Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

We’re showing branches in this repository, but you can also compare across forks.

base fork: ryanb/cancan
base: 0.2.0
...
head fork: ryanb/cancan
compare: 0.2.1
  • 12 commits
  • 11 files changed
  • 0 commit comments
  • 2 contributors
8 CHANGELOG.rdoc
View
@@ -1,3 +1,11 @@
+0.2.1 (Nov 26, 2009)
+
+* many internal refactorings - see issues #11 and #12
+
+* adding "cannot" method to define which abilities cannot be done - see issue #7
+
+* support custom objects (usually symbols) in can definition - see issue #8
+
0.2.0 (Nov 17, 2009)
* fix behavior of load_and_authorize_resource for namespaced controllers - see issue #3
81 README.rdoc
View
@@ -4,6 +4,7 @@ This is a simple authorization solution for Ruby on Rails to restrict what a giv
This assumes you already have authentication (such as Authlogic[http://github.com/binarylogic/authlogic]) which provides a current_user model.
+See the RDocs[http://rdoc.info/projects/ryanb/cancan] and Wiki[http://wiki.github.com/ryanb/cancan] for additional documentation.
== Installation
@@ -110,17 +111,11 @@ You can also pass :manage as the action which will match any action. In this cas
can :manage, Comment do |action, comment|
action != :destroy
end
+
+Finally, the "cannot" method works similar to "can" but defines which abilities cannot be done.
-Finally, you can use the "alias_action" method to alias one or more actions into one.
-
- alias_action :update, :destroy, :to => :modify
- can :modify, Comment
-
-The following aliases are added by default for conveniently mapping common controller actions.
-
- alias_action :index, :show, :to => :read
- alias_action :new, :to => :create
- alias_action :edit, :to => :update
+ can :read, :all
+ cannot :read, Product
== Checking Abilities
@@ -140,21 +135,19 @@ The "cannot?" method is for convenience and performs the opposite check of "can?
cannot? :destroy, @project
-== Custom Actions
+== Aliasing Actions
-You can have fine grained control over abilities by coming up with new actions. For example, if only pro users are allowed to upload a picture for their product, you could add the following restrictions.
+You can use the "alias_action" method to alias one or more actions into one.
- # ability.rb
- can :upload_picture, Project if user.pro?
+ alias_action :update, :destroy, :to => :modify
+ can :modify, Comment
+ can? :update, Comment # => true
- # projects/_form.html.erb
- <%= f.file_field :picture if can? :upload_picture, @project %>
-
- # projects_controller.rb
- def update
- unauthorized! if params[:project][:upload_picture] && cannot?(:upload_picture, @project)
- # ...
- end
+The following aliases are added by default for conveniently mapping common controller actions.
+
+ alias_action :index, :show, :to => :read
+ alias_action :new, :to => :create
+ alias_action :edit, :to => :update
== Assumptions & Configuring
@@ -173,48 +166,16 @@ You can override these by overriding the "current_ability" method in your Applic
That's it!
-== Permissions in Database
-
-Perhaps a non-coder needs the ability to modify the user abilities, or you want to change them without having to re-deploy the application. In that case it may be best to store the permission logic in a separate model, let's call it Permission. It is easy to use the database records when defining abilities.
-
-For example, let's assume that each user has_many :permissions, and each permission has "action", "object_type" and "object_id" columns. The last of which is optional.
-
- class Ability
- include CanCan::Ability
-
- def initialize(user)
- can :manage, :all do |action, object_class, object|
- user.permissions.find_all_by_action(action).any? do |permission|
- permission.object_type == object_class.to_s &&
- (object.nil? || permission.object_id.nil? || permission.object_id == object.id)
- end
- end
- end
- end
-
-An alternatie approach is to define a separate "can" ability for each permission.
-
- def initialize(user)
- user.permissions.each do |permission|
- can permission.action, permission.object_type.constantize do |object|
- object.nil? || permission.object_id.nil? || permission.object_id == object.id
- end
- end
- end
-
-The actual details will depend largely on your application requirements, but hopefully you can see how it's possible to define permissions in the database and use them with CanCan.
-
-
== Testing Abilities
It is very easy to test the Ability model since you can call "can?" directly on it as you would in the view or controller.
