Skip to content
Snippets Groups Projects
Commit 964a4765 authored by Ryan Bates's avatar Ryan Bates
Browse files

removing need to pass tableize option around for query conditions

parent a42e067f
No related branches found
No related tags found
No related merge requests found
......@@ -183,8 +183,8 @@ module CanCan
end
# Returns a CanCan::Query instance to help generate database queries based on the ability.
def query(action, subject, options = {})
Query.new(relevant_can_definitions_without_block(action, subject), subject, options)
def query(action, subject)
Query.new(subject, relevant_can_definitions_without_block(action, subject))
end
private
......
......@@ -20,7 +20,7 @@ module CanCan
# Here only the articles which the user can update are returned. This
# internally uses Ability#conditions method, see that for more information.
def accessible_by(ability, action = :read)
query = ability.query(action, self, :tableize => true)
query = ability.query(action, self)
conditions = query.sql_conditions || {:id => nil}
if respond_to? :where
where(conditions).joins(query.association_joins)
......
......@@ -4,7 +4,6 @@ module CanCan
# helpful methods to determine permission checking and conditions hash generation.
class CanDefinition # :nodoc:
attr_reader :conditions, :block, :base_behavior
include ActiveSupport::Inflector
attr_reader :block
attr_reader :actions
attr_writer :expanded_actions
......@@ -37,17 +36,14 @@ module CanCan
end
end
# Returns a hash of conditions. If the ":tableize => true" option is passed
# it will pluralize the association conditions to match the table name.
def conditions(options = {})
if options[:tableize] && @conditions.kind_of?(Hash)
# Returns a hash of conditions, pluralizing the table names
def tableized_conditions
if @conditions
@conditions.inject({}) do |tableized_conditions, (name, value)|
name = tableize(name).to_sym if value.kind_of? Hash
name = name.to_s.tableize.to_sym if value.kind_of? Hash
tableized_conditions[name] = value
tableized_conditions
end
else
@conditions
end
end
......
......@@ -3,10 +3,9 @@ module CanCan
# Generates the sql conditions and association joins for use in ActiveRecord queries.
# Normally you will not use this class directly, but instead through ActiveRecordAdditions#accessible_by.
class Query
def initialize(can_definitions, sanitizer, options)
@can_definitions = can_definitions
def initialize(sanitizer, can_definitions)
@sanitizer = sanitizer
@options = options
@can_definitions = can_definitions
end
# Returns an array of arrays composing from desired action and hash of conditions which match the given ability.
......@@ -27,7 +26,7 @@ module CanCan
def conditions
unless @can_definitions.empty?
@can_definitions.map do |can_definition|
[can_definition.base_behavior, can_definition.conditions(@options)]
[can_definition.base_behavior, can_definition.tableized_conditions]
end
else
false
......
......@@ -34,7 +34,7 @@ describe CanCan::CanDefinition do
it "should return table names in conditions for association joins" do
@conditions[:foo] = {:bar => 1}
@conditions[:test] = 1
@can.conditions(:tableize => true).should == { :foos => { :bar => 1}, :test => 1 }
@can.tableized_conditions.should == { :foos => { :bar => 1}, :test => 1 }
end
it "should return no association joins if conditions is nil" do
......
......@@ -84,19 +84,4 @@ describe CanCan::Query do
@ability.query(:manage, Person).sql_conditions.should == {:id=>1}
@ability.query(:read, Person).sql_conditions.should == 'true=true'
end
it "should accept array condition for use in sql" do
@ability.can :read, Person, ["user_id = ?", 1]
@ability.query(:read, Person).sql_conditions.should == ['user_id = ?', 1]
@ability.query(:read, Person).association_joins.should be_nil
end
it "should accept array condition for use in sql and do sanitizing in complex conditions" do
@ability.cannot :read, Person
@ability.can :read, Person, ["user_id = ?", 1]
@ability.query(:read, Person).sql_conditions.should == 'user_id = 1'
@ability.query(:read, Person).association_joins.should be_nil
end
end
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment