-
Notifications
You must be signed in to change notification settings - Fork 230
/
CHANGELOG
189 lines (98 loc) · 6.43 KB
/
CHANGELOG
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
** RELEASE 0.5.7 (Mar 10, 2013)
* Ruby 2.0 compatibility [jhawthorn]
** RELEASE 0.5.6 (Sep 23, 2012)
* Fix handling of stray object associations [jhawthorn]
* Improve test infrastructure [jhawthorn]
* Allow decl_auth to be used without ActiveRecord [bterkuile]
* Rule reloading in development based on changes [urkle/sb]
** RELEASE 0.5.5 (Jan 10, 2012)
* Update of handling of association proxies for Rails 3.2
** RELEASE 0.5.4 (Nov 30, 2011)
* Cumulative loading of authorization rules [Damian Curso/sb]
* Improved used_privileges rake task [urkle]
* Performance improvements [John Hawthorn]
** RELEASE 0.5.3 (May 25, 2011)
* Bugfixes and documentation cleanup
* Rails 3.1.rc1 compatibility [sb]
* Added has_any_role?, has_any_role_with_hierarchy? [t.pickett66]
* Allow changing the default role [dbloete]
** RELEASE 0.5.2 (Dec 31, 2010) **
* Bugfixes and documentation updates
** RELEASE 0.5.1 (Sep 12, 2010) **
** RELEASE 0.5 (July 21, 2010) **
* Ruby 1.9.2 compatibility [sb]
* Comparisons in authorization roles: lt, lte, gt, gte [aepstein,hollownest]
* DSL optimization: allow array being passed to to
* Omnipotent roles [timcharper]
* Meaningful error in case of missing authorization rules file [timcharper]
* Rails 3 support [sb]
* Support shallow nested resources [jjb]
* Allow multiple authorization rules files [kaichen]
** RELEASE 0.4 (November 15, 2009) **
* Implemented controller namespace handling [sb]
* Improved if_attribute to allow nesting of has_many associations [sb]
* Improved if_permitted_to: allow has_many associations and improved context inference [sb]
* Added option on handling non-existant auto-loaded object [sb]
* Added with_user as module method [sb]
* Change support i18n [sb]
** RELEASE 0.3.2.3 (October 12, 2009) **
* Switched to gemcutter [sb]
* Fixed has_role? for guest user. Closes #8 [sb]
* Fixed unnecessary DB query with named scopes [sb, ledermann]
* Change support: suggestions: grouping, sorting by affected users [sb]
* Fixed context inference from AR objects for STI by switching to #class.name.tableize [sb]
* Allow multiple contexts as arguments to has_permission_on [Jeroen van Dijk]
** RELEASE 0.3.2.2 (August 27, 2009) **
* Fix without_access_control test cases [sb]
* Fixed error on debug logging (Closes #6) [sb]
* Fixed without_access_control instance method in TestHelper [sb]
** RELEASE 0.3.2.1 (August 14, 2009) **
* Fix gemspec for Rdoc generation [sb]
** RELEASE 0.3.2 (August 13, 2009) **
* Fix for model-level permitted_to?/! [sb]
** RELEASE 0.3.1 (August 12, 2009) **
* Change Support: Suggestion grouping, sort by affected users [sb]
* Changed context derived from objects to #class.name.tableize to fix STI [sb]
* Simplified controller authorization with filter_resource_access [sb]
* Allow passing explicit context in addition to object in permitted_to? [Olly Lylo, sb]
* Change Supporter: suggest changes to authorization rules [sb]
* Added permitted_to!/? in model [Eike Carls]
* New test helper: should_(not_)_be_allowed_to(privilege, object_or_context) [sb]
** RELEASE 0.3 (April 20, 2009) **
* New option :join_by for has_permission_on to allow AND'ing of statements in one has_permission_on block [sb]
* Allow using_access_control to be called directly on ActiveRecord::Base, globally enabling model security [sb]
* New operator: intersects_with, comparing two Enumerables in if_attribute [sb]
* Improved if_permitted_to syntax: if the attribute is left out, permissions are checked on for the current object [sb]
* Added #has_role_with_hierarchy? method to retrieve explicit and calculated roles [jeremyf]
* Added a simple rules analyzer to help improve authorization rules [sb]
* Gemified plugin. Needed to restructure the lib path contents [sb]
* Added handling of Authorization::AuthorizationInController::ClassMethods.filter_access_to parameters that are of the form [:show, :update] instead of just :show, :update. [jeremyf]
* Added authorization usage helper for checking filter_access_to usage in controllers [sb]
* Added a authorization rules browser. See README for more information [sb]
* Added Model.using_access_control? to check if a model has model security activated [sb]
* Changed Authorization::ObligationScope#map_table_alias_for [Brian Langenfeld]
* Fixed to prevent bad aliases from being produced.
* Changed Authorization::Attribute#validate? [Brian Langenfeld]
* Encountering a nil value when evaluating an attribute now raises a NilAttributeValueError, instead of an AuthorizationError. We leave it to the caller to decide what to do about it.
* Changed Authorization::Engine#permit! [Brian Langenfeld]
* We now convert incoming privileges to symbols (e.g. 'read' is made equivalent to :read). This ensures the privileges will match those defined in the authorization rules file.
* The method now properly infers context when checking against an association (e.g. user.posts). We do this by leveraging ActiveRecord builder method 'new' to instantiate a proper object we can work with.
* When testing rules for positive results (via Authorization::Attribute#validate?), we now rescue NilAttributeValueError exceptions, simply causing the rule to return a negative result (instead of barfing).
* Changed Authorization::ObligationScope#rebuild_join_options! [Brian Langenfeld]
* If we're dealing with multiple obligations we have to check (i.e. ones that result in OR'd conditions), we now use :include instead of :joins for our generated scope. This does seem like a kludge, but until ActiveRecord scopes support unions (for checking obligations individually and consolidating the results), we don't have much choice. Something to revisit later, for sure.
** RELEASE 0.2 (February 2, 2009) **
* added negative operators: is_not, not_in, does_not_contain [sb]
* changed user.roles to user.role_symbols to reduce interferance with associations [sb]
* Ruby 1.9 and Rails 2.3 compatibility [sb]
* if_permitted_to for has_permission_on blocks for DRYer auth rules [sb]
* ObligationScope rewrite of query rewriting [Brian Langenfeld]
* changed exception hierarchy to begin at StandardError [sb]
* :is_in operator [sb]
* added has_role? helper [sb]
* made plugin thread-safe [sb]
* added maintenance and test helpers [sb]
* changed default permission denied response to 403 Forbidden [sb]
* descriptions for titles and roles [sb]
* fixed for PostgreSQL [Mark Mansour]
* improved DSL syntax: allow for array of contexts in has_permission_on [sb]
** RELEASE 0.1 (August 22, 2008) **