authcan_easyroller 0.1.0

data/.gitignore

@@ -0,0 +1,3 @@
+*.swp
+*.swo
+pkg/*

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2009 Topher Fangio
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,217 @@
+== Rails 3 Notes
+
+I wanted to put this at the top so that nobody misses it. There are currently some bugs due to
+Rails 3 still being in beta. As I come across these bugs, I will add them below and any workaround
+if available.
+
+* Bug #3928[https://rails.lighthouseapp.com/projects/8994-ruby-on-rails/tickets/3928] - process_parameter_filter throws an exception on array parameters
+
+  [Status:] Resolved in source control, awaiting next beta release.
+  [Workaround:] The code to enable parameter filtering in `lib/authcan_easyroller.rb` has been commented out until the next beta release.
+
+
+
+== authcan_easyroller
+
+This is a basic Rails engine utilizing Authlogic[http://github.com/binarylogic/authlogic],
+CanCan[http://github.com/ryanb/cancan] and Easy Roles[http://github.com/platform45/easy_roles]
+for simple Rails 3.x applications that need authentication and authorization.
+
+
+
+== Basis for Creation
+
+As a Rails developer, I find myself needing an elegant and easy-to-use solution for authentication
+and authorization in the small web-apps that I create. They generally aren't linked together since
+they are separate clients with completely different ideas and business models, but they both need
+the same underlying code to manage their users.
+
+I have used Authlogic for quite a while now and have found it to be very useful and a complete
+solution for authentication. Adding a dash of functionality here and there is fairly easy and the
+ability to extend it really drew me in (in fact, I helped develop some of the code behind
+authlogic_ldap[http://github.com/topherfangio/authlogic_ldap] which I never got to finish but
+still intend to do).
+
+After watching the screencast[http://railscasts.com/episodes/192-authorization-with-cancan] by
+Ryan Bates, I decided that CanCan was a great addition to my applications since it was easy to
+use and cleanly separated the authorization from the model and view logic. The only other piece
+was an easy way to manage roles soley in code, yet while storing the assignments in the database;
+and I found this in Easy Roles.
+
+Putting the three together, I now have a complete (albeit simple) authentication and authorization
+solution that I can easily plugin into existing or new applications (and update in one spot).
+
+
+
+== Future Enhancements
+
+Before we get into the nitty-gritty of how to use it, I wanted to go ahead and mention the
+planned enhancements so you can get a feel of where this project will go.
+
+* Authlogic supports many different types of authentication without you needing to change
+  hardly anything, so I plan on modifying the code to allow for all of the possible authentication
+  schemes. Thus, I definitely plan on integrating OpenID, LDAP, Facebook Connect and OAuth. I may
+  or may not implement PAM, but we'll see.
+* I plan on adding an easy password reset mechanism for users provided that you use an email column.
+* I also plan to add the configuration option to turn on e-mail verification before users are granted
+  access to the system.
+
+
+
+== Installation/Setup
+
+Now that the code is a Rails 3 engine, installation is very simple; just install the gem and it's dependencies!
+
+  gem install rails authlogic cancan easy_roles authcan_easyroller
+
+Next, create a migration for the users:
+
+  rails generate migration CreateUsers
+
+Then, copy the following contents into that file making any changes you see fit:
+
+	class CreateUsers < ActiveRecord::Migration
+		def self.up
+			create_table :users do |t|
+				# Necessary Columns - These are required for AuthcanEasyroller to function properly
+				t.string    :email,               :null => false
+				t.string    :crypted_password,    :null => false
+				t.string    :password_salt,       :null => false
+				t.string    :persistence_token,   :null => false
+				t.string    :single_access_token, :null => false
+				t.string    :perishable_token,    :null => false
+				t.integer   :roles_mask,          :null => false, :default => 0
+				
+				# Magic Columns - You may leave any of the following out if you wish
+				t.integer   :login_count,         :null => false, :default => 0
+				t.integer   :failed_login_count,  :null => false, :default => 0
+				t.datetime  :last_request_at
+				t.datetime  :current_login_at
+				t.datetime  :last_login_at
+				t.string    :current_login_ip
+				t.string    :last_login_ip
+	 
+				# Timestamp Columns - You should have these on every database table you create
+				t.timestamps
+			end
+		end
