cancancan 3.0.2 → 3.1.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 81afd3cec5dc78c4e4d9d14719482ae589ed43bf336cc1b4f9e5681dea56b99d
|
|
4
|
+
data.tar.gz: fd23ce69481f9daf4b227b61e4e7e236abcd40d7b5f0dd01f70ca20a3706fae3
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 04ee2bfead0ce01e0bdc64e69fae219c221495c30950542323fc5e3d91e250e9a679863546c09db9f3a71a647cb414510bcbb92db41309d9b0b2d04f7d2a1b0e
|
|
7
|
+
data.tar.gz: 79b4b11ef02ca50417c4e441dd8586569ed86caa4d3216fc54e1713bd09071e544b529db0babd429dd14b0efc90f59f2dfbd8a8d101a9e4d4332908f0487115b
|
|
@@ -97,7 +97,10 @@ module CanCan
|
|
|
97
97
|
end
|
|
98
98
|
|
|
99
99
|
def conditions_empty?
|
|
100
|
-
@conditions
|
|
100
|
+
# @conditions might be an ActiveRecord::Associations::CollectionProxy
|
|
101
|
+
# which it's `==` implementation will fetch all records for comparison
|
|
102
|
+
|
|
103
|
+
(@conditions.is_a?(Hash) && @conditions == {}) || @conditions.nil?
|
|
101
104
|
end
|
|
102
105
|
end
|
|
103
106
|
end
|
|
@@ -22,9 +22,14 @@ module CanCan
|
|
|
22
22
|
private
|
|
23
23
|
|
|
24
24
|
def build_relation(*where_conditions)
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
25
|
+
if joins.present?
|
|
26
|
+
inner = @model_class.unscoped do
|
|
27
|
+
@model_class.left_joins(joins).where(*where_conditions)
|
|
28
|
+
end
|
|
29
|
+
@model_class.where(@model_class.primary_key => inner)
|
|
30
|
+
else
|
|
31
|
+
@model_class.where(*where_conditions)
|
|
32
|
+
end
|
|
28
33
|
end
|
|
29
34
|
|
|
30
35
|
# Rails 4.2 deprecates `sanitize_sql_hash_for_conditions`
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module CanCan
|
|
4
|
+
module Relevant
|
|
5
|
+
# Matches both the action, subject, and attribute, not necessarily the conditions
|
|
6
|
+
def relevant?(action, subject)
|
|
7
|
+
subject = subject.values.first if subject.class == Hash
|
|
8
|
+
@match_all || (matches_action?(action) && matches_subject?(subject))
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
private
|
|
12
|
+
|
|
13
|
+
def matches_action?(action)
|
|
14
|
+
@expanded_actions.include?(:manage) || @expanded_actions.include?(action)
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
def matches_subject?(subject)
|
|
18
|
+
@subjects.include?(:all) || @subjects.include?(subject) || matches_subject_class?(subject)
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
def matches_subject_class?(subject)
|
|
22
|
+
@subjects.any? do |sub|
|
|
23
|
+
sub.is_a?(Module) && (subject.is_a?(sub) ||
|
|
24
|
+
subject.class.to_s == sub.to_s ||
|
|
25
|
+
(subject.is_a?(Module) && subject.ancestors.include?(sub)))
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
end
|
data/lib/cancan/rule.rb
CHANGED
|
@@ -1,12 +1,15 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
require_relative 'conditions_matcher.rb'
|
|
4
|
+
require_relative 'relevant.rb'
|
|
5
|
+
|
|
4
6
|
module CanCan
|
|
5
7
|
# This class is used internally and should only be called through Ability.
|
|
6
8
|
# it holds the information about a "can" call made on Ability and provides
|
|
7
9
|
# helpful methods to determine permission checking and conditions hash generation.
|
|
8
10
|
class Rule # :nodoc:
|
|
9
11
|
include ConditionsMatcher
|
|
12
|
+
include Relevant
|
|
10
13
|
include ParameterValidators
|
|
11
14
|
attr_reader :base_behavior, :subjects, :actions, :conditions, :attributes
|
|
12
15
|
attr_writer :expanded_actions, :conditions
|
|
@@ -24,9 +27,9 @@ module CanCan
|
|
|
24
27
|
raise Error, "Subject is required for #{action}" if action && subject.nil?
