All Versions
11
Latest Version
Avg Release Cycle
225 days
Latest Release
120 days ago

Changelog History
Page 1

  • v2.1.0

    August 14, 2019

    🛠 Fixed

    • Avoid name clashes with the Error class. (#590)

    🔄 Changed

    • 0️⃣ Return a safer default NotAuthorizedError message. (#583)
  • v2.0.1

    January 18, 2019

    💥 Breaking changes

    None

    Other changes

    • Improve exception handling for #policy_scope and #policy_scope!. (#550)
    • ➕ Add :policy metadata to RSpec template. (#566)
  • v2.0.0

    July 21, 2018

    No changes since beta1

  • v2.0.0.beta1

    July 04, 2018

    💥 Breaking changes

    • Only pass last element of "namespace array" to policy and scope. (#529)
    • Raise InvalidConstructorError if a policy or policy scope with an invalid constructor is called. (#462)
    • Return passed object from #authorize method to make chaining possible. (#385)

    Other changes

    • ➕ Add policy_class option to authorize to be able to override the policy. (#441)
    • Add policy_scope_class option to authorize to be able to override the policy scope. (#441)
    • 🛠 Fix param_key issue when passed an array. (#529)
    • 👍 Allow specification of a NilClassPolicy. (#525)
    • 👉 Make sure policy_class override is called when passed an array. (#475)

    • 👉 Use action_name instead of params[:action]. (#419)

    • Add pundit_params_for method to make it easy to customize params fetching. (#502)

  • v1.1.0

    January 14, 2016
    • Can retrieve policies via an array of symbols/objects.
    • ➕ Add autodetection of param key to permitted_attributes helper.
    • Hide some methods which should not be actions.
    • Permitted attributes should be expanded.
    • Generator uses RSpec.describe according to modern best practices.
  • v1.0.1

    May 27, 2015
    • 🛠 Fixed a regression where NotAuthorizedError could not be ininitialized with a string.
    • 👉 Use camelize instead of classify for symbol policies to prevent weird pluralizations.
  • v1.0.0

    April 19, 2015
    • Caches policy scopes and policies.
    • 🚚 Explicitly setting the policy for the controller via controller.policy = foo has been removed. Instead use controller.policies[record] = foo.
    • 🚚 Explicitly setting the policy scope for the controller via controller.policy_policy = foo has been removed. Instead use controller.policy_scopes[scope] = foo.
    • ➕ Add permitted_attributes helper to fetch attributes from policy.
    • Add pundit_policy_authorized? and pundit_policy_scoped? methods.
    • 🛠 Instance variables are prefixed to avoid collisions.
    • ➕ Add Pundit.authorize method.
    • Add skip_authorization and skip_policy_scope helpers.
    • 👍 Better errors when checking multiple permissions in RSpec tests.
    • 👍 Better errors in case nil is passed to policy or policy_scope.
    • 🖨 Use inspect when printing object for better errors.
    • ⬇️ Dropped official support for Ruby 1.9.3
  • v0.3.0

    August 22, 2014
    • 0️⃣ Extend the default ApplicationPolicy with an ApplicationPolicy::Scope (#120)
    • 🛠 Fix RSpec 3 deprecation warnings for built-in matchers (#162)
    • ✅ Generate blank policy spec/test files for Rspec/MiniTest/Test::Unit in Rails (#138)
  • v0.2.3

    April 06, 2014
    • Customizable error messages: #query, #record and #policy methods on Pundit::NotAuthorizedError (#114)
    • Raise a different Pundit::AuthorizationNotPerformedError when authorize call is expected in controller action but missing (#109)
    • ⚡️ Update Rspec matchers for Rspec 3 (#124)
  • v0.2.2

    February 07, 2014
    • Customize the user to be passed into policies: pundit_user (#42)