Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Stop bypassing cancan

  • Loading branch information...
commit 3536cdc8f7c3eab7b4b50e27ad60d18095f91479 1 parent bacfe92
@mshibuya mshibuya authored
View
2  Gemfile
@@ -29,9 +29,9 @@ group :development, :test do
end
end
- gem 'cancan'
gem 'bson_ext'
gem 'mongoid'
+ gem 'cancan'
end
group :debug do
View
4 lib/rails_admin/adapters/active_record.rb
@@ -89,10 +89,6 @@ def serialized_attributes
model.serialized_attributes
end
- def accessible_by(*args)
- model.accessible_by(*args)
- end
-
private
def query_conditions(query, fields = config.list.fields.select(&:queryable?))
View
6 lib/rails_admin/adapters/mongoid.rb
@@ -118,17 +118,13 @@ def table_name
def serialized_attributes
@serialized_attributes ||= Hash[model.fields.map do |name, field|
if ['Array', 'Hash'].include? field.type.to_s
- [name.to_s, ::ActiveRecord::Coders::YAMLColumn.new(field.type)] # for compatibility
+ [name.to_s, nil] # TODO: support Coder
else
nil
end
end.compact]
end
- def accessible_by(*args)
- scoped
- end
-
private
def query_conditions(query, fields = config.list.fields.select(&:queryable?))
View
4 lib/rails_admin/adapters/mongoid/abstract_object.rb
@@ -22,10 +22,6 @@ def #{name.to_s.singularize}_ids=(items)
end
end
- def attributes=(attributes)
- object.send :attributes=, attributes
- end
-
def destroy
object.destroy
object
View
2  lib/rails_admin/extensions/cancan/authorization_adapter.rb
@@ -34,7 +34,7 @@ def authorized?(action, abstract_model = nil, model_object = nil)
# and bulk_delete/destroy actions and should return a scope which limits the records
# to those which the user can perform the given action on.
def query(action, abstract_model)
- abstract_model.accessible_by(@controller.current_ability, action)
+ abstract_model.model.accessible_by(@controller.current_ability, action)
end
# This is called in the new/create actions to determine the initial attributes for new
Please sign in to comment.
Something went wrong with that request. Please try again.