Skip to content

Commit

Permalink
Drop support for CanCanCan legacy can :dashboard style dashboard ab…
Browse files Browse the repository at this point in the history
…ility

This reverts commit da0584a.
  • Loading branch information
mshibuya committed Jul 14, 2019
1 parent 6b7495f commit 5bebac2
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 44 deletions.
27 changes: 6 additions & 21 deletions lib/rails_admin/extensions/cancancan/authorization_adapter.rb
Original file line number Diff line number Diff line change
Expand Up @@ -26,12 +26,8 @@ def initialize(controller, ability = ::Ability)
# instance if it is available.
def authorize(action, abstract_model = nil, model_object = nil)
return unless action
subject = model_object || abstract_model && abstract_model.model
if authorized_for_dashboard_in_legacy_way?(action)
subject
else
@controller.current_ability.authorize!(*resolve_with_compatibility(action, subject))
end
action, subject = resolve_action_and_subject(action, abstract_model, model_object)
@controller.current_ability.authorize!(action, subject)
end

# This method is called primarily from the view to determine whether the given user
Expand All @@ -40,9 +36,8 @@ def authorize(action, abstract_model = nil, model_object = nil)
# return a boolean whereas +authorize+ will raise an exception when not authorized.
def authorized?(action, abstract_model = nil, model_object = nil)
return unless action
subject = model_object || abstract_model && abstract_model.model
authorized_for_dashboard_in_legacy_way?(action, true) ||
@controller.current_ability.can?(*resolve_with_compatibility(action, subject))
action, subject = resolve_action_and_subject(action, abstract_model, model_object)
@controller.current_ability.can?(action, subject)
end

# This is called when needing to scope a database query. It is called within the list
Expand All @@ -61,18 +56,8 @@ def attributes_for(action, abstract_model)

private

def authorized_for_dashboard_in_legacy_way?(action, silent = false)
return false unless action == :dashboard
legacy_ability = @controller.current_ability.permissions[:can][:dashboard]
if legacy_ability && (legacy_ability.empty? || legacy_ability.all?(&:empty?))
ActiveSupport::Deprecation.warn('RailsAdmin CanCanCan Ability with `can :dashboard` is old and support will be removed in the next major release, use `can :read, :dashboard` instead. See https://github.com/sferik/rails_admin/issues/2901') unless silent
true
else
false
end
end

def resolve_with_compatibility(action, subject)
def resolve_action_and_subject(action, abstract_model, model_object)
subject = model_object || abstract_model && abstract_model.model
if subject
[action, subject]
else
Expand Down
23 changes: 0 additions & 23 deletions spec/integration/authorization/cancancan_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -340,27 +340,4 @@ def initialize(user)
end
end
end

describe 'with existing dashboard ability which uses no subject' do
class LegacyDashboardAbility
include CanCan::Ability
def initialize(_)
can :access, :rails_admin
can :dashboard
end
end

before do
RailsAdmin.config { |c| c.authorize_with :cancancan, LegacyDashboardAbility }
@user = FactoryBot.create :user
login_as @user
end

it 'shows dashboard with instruction on how to migrate to new ability notation' do
allow(ActiveSupport::Deprecation).to receive(:warn)
expect(ActiveSupport::Deprecation).to receive(:warn).with(/can :read, :dashboard/)
visit dashboard_path
is_expected.to have_content('Dashboard')
end
end if CanCan::VERSION < '3'
end

0 comments on commit 5bebac2

Please sign in to comment.