cancancan 1.8.4 → 1.9.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 819e93ed0b90294960a5cf198d9b2b706bb92102
-  data.tar.gz: d172cc5b2b9a84c5c16a984bf4f7a736b7972a56
+  metadata.gz: 59fd5f683924f32658036d91ec731a03dc2620f0
+  data.tar.gz: 80ada1d8d82e08dae4f39afa0f4fc6e0bba1a43b
 SHA512:
-  metadata.gz: 0561f92075412910012056ba8de57554d093bf19d8b4d8453a79b322e46fac3a5cd55683312505afd85c6d910fd55ca6ea787f1db1f57d4debd8e91e89adefce
-  data.tar.gz: e241a95106dd3ee46df19a7808368fbcfb970798e8e87bc0836e4f88df3b032a4f1462e698b0a739ff57ff37b90661c598bc96ebf89f824bc025dc68e09070c0
+  metadata.gz: f7854cb0fd225fc65ca36e2ae8b3d257e2509ebc092801a1802686bd2537dcb3c53f0e522f3d9a43b15ded9765a026c9d11c3588f4a4ff28bd752606fa01788c
+  data.tar.gz: e98f2b6d8defb75df838a82a5c0a28befdec610db7be82f119e70a922d953963fc7c268d014668ccf28c5fd54ccabbda9ca8d8bba4e175b587a36093f4da76b4

data/.travis.yml

@@ -11,6 +11,8 @@ gemfile:
   - gemfiles/activerecord_3.0.gemfile
   - gemfiles/activerecord_3.1.gemfile
   - gemfiles/activerecord_3.2.gemfile
+  - gemfiles/activerecord_4.0.gemfile
+  - gemfiles/activerecord_4.1.gemfile
   - gemfiles/datamapper_1.x.gemfile
   - gemfiles/mongoid_2.x.gemfile
   - gemfiles/sequel_3.x.gemfile
@@ -19,6 +21,19 @@ services:
 matrix:
   allow_failures:
     - rvm: rbx
+  exclude:
+    - rvm: 1.8.7
+      gemfile: gemfiles/activerecord_4.0.gemfile
+    - rvm: 1.8.7
+      gemfile: gemfiles/activerecord_4.1.gemfile
+    - rvm: 1.9.2
+      gemfile: gemfiles/activerecord_4.0.gemfile
+    - rvm: 1.9.2
+      gemfile: gemfiles/activerecord_4.1.gemfile
+    - rvm: ree
+      gemfile: gemfiles/activerecord_4.0.gemfile
+    - rvm: ree
+      gemfile: gemfiles/activerecord_4.1.gemfile
 notifications:
   recipients:
     - bryan@bryanrite.com

data/Appraisals

@@ -39,6 +39,34 @@ appraise "activerecord_3.2" do
   end
 end
 
+appraise "activerecord_4.0" do
+  gem "activerecord", "~> 4.0.5", :require => "active_record"
+  gem 'activesupport', '~> 4.0.5', :require => 'active_support/all'
+
+  gemfile.platforms :jruby do
+    gem "activerecord-jdbcsqlite3-adapter"
+    gem "jdbc-sqlite3"
+  end
+
+  gemfile.platforms :ruby, :mswin, :mingw do
+    gem "sqlite3"
+  end
+end
+
+appraise "activerecord_4.1" do
+  gem "activerecord", "~> 4.1.1", :require => "active_record"
+  gem 'activesupport', '~> 4.1.1', :require => 'active_support/all'
+
+  gemfile.platforms :jruby do
+    gem "activerecord-jdbcsqlite3-adapter"
+    gem "jdbc-sqlite3"
+  end
+
+  gemfile.platforms :ruby, :mswin, :mingw do
+    gem "sqlite3"
+  end
+end
+
 appraise "datamapper_1.x" do
   gem 'activesupport', '~> 3.0', :require => 'active_support/all'
   gem "dm-core", "~> 1.0.2"

data/CHANGELOG.rdoc

@@ -1,6 +1,13 @@
 Develop
 
 
+1.9.0 (July 20th, 2014)
+
+* Fix cancancan#59 - Parameters are automatically detected and santitized for all actions, not just create and update. (bryanrite)
+
+* Fix cancancan#97, 72, 40, 39, 26 - Support Active Record 4 properly with references on nested permissions. (scpike, tdg5, Crystark)
+
+
 1.8.4 (June 24th, 2014)
 
 * Fix cancancan#86 - Fixes previous RSpec 3 update as there was a bug in the fix for RSpec 2.99. (bryanrite)

data/README.rdoc

@@ -22,7 +22,7 @@ Any help is greatly appreciated, feel free to submit pull-requests or open issue
 
 In <b>Rails 3 and 4</b>, add this to your Gemfile and run the +bundle+ command.
 