-def test "user can only destroy projects which he owns"
- user = User.new
- ability = Ability.new(user)
- assert ability.can?(:destroy, Project.new(:user => user))
- assert ability.cannot?(:destroy, Project.new)
-end
+ def test "user can only destroy projects which he owns"
+ user = User.new
+ ability = Ability.new(user)
+ assert ability.can?(:destroy, Project.new(:user => user))
+ assert ability.cannot?(:destroy, Project.new)
+ end
== Special Thanks
4 cancan.gemspec
View
@@ -4,8 +4,8 @@ Gem::Specification.new do |s|
s.description = "Simple authorization solution for Rails which is completely decoupled from the user's roles. All permissions are stored in a single location for convenience."
s.homepage = "http://github.com/ryanb/cancan"
- s.version = "0.2.0"
- s.date = "2009-11-17"
+ s.version = "0.2.1"
+ s.date = "2009-11-26"
s.authors = ["Ryan Bates"]
s.email = "ryan@railscasts.com"
3  lib/cancan.rb
View
@@ -1,6 +1,9 @@
module CanCan
+ # This error is raised when a user isn't allowed to access a given
+ # controller action. See ControllerAdditions#unauthorized! for details.
class AccessDenied < StandardError; end
end
require File.dirname(__FILE__) + '/cancan/ability'
+require File.dirname(__FILE__) + '/cancan/resource_authorization'
require File.dirname(__FILE__) + '/cancan/controller_additions'
207 lib/cancan/ability.rb
View
@@ -1,49 +1,168 @@
module CanCan
+
+ # This module is designed to be included into an Ability class. This will
+ # provide the "can" methods for defining and checking abilities.
+ #
+ # class Ability
+ # include CanCan::Ability
+ #
+ # def initialize(user)
+ # if user.admin?
+ # can :manage, :all
+ # else
+ # can :read, :all
+ # end
+ # end
+ # end
+ #
module Ability
attr_accessor :user
-
- def can?(original_action, target) # TODO this could use some refactoring
- (@can_history || []).reverse.each do |can_action, can_target, can_block|
- can_actions = [can_action].flatten
- can_targets = [can_target].flatten
- possible_actions_for(original_action).each do |action|
- if (can_actions.include?(:manage) || can_actions.include?(action)) && (can_targets.include?(:all) || can_targets.include?(target) || can_targets.any? { |c| target.kind_of?(c) })
- if can_block.nil?
- return true
- else
- block_args = []
- block_args << action if can_actions.include?(:manage)
- block_args << (target.class == Class ? target : target.class) if can_targets.include?(:all)
- block_args << (target.class == Class ? nil : target)
- return can_block.call(*block_args)
- end
- end
+
+ # Use to check the user's permission for a given action and object.
+ #
+ # can? :destroy, @project
+ #
+ # You can also pass the class instead of an instance (if you don't have one handy).
+ #
+ # can? :create, Project
+ #
+ # Not only can you use the can? method in the controller and view (see ControllerAdditions),
+ # but you can also call it directly on an ability instance.
+ #
+ # ability.can? :destroy, @project
+ #
+ # This makes testing a user's abilities very easy.
+ #
+ # def test "user can only destroy projects which he owns"
+ # user = User.new
+ # ability = Ability.new(user)
+ # assert ability.can?(:destroy, Project.new(:user => user))
+ # assert ability.cannot?(:destroy, Project.new)
+ # end
+ #
+ def can?(action, noun)
+ (@can_definitions || []).reverse.each do |base_behavior, defined_action, defined_noun, defined_block|
+ defined_actions = expand_actions(defined_action)
+ defined_nouns = [defined_noun].flatten
+ if includes_action?(defined_actions, action) && includes_noun?(defined_nouns, noun)
+ result = can_perform_action?(action, noun, defined_actions, defined_nouns, defined_block)
+ return base_behavior ? result : !result
end
end
false
end
+ # Convenience method which works the same as "can?" but returns the opposite value.
