cancancan 1.9.2 → 1.10.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 72e7c59df453fdbf97f4f3f9daf1faa01f102af1
-  data.tar.gz: a939e62999f39b20089742ebf5d12e1d384cabc4
+  metadata.gz: 2e578e1005885c6f192bb9796d1beaa98878b01e
+  data.tar.gz: 8f4f962696dedc14dd038489dc46054c523c55a2
 SHA512:
-  metadata.gz: 32a8944af1356a883b6bb9365afddce4d89a66a3fbf3c84d5351531091f7d7533644e48b44515303dc2c5a19a39399b91189fb19dfd73574206f7ca06adf30b9
-  data.tar.gz: 904cd58c86b3af22979dfe44cd802c44035e3a15c241efd0c35e65a8c3369bd88047e8731e180ad557fe820f19d113ff82a9f49644495a5b5e950f2e0b8a82e2
+  metadata.gz: 5737784c038345e4ff19c5dc519c828cb36268f77bafef9fa9d40ba3ae396fe030b2c3fc60f3e755903c9d398a59b450690cc0564b22aef1a1f46826c753aa35
+  data.tar.gz: b4faa7beedaba71e8303aafb358a4ecd02b8d4be7abb2730c2f7b8bc9e13c46650acfa77e0ab4ecd81da381e166ddd9ab9fb098c79e7a9d3fa95dbaf5e24c0e4

data/.travis.yml

@@ -13,6 +13,7 @@ gemfile:
   - gemfiles/activerecord_3.2.gemfile
   - gemfiles/activerecord_4.0.gemfile
   - gemfiles/activerecord_4.1.gemfile
+  - gemfiles/activerecord_4.2.gemfile
   - gemfiles/datamapper_1.x.gemfile
   - gemfiles/mongoid_2.x.gemfile
   - gemfiles/sequel_3.x.gemfile
@@ -21,19 +22,27 @@ services:
 matrix:
   allow_failures:
     - rvm: rbx
+    - rvm: jruby
+      gemfile: gemfiles/datamapper_1.x.gemfile
   exclude:
     - rvm: 1.8.7
       gemfile: gemfiles/activerecord_4.0.gemfile
     - rvm: 1.8.7
       gemfile: gemfiles/activerecord_4.1.gemfile
+    - rvm: 1.8.7
+      gemfile: gemfiles/activerecord_4.2.gemfile
     - rvm: 1.9.2
       gemfile: gemfiles/activerecord_4.0.gemfile
     - rvm: 1.9.2
       gemfile: gemfiles/activerecord_4.1.gemfile
+    - rvm: 1.9.2
+      gemfile: gemfiles/activerecord_4.2.gemfile
     - rvm: ree
       gemfile: gemfiles/activerecord_4.0.gemfile
     - rvm: ree
       gemfile: gemfiles/activerecord_4.1.gemfile
+    - rvm: ree
+      gemfile: gemfiles/activerecord_4.2.gemfile
 notifications:
   recipients:
     - bryan@bryanrite.com

data/Appraisals

@@ -1,6 +1,6 @@
 appraise "activerecord_3.0" do
   gem "activerecord", "~> 3.0.20", :require => "active_record"
-  gem 'activesupport', '~> 3.0.20', :require => 'active_support/all'
+  gem "activesupport", "~> 3.0.20", :require => "active_support/all"
   gem "meta_where"
 
   gemfile.platforms :jruby do
@@ -16,6 +16,10 @@ end
 appraise "activerecord_3.1" do
   gem "activerecord", "~> 3.1.0", :require => "active_record"
 
+  gemfile.platforms :ruby_18, :ruby_19 do
+    gem "i18n", "< 0.7"
+  end
+
   gemfile.platforms :jruby do
     gem "activerecord-jdbcsqlite3-adapter"
     gem "jdbc-sqlite3"
@@ -29,6 +33,10 @@ end
 appraise "activerecord_3.2" do
   gem "activerecord", "~> 3.2.0", :require => "active_record"
 
