These are asking fundamentally different questions;
Abilities are asking the application if the user has a role that allows
the user to take a certain action
Capabilities are asking if the user has granted the application to
perform a certain type of action
CanCanCan makes no distinction, however, so the `granted_capabilities`
method is provided as a point that can be checked in rescue methods, so
that one can _attempt_ to continue to provide the more informative error
messages around permission refusals
The OAuth capabilities are essentially user permissions that have been
granted to the app. If the user authenticates through a non-oauth
method, they are assumed to have granted all capabilities to the app
Access logic is not _entirely_ exported from the controller,
unfortunately. For interface reasons, some actions which require admin
have to be listed within the controller's deny_access method.
This is required because, being a default-deny system, cancancan
_cannot_ tell you the reason you were denied access; and so
the "nice" feedback presenting next steps can't be gleaned from
the exception
Quad tile functions are now installed via a gem with native extension
automatically. This improves the run time of the test suite by ~30% for
users that didn't bother to build the C version of the functions.
Closes#1314Closes#1899
The old_node_controller#test_version in particular was slow, since
it saves a huge number of tags when adding a tag 30 times over. Since
the tests are random and not based on the number of iterations, this
reduces the iteration counts.
Wikidata entities should be linked using concept URIs, which are
permanent. This is the right way of linking web resources according
to the Linked Data principles.
Closes#1884
This is a better fit for rails controller method conventions, paving
the way to resourceful routing. Keep user-facing strings as 'delete'
since that's more commonly used.
