Permalink
Browse files

handle deeply nested conditions properly in active record adapter - c…

…loses #246
  • Loading branch information...
1 parent 5c4c179 commit f9ad4858f5025acb643c7665b61d282f626114cc @ryanb committed Jan 20, 2011
@@ -31,12 +31,13 @@ def conditions
end
end
- def tableized_conditions(conditions)
+ def tableized_conditions(conditions, model_class = @model_class)
return conditions unless conditions.kind_of? Hash
conditions.inject({}) do |result_hash, (name, value)|
if value.kind_of? Hash
- name = @model_class.reflect_on_association(name).table_name
- value = tableized_conditions(value)
+ association_class = model_class.reflect_on_association(name).class_name.constantize
+ name = model_class.reflect_on_association(name).table_name
+ value = tableized_conditions(value, association_class)
end
result_hash[name] = value
result_hash
@@ -8,12 +8,23 @@
ActiveRecord::Base.establish_connection(:adapter => "sqlite3", :database => ":memory:")
describe CanCan::ModelAdapters::ActiveRecordAdapter do
+ with_model :category do
+ table do |t|
+ t.boolean "visible"
+ end
+ model do
+ has_many :articles
+ end
+ end
+
with_model :article do
table do |t|
t.boolean "published"
t.boolean "secret"
+ t.integer "category_id"
end
model do
+ belongs_to :category
has_many :comments
end
end
@@ -88,6 +99,13 @@
Comment.accessible_by(@ability).should == [comment1]
end
+ it "should only read comments for visible categories through articles" do
+ @ability.can :read, Comment, :article => { :category => { :visible => true } }
+ comment1 = Comment.create!(:article => Article.create!(:category => Category.create!(:visible => true)))
+ comment2 = Comment.create!(:article => Article.create!(:category => Category.create!(:visible => false)))
+ Comment.accessible_by(@ability).should == [comment1]
+ end
+
it "should allow conditions in SQL and merge with hash conditions" do
@ability.can :read, Article, :published => true
@ability.can :read, Article, ["secret=?", true]

0 comments on commit f9ad485

Please sign in to comment.