+
+		def self.down
+			drop_table :users
+		end
+	end
+
+Once saved, migrate your database by running
+
+  rake db:migrate
+
+Next, copy the following files to their proper locations (feel free to edit them, these are just some basics to
+help get you started). The <tt>rails.js</tt> file at the bottom of the list is the official Rails jQuery file available
+at http://github.com/rails/jquery-ujs .
+
+* ability.rb[http://github.com/topherfangio/authcan_easyroller/raw/master/examples/ability.rb] -> <<APPLICATION>>/app/models/ability.rb
+* application.html.erb[http://github.com/topherfangio/authcan_easyroller/raw/master/examples/application.html.erb] -> <<APPLICATION>>/app/view/layouts/application.html.erb
+* main.css[http://github.com/topherfangio/authcan_easyroller/raw/master/examples/main.css] -> <<APPLICATION>/public/stylesheets/main.css
+* rails.js[http://github.com/rails/jquery-ujs/raw/master/src/rails.js] -> <<APPLICATION>/public/javascripts/rails.js
+
+
+
+== Starting Your Engine
+
+Once you have everything setup correctly, simply run the following to start your application, then visit http://localhost:3000
+
+	rails server
+
+The application realizes that it has no users, and forces you to create one before you can continue
+to any page. The first user is always created as an administrator and thus has privileges to create
+new users, give themselves the "developer" role (or any/all roles) and do other adminy things. All
+users created after this will be given the default role of "user".
+
+Currently, the available roles are
+
+1. Developer
+2. Admin
+3. Moderator
+4. User
+
+I'm working on a way to extend this functionality as a configuration option, or perhaps give it an
+API so that you can create your own roles or modify the existing ones without having to delve into
+the gem's code. Check back often to see where that stands if it is something you need.
+
+
+
+== Usage
+
+You can find out more by checking each specific project's documentation, but here is the gist:
+
+A user's abilities are defined in <tt>app/models/ability.rb</tt>. I generally prefer to specify what
+each role is allowed to do and then give a user all of the roles that they need instead of
+saying that an admin can do everything that a moderator can do. This tends to keep the ability
+model cleaner and your views don't change either. In addition, this allows you to assign roles
+to a user for special circumstances. For instance, if you are writing a help desk app, you may
+decide that one particular customer is really superb and should also have status update abilities
+even though he has the customer role.
+
+You define your abilities in each role's section. For instance, the moderator's role currently looks
+like so:
+
+  # Moderator role abilities
+  if current_user.is_moderator?
+  end
+
+If you wanted to let moderators manage users, you would simply call <tt>can</tt>
+
+  # Moderator role abilities
+  if current_user.is_moderator?
+    can :manage, User
+  end
+
+You can also define your own abilities if they don't tie to a particular object, but you must pass a
+<tt>nil</tt> object as the second argument to <tt>can?</tt> and you must specify all object types when
+defining the ability. I'll get in touch with the developer to see if this can be a tad bit more streamlined.
+
+  # ability.rb
+
+  # Moderator role abilities
+  if current_user.is_moderator?
+    can :visit_woot_all_day, :all
+  end
+
+
+  # application.html.erb 
+
+  <% if can? :visit_woot_all_day, nil %>
+    <%= link_to "Woot", "http://www.woot.com" %>
+  <% end %>
+
+Once you have the roles and abilities setup, your views can check who has access by simply calling <tt>can?</tt>
+
+  if can? :create, Comment
+    ...
+  end
+
+You can also use <tt>cannot?</tt>
+
+  link_to "Export", export_users_url unless cannot? :create, Export
+
+Using <tt>can?</tt> and <tt>cannot?</tt> is the preferred method of checking authorization privileges, however,
+if you find a rare case that you need to limit access based on the role(s) that a user has, you can
+always do the following:
+
+  if current_user.is_moderator? || current_user.is_admin?
+    ...
+  end
+
+However, the beauty of authcan_easyroller (more specifically the CanCan integration) is that you
+don't have to. That is the exact purpose of the <tt>Ability</tt> class! Use it to your advantage and
+make your life easier.
+
+
+
+== Special Thanks
+
+I would like to thank the creators of Authlogic, CanCan and Easy Roles for the effort that they put
+into these plugins. Adding them together was relatively straightforward and easy and I hope that they
+realize how much time this saves other developers!
+
+Copyright (c) 2010 Topher Fangio, released under the MIT license.

