Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Newer
Older
100644 190 lines (98 sloc) 6.585 kB
549a8d3 Bumped minor to 0.5.7
Steffen Bartsch authored
1 ** RELEASE 0.5.7 (Mar 10, 2013)
2
3 * Ruby 2.0 compatibility [jhawthorn]
4
94a28ed Bumped minor to 0.5.6
Steffen Bartsch authored
5 ** RELEASE 0.5.6 (Sep 23, 2012)
6
7 * Fix handling of stray object associations [jhawthorn]
8
9 * Improve test infrastructure [jhawthorn]
10
11 * Allow decl_auth to be used without ActiveRecord [bterkuile]
12
13 * Rule reloading in development based on changes [urkle/sb]
14
616a703 @stffn Bumped minor to 0.5.5
authored
15 ** RELEASE 0.5.5 (Jan 10, 2012)
16
17 * Update of handling of association proxies for Rails 3.2
18
e932697 @stffn Updated contributors, changelog; bumped minor to 0.5.4
authored
19 ** RELEASE 0.5.4 (Nov 30, 2011)
20
21 * Cumulative loading of authorization rules [Damian Curso/sb]
22
23 * Improved used_privileges rake task [urkle]
24
25 * Performance improvements [John Hawthorn]
26
37cf39f @stffn Updated change log, contributors, bumped minor for 0.5.3 release
authored
27 ** RELEASE 0.5.3 (May 25, 2011)
28
29 * Bugfixes and documentation cleanup
30
31 * Rails 3.1.rc1 compatibility [sb]
32
33 * Added has_any_role?, has_any_role_with_hierarchy? [t.pickett66]
34
35 * Allow changing the default role [dbloete]
36
b2964ca @stffn Updated Changelog and bumped patch level to 0.5.2
authored
37 ** RELEASE 0.5.2 (Dec 31, 2010) **
38
39 * Bugfixes and documentation updates
40
2d641b2 @stffn Removed Rails gem dependency because of problems with decl_auth causi…
authored
41 ** RELEASE 0.5.1 (Sep 12, 2010) **
30fefc4 @stffn Release 0.5
authored
42
43 ** RELEASE 0.5 (July 21, 2010) **
44
e6acd9e @stffn Updated changelog and contributors
authored
45 * Ruby 1.9.2 compatibility [sb]
46
47 * Comparisons in authorization roles: lt, lte, gt, gte [aepstein,hollownest]
48
49 * DSL optimization: allow array being passed to to
50
0d3ac38 @stffn Documentation and changelog entries for previous commits
authored
51 * Omnipotent roles [timcharper]
52
53 * Meaningful error in case of missing authorization rules file [timcharper]
54
55 * Rails 3 support [sb]
b21d8cd @stffn Rails 3 support
authored
56
dff54b5 @stffn Updated Change Log and Contributors
authored
57 * Support shallow nested resources [jjb]
58
6d72c49 @stffn Updated documentation for multiple auth rules files
authored
59 * Allow multiple authorization rules files [kaichen]
60
5dcdaa3 @stffn Fixed changelog lag
authored
61 ** RELEASE 0.4 (November 15, 2009) **
62
63 * Implemented controller namespace handling [sb]
64
65 * Improved if_attribute to allow nesting of has_many associations [sb]
66
67 * Improved if_permitted_to: allow has_many associations and improved context inference [sb]
68
69 * Added option on handling non-existant auto-loaded object [sb]
70
71 * Added with_user as module method [sb]
72
73 * Change support i18n [sb]
74
75 ** RELEASE 0.3.2.3 (October 12, 2009) **
76
77 * Switched to gemcutter [sb]
78
79 * Fixed has_role? for guest user. Closes #8 [sb]
80
81 * Fixed unnecessary DB query with named scopes [sb, ledermann]
82
83 * Change support: suggestions: grouping, sorting by affected users [sb]
84
85 * Fixed context inference from AR objects for STI by switching to #class.name.tableize [sb]
86
87 * Allow multiple contexts as arguments to has_permission_on [Jeroen van Dijk]
88
89 ** RELEASE 0.3.2.2 (August 27, 2009) **
90
91 * Fix without_access_control test cases [sb]
92
93 * Fixed error on debug logging (Closes #6) [sb]
94
95 * Fixed without_access_control instance method in TestHelper [sb]
96
97 ** RELEASE 0.3.2.1 (August 14, 2009) **
98
99 * Fix gemspec for Rdoc generation [sb]
100
101 ** RELEASE 0.3.2 (August 13, 2009) **
102
103 * Fix for model-level permitted_to?/! [sb]
104
105 ** RELEASE 0.3.1 (August 12, 2009) **
106
51b8bd1 @stffn Change support: suggestions: grouping, sorting by affected users
authored
107 * Change Support: Suggestion grouping, sort by affected users [sb]
108
32975e8 @stffn Fixed context inference from AR objects for STI by switching to #clas…
authored
109 * Changed context derived from objects to #class.name.tableize to fix STI [sb]
110
d763a2e @stffn Simplified controller authorization with filter_resource_access
authored
111 * Simplified controller authorization with filter_resource_access [sb]
112
faecc17 @stffn Allow explicit context in permitted_to in addition to object
authored
113 * Allow passing explicit context in addition to object in permitted_to? [Olly Lylo, sb]
114
0cbd805 @stffn Added Change Supporter to CHANGELOG
authored
115 * Change Supporter: suggest changes to authorization rules [sb]
116
819df59 @stffn Added permitted_to?/! for models
authored
117 * Added permitted_to!/? in model [Eike Carls]
118
0cbd805 @stffn Added Change Supporter to CHANGELOG
authored
119 * New test helper: should_(not_)_be_allowed_to(privilege, object_or_context) [sb]