+  gemfile.platforms :ruby_18, :ruby_19 do
+    gem "i18n", "< 0.7"
+  end
+
   gemfile.platforms :jruby do
     gem "activerecord-jdbcsqlite3-adapter"
     gem "jdbc-sqlite3"
@@ -41,7 +49,7 @@ end
 
 appraise "activerecord_4.0" do
   gem "activerecord", "~> 4.0.5", :require => "active_record"
-  gem 'activesupport', '~> 4.0.5', :require => 'active_support/all'
+  gem "activesupport", "~> 4.0.5", :require => "active_support/all"
 
   gemfile.platforms :jruby do
     gem "activerecord-jdbcsqlite3-adapter"
@@ -55,7 +63,21 @@ end
 
 appraise "activerecord_4.1" do
   gem "activerecord", "~> 4.1.1", :require => "active_record"
-  gem 'activesupport', '~> 4.1.1', :require => 'active_support/all'
+  gem "activesupport", "~> 4.1.1", :require => "active_support/all"
+
+  gemfile.platforms :jruby do
+    gem "activerecord-jdbcsqlite3-adapter"
+    gem "jdbc-sqlite3"
+  end
+
+  gemfile.platforms :ruby, :mswin, :mingw do
+    gem "sqlite3"
+  end
+end
+
+appraise "activerecord_4.2" do
+  gem "activerecord", "~> 4.2.0", :require => "active_record"
+  gem 'activesupport', '~> 4.2.0', :require => 'active_support/all'
 
   gemfile.platforms :jruby do
     gem "activerecord-jdbcsqlite3-adapter"
@@ -68,16 +90,24 @@ appraise "activerecord_4.1" do
 end
 
 appraise "datamapper_1.x" do
-  gem 'activesupport', '~> 3.0', :require => 'active_support/all'
-  gem "dm-core", "~> 1.0.2"
-  gem "dm-sqlite-adapter", "~> 1.0.2"
-  gem "dm-migrations", "~> 1.0.2"
+  gem "activesupport", "~> 3.0", :require => "active_support/all"
+  gem "dm-core", "~> 1.0"
+  gem "dm-sqlite-adapter", "~> 1.0"
+  gem "dm-migrations", "~> 1.0"
+
+  gemfile.platforms :ruby_18, :ruby_19 do
+    gem "i18n", "< 0.7"
+  end
 end
 
 appraise "mongoid_2.x" do
-  gem 'activesupport', '~> 3.0', :require => 'active_support/all'
+  gem "activesupport", "~> 3.0", :require => "active_support/all"
   gem "mongoid", "~> 2.0.0"
 
+  gemfile.platforms :ruby_18, :ruby_19 do
+    gem "i18n", "< 0.7"
+  end
+
   gemfile.platforms :ruby, :mswin, :mingw do
     gem "bson_ext", "~> 1.1"
   end
@@ -89,7 +119,11 @@ end
 
 appraise "sequel_3.x" do
   gem "sequel", "~> 3.47.0"
-  gem 'activesupport', '~> 3.0', :require => 'active_support/all'
+  gem "activesupport", "~> 3.0", :require => "active_support/all"
+
+  gemfile.platforms :ruby_18, :ruby_19 do
+    gem "i18n", "< 0.7"
+  end
 
   gemfile.platforms :jruby do
     gem "jdbc-sqlite3"

data/CHANGELOG.rdoc

@@ -1,6 +1,17 @@
 Develop
 
 
+1.10.0 (January 7th, 2015)
+
+* Fix i18n issue for Ruby < 1.9.3 (bryanrite)
+
+* Fix cancancan#149 - Fix an issue loading namespaced models (darthjee)
+
+* Fix cancancan#160 - Support for Rails 4.2 (marshall-lee)
+
+* Fix cancancan#153 - More useful output in ability spec matchers (jondkinney)
+
+
 1.9.2 (August 8th, 2014)
 
 * Fix cancancan#77, 78 - Fix an issue with associations for namespaced models. (jjp)