data/Rakefile

@@ -0,0 +1,53 @@
+require 'rubygems'
+require 'rake'
+
+begin
+  require 'jeweler'
+  Jeweler::Tasks.new do |gem|
+    gem.name = "authcan_easyroller"
+    gem.summary = %Q{Rails 3 engine for user authentication/authorization utilizing Authlogic, CanCan and EasyRoles}
+    gem.description = %Q{This is a basic Rails engine utilizing Authlogic, CanCan and Easy Roles to create a starting point for simple Rails-based applications that need authentication and authorization. }
+    gem.email = "fangiotophia@gmail.com"
+    gem.homepage = "http://github.com/topherfangio/authcan_easyroller"
+    gem.authors = ["Topher Fangio"]
+    gem.add_development_dependency "thoughtbot-shoulda", ">= 0"
+    # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
+  end
+  Jeweler::GemcutterTasks.new
+rescue LoadError
+  puts "Jeweler (or a dependency) not available. Install it with: gem install jeweler"
+end
+
+require 'rake/testtask'
+Rake::TestTask.new(:test) do |test|
+  test.libs << 'lib' << 'test'
+  test.pattern = 'test/**/test_*.rb'
+  test.verbose = true
+end
+
+begin
+  require 'rcov/rcovtask'
+  Rcov::RcovTask.new do |test|
+    test.libs << 'test'
+    test.pattern = 'test/**/test_*.rb'
+    test.verbose = true
+  end
+rescue LoadError
+  task :rcov do
+    abort "RCov is not available. In order to run rcov, you must: sudo gem install spicycode-rcov"
+  end
+end
+
+task :test => :check_dependencies
+
+task :default => :test
+
+require 'rake/rdoctask'
+Rake::RDocTask.new do |rdoc|
+  version = File.exist?('VERSION') ? File.read('VERSION') : ""
+
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title = "authcan_easyroller #{version}"
+  rdoc.rdoc_files.include('README*')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end

