Hi all 👋,
a new version of CanCanCan is out!
Again, we have a minor release but it includes a bunch of very important features, next to support for Rails 6.1.0.
I have opened a sponsorship program, please consider supporting the project if you use CanCanCan. It really helps!
Switching query strategy
Since version 3.0.0 we started changing the way we perform the queries when using accessible_by, in order to be more performant and reliable.
As expected, this new way of performing the queries didn't fit everyone, so in version 3.1.0 we switched from left_joins to subqueries (see relevant PR).
This again didn't make everyone happy 😃 , so we decided, in the version 3.2.0 to allow to configure the preferred query mechanism: left joins or inner queries.
You can now setup:
CanCan.accessible_by_strategy = :subquery # or :left_join
to change it.
Support for Single Table Inheritance
Single Table Inheritance is now supported. Given the following:
class Vehicle < ApplicationRecord
class Car < Vehicle
class Motorbike < Vehicle
You can play with rules by defining:
can :read, Vehicle
and query for:
Vehicle.accessible_by
# or
Motorbike.accessible_by
Here is an example:
can :read, Motorbike
Vehicle.accessible_by(...) # => returns only motorbikes
Check the relevant PR for more examples and note that there are currently some minor issues
Support for associations in rules definition
When using associations in rules definition you always had to use column names. Now, thanks to this PR you can also use the association name.
# previously you had to define:
can :edit, Book, author_id: user.id
# now you can also write:
can :edit, Book, author: user
Enjoy! And to the next one...
Top comments (2)
Great job Alessandro & team! It feels like yesterday I was watching Ryan Bates presenting CanCan; than the move to CanCanCan. And now, 3.2!
IMHO one of the 2 best Authorization gems for Rails (alongside Pundit)
Thanks for the article! I have one question does this gem support for ruby version 3.0.0? I tried with ruby 3.0.0 and it shows me cancancan gem is not compatible for ruby version 3.0.0.