data/README.md

@@ -0,0 +1,197 @@
+# CanCanCan
+
+[![Gem Version](https://badge.fury.io/rb/cancancan.svg)](http://badge.fury.io/rb/cancancan)
+[![Travis badge](https://travis-ci.org/CanCanCommunity/cancancan.png?branch=master)](https://travis-ci.org/CanCanCommunity/cancancan)
+[![Code Climate Badge](https://codeclimate.com/github/CanCanCommunity/cancancan.png)](https://codeclimate.com/github/CanCanCommunity/cancancan)
+[![Inch CI](http://inch-ci.org/github/CanCanCommunity/cancancan.png)](http://inch-ci.org/github/CanCanCommunity/cancancan)
+
+[Wiki](https://github.com/CanCanCommunity/cancancan/wiki) | [RDocs](http://rdoc.info/projects/CanCanCommunity/cancan) | [Screencast](http://railscasts.com/episodes/192-authorization-with-cancan)
+
+CanCan is an authorization library for Ruby on Rails which restricts what resources a given user is allowed to access. All permissions are defined in a single location (the `Ability` class) and not duplicated across controllers, views, and database queries.
+
+
+## Mission
+
+This repo is a continuation of the dead [CanCan](https://github.com/ryanb/cancan) project. Our mission is to keep CanCan alive and moving forward, with maintenance fixes and new features. Pull Requests are welcome!
+
+I am currently focusing on the 1.x branch for the immediate future, making sure it is up to date as well as ensuring compatibility with Rails 4+. I will take a look into the 2.x branch and try to see what improvements, reorganizations and redesigns Ryan was attempting and go forward from there.
+
+Any help is greatly appreciated, feel free to submit pull-requests or open issues.
+
+
+## Installation
+
+In **Rails 3 and 4**, add this to your Gemfile and run the `bundle install` command.
+
+    gem 'cancancan', '~> 1.10'
+
+In **Rails 2**, add this to your environment.rb file.
+
+    config.gem "cancancan"
+
+Alternatively, you can install it as a plugin.
+
+    rails plugin install git://github.com/CanCanCommunity/cancancan.git
+
+## Getting Started
+
+CanCanCan expects a `current_user` method to exist in the controller. First, set up some authentication (such as [Authlogic](https://github.com/binarylogic/authlogic) or [Devise](https://github.com/plataformatec/devise)). See [Changing Defaults](https://github.com/CanCanCommunity/cancancan/wiki/changing-defaults) if you need different behavior.
+
+
+### 1. Define Abilities
+
+User permissions are defined in an `Ability` class. CanCan 1.5 includes a Rails 3 and 4 generator for creating this class.
+
+    rails g cancan:ability
+
+In Rails 2.3, just add a new class in `app/models/ability.rb` with the following contents:
+
+```ruby
+class Ability
+  include CanCan::Ability
+
+  def initialize(user)
+  end
+end
+```
+
+See [Defining Abilities](https://github.com/CanCanCommunity/cancancan/wiki/defining-abilities) for details.
+
+
+### 2. Check Abilities & Authorization
+
+The current user's permissions can then be checked using the `can?` and `cannot?` methods in the view and controller.
+
+```erb
+<% if can? :update, @article %>
+  <%= link_to "Edit", edit_article_path(@article) %>
+<% end %>
+```
+
+See [Checking Abilities](https://github.com/CanCanCommunity/cancancan/wiki/checking-abilities) for more information
+
+The `authorize!` method in the controller will raise an exception if the user is not able to perform the given action.
+
+```ruby
+def show
+  @article = Article.find(params[:id])
+  authorize! :read, @article
+end
+```
+
+Setting this for every action can be tedious, therefore the `load_and_authorize_resource` method is provided to automatically authorize all actions in a RESTful style resource controller. It will use a before filter to load the resource into an instance variable and authorize it for every action.
+
+```ruby
+class ArticlesController < ApplicationController
+  load_and_authorize_resource
+
+  def show
+    # @article is already loaded and authorized
+  end
+end
+```
+
+See [Authorizing Controller Actions](https://github.com/CanCanCommunity/cancancan/wiki/authorizing-controller-actions) for more information.
+
+
+#### Strong Parameters
+
+When using `strong_parameters` or Rails 4+, you have to sanitize inputs before saving the record, in actions such as `:create` and `:update`.
+
+By default, CanCan will try to sanitize the input on `:create` and `:update` routes by seeing if your controller will respond to the following methods (in order):
+
+* `create_params` or `update_params` (depending on the action you are performing)
+* `<model_name>_params` such as `article_params` (this is the default convention in rails for naming your param method)
+* `resource_params` (a generically named method you could specify in each controller)
+
+Additionally, `load_and_authorize_resource` can now take a `param_method` option to specify a custom method in the controller to run to sanitize input.
+
+You can associate the `param_method` option with a symbol corresponding to the name of a method that will get called:
+
+```ruby
+class ArticlesController < ApplicationController
+  load_and_authorize_resource param_method: :my_sanitizer
+
+  def create
+    if @article.save
+      # hurray
+    else
+      render :new
+    end
+  end
+
+  private
+
+  def my_sanitizer
+    params.require(:article).permit(:name)
+  end
+end
+```
+
+You can also use a string that will be evaluated in the context of the controller using `instance_eval` and needs to contain valid Ruby code. This does come in handy when using a PermittedParams class as suggested in Railscast 371:
+
+    load_and_authorize_resource param_method: 'permitted_params.article'
+
+Finally, it's possible to associate `param_method` with a Proc object which will be called with the controller as the only argument:
+
+    load_and_authorize_resource param_method: Proc.new [ |c| c.params.require(:article).permit(:name) ]
+
+See [Strong Parameters](https://github.com/CanCanCommunity/cancancan/wiki/Strong-Parameters) for more information.
+
+### 3. Handle Unauthorized Access
+
+If the user authorization fails, a `CanCan::AccessDenied` exception will be raised. You can catch this and modify its behavior in the `ApplicationController`.
+
+```ruby
+class ApplicationController < ActionController::Base
+  rescue_from CanCan::AccessDenied do |exception|
+    redirect_to root_url, :alert => exception.message
+  end
+end
+```
+
+See [Exception Handling](https://github.com/CanCanCommunity/cancancan/wiki/exception-handling) for more information.
+
+
+### 4. Lock It Down
+
+If you want to ensure authorization happens on every action in your application, add `check_authorization` to your `ApplicationController`.
+
+```ruby
+class ApplicationController < ActionController::Base
+  check_authorization
+end
+```
+
+This will raise an exception if authorization is not performed in an action. If you want to skip this add `skip_authorization_check` to a controller subclass. See [Ensure Authorization](https://github.com/CanCanCommunity/cancancan/wiki/Ensure-Authorization) for more information.
+
+
+## Wiki Docs
+
+* [Upgrading to 1.6](https://github.com/CanCanCommunity/cancancan/wiki/Upgrading-to-1.6)
+* [Defining Abilities](https://github.com/CanCanCommunity/cancancan/wiki/Defining-Abilities)
+* [Checking Abilities](https://github.com/CanCanCommunity/cancancan/wiki/Checking-Abilities)
+* [Authorizing Controller Actions](https://github.com/CanCanCommunity/cancancan/wiki/Authorizing-Controller-Actions)
+* [Exception Handling](https://github.com/CanCanCommunity/cancancan/wiki/Exception-Handling)
+* [Changing Defaults](https://github.com/CanCanCommunity/cancancan/wiki/Changing-Defaults)
+* [See more](https://github.com/CanCanCommunity/cancancan/wiki)
+
+## Questions or Problems?
+
+If you have any issues with CanCan which you cannot find the solution to in the [documentation](https://github.com/CanCanCommunity/cancancan/wiki) or our mailing list: http://groups.google.com/group/cancancan, please add an [issue on GitHub](https://github.com/CanCanCommunity/cancancan/issues) or fork the project and send a pull request.
+
+
+## Development
+
+Cancancan uses [appraisals](https://github.com/thoughtbot/appraisal) to test the code base against multiple versions of rails, as well as the different model adapters.
+
+When first developing, you may need to run `bundle install` and then `appraisal install`, to install the different sets.
+
+You can then run all appraisal files (like CI does), with `appraisal rake` or just run a specific set `appraisal activerecord_3.0 rake`.
+
+See the [CONTRIBUTING](https://github.com/CanCanCommunity/cancancan/blob/develop/CONTRIBUTING.md) and [spec/README](https://github.com/CanCanCommunity/cancancan/blob/master/spec/README.rdoc) for more information.
+
+
+## Special Thanks
+
+CanCan was inspired by [declarative_authorization](https://github.com/stffn/declarative_authorization/) and [aegis](https://github.com/makandra/aegis). Also many thanks to the [CanCan contributors](https://github.com/CanCanCommunity/cancancan/contributors). See the [CHANGELOG](https://github.com/CanCanCommunity/cancancan/blob/master/CHANGELOG.rdoc) for the full list.