+ #
+ # cannot? :destroy, @project
+ #
def cannot?(*args)
!can?(*args)
end
- def possible_actions_for(initial_action)
- actions = [initial_action]
- (@aliased_actions || default_alias_actions).each do |target, aliases|
- actions += possible_actions_for(target) if aliases.include? initial_action
- end
- actions
+ # Defines which abilities are allowed using two arguments. The first one is the action
+ # you're setting the permission for, the second one is the class of object you're setting it on.
+ #
+ # can :update, Article
+ #
+ # You can pass an array for either of these parameters to match any one.
+ #
+ # can [:update, :destroy], [Article, Comment]
+ #
+ # In this case the user has the ability to update or destroy both articles and comments.
+ #
+ # You can pass a block to provide logic based on the article's attributes.
+ #
+ # can :update, Article do |article|
+ # article && article.user == user
+ # end
+ #
+ # If the block returns true then the user has that :update ability for that article, otherwise he
+ # will be denied access. It's possible for the passed in model to be nil if one isn't specified,
+ # so be sure to take that into consideration.
+ #
+ # You can pass :all to reference every type of object. In this case the object type will be passed
+ # into the block as well (just in case object is nil).
+ #
+ # can :read, :all do |object_class, object|
+ # object_class != Order
+ # end
+ #
+ # Here the user has permission to read all objects except orders.
+ #
+ # You can also pass :manage as the action which will match any action. In this case the action is
+ # passed to the block.
+ #
+ # can :manage, Comment do |action, comment|
+ # action != :destroy
+ # end
+ #
+ # You can pass custom objects into this "can" method, this is usually done through a symbol
+ # and is useful if a class isn't available to define permissions on.
+ #
+ # can :read, :stats
+ # can? :read, :stats # => true
+ #
+ def can(action, noun, &block)
+ @can_definitions ||= []
+ @can_definitions << [true, action, noun, block]
end
-
- def can(action, target, &block)
- @can_history ||= []
- @can_history << [action, target, block]
+
+ # Define an ability which cannot be done. Accepts the same arguments as "can".
+ #
+ # can :read, :all
+ # cannot :read, Comment
+ #
+ # A block can be passed just like "can", however if the logic is complex it is recommended
+ # to use the "can" method.
+ #
+ # cannot :read, Product do |product|
+ # product.invisible?
+ # end
+ #
+ def cannot(action, noun, &block)
+ @can_definitions ||= []
+ @can_definitions << [false, action, noun, block]
end
+ # Alias one or more actions into another one.
+ #
+ # alias_action :update, :destroy, :to => :modify
+ # can :modify, Comment
+ #
+ # Then :modify permission will apply to both :update and :destroy requests.
+ #
+ # can? :update, Comment # => true
+ # can? :destroy, Comment # => true
+ #
+ # This only works in one direction. Passing the aliased action into the "can?" call
+ # will not work because aliases are meant to generate more generic actions.
+ #
+ # alias_action :update, :destroy, :to => :modify
+ # can :update, Comment
+ # can? :modify, Comment # => false
+ #
+ # Unless that exact alias is used.
+ #
+ # can :modify, Comment
+ # can? :modify, Comment # => true
+ #
+ # The following aliases are added by default for conveniently mapping common controller actions.
+ #
+ # alias_action :index, :show, :to => :read
+ # alias_action :new, :to => :create
+ # alias_action :edit, :to => :update
+ #
+ # This way one can use params[:action] in the controller to determine the permission.
def alias_action(*args)
- @aliased_actions ||= default_alias_actions
target = args.pop[:to]
- @aliased_actions[target] = args
+ aliased_actions[target] = args
+ end
+
+ private
+
+ def aliased_actions
+ @aliased_actions ||= default_alias_actions
end
def default_alias_actions
@@ -53,5 +172,35 @@ def default_alias_actions
:update => [:edit],
}
end
+
+ def expand_actions(actions)
+ [actions].flatten.map do |action|
+ if aliased_actions[action]
+ [action, *aliased_actions[action]]
+ else
+ action
+ end
+ end.flatten
+ end
+
+ def can_perform_action?(action, noun, defined_actions, defined_nouns, defined_block)
+ if defined_block.nil?