-  gem 'cancancan', '~> 1.8'
+  gem 'cancancan', '~> 1.9'
 
 In <b>Rails 2</b>, add this to your environment.rb file.
 

data/gemfiles/activerecord_4.0.gemfile

@@ -0,0 +1,17 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "activerecord", "~> 4.0.5", :require => "active_record"
+gem "activesupport", "~> 4.0.5", :require => "active_support/all"
+
+platforms :jruby do
+  gem "activerecord-jdbcsqlite3-adapter"
+  gem "jdbc-sqlite3"
+end
+
+platforms :ruby, :mswin, :mingw do
+  gem "sqlite3"
+end
+
+gemspec :path => "../"

data/gemfiles/activerecord_4.1.gemfile

@@ -0,0 +1,17 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "activerecord", "~> 4.1.1", :require => "active_record"
+gem "activesupport", "~> 4.1.1", :require => "active_support/all"
+
+platforms :jruby do
+  gem "activerecord-jdbcsqlite3-adapter"
+  gem "jdbc-sqlite3"
+end
+
+platforms :ruby, :mswin, :mingw do
+  gem "sqlite3"
+end
+
+gemspec :path => "../"

data/lib/cancan.rb

@@ -9,7 +9,17 @@ require 'cancan/inherited_resource'
 
 require 'cancan/model_adapters/abstract_adapter'
 require 'cancan/model_adapters/default_adapter'
-require 'cancan/model_adapters/active_record_adapter' if defined? ActiveRecord
+
+if defined? ActiveRecord
+  require 'cancan/model_adapters/active_record_adapter'
+  if ActiveRecord.respond_to?(:version) &&
+      ActiveRecord.version >= Gem::Version.new("4")
+    require 'cancan/model_adapters/active_record_4_adapter'
+  else
+    require 'cancan/model_adapters/active_record_3_adapter'
+  end
+end
+
 require 'cancan/model_adapters/data_mapper_adapter' if defined? DataMapper
 require 'cancan/model_adapters/mongoid_adapter' if defined?(Mongoid) && defined?(Mongoid::Document)
 require 'cancan/model_adapters/sequel_adapter' if defined? Sequel

data/lib/cancan/controller_additions.rb

@@ -294,7 +294,7 @@ module CanCan
 
     def self.included(base)
       base.extend ClassMethods
-      base.helper_method :can?, :cannot?, :current_ability
+      base.helper_method :can?, :cannot?, :current_ability if base.respond_to? :helper_method
     end
 
     # Raises a CanCan::AccessDenied exception if the current_ability cannot

data/lib/cancan/controller_resource.rb

@@ -220,22 +220,29 @@ module CanCan
     end
 
     def resource_params
-      if param_actions.include?(@params[:action].to_sym) && params_method.present?
+      if parameters_require_sanitizing? && params_method.present?
         return case params_method
           when Symbol then @controller.send(params_method)
           when String then @controller.instance_eval(params_method)
           when Proc then params_method.call(@controller)
         end
-      elsif @options[:class]
-        params_key = extract_key(@options[:class])
-        return @params[params_key] if @params[params_key]
+      else
+        resource_params_by_namespaced_name
       end
+    end
 
-      resource_params_by_namespaced_name
+    def parameters_require_sanitizing?
+      save_actions.include?(@params[:action].to_sym) || resource_params_by_namespaced_name.present?
     end
 
     def resource_params_by_namespaced_name
-      @params[extract_key(namespaced_name)]
+      if @options[:instance_name] && @params.has_key?(extract_key(@options[:instance_name]))
+        @params[extract_key(@options[:instance_name])]
+      elsif @options[:class] && @params.has_key?(extract_key(@options[:class]))
+        @params[extract_key(@options[:class])]
+      else
+        @params[extract_key(namespaced_name)]
+      end
     end
 
     def params_method
@@ -277,7 +284,7 @@ module CanCan
       [:new, :create] + Array(@options[:new])
     end
 