data/gemfiles/activerecord_3.1.gemfile

@@ -4,6 +4,10 @@ source "https://rubygems.org"
 
 gem "activerecord", "~> 3.1.0", :require => "active_record"
 
+platforms :ruby_18, :ruby_19 do
+  gem "i18n", "< 0.7"
+end
+
 platforms :jruby do
   gem "activerecord-jdbcsqlite3-adapter"
   gem "jdbc-sqlite3"

data/gemfiles/activerecord_3.2.gemfile

@@ -4,6 +4,10 @@ source "https://rubygems.org"
 
 gem "activerecord", "~> 3.2.0", :require => "active_record"
 
+platforms :ruby_18, :ruby_19 do
+  gem "i18n", "< 0.7"
+end
+
 platforms :jruby do
   gem "activerecord-jdbcsqlite3-adapter"
   gem "jdbc-sqlite3"

data/gemfiles/activerecord_4.2.gemfile

@@ -0,0 +1,17 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "activerecord", "~> 4.2.0", :require => "active_record"
+gem "activesupport", "~> 4.2.0", :require => "active_support/all"
+
+platforms :jruby do
+  gem "activerecord-jdbcsqlite3-adapter"
+  gem "jdbc-sqlite3"
+end
+
+platforms :ruby, :mswin, :mingw do
+  gem "sqlite3"
+end
+
+gemspec :path => "../"

data/gemfiles/datamapper_1.x.gemfile

@@ -3,8 +3,12 @@
 source "https://rubygems.org"
 
