releasing gem v1.0.0 (backwards incompatible, see changelog)

f7480d1f · Ryan Bates · ffa677b2 · f7480d1f · f7480d1f · f7480d1f
Commit f7480d1f authored 15 years ago by Ryan Bates
--- a/CHANGELOG.rdoc
+++ b/CHANGELOG.rdoc
+1.0.0 (Dec 13, 2009)
+
 * Don't set resource instance variable if it has been set already - see issue #13

 * Allowing :nested option to accept an array for deep nesting
@@ -10,6 +12,7 @@

 * BACKWARDS INCOMPATIBLE: turning load and authorize resource methods into class methods which set up the before filter so they can accept additional arguments.

+
 0.2.1 (Nov 26, 2009)

 * many internal refactorings - see issues #11 and #12
@@ -18,6 +21,7 @@

 * support custom objects (usually symbols) in can definition - see issue #8

+
 0.2.0 (Nov 17, 2009)

 * fix behavior of load_and_authorize_resource for namespaced controllers - see issue #3

--- a/README.rdoc
+++ b/README.rdoc
@@ -10,7 +10,7 @@ See the RDocs[http://rdoc.info/projects/ryanb/cancan] and Wiki[http://wiki.githu

 You can set it up as a gem in your environment.rb file.
  
-  config.gem "cancan", :source => "http://gemcutter.org"
+  config.gem "cancan"
  
 And then install the gem.

@@ -21,7 +21,7 @@ Alternatively you can install it as a Rails plugin.
  script/plugin install git://github.com/ryanb/cancan.git


-== Setup
+== Getting Started

 First, define a class called Ability in "models/ability.rb".

@@ -52,10 +52,10 @@ You can also use these methods in a controller along with the "unauthorized!" me
    unauthorized! if cannot? :read, @article
  end

-Setting this for every action can be tedious, therefore a before filter is also provided to automatically authorize all actions in a RESTful style resource controller.
+Setting this for every action can be tedious, therefore the load_and_authorize_resource method is also provided to automatically authorize all actions in a RESTful style resource controller. It will set up a before filter which loads the resource into the instance variable and authorizes it.

  class ArticlesController < ApplicationController
-    before_filter :load_and_authorize_resource
+    load_and_authorize_resource
    
    def show
      # @article is already loaded
@@ -150,6 +150,30 @@ The following aliases are added by default for conveniently mapping common contr
  alias_action :edit, :to => :update


+== Authorizing Controller Actions
+
+As mentioned in the Getting Started section, you can use the +load_and_authorize_resource+ method in your controller to load the resource into an instance variable and authorize it. If you have a nested resource you can specify that as well.
+
+  load_and_authorize_resource :nested => :author
+
+You can also pass an array to the :+nested+ attribute for deep nesting.
+
+If you want to customize the loading behavior on certain actions, you can do so in a before filter.
+
+  class BooksController < ApplicationController
+    before_filter :find_book_by_permalink, :only => :show
+    load_and_authorize_resource
+  
+    private
+  
+    def find_book_by_permalink
+      @book = Book.find_by_permalink!(params[:id)
+    end
+  end
+
+Here the @book instance variable is already set so it will not be loaded again for that action. This works for nested resources as well.
+
+
 == Assumptions & Configuring

 CanCan makes two assumptions about your application.

--- a/cancan.gemspec
+++ b/cancan.gemspec
@@ -4,8 +4,8 @@ Gem::Specification.new do |s|
  s.description = "Simple authorization solution for Rails which is completely decoupled from the user's roles. All permissions are stored in a single location for convenience."
  s.homepage = "http://github.com/ryanb/cancan"
  
-  s.version = "0.2.1"
-  s.date = "2009-11-26"
+  s.version = "1.0.0"
+  s.date = "2009-12-13"
  
  s.authors = ["Ryan Bates"]
  s.email = "ryan@railscasts.com"