|
|
25
28
|
|
|
26
29
|
@base_behavior = base_behavior
|
|
27
|
-
@actions =
|
|
28
|
-
@subjects =
|
|
29
|
-
@attributes =
|
|
30
|
+
@actions = wrap(action)
|
|
31
|
+
@subjects = wrap(subject)
|
|
32
|
+
@attributes = wrap(attributes)
|
|
30
33
|
@conditions = extra_args || {}
|
|
31
34
|
@block = block
|
|
32
35
|
end
|
|
@@ -57,12 +60,6 @@ module CanCan
|
|
|
57
60
|
(!with_scope? && [nil, false, [], {}, '', ' '].include?(@conditions))
|
|
58
61
|
end
|
|
59
62
|
|
|
60
|
-
# Matches both the action, subject, and attribute, not necessarily the conditions
|
|
61
|
-
def relevant?(action, subject)
|
|
62
|
-
subject = subject.values.first if subject.class == Hash
|
|
63
|
-
@match_all || (matches_action?(action) && matches_subject?(subject))
|
|
64
|
-
end
|
|
65
|
-
|
|
66
63
|
def only_block?
|
|
67
64
|
conditions_empty? && @block
|
|
68
65
|
end
|
|
@@ -104,22 +101,6 @@ module CanCan
|
|
|
104
101
|
|
|
105
102
|
private
|
|
106
103
|
|
|
107
|
-
def matches_action?(action)
|
|
108
|
-
@expanded_actions.include?(:manage) || @expanded_actions.include?(action)
|
|
109
|
-
end
|
|
110
|
-
|
|
111
|
-
def matches_subject?(subject)
|
|
112
|
-
@subjects.include?(:all) || @subjects.include?(subject) || matches_subject_class?(subject)
|
|
113
|
-
end
|
|
114
|
-
|
|
115
|
-
def matches_subject_class?(subject)
|
|
116
|
-
@subjects.any? do |sub|
|
|
117
|
-
sub.is_a?(Module) && (subject.is_a?(sub) ||
|
|
118
|
-
subject.class.to_s == sub.to_s ||
|
|
119
|
-
(subject.is_a?(Module) && subject.ancestors.include?(sub)))
|
|
120
|
-
end
|
|
121
|
-
end
|
|
122
|
-
|
|
123
104
|
def parse_attributes_from_extra_args(args)
|
|
124
105
|
attributes = args.shift if valid_attribute_param?(args.first)
|
|
125
106
|
extra_args = args.shift
|
|
@@ -132,5 +113,15 @@ module CanCan
|
|
|
132
113
|
raise BlockAndConditionsError, 'A hash of conditions is mutually exclusive with a block. '\
|
|
133
114
|
"Check \":#{action} #{subject}\" ability."
|
|
134
115
|
end
|
|
116
|
+
|
|
117
|
+
def wrap(object)
|
|
118
|
+
if object.nil?
|
|
119
|
+
[]
|
|
120
|
+
elsif object.respond_to?(:to_ary)
|
|
121
|
+
object.to_ary || [object]
|
|
122
|
+
else
|
|
123
|
+
[object]
|
|
124
|
+
end
|
|
125
|
+
end
|
|
135
126
|
end
|
|
136
127
|
end
|
|
@@ -3,10 +3,12 @@
|
|
|
3
3
|
module CanCan
|
|
4
4
|
module UnauthorizedMessageResolver
|
|
5
5
|
def unauthorized_message(action, subject)
|
|
6
|
+
subject = subject.values.last if subject.is_a?(Hash)
|
|
6
7
|
keys = unauthorized_message_keys(action, subject)
|
|
7
|
-
variables = {
|
|
8
|
+
variables = {}
|
|
9
|
+
variables[:action] = I18n.translate("actions.#{action}", default: action.to_s)
|
|
8
10
|
variables[:subject] = translate_subject(subject)
|
|
9
|
-
message = I18n.translate(keys.shift, variables.merge(scope: :unauthorized, default: keys + ['']))
|
|
11
|
+
message = I18n.translate(keys.shift, **variables.merge(scope: :unauthorized, default: keys + ['']))
|
|
10
12
|
message.blank? ? nil : message
|
|
11
13
|
end
|
|
12
14
|
|
data/lib/cancan/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cancancan
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.0
|
|
4
|
+
version: 3.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Alessandro Rodi (Renuo AG)
|
|
@@ -11,7 +11,7 @@ authors:
|
|
|
11
11
|
autorequire:
|
|
12
12
|
bindir: bin
|
|
13
13
|
cert_chain: []
|
|
14
|
-
date: 2020-
|
|
14
|
+
date: 2020-03-15 00:00:00.000000000 Z
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
17
17
|
name: appraisal
|
|
@@ -134,6 +134,7 @@ files:
|
|
|
134
134
|
- lib/cancan/model_adapters/default_adapter.rb
|
|
135
135
|
- lib/cancan/model_additions.rb
|
|
136
136
|
- lib/cancan/parameter_validators.rb
|
|
137
|
+
- lib/cancan/relevant.rb
|
|
137
138
|
- lib/cancan/rule.rb
|
|
138
139
|
- lib/cancan/rules_compressor.rb
|
|
139
140
|
- lib/cancan/unauthorized_message_resolver.rb
|