+ true
+ else
+ block_args = []
+ block_args << action if defined_actions.include?(:manage)
+ block_args << (noun.class == Class ? noun : noun.class) if defined_nouns.include?(:all)
+ block_args << (noun.class == Class ? nil : noun)
+ return defined_block.call(*block_args)
+ end
+ end
+
+ def includes_action?(actions, action)
+ actions.include?(:manage) || actions.include?(action)
+ end
+
+ def includes_noun?(nouns, noun)
+ nouns.include?(:all) || nouns.include?(noun) || nouns.any? { |c| c.kind_of?(Class) && noun.kind_of?(c) }
+ end
end
end
96 lib/cancan/controller_additions.rb
View
@@ -1,41 +1,113 @@
module CanCan
+
+ # This module is automatically included into all controllers.
+ # It also makes the "can?" and "cannot?" methods available to all views.
module ControllerAdditions
def self.included(base)
base.helper_method :can?, :cannot?
end
+ # Raises the CanCan::AccessDenied exception. This is often used in a
+ # controller action to mark a request as unauthorized.
+ #
+ # def show
+ # @article = Article.find(params[:id])
+ # unauthorized! if cannot? :read, @article
+ # end
+ #
+ # You can rescue from the exception in the controller to specify
+ # the user experience.
+ #
+ # class ApplicationController < ActionController::Base
+ # rescue_from CanCan::AccessDenied, :with => :access_denied
+ #
+ # protected
+ #
+ # def access_denied
+ # flash[:error] = "Sorry, you are not allowed to access that page."
+ # redirect_to root_url
+ # end
+ # end
+ #
+ # See the load_and_authorize_resource method to automatically add
+ # the "unauthorized!" behavior to a RESTful controller's actions.
def unauthorized!
raise AccessDenied, "You are unable to access this page."
end
+ # Creates and returns the current user's ability. You generally do not invoke
+ # this method directly, instead you can override this method to change its
+ # behavior if the Ability class or current_user method are different.
+ #
+ # def current_ability
+ # UserAbility.new(current_account) # instead of Ability.new(current_user)
+ # end
+ #
def current_ability
::Ability.new(current_user)
end
+ # Use in the controller or view to check the user's permission for a given action
+ # and object.
+ #
+ # can? :destroy, @project
+ #
+ # You can also pass the class instead of an instance (if you don't have one handy).
+ #
+ # <% if can? :create, Project %>
+ # <%= link_to "New Project", new_project_path %>
+ # <% end %>
+ #
+ # This simply calls "can?" on the current_ability. See Ability#can?.
def can?(*args)
(@current_ability ||= current_ability).can?(*args)
end
+ # Convenience method which works the same as "can?" but returns the opposite value.
+ #
+ # cannot? :destroy, @project
+ #
def cannot?(*args)
(@current_ability ||= current_ability).cannot?(*args)
end
- def load_resource # TODO this could use some refactoring
- model_name = params[:controller].split('/').last.singularize
- unless params[:action] == "index"
- if params[:id]
- instance_variable_set("@#{model_name}", model_name.camelcase.constantize.find(params[:id]))
- else
- instance_variable_set("@#{model_name}", model_name.camelcase.constantize.new(params[model_name.to_sym]))
- end
- end
+ # This method loads the appropriate model resource into an instance variable. For example,
+ # given an ArticlesController it will load the current article into the @article instance
+ # variable. It does this by either calling Article.find(params[:id]) or
+ # Article.new(params[:article]) depending upon the action. It does nothing for the "index"
+ # action.
+ #
+ # You would often use this as a before filter in the controller. See
+ # load_and_authorize_resource to handle authorization too.
+ #
+ # before_filter :load_resource
+ #
+ def load_resource
+ ResourceAuthorization.new(self, params).load_resource
end
- def authorize_resource # TODO this could use some refactoring
- model_name = params[:controller].split('/').last.singularize
- unauthorized! unless can?(params[:action].to_sym, instance_variable_get("@#{model_name}") || model_name.camelcase.constantize)
+ # Authorizes the resource in the current instance variable. For example,
+ # if you have an ArticlesController it will check the @article instance variable
+ # and ensure the user can perform the current action on it.
+ # Under the hood it is doing something like the following.
+ #
+ # unauthorized! if cannot?(params[:action].to_sym, @article || Article)
+ #
+ # You would often use this as a before filter in the controller.
