varvet--pundit/CHANGELOG.md

# Pundit

## Unreleased

- Add `policy_class` option to `authorize` to be able to override the policy. (#441)
- Add `policy_scope_class` option to `authorize` to be able to override the policy scope. (#441)
- Fix `param_key` issue when passed an array. (#529)
- Only pass last element of "namespace array" to policy and scope. (#529)
- Allow specification of a `NilClassPolicy`. (#525)
- Make sure `policy_class` override is called when passed an array. (#475)
- Raise `InvalidConstructorError` if a policy or policy scope with an invalid constructor is called. (#462)
- Use `action_name` instead of `params[:action]`. (#419)
- Add `pundit_params_for` method to make it easy to customize params fetching. (#502)
- Return passed object from `#authorize` method to make chaining possible. (#385)

## 1.1.0 (2016-01-14)

- Can retrieve policies via an array of symbols/objects.
- Add autodetection of param key to `permitted_attributes` helper.
- Hide some methods which should not be actions.
- Permitted attributes should be expanded.
- Generator uses `RSpec.describe` according to modern best practices.

## 1.0.1 (2015-05-27)

- Fixed a regression where NotAuthorizedError could not be ininitialized with a string.
- Use `camelize` instead of `classify` for symbol policies to prevent weird pluralizations.

## 1.0.0 (2015-04-19)

- Caches policy scopes and policies.
- Explicitly setting the policy for the controller via `controller.policy = foo` has been removed. Instead use `controller.policies[record] = foo`.
- Explicitly setting the policy scope for the controller via `controller.policy_policy = foo` has been removed. Instead use `controller.policy_scopes[scope] = foo`.
- Add `permitted_attributes` helper to fetch attributes from policy.
- Add `pundit_policy_authorized?` and `pundit_policy_scoped?` methods.
- Instance variables are prefixed to avoid collisions.
- Add `Pundit.authorize` method.
- Add `skip_authorization` and `skip_policy_scope` helpers.
- Better errors when checking multiple permissions in RSpec tests.
- Better errors in case `nil` is passed to `policy` or `policy_scope`.
- Use `inspect` when printing object for better errors.
- Dropped official support for Ruby 1.9.3

## 0.3.0 (2014-08-22)

- Extend the default `ApplicationPolicy` with an `ApplicationPolicy::Scope` (#120)
- Fix RSpec 3 deprecation warnings for built-in matchers (#162)
- Generate blank policy spec/test files for Rspec/MiniTest/Test::Unit in Rails (#138)

## 0.2.3 (2014-04-06)

- Customizable error messages: `#query`, `#record` and `#policy` methods on `Pundit::NotAuthorizedError` (#114)
- Raise a different `Pundit::AuthorizationNotPerformedError` when `authorize` call is expected in controller action but missing (#109)
- Update Rspec matchers for Rspec 3 (#124)

## 0.2.2 (2014-02-07)

- Customize the user to be passed into policies: `pundit_user` (#42)
Add CHANGELOG 2014-02-09 09:43:33 +01:00			`# Pundit`

Update CHANGELOG with unreleased changes 2018-04-27 13:34:39 +02:00			`## Unreleased`

Update CHANGELOG 2018-07-04 20:19:42 +02:00			- Add `policy_class` option to `authorize` to be able to override the policy. (#441)
			- Add `policy_scope_class` option to `authorize` to be able to override the policy scope. (#441)
Update CHANGELOG 2018-06-17 09:53:26 +02:00			- Fix `param_key` issue when passed an array. (#529)
Update CHANGELOG 2018-06-17 09:32:53 +02:00			`- Only pass last element of "namespace array" to policy and scope. (#529)`
Update CHANGELOG 2018-06-16 21:45:31 +02:00			- Allow specification of a `NilClassPolicy`. (#525)
Update CHANGELOG 2018-06-06 20:36:49 +02:00			- Make sure `policy_class` override is called when passed an array. (#475)
Update CHANGELOG 2018-05-17 22:51:16 +02:00			- Raise `InvalidConstructorError` if a policy or policy scope with an invalid constructor is called. (#462)
Update CHANGELOG 2018-06-06 20:36:49 +02:00			- Use `action_name` instead of `params[:action]`. (#419)
Update CHANGELOG 2018-05-17 20:18:36 +02:00			- Add `pundit_params_for` method to make it easy to customize params fetching. (#502)
			- Return passed object from `#authorize` method to make chaining possible. (#385)
Update CHANGELOG with unreleased changes 2018-04-27 13:34:39 +02:00
tagged 1.1.0 2016-01-14 16:06:50 +01:00			`## 1.1.0 (2016-01-14)`

