cancancan icon indicating copy to clipboard operation
cancancan copied to clipboard

Published 20 hours ago verified publisher icon CanCanCommunity

Check rule's subject's inheritance if subject is a Class or Module

Open kevinluo201 opened this issue 9 months ago • 2 comments

This change fixes the following problem of STI classes

# given "class Child < Parent"
can :read, Parent
cannot :read, Child

can? :read, Parent # => false, but should be true

The reason is that relevant_rules will fetch both ancestors and subclasses rules when ActiveRecord is used, where non-sti classes don't have this problem.

The fix is simple: just check if the rule's subject is a ancestor or itself

kevinluo201 avatar Mar 02 '25 04:03 kevinluo201

Hi @coorasse, this is my first time contributing to this project. Would you mind helping me review this PR? Does it need to pass any CI? Thank you 🙏

kevinluo201 avatar Mar 02 '25 04:03 kevinluo201

@brynary @macav @Senjai @amitsuryavanshi Sorry to bother you 🥹 I just want to ask if anyone can review this PR if they're available. 🙏

kevinluo201 avatar Mar 05 '25 19:03 kevinluo201

@coorasse any ETA when this PR will be merged? I'm running into this issue on a project, trying to decided whether to monkey patch or wait for this to be merged. /cc @kevinluo201

dalezak avatar Jun 20 '25 20:06 dalezak

@kevinluo201 any updates on this?

23tux avatar Oct 20 '25 08:10 23tux