+ #
+ # before_filter :authorize_resource
+ #
+ # See load_and_authorize_resource to automatically load the resource too.
+ def authorize_resource
+ ResourceAuthorization.new(self, params).authorize_resource
end
+ # Calls load_resource to load the current resource model into an instance variable.
+ # Then calls authorize_resource to ensure the current user is authorized to access the page.
+ # You would often use this as a before filter in the controller.
+ #
+ # before_filter :load_and_authorize_resource
+ #
def load_and_authorize_resource
load_resource
authorize_resource
41 lib/cancan/resource_authorization.rb
View
@@ -0,0 +1,41 @@
+module CanCan
+ class ResourceAuthorization # :nodoc:
+ attr_reader :params
+
+ def initialize(controller, params)
+ @controller = controller
+ @params = params
+ end
+
+ def load_and_authorize_resource
+ load_resource
+ authorize_resource
+ end
+
+ def load_resource
+ self.model_instance = params[:id] ? model_class.find(params[:id]) : model_class.new(params[model_name.to_sym]) unless params[:action] == "index"
+ end
+
+ def authorize_resource
+ @controller.unauthorized! if @controller.cannot?(params[:action].to_sym, model_instance || model_class)
+ end
+
+ private
+
+ def model_name
+ params[:controller].split('/').last.singularize
+ end
+
+ def model_class
+ model_name.camelcase.constantize
+ end
+
+ def model_instance
+ @controller.instance_variable_get("@#{model_name}")
+ end
+
+ def model_instance=(instance)
+ @controller.instance_variable_set("@#{model_name}", instance)
+ end
+ end
+end
24 spec/cancan/ability_spec.rb
View
@@ -99,4 +99,28 @@
@ability.can?(:update, []).should be_true
@ability.can?(:update, 123).should be_false
end
+
+ it "should support custom objects in the can definition" do
+ @ability.can :read, :stats
+ @ability.can?(:read, :stats).should be_true
+ @ability.can?(:update, :stats).should be_false
+ @ability.can?(:read, :nonstats).should be_false
+ end
+
+ it "should support 'cannot' method to define what user cannot do" do
+ @ability.can :read, :all
+ @ability.cannot :read, Integer
+ @ability.can?(:read, "foo").should be_true
+ @ability.can?(:read, 123).should be_false
+ end
+
+ it "should support block on 'cannot' method" do
+ @ability.can :read, :all
+ @ability.cannot :read, Integer do |int|
+ int > 5
+ end
+ @ability.can?(:read, "foo").should be_true
+ @ability.can?(:read, 3).should be_true
+ @ability.can?(:read, 123).should be_false
+ end
end
63 spec/cancan/controller_additions_spec.rb
View
@@ -1,16 +1,10 @@
require File.dirname(__FILE__) + '/../spec_helper'
-class Ability
- include CanCan::Ability
-
- def initialize(user)
- end
-end
-
describe CanCan::ControllerAdditions do
before(:each) do
@controller_class = Class.new
@controller = @controller_class.new
+ stub(@controller).params { {} }
mock(@controller_class).helper_method(:can?, :cannot?)
