diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index a925aa7e..54df23d8 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -2,7 +2,7 @@ ### Reporting an Issue -1. If you have any questions about CanCanCan, search the [Wiki](https://github.com/cancancommunity/cancancan/wiki) or +1. If you have any questions about CanCanCan, search the [Developer guide](./docs/README.md) or use [Stack Overflow](http://stackoverflow.com/questions/tagged/cancancan). Do not post questions here. diff --git a/docs/define_check_abilities.md b/docs/define_check_abilities.md index 476b9e14..856232ae 100644 --- a/docs/define_check_abilities.md +++ b/docs/define_check_abilities.md @@ -227,6 +227,6 @@ end some_user.can? :update, @article ``` -That's everything you know about defining and checking abilities. The DSL is very easy but yet very powerful. There's still a lot you need/should learn about defining abilities. You can [dig deeper](./hash_of_conditions.md) now, but we would suggest to stop, digest it, and proceed on a more Rails-specific topic: [Controller helpers](./controller_helpers.md) where you will learn how to secure your Rails application. +That's everything you need to know about checking abilities. The DSL is very easy but yet very powerful. However, there is still a lot you should learn about defining abilities. You can [dig deeper](./hash_of_conditions.md) now, but we would suggest to stop, digest, and proceed on a more Rails-specific topic: [Controller helpers](./controller_helpers.md) where you will learn how to secure your Rails application. Or you could already take a look at the session about [testing](./testing.md). diff --git a/docs/friendly_id.md b/docs/friendly_id.md index b20c03eb..21f3b678 100644 --- a/docs/friendly_id.md +++ b/docs/friendly_id.md @@ -16,7 +16,7 @@ if defined?(CanCanCan) module CanCan module ModelAdapters - class ActiveRecord4Adapter < AbstractAdapter + class ActiveRecordAdapter < AbstractAdapter @@friendly_support = {} def self.find(model_class, id) diff --git a/docs/rules_compression.md b/docs/rules_compression.md index a535dbf3..3eb76848 100644 --- a/docs/rules_compression.md +++ b/docs/rules_compression.md @@ -52,4 +52,4 @@ becomes # nothing ``` -These optimizations allow you to follow the strategy of ["Give Permissions, don't take them"](https://github.com/CanCanCommunity/cancancan/wiki/Defining-Abilities%3A-Best-Practices#give-permissions-dont-take-them-away) and automatically ignore previous rules when they are not needed. +These optimizations allow you to follow the strategy of ["Give Permissions, don't take them"](https://github.com/CanCanCommunity/cancancan/blob/develop/docs/define_abilities_best_practices.md#give-permissions-dont-take-them-away) and automatically ignore previous rules when they are not needed. diff --git a/lib/cancan/ability/strong_parameter_support.rb b/lib/cancan/ability/strong_parameter_support.rb index 31da7457..892d250a 100644 --- a/lib/cancan/ability/strong_parameter_support.rb +++ b/lib/cancan/ability/strong_parameter_support.rb @@ -31,7 +31,7 @@ def get_attributes(rule, subject) klass = subject_class?(subject) ? subject : subject.class # empty attributes is an 'all' if rule.attributes.empty? && klass < ActiveRecord::Base - klass.column_names.map(&:to_sym) - Array(klass.primary_key) + klass.attribute_names.map(&:to_sym) - Array(klass.primary_key) else rule.attributes end diff --git a/lib/cancan/controller_additions.rb b/lib/cancan/controller_additions.rb index 0c84f83e..a51f5b96 100644 --- a/lib/cancan/controller_additions.rb +++ b/lib/cancan/controller_additions.rb @@ -171,6 +171,11 @@ def load_resource(*args) # [:+instance_name+] # The name of the instance variable for this resource. # + # [:+id_param+] + # Find using a param key other than :id. For example: + # + # load_resource :id_param => :url # will use find(params[:url]) + # # [:+through+] # Authorize conditions on this parent resource when instance isn't available. # diff --git a/spec/cancan/ability_spec.rb b/spec/cancan/ability_spec.rb index 486cbc42..3951f3b2 100644 --- a/spec/cancan/ability_spec.rb +++ b/spec/cancan/ability_spec.rb @@ -5,6 +5,21 @@ describe CanCan::Ability do before(:each) do (@ability = double).extend(CanCan::Ability) + + connect_db + ActiveRecord::Migration.verbose = false + ActiveRecord::Schema.define do + create_table(:named_users) do |t| + t.string :first_name + t.string :last_name + end + end + + unless defined?(NamedUser) + class NamedUser < ActiveRecord::Base + attribute :role, :string # Virtual only + end + end end it 'is able to :read anything' do @@ -651,13 +666,10 @@ def active? end it 'returns an array of permitted attributes for a given action and subject' do - user_class = Class.new(ActiveRecord::Base) - allow(user_class).to receive(:column_names).and_return(%w[first_name last_name]) - allow(user_class).to receive(:primary_key).and_return('id') - @ability.can :read, user_class + @ability.can :read, NamedUser @ability.can :read, Array, :special @ability.can :action, :subject, :attribute - expect(@ability.permitted_attributes(:read, user_class)).to eq(%i[first_name last_name]) + expect(@ability.permitted_attributes(:read, NamedUser)).to eq(%i[id first_name last_name role]) expect(@ability.permitted_attributes(:read, Array)).to eq([:special]) expect(@ability.permitted_attributes(:action, :subject)).to eq([:attribute]) end diff --git a/spec/cancan/rule_spec.rb b/spec/cancan/rule_spec.rb index 7de14c1d..3f789fd1 100644 --- a/spec/cancan/rule_spec.rb +++ b/spec/cancan/rule_spec.rb @@ -61,7 +61,7 @@ def count_queries(&block) end before do - ActiveRecord::Base.establish_connection(adapter: 'sqlite3', database: ':memory:') + connect_db ActiveRecord::Migration.verbose = false ActiveRecord::Schema.define do create_table(:watermelons) do |t|