data/VERSION

@@ -0,0 +1 @@
+0.1.0

data/app/controllers/authcan_easyroller_controller.rb

@@ -0,0 +1,79 @@
+class AuthcanEasyrollerController < ApplicationController
+  helper :all # include all helpers, all the time
+  protect_from_forgery # See ActionController::RequestForgeryProtection for details
+
+  # Scrub sensitive parameters from your log
+  helper_method :current_user_session, :current_user
+
+  rescue_from CanCan::AccessDenied do |exception|
+    flash[:error] = exception.message
+    redirect_back_or_default(root_url)
+  end
+
+  # Ensure there is at least one user in the system before trying to do anything
+  before_filter :require_one_user
+  after_filter :store_location
+
+  private
+    def current_user_session
+      return @current_user_session if defined?(@current_user_session)
+      @current_user_session = UserSession.find
+    end
+
+    def current_user
+      if defined?(@current_user)
+        return @current_user
+      end
+
+      @current_user = current_user_session && current_user_session.user
+ 
+      if @current_user_session and @current_user_session.stale?
+        flash[:warning] = "You have been logged out due to an extended period of inactivity."
+        @current_user_session.destroy
+      end
+
+      return @current_user
+    end
+
+    def require_one_user
+      if User.count == 0 and not users_url.match(/#{request.request_uri}$/) and not new_user_url.match(/#{request.request_uri}$/)
+        flash[:error] = "No users yet, must create one to access the site."
+
+        redirect_to new_user_url
+        return false
+      end
+    end
+
+    def require_user
+      unless current_user
+        store_location
+
+        flash[:notice] = "You must be logged in to access this page."
+        redirect_to new_user_session_url
+
+        return false
+      end
+    end
+
+    def require_no_user
+      if current_user
+        store_location
+
+        flash[:notice] = "You must be logged out to access this page."
+        redirect_to user_url(current_user)
+
+        return false
+      end
+    end
+
+    def store_location
+      unless new_user_url.match(/#{request.request_uri}$/) or new_user_session_url.match(/#{request.request_uri}$/) 
+        session[:return_to] = request.request_uri
+      end
+    end
+
+    def redirect_back_or_default(default)
+      redirect_to(session[:return_to] || default)
+      session[:return_to] = nil
+    end
+end

data/app/controllers/user_sessions_controller.rb

@@ -0,0 +1,35 @@
+class UserSessionsController < AuthcanEasyrollerController
+  before_filter :require_no_user, :only => [:new, :create]
+  before_filter :require_user, :only => :destroy
+
+  load_and_authorize_resource
+  
+  def new
+    respond_to do |format|
+      if current_user
+        redirect_to :controll => 'users', :action => 'show', :id => current_user
+      else
+        @user_session = UserSession.new
+
+        format.html # new.html.erb
+        format.xml { render :xml => @user_session  }
+      end
+    end
+  end
+  
+  def create
+    @user_session = UserSession.new(params[:user_session])
+    if @user_session.save
+      flash[:notice] = "Login successful!"
+      redirect_back_or_default user_url(@user_session.user)
+    else
+      render :action => :new
+    end
+  end
+  
+  def destroy
+    current_user_session.destroy
+    flash[:notice] = "Logout successful!"
+    redirect_back_or_default '/' 
+  end
+end

data/app/controllers/users_controller.rb

@@ -0,0 +1,60 @@
+class UsersController < AuthcanEasyrollerController
+
+  before_filter :load_correct_user, :only => [:show, :edit, :update]
+  before_filter :require_user, :only => [:edit, :update]
+
+  load_and_authorize_resource
+
+  def index
+    @users = User.all
+  end
+
+  def new
+    @user = User.new
+  end
+
+  def create
+    @user = User.new(params[:user])
+    if @user.save
+      flash[:notice] = "Account registered!"
+      redirect_back_or_default user_url(@user)
+    else
+      render :action => :new
+    end
+  end
+
+  def show
+    require_user if @user.nil?
+  end
+
+  def edit
+  end
+
+  def update
+    if @user.update_attributes(params[:user])
+      flash[:notice] = "Account updated!"
+      redirect_to user_url(@user)
+    else
+      render :action => :edit
+    end
+  end
+
+  def destroy
+    @user = User.find(params[:id])
+    @user.destroy
+ 
+    respond_to do |format|
+      format.html { redirect_to(users_url) }
+      format.xml { head :ok }
+    end
+  end
+
+  private
+    def load_correct_user
+      if params[:id]
+        @user = User.find(params[:id])
+      else
+        @user = current_user
+      end
+    end
+end

