cancancan 3.0.2 → 3.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f0fb1ea8821029ab1e070299caac458325635748b3051e1f08999176ec81e29d
4
- data.tar.gz: 20a2d023ab68fdf8392d57cc0d32a95d5d904d2bac67c60850d8339524e48de6
3
+ metadata.gz: 81afd3cec5dc78c4e4d9d14719482ae589ed43bf336cc1b4f9e5681dea56b99d
4
+ data.tar.gz: fd23ce69481f9daf4b227b61e4e7e236abcd40d7b5f0dd01f70ca20a3706fae3
5
5
  SHA512:
6
- metadata.gz: 983f4b45a5c32972bca59adb1a0a2591352ba571fb3d95a13c91c40b719828507611ab7c3695ff94bcc07ae8599cac95d1bab8e4bcbad9fd9250bc20e22d9b9c
7
- data.tar.gz: 626e5e82e569b68383eb63a605983f92276540f3a20abd35e1fb1a79876880a8b533296382ddef27caa9e7cad3fa28bdd885dd77e87680b32aa70cc38592c256
6
+ metadata.gz: 04ee2bfead0ce01e0bdc64e69fae219c221495c30950542323fc5e3d91e250e9a679863546c09db9f3a71a647cb414510bcbb92db41309d9b0b2d04f7d2a1b0e
7
+ data.tar.gz: 79b4b11ef02ca50417c4e441dd8586569ed86caa4d3216fc54e1713bd09071e544b529db0babd429dd14b0efc90f59f2dfbd8a8d101a9e4d4332908f0487115b
@@ -97,7 +97,10 @@ module CanCan
97
97
  end
98
98
 
99
99
  def conditions_empty?
100
- @conditions == {} || @conditions.nil?
100
+ # @conditions might be an ActiveRecord::Associations::CollectionProxy
101
+ # which it's `==` implementation will fetch all records for comparison
102
+
103
+ (@conditions.is_a?(Hash) && @conditions == {}) || @conditions.nil?
101
104
  end
102
105
  end
103
106
  end
@@ -22,9 +22,14 @@ module CanCan
22
22
  private
23
23
 
24
24
  def build_relation(*where_conditions)
25
- relation = @model_class.where(*where_conditions)
26
- relation = relation.left_joins(joins).distinct if joins.present?
27
- relation
25
+ if joins.present?
26
+ inner = @model_class.unscoped do
27
+ @model_class.left_joins(joins).where(*where_conditions)
28
+ end
29
+ @model_class.where(@model_class.primary_key => inner)
30
+ else
31
+ @model_class.where(*where_conditions)
32
+ end
28
33
  end
29
34
 
30
35
  # Rails 4.2 deprecates `sanitize_sql_hash_for_conditions`
@@ -0,0 +1,29 @@
1
+ # frozen_string_literal: true
2
+
3
+ module CanCan
4
+ module Relevant
5
+ # Matches both the action, subject, and attribute, not necessarily the conditions
6
+ def relevant?(action, subject)
7
+ subject = subject.values.first if subject.class == Hash
8
+ @match_all || (matches_action?(action) && matches_subject?(subject))
9
+ end
10
+
11
+ private
12
+
13
+ def matches_action?(action)
14
+ @expanded_actions.include?(:manage) || @expanded_actions.include?(action)
15
+ end
16
+
17
+ def matches_subject?(subject)
18
+ @subjects.include?(:all) || @subjects.include?(subject) || matches_subject_class?(subject)
19
+ end
20
+
21
+ def matches_subject_class?(subject)
22
+ @subjects.any? do |sub|
23
+ sub.is_a?(Module) && (subject.is_a?(sub) ||
24
+ subject.class.to_s == sub.to_s ||
25
+ (subject.is_a?(Module) && subject.ancestors.include?(sub)))
26
+ end
27
+ end
28
+ end
29
+ end
@@ -1,12 +1,15 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  require_relative 'conditions_matcher.rb'
4
+ require_relative 'relevant.rb'
5
+
4
6
  module CanCan
5
7
  # This class is used internally and should only be called through Ability.
6
8
  # it holds the information about a "can" call made on Ability and provides
7
9
  # helpful methods to determine permission checking and conditions hash generation.
8
10
  class Rule # :nodoc:
9
11
  include ConditionsMatcher
12
+ include Relevant
10
13
  include ParameterValidators
11
14
  attr_reader :base_behavior, :subjects, :actions, :conditions, :attributes
12
15
  attr_writer :expanded_actions, :conditions
@@ -24,9 +27,9 @@ module CanCan
24
27
  raise Error, "Subject is required for #{action}" if action && subject.nil?
25
28
 