			`- Can retrieve policies via an array of symbols/objects.`
			- Add autodetection of param key to `permitted_attributes` helper.
			`- Hide some methods which should not be actions.`
			`- Permitted attributes should be expanded.`
			- Generator uses `RSpec.describe` according to modern best practices.
Fixes and simplifications for previous commit (to be squashed) 2015-07-15 12:58:54 +03:00
tagged 1.0.1 2015-05-27 18:31:53 +02:00			`## 1.0.1 (2015-05-27)`

			`- Fixed a regression where NotAuthorizedError could not be ininitialized with a string.`
			- Use `camelize` instead of `classify` for symbol policies to prevent weird pluralizations.

Tagged 1.0.0 2015-04-19 13:26:56 +02:00			`## 1.0.0 (2015-04-19)`
Update changelog 2014-08-22 13:26:44 +02:00
			`- Caches policy scopes and policies.`
			- Explicitly setting the policy for the controller via `controller.policy = foo` has been removed. Instead use `controller.policies[record] = foo`.
			- Explicitly setting the policy scope for the controller via `controller.policy_policy = foo` has been removed. Instead use `controller.policy_scopes[scope] = foo`.
Tagged 1.0.0 2015-04-19 13:26:56 +02:00			- Add `permitted_attributes` helper to fetch attributes from policy.
Add `pundit_policy_authorized?` and `pundit_policy_scoped?` methods In some cases we might need to simply check if `authorize` or `policy_scope` were called, without immediately raising and exception. In other cases we might be happy if either was called and only want to raise if neither was called. All those edge cases are most easily served by exposing lower level function which just perform the checks and return `true` or `false`. The `verify_*` methods can then build on top of them to offer a convenient path for the most common use cases. 2015-03-18 15:50:06 +01:00			- Add `pundit_policy_authorized?` and `pundit_policy_scoped?` methods.
Tagged 1.0.0 2015-04-19 13:26:56 +02:00			`- Instance variables are prefixed to avoid collisions.`
			- Add `Pundit.authorize` method.
			- Add `skip_authorization` and `skip_policy_scope` helpers.
			`- Better errors when checking multiple permissions in RSpec tests.`
			- Better errors in case `nil` is passed to `policy` or `policy_scope`.
Fix typo 2015-06-07 12:52:37 +05:00			- Use `inspect` when printing object for better errors.
Tagged 1.0.0 2015-04-19 13:26:56 +02:00			`- Dropped official support for Ruby 1.9.3`
Update changelog 2014-08-22 13:26:44 +02:00
			`## 0.3.0 (2014-08-22)`
Update CHANGELOG 2014-04-28 23:00:48 +02:00
			- Extend the default `ApplicationPolicy` with an `ApplicationPolicy::Scope` (#120)
Update CHANGELOG 2014-07-13 11:07:01 +02:00			`- Fix RSpec 3 deprecation warnings for built-in matchers (#162)`
			`- Generate blank policy spec/test files for Rspec/MiniTest/Test::Unit in Rails (#138)`
Update CHANGELOG 2014-04-28 23:00:48 +02:00
Update changelog 2014-04-07 00:22:38 +02:00			`## 0.2.3 (2014-04-06)`
Add CHANGELOG 2014-02-09 09:43:33 +01:00
Update CHANGELOG 2014-04-28 23:00:48 +02:00			- Customizable error messages: `#query`, `#record` and `#policy` methods on `Pundit::NotAuthorizedError` (#114)
			- Raise a different `Pundit::AuthorizationNotPerformedError` when `authorize` call is expected in controller action but missing (#109)
			`- Update Rspec matchers for Rspec 3 (#124)`
Add CHANGELOG 2014-02-09 09:43:33 +01:00
			`## 0.2.2 (2014-02-07)`

Update CHANGELOG 2014-04-28 23:00:48 +02:00			- Customize the user to be passed into policies: `pundit_user` (#42)