Skip to content

v1.0.0-rc.13

Pre-release
Pre-release
Compare
Choose a tag to compare
@JosephSilber JosephSilber released this 21 Feb 13:51
· 23 commits to master since this release

This is mainly a housecleaning release, with two breaking changes:

  1. Levels were removed. They were too much of a burden on maintenance, and has actively hindered development on new features. With Bouncer's many features, such as allowing & forbidding permissions, broad model abilities, per-model abilities, and the powerful ownership model, the need for levels is now truly niche, and no longer worth the maintenance cost.

    They were purposefully never documented, and I've been saying in the issues for years that they will eventually be removed.

  2. Bouncer's checks, by default, now run after your policies and gate definitions. This gives your code precedence for all auth checks. If your code explicitly passes/fails a check, that will now be honored and Bouncer won't even run for that.

    This is actually what people expect intuitively, and has been a setting in Bouncer for a long time now. This release just switches the default.

    If you prefer the old order of things, you can tell Bouncer to run before your code:

    Bouncer::runBeforePolicies();

    This setting used to be called Bouncer::runAfterPolicies(), as it toggled the inverse. If you have that your code, you can now safely remove it.