@controller_class.send(:include, CanCan::ControllerAdditions)
end
@@ -33,60 +27,19 @@ def initialize(user)
@controller.cannot?(:foo, :bar).should be_true
end
- it "should load the resource if params[:id] is specified" do
- stub(@controller).params { {:controller => "abilities", :action => "show", :id => 123} }
- stub(Ability).find(123) { :some_resource }
- @controller.load_resource
- @controller.instance_variable_get(:@ability).should == :some_resource
- end
-
- it "should build a new resource with hash if params[:id] is not specified" do
- stub(@controller).params { {:controller => "abilities", :action => "create", :ability => {:foo => "bar"}} }
- stub(Ability).new(:foo => "bar") { :some_resource }
- @controller.load_resource
- @controller.instance_variable_get(:@ability).should == :some_resource
- end
-
- it "should build a new resource even if attribute hash isn't specified" do
- stub(@controller).params { {:controller => "abilities", :action => "new"} }
- stub(Ability).new(nil) { :some_resource }
- @controller.load_resource
- @controller.instance_variable_get(:@ability).should == :some_resource
- end
-
- it "should not build a resource when on index action" do
- stub(@controller).params { {:controller => "abilities", :action => "index"} }
+ it "should load resource" do
+ mock.instance_of(CanCan::ResourceAuthorization).load_resource
@controller.load_resource
- @controller.instance_variable_get(:@ability).should be_nil
end
- it "should perform authorization using controller action and loaded model" do
- @controller.instance_variable_set(:@ability, :some_resource)
- stub(@controller).params { {:controller => "abilities", :action => "show"} }
- stub(@controller).can?(:show, :some_resource) { false }
- lambda {
- @controller.authorize_resource
- }.should raise_error(CanCan::AccessDenied)
+ it "should authorize resource" do
+ mock.instance_of(CanCan::ResourceAuthorization).authorize_resource
+ @controller.authorize_resource
end
- it "should perform authorization using controller action and non loaded model" do
- stub(@controller).params { {:controller => "abilities", :action => "show"} }
- stub(@controller).can?(:show, Ability) { false }
- lambda {
- @controller.authorize_resource
- }.should raise_error(CanCan::AccessDenied)
- end
-
- it "should load and authorize resource in one call" do
+ it "should load and authorize resource in one call through controller" do
mock(@controller).load_resource
- stub(@controller).authorize_resource
+ mock(@controller).authorize_resource
@controller.load_and_authorize_resource
end
-
- it "should properly load resource for namespaced controller" do
- stub(@controller).params { {:controller => "admin/abilities", :action => "show", :id => 123} }
- stub(Ability).find(123) { :some_resource }
- @controller.load_resource
- @controller.instance_variable_get(:@ability).should == :some_resource
- end
end
59 spec/cancan/resource_authorization_spec.rb
View
@@ -0,0 +1,59 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+
+describe CanCan::ResourceAuthorization do
+ before(:each) do
+ @controller = Object.new # simple stub for now
+ stub(@controller).unauthorized! { raise CanCan::AccessDenied }
+ end
+
+ it "should load the resource into an instance variable if params[:id] is specified" do
+ stub(Ability).find(123) { :some_resource }
+ authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "show", :id => 123)
+ authorization.load_resource
+ @controller.instance_variable_get(:@ability).should == :some_resource
+ end
+
+ it "should properly load resource for namespaced controller" do
+ stub(Ability).find(123) { :some_resource }
+ authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "admin/abilities", :action => "show", :id => 123)
+ authorization.load_resource
+ @controller.instance_variable_get(:@ability).should == :some_resource
+ end
+
+ it "should build a new resource with hash if params[:id] is not specified" do
+ stub(Ability).new(:foo => "bar") { :some_resource }
+ authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "create", :ability => {:foo => "bar"})
+ authorization.load_resource
+ @controller.instance_variable_get(:@ability).should == :some_resource
+ end
+
+ it "should build a new resource even if attribute hash isn't specified" do
+ stub(Ability).new(nil) { :some_resource }
+ authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "new")
+ authorization.load_resource
+ @controller.instance_variable_get(:@ability).should == :some_resource
+ end
+
+ it "should not build a resource when on index action" do
+ authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "index")
+ authorization.load_resource
+ @controller.instance_variable_get(:@ability).should be_nil
+ end
+
+ it "should perform authorization using controller action and loaded model" do
+ @controller.instance_variable_set(:@ability, :some_resource)
+ stub(@controller).cannot?(:show, :some_resource) { true }
+ authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "show")
+ lambda {
+ authorization.authorize_resource
+ }.should raise_error(CanCan::AccessDenied)
+ end
+
+ it "should perform authorization using controller action and non loaded model" do
+ stub(@controller).cannot?(:show, Ability) { true }
+ authorization = CanCan::ResourceAuthorization.new(@controller, :controller => "abilities", :action => "show")
+ lambda {
+ authorization.authorize_resource
+ }.should raise_error(CanCan::AccessDenied)
+ end
+end
7 spec/spec_helper.rb
View
@@ -9,3 +9,10 @@
Spec::Runner.configure do |config|
config.mock_with :rr
end
+
+class Ability
+ include CanCan::Ability
+
+ def initialize(user)
+ end
+end

No commit comments for this range

Something went wrong with that request. Please try again.