data/app/helpers/authcan_easyroller_helper.rb

@@ -0,0 +1,36 @@
+module AuthcanEasyrollerHelper
+  def namify(object)
+    if object.present? and object.respond_to? :name
+      object.send(:name)
+    else
+      ""
+    end
+  end
+ 
+  def datify(object, format = :long)
+    object.to_s(format) unless object.nil?
+  end
+ 
+  def phonify(object)
+    if object.respond_to? :gsub
+      s = object.gsub(/[^0-9]/, '')
+ 
+      case s.length
+        when 11 then "#{s[0..0]} (#{s[1..3]}) #{s[4..6]}-#{s[7..10]}"
+        when 10 then "(#{s[0..2]}) #{s[3..5]}-#{s[6..9]}"
+        when 7 then "#{s[0..2]}-#{s[3..6]}"
+        else s
+      end
+    else
+      object.to_s
+    end
+  end
+ 
+  def form_descriptor(message = nil)
+    raw "<br /><span class='form-descriptor-element'>#{message}</span>"
+  end
+ 
+  def link_separator
+    raw "&nbsp;|&nbsp;"
+  end
+end

data/app/models/ability.rb

@@ -0,0 +1,41 @@
+class Ability
+  include CanCan::Ability
+
+  def initialize(current_user)
+    can :read, :all
+    can :manage, UserSession
+
+    if current_user
+      # Abilities for someone with an account (does not necessarily have a "user" role)
+      can [:update, :destroy], User do |user|
+        user == current_user
+      end
+
+
+      # User role abilities
+      if current_user.is_user?
+      end
+
+
+      # Moderator role abilities
+      if current_user.is_moderator?
+      end
+
+
+      # Admin role abilities
+      if current_user.is_admin?
+        can :manage, :all
+      end
+
+
+      # Developer role abilities
+      if current_user.is_developer?
+        can :manage, :all
+      end
+    else
+      can :create, User
+    end
+
+  end
+
+end

data/app/models/user.rb

@@ -0,0 +1,54 @@
+class User < ActiveRecord::Base
+
+  # Constant variable storing roles in the system
+  ROLES_MASK = %w[developer admin moderator user]
+
+  HUMANIZED_COLUMNS = {
+    :email => 'E-mail'
+  }
+
+
+  # Authentication and Authorization 
+  acts_as_authentic do |config|
+    config.logged_in_timeout = 1.hour
+  end
+
+  easy_roles :roles_mask, :method => :bitmask
+
+
+  # Ensure the user has the proper roles
+  before_create :assign_user_roles
+
+
+  # Validations
+  validates_each :roles do |record, attr, value|
+    begin
+      # If the roles changed, and it's not a new record whose only role is "user" and there is at least 1 user already in the system...
+      if record.roles_mask_changed? and not (record.new_record? and record.roles == ["user"]) and User.count > 0
+        session = UserSession.find
+        current_user = session.user unless session.nil?
+
+        record.errors.add attr, ' can only be modified by an administrator.' if (not current_user.is_developer? and not current_user.is_admin?)
+      end
+    rescue Authlogic::Session::Activation::NotActivatedError
+      # Do nothing, we are in a console session
+    end
+  end
+
+
+  # Allows us to easily humanize our attributes in one location
+  # so we don't have to do it in every view
+  def self.human_attribute_name(attribute)
+    HUMANIZED_COLUMNS[attribute.to_sym] || super
+  end
+
+  private
+    def assign_user_roles
+      self.roles += ["user"]
+
+      if User.count == 0
+        self.roles += ["admin"]
+        self.roles += ["moderator"]
+      end
+    end
+end

data/app/models/user_session.rb

@@ -0,0 +1,3 @@
+class UserSession < Authlogic::Session::Base
+  logout_on_timeout true
+end

data/app/views/user_sessions/new.html.erb

@@ -0,0 +1,27 @@
+<h1>Login</h1>
+ 
+<% form_for @user_session, :url => user_session_path do |f| %>
+  <%= f.error_messages %>
+
+  <p>
+    <%= f.label :email %>
+    <%= f.text_field :email %>
+  </p>
+
+  <p>
+    <%= f.label :password %>
+    <%= f.password_field :password %>
+  </p>
+
+  <p>
+  <%= f.check_box :remember_me %><%= f.label :remember_me %>
+  </p>
+
+  <p>
+    <%= f.submit "Login" %>
+  </p>
+
+  <p>
+    Don't have an account yet? Why not <%= link_to "sign up", new_user_path %>!
+  </p>
+<% end %>