 gem "activesupport", "~> 3.0", :require => "active_support/all"
-gem "dm-core", "~> 1.0.2"
-gem "dm-sqlite-adapter", "~> 1.0.2"
-gem "dm-migrations", "~> 1.0.2"
+gem "dm-core", "~> 1.0"
+gem "dm-sqlite-adapter", "~> 1.0"
+gem "dm-migrations", "~> 1.0"
+
+platforms :ruby_18, :ruby_19 do
+  gem "i18n", "< 0.7"
+end
 
 gemspec :path => "../"

data/gemfiles/mongoid_2.x.gemfile

@@ -5,6 +5,10 @@ source "https://rubygems.org"
 gem "activesupport", "~> 3.0", :require => "active_support/all"
 gem "mongoid", "~> 2.0.0"
 
+platforms :ruby_18, :ruby_19 do
+  gem "i18n", "< 0.7"
+end
+
 platforms :ruby, :mswin, :mingw do
   gem "bson_ext", "~> 1.1"
 end

data/gemfiles/sequel_3.x.gemfile

@@ -5,6 +5,10 @@ source "https://rubygems.org"
 gem "sequel", "~> 3.47.0"
 gem "activesupport", "~> 3.0", :require => "active_support/all"
 
+platforms :ruby_18, :ruby_19 do
+  gem "i18n", "< 0.7"
+end
+
 platforms :jruby do
   gem "jdbc-sqlite3"
 end

data/lib/cancan/controller_resource.rb

@@ -263,7 +263,7 @@ module CanCan
     end
 
     def namespaced_name
-      [namespace, name.camelize].join('::').singularize.camelize.constantize
+      [namespace, name.camelize].flatten.map(&:camelize).join('::').singularize.constantize
     rescue NameError
       name
     end

data/lib/cancan/matchers.rb

@@ -1,10 +1,10 @@
-rspec_module = defined?(RSpec::Core) ? 'RSpec' : 'Spec'  # for RSpec 1 compatability
+rspec_module = defined?(RSpec::Core) ? 'RSpec' : 'Spec' # RSpec 1 compatability
 
 if rspec_module == 'RSpec'
   require 'rspec/core'
   require 'rspec/expectations'
 else
-  ActiveSupport::Deprecation.warn("RSpec < 3 will not be supported in the CanCanCan >= 2.0.0")
+  ActiveSupport::Deprecation.warn('RSpec < 3 will not be supported in the CanCanCan >= 2.0.0')
 end
 
 Kernel.const_get(rspec_module)::Matchers.define :be_able_to do |*args|
@@ -18,11 +18,25 @@ Kernel.const_get(rspec_module)::Matchers.define :be_able_to do |*args|
     alias :failure_message_when_negated :failure_message_for_should_not
   end
 
-  failure_message do |ability|
-    "expected to be able to #{args.map(&:inspect).join(" ")}"
+  failure_message do
+    resource = args[1]
+    if resource.instance_of?(Class)
+      "expected to be able to #{args.map(&:to_s).join(' ')}"
+    else
+      "expected to be able to #{args.map(&:inspect).join(' ')}"
+    end
   end
 
-  failure_message_when_negated do |ability|
-    "expected not to be able to #{args.map(&:inspect).join(" ")}"
+  failure_message_when_negated do
+    resource = args[1]
+    if resource.instance_of?(Class)
+      "expected not to be able to #{args.map(&:to_s).join(' ')}"
+    else
+      "expected not to be able to #{args.map(&:inspect).join(' ')}"
+    end
+  end
+
+  description do
+    "be able to #{args.map(&:to_s).join(' ')}"
   end
 end

data/lib/cancan/model_adapters/active_record_4_adapter.rb

@@ -17,6 +17,18 @@ module CanCan
         relation = relation.includes(joins).references(joins) if joins.present?
         relation
       end
+
+      # Rails 4.2 deprecates `sanitize_sql_hash_for_conditions`
+      def sanitize_sql(conditions)
+        if ActiveRecord::VERSION::MINOR >= 2 && Hash === conditions
+          relation = @model_class.unscoped.where(conditions)
+          predicates = relation.where_values
+          bind_values = relation.bind_values
+          query = Arel::Nodes::And.new(predicates).to_sql
+          conditions = [query, *bind_values.map { |col, val| val }]
+        end
+        @model_class.send(:sanitize_sql, conditions)
+      end
     end
   end
 end

data/lib/cancan/version.rb

@@ -1,3 +1,3 @@
 module CanCan
-  VERSION = "1.9.2"
+  VERSION = "1.10.0"
 end

data/spec/README.rdoc

@@ -6,7 +6,7 @@ To run the specs first run the +bundle+ command to install the necessary gems an
 
   bundle
 
-Then run the appraisal command to install all the necssary test sets:
+Then run the appraisal command to install all the necessary test sets:
 
   appraisal install
 

data/spec/cancan/controller_resource_spec.rb

@@ -103,6 +103,17 @@ describe CanCan::ControllerResource do
       expect(controller.instance_variable_get(:@sub_model).name).to eq("foobar")
     end
 