-    def param_actions
+    def save_actions
       [:create, :update]
     end
 

data/lib/cancan/model_adapters/active_record_3_adapter.rb

@@ -0,0 +1,47 @@
+module CanCan
+  module ModelAdapters
+    class ActiveRecord3Adapter < AbstractAdapter
+      include ActiveRecordAdapter
+      def self.for_class?(model_class)
+        model_class <= ActiveRecord::Base
+      end
+
+      def self.override_condition_matching?(subject, name, value)
+        name.kind_of?(MetaWhere::Column) if defined? MetaWhere
+      end
+
+      def self.matches_condition?(subject, name, value)
+        subject_value = subject.send(name.column)
+        if name.method.to_s.ends_with? "_any"
+          value.any? { |v| meta_where_match? subject_value, name.method.to_s.sub("_any", ""), v }
+        elsif name.method.to_s.ends_with? "_all"
+          value.all? { |v| meta_where_match? subject_value, name.method.to_s.sub("_all", ""), v }
+        else
+          meta_where_match? subject_value, name.method, value
+        end
+      end
+
+      def self.meta_where_match?(subject_value, method, value)
+        case method.to_sym
+        when :eq      then subject_value == value
+        when :not_eq  then subject_value != value
+        when :in      then value.include?(subject_value)
+        when :not_in  then !value.include?(subject_value)
+        when :lt      then subject_value < value
+        when :lteq    then subject_value <= value
+        when :gt      then subject_value > value
+        when :gteq    then subject_value >= value
+        when :matches then subject_value =~ Regexp.new("^" + Regexp.escape(value).gsub("%", ".*") + "$", true)
+        when :does_not_match then !meta_where_match?(subject_value, :matches, value)
+        else raise NotImplemented, "The #{method} MetaWhere condition is not supported."
+        end
+      end
+
+      private
+
+      def build_relation(*where_conditions)
+        @model_class.where(*where_conditions).includes(joins)
+      end
+    end
+  end
+end

data/lib/cancan/model_adapters/active_record_4_adapter.rb

@@ -0,0 +1,21 @@
+module CanCan
+  module ModelAdapters
+    class ActiveRecord4Adapter < AbstractAdapter
+      include ActiveRecordAdapter
+      def self.for_class?(model_class)
+        model_class <= ActiveRecord::Base
+      end
+
+      private
+
+      # As of rails 4, `includes()` no longer causes active record to
+      # look inside the where clause to decide to outer join tables
+      # you're using in the where. Instead, `references()` is required
+      # in addition to `includes()` to force the outer join.
+      #
+      def build_relation(*where_conditions)
+        @model_class.where(*where_conditions).includes(joins).references(joins)
+      end
+    end
+  end
+end

data/lib/cancan/model_adapters/active_record_adapter.rb

@@ -1,41 +1,6 @@
 module CanCan
   module ModelAdapters
-    class ActiveRecordAdapter < AbstractAdapter
-      def self.for_class?(model_class)
-        model_class <= ActiveRecord::Base
-      end
-
-      def self.override_condition_matching?(subject, name, value)
-        name.kind_of?(MetaWhere::Column) if defined? MetaWhere
-      end
-
-      def self.matches_condition?(subject, name, value)
-        subject_value = subject.send(name.column)
-        if name.method.to_s.ends_with? "_any"
-          value.any? { |v| meta_where_match? subject_value, name.method.to_s.sub("_any", ""), v }
-        elsif name.method.to_s.ends_with? "_all"
-          value.all? { |v| meta_where_match? subject_value, name.method.to_s.sub("_all", ""), v }
-        else
-          meta_where_match? subject_value, name.method, value
-        end
-      end
-
-      def self.meta_where_match?(subject_value, method, value)
-        case method.to_sym
-        when :eq      then subject_value == value
-        when :not_eq  then subject_value != value
-        when :in      then value.include?(subject_value)
-        when :not_in  then !value.include?(subject_value)
-        when :lt      then subject_value < value
-        when :lteq    then subject_value <= value
-        when :gt      then subject_value > value
-        when :gteq    then subject_value >= value
-        when :matches then subject_value =~ Regexp.new("^" + Regexp.escape(value).gsub("%", ".*") + "$", true)
-        when :does_not_match then !meta_where_match?(subject_value, :matches, value)
-        else raise NotImplemented, "The #{method} MetaWhere condition is not supported."
-        end
-      end
-
+    module ActiveRecordAdapter
       # Returns conditions intended to be used inside a database query. Normally you will not call this
       # method directly, but instead go through ModelAdditions#accessible_by.
       #
@@ -99,11 +64,10 @@ module CanCan
         if override_scope
           @model_class.where(nil).merge(override_scope)
         elsif @model_class.respond_to?(:where) && @model_class.respond_to?(:joins)
-          mergeable_conditions = @rules.select {|rule| rule.unmergeable? }.blank?
-          if mergeable_conditions
-            @model_class.where(conditions).includes(joins)
+          if mergeable_conditions?
+            build_relation(conditions)
           else
-            @model_class.where(*(@rules.map(&:conditions))).includes(joins)
+            build_relation(*(@rules.map(&:conditions)))
           end
         else
           @model_class.all(:conditions => conditions, :joins => joins)
@@ -112,6 +76,10 @@ module CanCan
 