data/app/views/users/_form.html.erb

@@ -0,0 +1,23 @@
+<%= form.hidden_field :id unless form.object.new_record? %>
+
+<p>
+  <%= form.label :email, "E-mail" %>
+  <%= form.text_field :email %>
+</p>
+
+<p>
+  <%= form.label :password, form.object.new_record? ? "Password" : "Change Password" %>
+  <%= form.password_field :password %>
+</p>
+
+<p>
+  <%= form.label :password_confirmation, "Password Confirmation" %>
+  <%= form.password_field :password_confirmation %>
+</p>
+
+<% if can? :manage, :roles %>
+  <p>
+    <%= form.label :roles %>
+    <%= form.select :roles, User::ROLES_MASK, {}, { :multiple => true, :size => 4 } %>
+  </p>
+<% end %>

data/app/views/users/edit.html.erb

@@ -0,0 +1,13 @@
+<h3>Edit My Account</h3>
+
+<% form_for @user do |f| %>
+  <%= f.error_messages %>
+
+  <%= render :partial => "form", :object => f %>
+
+  <p>
+    <%= f.submit "Update" %>&nbsp;or&nbsp;<%= link_to 'return to list', users_path %>
+  </p>
+<% end %>
+
+<br /><%= link_to "My Profile", user_path(@user) %>

data/app/views/users/index.html.erb

@@ -0,0 +1,35 @@
+<h3>Listing Users</h3>
+
+<table>
+  <tr>
+    <th>Email</th>
+    <th>Last Seen</th>
+    <th>Action</th>
+  </tr>
+
+<% @users.each do |user| %>
+  <tr>
+    <td><%= user.email %></td>
+    <td><%= time_ago_in_words user.last_request_at %> ago</td>
+
+    <td>
+      <%= link_to 'Show', user %>
+      
+      <% if can? :update, user %> 
+        <%= link_separator %>
+        <%= link_to 'Edit', edit_user_path(user) %>
+      <% end %>
+
+      <% if can? :destroy, user %> 
+        <%= link_separator %>
+        <%= link_to 'Delete', user, :confirm => 'Are you sure?', :method => :delete %>
+      <% end %>
+    </td>
+  </tr>
+<% end %>
+
+</table>
+
+<br />
+
+Not signed up? <%= link_to 'Register', new_user_path %> now!

data/app/views/users/new.html.erb

@@ -0,0 +1,11 @@
+<h3>Register New User</h3>
+
+<% form_for @user do |f| %>
+  <%= f.error_messages %>
+
+  <%= render :partial => "form", :object => f %>
+
+  <p>
+    <%= f.submit "Register" %>&nbsp;or&nbsp;<%= link_to 'return to list', users_path %>
+  </p>
+<% end %>

data/app/views/users/show.html.erb

@@ -0,0 +1,39 @@
+<h3>Showing User Information</h3>
+
+<p>
+  <b>E-mail:</b>
+  <%=h @user.email %>
+</p>
+
+<p>
+  <b>Login Count:</b>
+  <%=h @user.login_count %>
+</p>
+
+<p>
+  <b>Last Request at:</b>
+  <%= datify @user.last_request_at %>
+</p>
+
+<p>
+  <b>Last Login at:</b>
+  <%= datify @user.last_login_at %>
+</p>
+
+<p>
+  <b>Current Login at:</b>
+  <%= datify @user.current_login_at %>
+</p>
+
+<p>
+  <b>Last Login IP:</b>
+  <%=h @user.last_login_ip %>
+</p>
+
+<p>
+  <b>Current Login IP:</b>
+  <%=h @user.current_login_ip %>
+</p>
+
+
+<%= link_to 'Edit', edit_user_path(@user) %> or <%= link_to 'return to list', users_path %>