+    it "builds a new resource for namespaced controller given through folder format" do
+      module Admin
+        module SubModule
+          class HiddenModel < ::Model; end
+        end
+      end
+      params.merge!(:controller => "admin/sub_module/hidden_models")
+      resource = CanCan::ControllerResource.new(controller)
+      expect { resource.load_resource }.not_to raise_error
+    end
+
     it "does not build record through has_one association with :singleton option because it can cause it to delete it in the database" do
       category = Class.new
       allow_any_instance_of(Model).to receive('category=').with(category)

data/spec/cancan/model_adapters/active_record_4_adapter_spec.rb

@@ -7,11 +7,11 @@ if defined? CanCan::ModelAdapters::ActiveRecord4Adapter
       ActiveRecord::Migration.verbose = false
       ActiveRecord::Schema.define do
         create_table(:parents) do |t|
-          t.timestamps
+          t.timestamps :null => false
         end
 
         create_table(:children) do |t|
-          t.timestamps
+          t.timestamps :null => false
           t.integer :parent_id
         end
       end

data/spec/cancan/model_adapters/active_record_adapter_spec.rb

@@ -11,17 +11,17 @@ if defined? CanCan::ModelAdapters::ActiveRecordAdapter
         create_table(:categories) do |t|
           t.string :name
           t.boolean :visible
-          t.timestamps
+          t.timestamps :null => false
         end
 
         create_table(:projects) do |t|
           t.string :name
-          t.timestamps
+          t.timestamps :null => false
         end
 
         create_table(:articles) do |t|
           t.string :name
-          t.timestamps
+          t.timestamps :null => false
           t.boolean :published
           t.boolean :secret
           t.integer :priority
@@ -32,17 +32,17 @@ if defined? CanCan::ModelAdapters::ActiveRecordAdapter
         create_table(:comments) do |t|
           t.boolean :spam
           t.integer :article_id
-          t.timestamps
+          t.timestamps :null => false
         end
 
         create_table(:legacy_mentions) do |t|
           t.integer :user_id
           t.integer :article_id
-          t.timestamps
+          t.timestamps :null => false
         end
 
         create_table(:users) do |t|
-          t.timestamps
+          t.timestamps :null => false
         end
       end
 
@@ -346,13 +346,13 @@ if defined? CanCan::ModelAdapters::ActiveRecordAdapter
       before :each do
         ActiveRecord::Schema.define do
           create_table( :table_xes ) do |t|
-            t.timestamps
+            t.timestamps :null => false
           end
 
           create_table( :table_zs ) do |t|
             t.integer :table_x_id
             t.integer :user_id
-            t.timestamps
+            t.timestamps :null => false
           end
         end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: cancancan
 version: !ruby/object:Gem::Version
-  version: 1.9.2
+  version: 1.10.0
 platform: ruby
 authors:
 - Bryan Rite
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-08-08 00:00:00.000000000 Z
+date: 2015-01-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -82,7 +82,7 @@ files:
 - CONTRIBUTING.md
 - Gemfile
 - LICENSE
-- README.rdoc
+- README.md
 - Rakefile
 - cancancan.gemspec
 - gemfiles/activerecord_3.0.gemfile
@@ -90,6 +90,7 @@ files:
 - gemfiles/activerecord_3.2.gemfile
 - gemfiles/activerecord_4.0.gemfile
 - gemfiles/activerecord_4.1.gemfile
+- gemfiles/activerecord_4.2.gemfile
 - gemfiles/datamapper_1.x.gemfile
 - gemfiles/mongoid_2.x.gemfile
 - gemfiles/sequel_3.x.gemfile
@@ -154,7 +155,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: 1.3.4
 requirements: []
 rubyforge_project: cancancan
-rubygems_version: 2.2.2
+rubygems_version: 2.4.3
 signing_key: 
 specification_version: 4
 summary: Simple authorization solution for Rails.
@@ -165,6 +166,7 @@ test_files:
 - gemfiles/activerecord_3.2.gemfile
 - gemfiles/activerecord_4.0.gemfile
 - gemfiles/activerecord_4.1.gemfile
+- gemfiles/activerecord_4.2.gemfile
 - gemfiles/datamapper_1.x.gemfile
 - gemfiles/mongoid_2.x.gemfile
 - gemfiles/sequel_3.x.gemfile