       private
 
+      def mergeable_conditions?
+        @rules.find {|rule| rule.unmergeable? }.blank?
+      end
+
       def override_scope
         conditions = @rules.map(&:conditions).compact
         if defined?(ActiveRecord::Relation) && conditions.any? { |c| c.kind_of?(ActiveRecord::Relation) }

data/lib/cancan/version.rb

@@ -1,3 +1,3 @@
 module CanCan
-  VERSION = "1.8.4"
+  VERSION = "1.9.0"
 end

data/spec/cancan/controller_resource_spec.rb

@@ -125,8 +125,11 @@ describe CanCan::ControllerResource do
     end
 
     context "with a strong parameters method" do
+      before :each do
+        params.merge!(:controller => "model", :model => { :name => 'test'})
+      end
+
       it "accepts and uses the specified symbol for santitizing input" do
-        params.merge!(:controller => "model")
         allow(controller).to receive(:resource_params).and_return(:resource => 'params')
         allow(controller).to receive(:model_params).and_return(:model => 'params')
         allow(controller).to receive(:create_params).and_return(:create => 'params')
@@ -136,19 +139,16 @@ describe CanCan::ControllerResource do
       end
 
       it "accepts the specified string for sanitizing input" do
-        params.merge!(:controller => "model")
         resource = CanCan::ControllerResource.new(controller, {:param_method => "{:custom => 'params'}"})
         expect(resource.send("resource_params")).to eq(:custom => 'params')
       end
 
       it "accepts the specified proc for sanitizing input" do
-        params.merge!(:controller => "model")
         resource = CanCan::ControllerResource.new(controller, {:param_method => Proc.new { |c| {:custom => 'params'}}})
         expect(resource.send("resource_params")).to eq(:custom => 'params')
       end
 
       it "prefers to use the create_params method for santitizing input" do
-        params.merge!(:controller => "model")
         allow(controller).to receive(:resource_params).and_return(:resource => 'params')
         allow(controller).to receive(:model_params).and_return(:model => 'params')
         allow(controller).to receive(:create_params).and_return(:create => 'params')
@@ -158,7 +158,6 @@ describe CanCan::ControllerResource do
       end
 
       it "prefers to use the <model_name>_params method for santitizing input if create is not found" do
-        params.merge!(:controller => "model")
         allow(controller).to receive(:resource_params).and_return(:resource => 'params')
         allow(controller).to receive(:model_params).and_return(:model => 'params')
         allow(controller).to receive(:custom_params).and_return(:custom => 'params')
@@ -167,7 +166,6 @@ describe CanCan::ControllerResource do
       end
 
       it "prefers to use the resource_params method for santitizing input if create or model is not found" do
-        params.merge!(:controller => "model")
         allow(controller).to receive(:resource_params).and_return(:resource => 'params')
         allow(controller).to receive(:custom_params).and_return(:custom => 'params')
         resource = CanCan::ControllerResource.new(controller)
@@ -508,28 +506,41 @@ describe CanCan::ControllerResource do
     end
   end
 
-  context "on update actions" do
-    before :each do
-      params.merge!(:action => 'update')
-    end
+  it "calls the santitizer when the parameter hash matches our object" do
+    params.merge!(:action => 'create', :model => { :name => 'test' })
+    allow(controller).to receive(:create_params).and_return({})
 