data/authcan_easyroller.gemspec

@@ -0,0 +1,70 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{authcan_easyroller}
+  s.version = "0.1.0"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Topher Fangio"]
+  s.date = %q{2010-03-31}
+  s.description = %q{This is a basic Rails engine utilizing Authlogic, CanCan and Easy Roles to create a starting point for simple Rails-based applications that need authentication and authorization. }
+  s.email = %q{fangiotophia@gmail.com}
+  s.extra_rdoc_files = [
+    "LICENSE",
+     "README.rdoc"
+  ]
+  s.files = [
+    ".gitignore",
+     "LICENSE",
+     "README.rdoc",
+     "Rakefile",
+     "VERSION",
+     "app/controllers/authcan_easyroller_controller.rb",
+     "app/controllers/user_sessions_controller.rb",
+     "app/controllers/users_controller.rb",
+     "app/helpers/authcan_easyroller_helper.rb",
+     "app/models/ability.rb",
+     "app/models/user.rb",
+     "app/models/user_session.rb",
+     "app/views/user_sessions/new.html.erb",
+     "app/views/users/_form.html.erb",
+     "app/views/users/edit.html.erb",
+     "app/views/users/index.html.erb",
+     "app/views/users/new.html.erb",
+     "app/views/users/show.html.erb",
+     "authcan_easyroller.gemspec",
+     "config/routes.rb",
+     "example/ability.rb",
+     "example/application.html.erb",
+     "example/main.css",
+     "lib/authcan_easyroller.rb",
+     "test/helper.rb",
+     "test/test_authcan_easyroller.rb"
+  ]
+  s.homepage = %q{http://github.com/topherfangio/authcan_easyroller}
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.require_paths = ["lib"]
+  s.rubygems_version = %q{1.3.6}
+  s.summary = %q{Rails 3 engine for user authentication/authorization utilizing Authlogic, CanCan and EasyRoles}
+  s.test_files = [
+    "test/helper.rb",
+     "test/test_authcan_easyroller.rb"
+  ]
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
+      s.add_development_dependency(%q<thoughtbot-shoulda>, [">= 0"])
+    else
+      s.add_dependency(%q<thoughtbot-shoulda>, [">= 0"])
+    end
+  else
+    s.add_dependency(%q<thoughtbot-shoulda>, [">= 0"])
+  end
+end
+

data/config/routes.rb

@@ -0,0 +1,4 @@
+Rails::Application.routes.draw do |map|
+	resources :users
+	resource :user_session
+end

data/example/ability.rb

@@ -0,0 +1,41 @@
+class Ability
+	include CanCan::Ability
+
+	def initialize(current_user)
+		can :read, :all
+		can :manage, UserSession
+
+		if current_user
+			# Abilities for someone with an account (does not necessarily have a "user" role)
+			can [:update, :destroy], User do |user|
+				user == current_user
+			end
+
+
+			# User role abilities
+			if current_user.is_user?
+			end
+
+
+			# Moderator role abilities
+			if current_user.is_moderator?
+			end
+
+
+			# Admin role abilities
+			if current_user.is_admin?
+				can :manage, :all
+			end
+
+
+			# Developer role abilities
+			if current_user.is_developer?
+				can :manage, :all
+			end
+		else
+			can :create, User
+		end
+
+	end
+
+end

