Comments (6)
I am using cancancan
1.8.4
.
from cancancan.
Would someone be able to double check this is still occurring in 1.9.2? We've done some work on the way models are referenced. Thanks!
from cancancan.
bryanrite,
This has been fixed. Thanks for your help.
> Employee.accessible_by(Ability.new(user)).to_sql
=> "SELECT `employees`.`id` AS t0_r0, `employees`.`company_id` AS t0_r1,
`employees`.`permissions` AS t0_r2, `employees`.`user_id` AS t0_r3, `employees`.`name` AS t0_r4,
`companies`.`id` AS t1_r0, `companies`.`user_id` AS t1_r1, `companies`.`name` AS t1_r2,
`employees_companies`.`id` AS t2_r0, `employees_companies`.`company_id` AS t2_r1,
`employees_companies`.`permissions` AS t2_r2, `employees_companies`.`user_id` AS t2_r3,
`employees_companies`.`name` AS t2_r4 FROM `employees` LEFT OUTER JOIN `companies` ON
`companies`.`id` = `employees`.`company_id` LEFT OUTER JOIN `employees`
`employees_companies` ON `employees_companies`.`company_id` = `companies`.`id` WHERE
`employees`.`user_id` = 1"
> Customer.accessible_by(Ability.new(user)).to_sql
=> "SELECT `customers`.`id` AS t0_r0, `customers`.`company_id` AS t0_r1, `customers`.`user_id` AS
t0_r2, `customers`.`name` AS t0_r3, `companies`.`id` AS t1_r0, `companies`.`user_id` AS t1_r1,
`companies`.`name` AS t1_r2, `employees`.`id` AS t2_r0, `employees`.`company_id` AS t2_r1,
`employees`.`permissions` AS t2_r2, `employees`.`user_id` AS t2_r3, `employees`.`name` AS t2_r4
FROM `customers` LEFT OUTER JOIN `companies` ON `companies`.`id` = `customers`.`company_id`
LEFT OUTER JOIN `employees` ON `employees`.`company_id` = `companies`.`id` WHERE
`employees`.`user_id` = 1"
from cancancan.
@bryanrite I have the same issue on 1.9.2
, rails 3.2
. Do you have an idea how I can figure it out?
from cancancan.
And on develop branch (c2c3c93)
from cancancan.
Actually, I'm not using self-referential models but I want to get correct sql by Payment.accessible_by(current_ability).to_sql
when there is a rule with some joins like this
can [:index], Payment, loan: { customer: { lenders: { id: agency_ids } } }
But I'm getting
SELECT `payments`.* FROM `payments` WHERE `lenders`.`id` IN (1,2)
from cancancan.
Related Issues (20)
- Association is renamed in SQL and results in unknown column error HOT 2
- Running dangerous :show permission when the resource name is passed and mismatch the controller name HOT 3
- Polymorphic associations do not support computing the class HOT 12
- STI normalizer fails when existing rule conditions are relation HOT 2
- undefined method `#{parent_name}=' for singleton associations
- Nil values on enums fails to authorize
- Gemspec does not have Rails version dependency for various version of the gem
- cancancan is chaninging my get request ID HOT 1
- Deep conditions nesting on sqlite => stack overflow
- Selective permissions on STI sub-classes not respected by accessible_by HOT 1
- Granting read permission on intermediate STI table prevents any records being returned HOT 4
- inconsistent behaviour with Hash subjects
- `can?` unnecessarily loads relationships in memory when it could leverage `accessible_by` HOT 1
- can? should return false when there are no attributes that the current user can perform action on
- Possible breaking change with handling of `nil` conditions in 3.5.0
- How to define ability action name that is same as the default action aliases?
- Why are merged rules still bound to the merged Ability class?
- Extra table alias is being generated, but then ignored in the final stage of an accessible_by query HOT 1
- Creating resource failes when association is polymorphic and singleton.
- Can't apply rules to `create` action without affecting `new` because of aliasing HOT 12
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cancancan.