-    context "with a strong parameters method" do
-      it "only calls the santitize method with actions matching param_actions" do
-        allow(controller).to receive(:resource_params).and_return(:resource => 'params')
-        resource = CanCan::ControllerResource.new(controller)
-        allow(resource).to receive(:param_actions) { [:create] }
+    resource = CanCan::ControllerResource.new(controller)
+    resource.load_resource
+    expect(controller.instance_variable_get(:@model).name).to eq nil
+  end
 
-        expect(controller).not_to receive(:send).with(:resource_params)
-        resource.send("resource_params")
-      end
+  it "santitizes correctly when the instance name is overriden" do
+    params.merge!(:action => 'create', :custom_name => {:name => "foobar"})
+    allow(controller).to receive(:create_params).and_return({})
 
-      it "uses the proper action param based on the action" do
-        allow(controller).to receive(:create_params).and_return(:create => 'params')
-        allow(controller).to receive(:update_params).and_return(:update => 'params')
-        resource = CanCan::ControllerResource.new(controller)
-        expect(resource.send("resource_params")).to eq(:update => 'params')
-      end
-    end
+    resource = CanCan::ControllerResource.new(controller, :instance_name => :custom_name)
+    resource.load_resource
+    expect(controller.instance_variable_get(:@custom_name).name).to eq nil
+  end
+
+  it "calls the santitize method on non-save actions when required" do
+    params.merge!(:action => 'new', :model => { :name => 'test' })
+
+    allow(controller).to receive(:resource_params).and_return({})
+    resource = CanCan::ControllerResource.new(controller)
+    resource.load_resource
+    expect(controller.instance_variable_get(:@model).name).to eq nil
+  end
+
+  it "doesn't sanitize parameters on non-save actions when not required" do
+    params.merge!(:action => 'new', :not_our_model => { :name => 'test' })
+    allow(controller).to receive(:resource_params).and_raise
+
+    resource = CanCan::ControllerResource.new(controller)
+    expect {
+      resource.load_resource
+    }.to_not raise_error
   end
 
   it "is a parent resource when name is provided which doesn't match controller" do

data/spec/cancan/model_adapters/active_record_adapter_spec.rb

@@ -35,6 +35,12 @@ if defined? CanCan::ModelAdapters::ActiveRecordAdapter
           t.timestamps
         end
 
+        create_table(:legacy_mentions) do |t|
+          t.integer :user_id
+          t.integer :article_id
+          t.timestamps
+        end
+
         create_table(:users) do |t|
           t.timestamps
         end
@@ -50,9 +56,17 @@ if defined? CanCan::ModelAdapters::ActiveRecordAdapter
       class Article < ActiveRecord::Base
         belongs_to :category
         has_many :comments
+        has_many :mentions
+        has_many :mentioned_users, :through => :mentions, :source => :user
         belongs_to :user
       end
 
+      class Mention < ActiveRecord::Base
+        self.table_name = 'legacy_mentions'
+        belongs_to :user
+        belongs_to :article
+      end
+
       class Comment < ActiveRecord::Base
         belongs_to :article
       end
@@ -67,14 +81,22 @@ if defined? CanCan::ModelAdapters::ActiveRecordAdapter
     end
 
     it "is for only active record classes" do
-      expect(CanCan::ModelAdapters::ActiveRecordAdapter).to_not be_for_class(Object)
-      expect(CanCan::ModelAdapters::ActiveRecordAdapter).to be_for_class(Article)
-      expect(CanCan::ModelAdapters::AbstractAdapter.adapter_class(Article)).to eq(CanCan::ModelAdapters::ActiveRecordAdapter)
+      if ActiveRecord.respond_to?(:version) &&
+          ActiveRecord.version > Gem::Version.new("4")
+        expect(CanCan::ModelAdapters::ActiveRecord4Adapter).to_not be_for_class(Object)
+        expect(CanCan::ModelAdapters::ActiveRecord4Adapter).to be_for_class(Article)
+        expect(CanCan::ModelAdapters::AbstractAdapter.adapter_class(Article)).to eq(CanCan::ModelAdapters::ActiveRecord4Adapter)
+      else
+        expect(CanCan::ModelAdapters::ActiveRecord3Adapter).to_not be_for_class(Object)
+        expect(CanCan::ModelAdapters::ActiveRecord3Adapter).to be_for_class(Article)
+        expect(CanCan::ModelAdapters::AbstractAdapter.adapter_class(Article)).to eq(CanCan::ModelAdapters::ActiveRecord3Adapter)
+      end
     end
 