2162e87 @stffn New join_by option for has_permission_on to allow statements inside t…
authored
120
0f44a3a @stffn Release of 0.3.0
authored
121 ** RELEASE 0.3 (April 20, 2009) **
5af43ff @stffn Allow calling using_access_control on AR:Base directly
authored
122
0f44a3a @stffn Release of 0.3.0
authored
123 * New option :join_by for has_permission_on to allow AND'ing of statements in one has_permission_on block [sb]
29d81ec @stffn New operator: intersects_with for comparing collections with a set of…
authored
124
0f44a3a @stffn Release of 0.3.0
authored
125 * Allow using_access_control to be called directly on ActiveRecord::Base, globally enabling model security [sb]
126
127 * New operator: intersects_with, comparing two Enumerables in if_attribute [sb]
128
129 * Improved if_permitted_to syntax: if the attribute is left out, permissions are checked on for the current object [sb]
a5d748d @stffn Improved if_permitted_to syntax: allows checks on the current object
authored
130
0bbc07a Added #has_role_with_hierarchy? method to retrieve explicit and calcu…
Jeremy Friesen authored
131 * Added #has_role_with_hierarchy? method to retrieve explicit and calculated roles [jeremyf]
132
17d6dc0 @stffn Those missing CHANGELOG entries
authored
133 * Added a simple rules analyzer to help improve authorization rules [sb]
134
135 * Gemified plugin. Needed to restructure the lib path contents [sb]
136
138ac3b Added handling of Authorization::AuthorizationInController::ClassMeth…
Jeremy Friesen authored
137 * Added handling of Authorization::AuthorizationInController::ClassMethods.filter_access_to parameters that are of the form [:show, :update] instead of just :show, :update. [jeremyf]
138
17d6dc0 @stffn Those missing CHANGELOG entries
authored
139 * Added authorization usage helper for checking filter_access_to usage in controllers [sb]
140
781e3a4 @stffn Missing CHANGELOG entry
authored
141 * Added a authorization rules browser. See README for more information [sb]
21b0b31 @stffn Missing changelog entries
authored
142
143 * Added Model.using_access_control? to check if a model has model security activated [sb]
144
145 * Changed Authorization::ObligationScope#map_table_alias_for [Brian Langenfeld]
146 * Fixed to prevent bad aliases from being produced.
147
1940857 @stffn Improved permit! [Brian Langenfeld]
authored
148 * Changed Authorization::Attribute#validate? [Brian Langenfeld]
149 * Encountering a nil value when evaluating an attribute now raises a NilAttributeValueError, instead of an AuthorizationError. We leave it to the caller to decide what to do about it.
150
151 * Changed Authorization::Engine#permit! [Brian Langenfeld]
152 * We now convert incoming privileges to symbols (e.g. 'read' is made equivalent to :read). This ensures the privileges will match those defined in the authorization rules file.
153 * The method now properly infers context when checking against an association (e.g. user.posts). We do this by leveraging ActiveRecord builder method 'new' to instantiate a proper object we can work with.
154 * When testing rules for positive results (via Authorization::Attribute#validate?), we now rescue NilAttributeValueError exceptions, simply causing the rule to return a negative result (instead of barfing).
fe3ee55 @stffn ObligationScope to use :include instead of :join if rules are OR'ed […
authored
155
156 * Changed Authorization::ObligationScope#rebuild_join_options! [Brian Langenfeld]
157 * If we're dealing with multiple obligations we have to check (i.e. ones that result in OR'd conditions), we now use :include instead of :joins for our generated scope. This does seem like a kludge, but until ActiveRecord scopes support unions (for checking obligations individually and consolidating the results), we don't have much choice. Something to revisit later, for sure.
158
035c94f @stffn Added CHANGELOG
authored
159 ** RELEASE 0.2 (February 2, 2009) **
160
161 * added negative operators: is_not, not_in, does_not_contain [sb]
162
163 * changed user.roles to user.role_symbols to reduce interferance with associations [sb]
164
165 * Ruby 1.9 and Rails 2.3 compatibility [sb]
166
167 * if_permitted_to for has_permission_on blocks for DRYer auth rules [sb]
168
169 * ObligationScope rewrite of query rewriting [Brian Langenfeld]
170
171 * changed exception hierarchy to begin at StandardError [sb]
172
173 * :is_in operator [sb]
174
175 * added has_role? helper [sb]
176
177 * made plugin thread-safe [sb]
178
179 * added maintenance and test helpers [sb]
180
181 * changed default permission denied response to 403 Forbidden [sb]
182
183 * descriptions for titles and roles [sb]
184
185 * fixed for PostgreSQL [Mark Mansour]
186
187 * improved DSL syntax: allow for array of contexts in has_permission_on [sb]
188
189 ** RELEASE 0.1 (August 22, 2008) **
Something went wrong with that request. Please try again.