Skip to content
This repository
Newer
Older
100644 42 lines (24 sloc) 2.209 kb
1940857a »
2009-02-12 Improved permit! [Brian Langenfeld]
1 * Changed Authorization::Attribute#validate? [Brian Langenfeld]
2 * Encountering a nil value when evaluating an attribute now raises a NilAttributeValueError, instead of an AuthorizationError. We leave it to the caller to decide what to do about it.
3
4 * Changed Authorization::Engine#permit! [Brian Langenfeld]
5 * We now convert incoming privileges to symbols (e.g. 'read' is made equivalent to :read). This ensures the privileges will match those defined in the authorization rules file.
6 * The method now properly infers context when checking against an association (e.g. user.posts). We do this by leveraging ActiveRecord builder method 'new' to instantiate a proper object we can work with.
7 * When testing rules for positive results (via Authorization::Attribute#validate?), we now rescue NilAttributeValueError exceptions, simply causing the rule to return a negative result (instead of barfing).
fe3ee55b »
2009-02-12 ObligationScope to use :include instead of :join if rules are OR'ed […
8
9 * Changed Authorization::ObligationScope#rebuild_join_options! [Brian Langenfeld]
10 * If we're dealing with multiple obligations we have to check (i.e. ones that result in OR'd conditions), we now use :include instead of :joins for our generated scope. This does seem like a kludge, but until ActiveRecord scopes support unions (for checking obligations individually and consolidating the results), we don't have much choice. Something to revisit later, for sure.
11
035c94fa »
2009-02-02 Added CHANGELOG
12 ** RELEASE 0.2 (February 2, 2009) **
13
14 * added negative operators: is_not, not_in, does_not_contain [sb]
15
16 * changed user.roles to user.role_symbols to reduce interferance with associations [sb]
17
18 * Ruby 1.9 and Rails 2.3 compatibility [sb]
19
20 * if_permitted_to for has_permission_on blocks for DRYer auth rules [sb]
21
22 * ObligationScope rewrite of query rewriting [Brian Langenfeld]
23
24 * changed exception hierarchy to begin at StandardError [sb]
25
26 * :is_in operator [sb]
27
28 * added has_role? helper [sb]
29
30 * made plugin thread-safe [sb]
31
32 * added maintenance and test helpers [sb]
33
34 * changed default permission denied response to 403 Forbidden [sb]
35
36 * descriptions for titles and roles [sb]
37
38 * fixed for PostgreSQL [Mark Mansour]
39
40 * improved DSL syntax: allow for array of contexts in has_permission_on [sb]
41
42 ** RELEASE 0.1 (August 22, 2008) **
Something went wrong with that request. Please try again.