data/README.rdoc

@@ -1,183 +0,0 @@
-= CanCanCan
-{<img src="https://badge.fury.io/rb/cancancan.png" alt="Gem Version" />}[http://badge.fury.io/rb/cancancan]
-{<img src="https://travis-ci.org/CanCanCommunity/cancancan.png?branch=master" alt="Build Status" />}[https://travis-ci.org/CanCanCommunity/cancancan]
-{<img src="https://codeclimate.com/github/CanCanCommunity/cancancan.png" />}[https://codeclimate.com/github/CanCanCommunity/cancancan]
-{<img src="http://inch-ci.org/github/CanCanCommunity/cancancan.png" alt="Inline docs" />}[http://inch-ci.org/github/CanCanCommunity/cancancan]
-
-Wiki[https://github.com/bryanrite/cancancan/wiki] | RDocs[http://rdoc.info/projects/ryanb/cancan] | Screencast[http://railscasts.com/episodes/192-authorization-with-cancan]
-
-CanCan is an authorization library for Ruby on Rails which restricts what resources a given user is allowed to access. All permissions are defined in a single location (the +Ability+ class) and not duplicated across controllers, views, and database queries.
-
-
-== Mission
-
-This repo is a continuation of the dead CanCan[https://github.com/ryanb/cancan] project. Our mission is to keep CanCan alive and moving forward, with maintenance fixes and new features. Pull Requests are welcome!
-
-I am currently focusing on the 1.x branch for the immediate future, making sure it is up to date as well as ensuring compatibility with Rails 4+. I will take a look into the 2.x branch and try to see what improvements, reorganizations and redesigns Ryan was attempting and go forward from there.
-
-Any help is greatly appreciated, feel free to submit pull-requests or open issues.
-
-
-== Installation
-
-In <b>Rails 3 and 4</b>, add this to your Gemfile and run the +bundle+ command.
-
-  gem 'cancancan', '~> 1.9'
-
-In <b>Rails 2</b>, add this to your environment.rb file.
-
-  config.gem "cancancan"
-
-Alternatively, you can install it as a plugin.
-
-  rails plugin install git://github.com/bryanrite/cancancan.git
-
-
-== Getting Started
-
-CanCanCan expects a +current_user+ method to exist in the controller. First, set up some authentication (such as Authlogic[https://github.com/binarylogic/authlogic] or Devise[https://github.com/plataformatec/devise]). See {Changing Defaults}[https://github.com/bryanrite/cancancan/wiki/changing-defaults] if you need different behavior.
-
-
-=== 1. Define Abilities
-
-User permissions are defined in an +Ability+ class. CanCan 1.5 includes a Rails 3 and 4 generator for creating this class.
-
-  rails g cancan:ability
-
-In Rails 2.3, just add a new class in <tt>app/models/ability.rb</tt> with the following contents:
-
-  class Ability
-    include CanCan::Ability
-
-    def initialize(user)
-    end
-  end
-
-See {Defining Abilities}[https://github.com/bryanrite/cancancan/wiki/defining-abilities] for details.
-
-
-=== 2. Check Abilities & Authorization
-
-The current user's permissions can then be checked using the <tt>can?</tt> and <tt>cannot?</tt> methods in the view and controller.
-
-  <% if can? :update, @article %>
-    <%= link_to "Edit", edit_article_path(@article) %>
-  <% end %>
-
-See {Checking Abilities}[https://github.com/bryanrite/cancancan/wiki/checking-abilities] for more information
-
-The <tt>authorize!</tt> method in the controller will raise an exception if the user is not able to perform the given action.
-
-  def show
-    @article = Article.find(params[:id])
-    authorize! :read, @article
-  end
-
-Setting this for every action can be tedious, therefore the +load_and_authorize_resource+ method is provided to automatically authorize all actions in a RESTful style resource controller. It will use a before filter to load the resource into an instance variable and authorize it for every action.
-
-  class ArticlesController < ApplicationController
-    load_and_authorize_resource
-
-    def show
-      # @article is already loaded and authorized
-    end
-  end
-
-See {Authorizing Controller Actions}[https://github.com/bryanrite/cancancan/wiki/authorizing-controller-actions] for more information.
-
-
-==== Strong Parameters
-
-When using <tt>strong_parameters</tt> or Rails 4+, you have to sanitize inputs before saving the record, in actions such as <tt>:create</tt> and <tt>:update</tt>.
-
-By default, CanCan will try to sanitize the input on <tt>:create</tt> and <tt>:update</tt> routes by seeing if your controller will respond to the following methods (in order):
-
-* <tt>create_params</tt> or <tt>update_params</tt> (depending on the action you are performing)