26
29
  @base_behavior = base_behavior
27
- @actions = Array(action)
28
- @subjects = Array(subject)
29
- @attributes = Array(attributes)
30
+ @actions = wrap(action)
31
+ @subjects = wrap(subject)
32
+ @attributes = wrap(attributes)
30
33
  @conditions = extra_args || {}
31
34
  @block = block
32
35
  end
@@ -57,12 +60,6 @@ module CanCan
57
60
  (!with_scope? && [nil, false, [], {}, '', ' '].include?(@conditions))
58
61
  end
59
62
 
60
- # Matches both the action, subject, and attribute, not necessarily the conditions
61
- def relevant?(action, subject)
62
- subject = subject.values.first if subject.class == Hash
63
- @match_all || (matches_action?(action) && matches_subject?(subject))
64
- end
65
-
66
63
  def only_block?
67
64
  conditions_empty? && @block
68
65
  end
@@ -104,22 +101,6 @@ module CanCan
104
101
 
105
102
  private
106
103
 
107
- def matches_action?(action)
108
- @expanded_actions.include?(:manage) || @expanded_actions.include?(action)
109
- end
110
-
111
- def matches_subject?(subject)
112
- @subjects.include?(:all) || @subjects.include?(subject) || matches_subject_class?(subject)
113
- end
114
-
115
- def matches_subject_class?(subject)
116
- @subjects.any? do |sub|
117
- sub.is_a?(Module) && (subject.is_a?(sub) ||
118
- subject.class.to_s == sub.to_s ||
119
- (subject.is_a?(Module) && subject.ancestors.include?(sub)))
120
- end
121
- end
122
-
123
104
  def parse_attributes_from_extra_args(args)
124
105
  attributes = args.shift if valid_attribute_param?(args.first)
125
106
  extra_args = args.shift
@@ -132,5 +113,15 @@ module CanCan
132
113
  raise BlockAndConditionsError, 'A hash of conditions is mutually exclusive with a block. '\
133
114
  "Check \":#{action} #{subject}\" ability."
134
115
  end
116
+
117
+ def wrap(object)
118
+ if object.nil?
119
+ []
120
+ elsif object.respond_to?(:to_ary)
121
+ object.to_ary || [object]
122
+ else
123
+ [object]
124
+ end
125
+ end
135
126
  end
136
127
  end
@@ -3,10 +3,12 @@
3
3
  module CanCan
4
4
  module UnauthorizedMessageResolver
5
5
  def unauthorized_message(action, subject)
6
+ subject = subject.values.last if subject.is_a?(Hash)
6
7
  keys = unauthorized_message_keys(action, subject)
7
- variables = { action: action.to_s }
8
+ variables = {}
9
+ variables[:action] = I18n.translate("actions.#{action}", default: action.to_s)
8
10
  variables[:subject] = translate_subject(subject)
9
- message = I18n.translate(keys.shift, variables.merge(scope: :unauthorized, default: keys + ['']))
11
+ message = I18n.translate(keys.shift, **variables.merge(scope: :unauthorized, default: keys + ['']))
10
12
  message.blank? ? nil : message
11
13
  end
12
14
 
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module CanCan
4
- VERSION = '3.0.2'.freeze
4
+ VERSION = '3.1.0'.freeze
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cancancan
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.2
4
+ version: 3.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Alessandro Rodi (Renuo AG)
@@ -11,7 +11,7 @@ authors:
11
11
  autorequire:
12
12
  bindir: bin
13
13
  cert_chain: []
14
- date: 2020-01-17 00:00:00.000000000 Z
14
+ date: 2020-03-15 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: appraisal
@@ -134,6 +134,7 @@ files:
134
134
  - lib/cancan/model_adapters/default_adapter.rb
135
135
  - lib/cancan/model_additions.rb
136
136
  - lib/cancan/parameter_validators.rb
137
+ - lib/cancan/relevant.rb
137
138
  - lib/cancan/rule.rb
138
139
  - lib/cancan/rules_compressor.rb
139
140
  - lib/cancan/unauthorized_message_resolver.rb