ attribute = subject.send(name)
16
+ if value.is_a?(Enumerable)
17
+ value.map(&:to_s).include? attribute
18
+ else
19
+ attribute == value.to_s
20
+ end
21
+ end
22
+
23
+ private
24
+
25
+ # As of rails 4, `includes()` no longer causes active record to
26
+ # look inside the where clause to decide to outer join tables
27
+ # you're using in the where. Instead, `references()` is required
28
+ # in addition to `includes()` to force the outer join.
29
+ def build_relation(*where_conditions)
30
+ relation = @model_class.where(*where_conditions)
31
+ relation = relation.includes(joins).references(joins) if joins.present?
32
+ relation
33
+ end
34
+
35
+ # Rails 4.2 deprecates `sanitize_sql_hash_for_conditions`
36
+ def sanitize_sql(conditions)
37
+ if conditions.is_a?(Hash)
38
+ sanitize_sql_activerecord5(conditions)
39
+ else
40
+ @model_class.send(:sanitize_sql, conditions)
41
+ end
42
+ end
43
+
44
+ def sanitize_sql_activerecord5(conditions)
45
+ table = @model_class.send(:arel_table)
46
+ table_metadata = ActiveRecord::TableMetadata.new(@model_class, table)
47
+ predicate_builder = ActiveRecord::PredicateBuilder.new(table_metadata)
48
+
49
+ conditions = predicate_builder.resolve_column_aliases(conditions)
50
+
51
+ conditions.stringify_keys!
52
+
53
+ predicate_builder.build_from_hash(conditions).map do |b|
54
+ visit_nodes(b)
55
+ end.join(' AND ')
56
+ end
57
+
58
+ def visit_nodes(b)
59
+ # Rails 5.2 adds a BindParam node that prevents the visitor method from properly compiling the SQL query
60
+ if ActiveRecord::VERSION::MINOR >= 2
61
+ connection = @model_class.send(:connection)
62
+ collector = Arel::Collectors::SubstituteBinds.new(connection, Arel::Collectors::SQLString.new)
63
+ connection.visitor.accept(b, collector).value
64
+ else
65
+ @model_class.send(:connection).visitor.compile(b)
66
+ end
67
+ end
68
+ end
69
+ end
70
+ end
@@ -1,3 +1,3 @@
1
1
  module CanCan
2
- VERSION = '2.1.4'.freeze
2
+ VERSION = '2.2.0'.freeze
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cancancan
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.4
4
+ version: 2.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Alessandro Rodi (Renuo AG)
@@ -11,7 +11,7 @@ authors:
11
11
  autorequire:
12
12
  bindir: bin
13
13
  cert_chain: []
14
- date: 2018-04-09 00:00:00.000000000 Z
14
+ date: 2018-04-15 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: bundler
@@ -126,6 +126,7 @@ files:
126
126
  - lib/cancan/matchers.rb
127
127
  - lib/cancan/model_adapters/abstract_adapter.rb
128
128
  - lib/cancan/model_adapters/active_record_4_adapter.rb
129
+ - lib/cancan/model_adapters/active_record_5_adapter.rb
129
130
  - lib/cancan/model_adapters/active_record_adapter.rb
130
131
  - lib/cancan/model_adapters/can_can/model_adapters/active_record_adapter/joins.rb
131
132
  - lib/cancan/model_adapters/default_adapter.rb