-* <tt><model_name>_params</tt> such as <tt>article_params</tt> (this is the default convention in rails for naming your param method)
-* <tt>resource_params</tt> (a generically named method you could specify in each controller)
-
-Additionally, <tt>load_and_authorize_resource</tt> can now take a <tt>param_method</tt> option to specify a custom method in the controller to run to sanitize input.
-
-You can associate the <tt>param_method</tt> option with a symbol corresponding to the name of a method that will get called:
-
-  class ArticlesController < ApplicationController
-    load_and_authorize_resource param_method: :my_sanitizer
-
-    def create
-      if @article.save
-        # hurray
-      else
-        render :new
-      end
-    end
-
-    private
-
-    def my_sanitizer
-      params.require(:article).permit(:name)
-    end
-  end
-
-You can also use a string that will be evaluated in the context of the controller using <tt>instance_eval</tt> and needs to contain valid Ruby code. This does come in handy when using a PermittedParams class as suggested in Railscast 371:
-
-  load_and_authorize_resource param_method: 'permitted_params.article'
-
-Finally, it's possible to associate <tt>param_method</tt> with a Proc object which will be called with the controller as the only argument:
-
-  load_and_authorize_resource param_method: Proc.new { |c| c.params.require(:article).permit(:name) }
-
-See {Strong Parameters}[https://github.com/bryanrite/cancancan/wiki/Strong-Parameters] for more information.
-
-=== 3. Handle Unauthorized Access
-
-If the user authorization fails, a <tt>CanCan::AccessDenied</tt> exception will be raised. You can catch this and modify its behavior in the +ApplicationController+.
-
-  class ApplicationController < ActionController::Base
-    rescue_from CanCan::AccessDenied do |exception|
-      redirect_to root_url, :alert => exception.message
-    end
-  end
-
-See {Exception Handling}[https://github.com/bryanrite/cancancan/wiki/exception-handling] for more information.
-
-
-=== 4. Lock It Down
-
-If you want to ensure authorization happens on every action in your application, add +check_authorization+ to your ApplicationController.
-
-  class ApplicationController < ActionController::Base
-    check_authorization
-  end
-
-This will raise an exception if authorization is not performed in an action. If you want to skip this add +skip_authorization_check+ to a controller subclass. See {Ensure Authorization}[https://github.com/bryanrite/cancancan/wiki/Ensure-Authorization] for more information.
-
-
-== Wiki Docs
-
-* {Upgrading to 1.6}[https://github.com/bryanrite/cancancan/wiki/Upgrading-to-1.6]
-* {Defining Abilities}[https://github.com/bryanrite/cancancan/wiki/Defining-Abilities]
-* {Checking Abilities}[https://github.com/bryanrite/cancancan/wiki/Checking-Abilities]
-* {Authorizing Controller Actions}[https://github.com/bryanrite/cancancan/wiki/Authorizing-Controller-Actions]
-* {Exception Handling}[https://github.com/bryanrite/cancancan/wiki/Exception-Handling]
-* {Changing Defaults}[https://github.com/bryanrite/cancancan/wiki/Changing-Defaults]
-* {See more}[https://github.com/bryanrite/cancancan/wiki]
-
-== Questions or Problems?
-
-If you have any issues with CanCan which you cannot find the solution to in the documentation[https://github.com/bryanrite/cancancan/wiki] or our mailing list: http://groups.google.com/group/cancancan, please add an {issue on GitHub}[https://github.com/bryanrite/cancancan/issues] or fork the project and send a pull request.
-
-
-== Development
-
-Cancancan uses {appraisals}[https://github.com/thoughtbot/appraisal] to test the code base against multiple versions of rails, as well as the different model adapters.
-
-When first developing, you may need to run <tt>bundle install</tt> and then <tt>appraisal install</tt>, to install the different sets.
-
-You can then run all appraisal files (like CI does), with <tt>appraisal rake</tt> or just run a specific set <tt>appraisal activerecord_3.0 rake</tt>.
-
-See the {CONTRIBUTING}[https://github.com/CanCanCommunity/cancancan/blob/develop/CONTRIBUTING.md] and {spec/README}[https://github.com/bryanrite/cancancan/blob/master/spec/README.rdoc] for more information.
-
-
-== Special Thanks
-
-CanCan was inspired by declarative_authorization[https://github.com/stffn/declarative_authorization/] and aegis[https://github.com/makandra/aegis]. Also many thanks to the CanCan contributors[https://github.com/bryanrite/cancancan/contributors]. See the CHANGELOG[https://github.com/bryanrite/cancancan/blob/master/CHANGELOG.rdoc] for the full list.