     it "finds record" do
       article = Article.create!
-      expect(CanCan::ModelAdapters::ActiveRecordAdapter.find(Article, article.id)).to eq(article)
+      adapter = CanCan::ModelAdapters::AbstractAdapter.adapter_class(Article)
+      expect(adapter.find(Article, article.id)).to eq(article)
     end
 
     it "does not fetch any records when no abilities are defined" do
@@ -105,6 +127,16 @@ if defined? CanCan::ModelAdapters::ActiveRecordAdapter
       expect(Article.accessible_by(@ability)).to eq([article1, article2, article3])
     end
 
+    it "fetches any articles which we are cited in" do
+      user = User.create!
+      cited = Article.create!
+      not_cited = Article.create!
+      cited.mentioned_users << user
+      @ability.can :read, Article, { :mentioned_users => { :id => user.id } }
+      @ability.can :read, Article, { :mentions => { :user_id => user.id } }
+      expect(Article.accessible_by(@ability)).to eq([cited])
+    end
+
     it "fetches only the articles that are published and not secret" do
       @ability.can :read, Article, :published => true
       @ability.cannot :read, Article, :secret => true
@@ -337,7 +369,7 @@ if defined? CanCan::ModelAdapters::ActiveRecordAdapter
       end
 
       it "matches any MetaWhere condition" do
-        adapter = CanCan::ModelAdapters::ActiveRecordAdapter
+        adapter = CanCan::ModelAdapters::AbstractAdapter.adapter_class(Article)
         article1 = Article.new(:priority => 1, :name => "Hello World")
         expect(adapter.matches_condition?(article1, :priority.eq, 1)).to be(true)
         expect(adapter.matches_condition?(article1, :priority.eq, 2)).to be(false)

data/spec/spec_helper.rb

@@ -7,7 +7,9 @@ require 'matchers'
 require 'cancan/matchers'
 
 # I8n setting to fix deprecation.
-I18n.enforce_available_locales = false if defined? I18n
+if defined?(I18n) && I18n.respond_to?('enforce_available_locales=')
+  I18n.enforce_available_locales = false
+end
 
 # Add support to load paths
 $:.unshift File.expand_path('../support', __FILE__)

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: cancancan
 version: !ruby/object:Gem::Version
-  version: 1.8.4
+  version: 1.9.0
 platform: ruby
 authors:
 - Bryan Rite
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-06-24 00:00:00.000000000 Z
+date: 2014-07-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -88,6 +88,8 @@ files:
 - gemfiles/activerecord_3.0.gemfile
 - gemfiles/activerecord_3.1.gemfile
 - gemfiles/activerecord_3.2.gemfile
+- gemfiles/activerecord_4.0.gemfile
+- gemfiles/activerecord_4.1.gemfile
 - gemfiles/datamapper_1.x.gemfile
 - gemfiles/mongoid_2.x.gemfile
 - gemfiles/sequel_3.x.gemfile
@@ -100,6 +102,8 @@ files:
 - lib/cancan/inherited_resource.rb
 - lib/cancan/matchers.rb
 - lib/cancan/model_adapters/abstract_adapter.rb
+- lib/cancan/model_adapters/active_record_3_adapter.rb
+- lib/cancan/model_adapters/active_record_4_adapter.rb
 - lib/cancan/model_adapters/active_record_adapter.rb
 - lib/cancan/model_adapters/data_mapper_adapter.rb
 - lib/cancan/model_adapters/default_adapter.rb
@@ -158,6 +162,8 @@ test_files:
 - gemfiles/activerecord_3.0.gemfile
 - gemfiles/activerecord_3.1.gemfile
 - gemfiles/activerecord_3.2.gemfile
+- gemfiles/activerecord_4.0.gemfile
+- gemfiles/activerecord_4.1.gemfile
 - gemfiles/datamapper_1.x.gemfile
 - gemfiles/mongoid_2.x.gemfile
 - gemfiles/sequel_3.x.gemfile