data/example/application.html.erb

@@ -0,0 +1,40 @@
+<html>
+	<head>
+		<script src="http://www.google.com/jsapi"></script>
+		<script>google.load("jquery", "1.4");</script>
+
+		<%= stylesheet_link_tag 'main' %>
+	</head>
+
+	<body>
+		<div id='navigation'>
+			<%= link_to "Users", users_path %>
+		</div>
+
+		<div id='userland'>
+			<% if current_user %>
+				Welcome <%= current_user.email %>!
+
+				<%= link_to "My Account", user_path(current_user) %>
+				<%= link_separator %>
+				<%= link_to "Logout", '/user_sessions/destroy' %>
+			<% else %>
+				You are not currently 
+				<%= link_to "logged in", new_user_session_path %>.
+			<% end %>
+		</div>
+
+		<div id='flashes'>
+			<%= raw "<h5 class='flash error'>#{flash[:error]}</h5>" unless flash[:error].blank? %>
+			<%= raw "<h5 class='flash notice'>#{flash[:notice]}</h5>" unless flash[:notice].blank? %>
+		</div>
+
+		<div id='content'>
+			<%= yield %>
+		</div>
+
+		<div id='copyright'>
+			Copyright &copy; 2010, MyCompany. All rights reserved.
+		</div>
+	</body>
+</html>

data/example/main.css

@@ -0,0 +1,41 @@
+#navigation {
+	float: left;
+	margin-bottom: 10px;
+}
+
+#userland {
+	float: right;
+	margin-bottom: 10px;
+}
+
+#flashes {
+	clear: both;
+}
+
+#content {
+	margin: 10px;
+}
+
+#copyright {
+	text-align: center;
+}
+
+.flash {
+	border: 1px solid #000000;
+	padding: 10px;
+}
+
+.flash.error {
+}
+
+.flash.notice {
+}
+
+label {
+	font-weight: bold;
+}
+
+input[type=text],input[type=password],select,textarea {
+	clear: both;
+	display: block;
+}

data/lib/authcan_easyroller.rb

@@ -0,0 +1,20 @@
+require 'authcan_easyroller'
+require 'rails'
+
+# AuthcanEasyroller
+module AuthcanEasyroller
+  class Engine < Rails::Engine
+    engine_name :authcan_easyroller
+
+    initializer "authcan_easyroller.configure_rails_initilization" do |app|
+      # NOTE: The following has been commented out to bypass bug #3928 which will be fixed with the next release.
+      #
+      #       Please comment these back in when Rails 3.0.0.beta2 or later version is used.
+      #
+      #       Bug here: https://rails.lighthouseapp.com/projects/8994-ruby-on-rails/tickets/3928
+      #
+			app.config.filter_parameters << :password
+			app.config.filter_parameters << :password_confirmation
+    end
+  end
+end

data/test/helper.rb

@@ -0,0 +1,10 @@
+require 'rubygems'
+require 'test/unit'
+require 'shoulda'
+
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+require 'authcan_easyroller'
+
+class Test::Unit::TestCase
+end

data/test/test_authcan_easyroller.rb

@@ -0,0 +1,7 @@
+require 'helper'
+
+class TestAuthcanEasyroller < Test::Unit::TestCase
+  should "probably rename this file and start testing for real" do
+    flunk "hey buddy, you should probably rename this file and start testing for real"
+  end
+end

metadata

@@ -0,0 +1,100 @@
+--- !ruby/object:Gem::Specification 
+name: authcan_easyroller
+version: !ruby/object:Gem::Version 
+  prerelease: false
+  segments: 
+  - 0
+  - 1
+  - 0
+  version: 0.1.0
+platform: ruby
+authors: 
+- Topher Fangio
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2010-03-31 00:00:00 -05:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: thoughtbot-shoulda
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id001
+description: "This is a basic Rails engine utilizing Authlogic, CanCan and Easy Roles to create a starting point for simple Rails-based applications that need authentication and authorization. "
+email: fangiotophia@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- LICENSE
+- README.rdoc
+files: 
+- .gitignore
+- LICENSE
+- README.rdoc
+- Rakefile
+- VERSION
+- app/controllers/authcan_easyroller_controller.rb
+- app/controllers/user_sessions_controller.rb
+- app/controllers/users_controller.rb
+- app/helpers/authcan_easyroller_helper.rb
+- app/models/ability.rb
+- app/models/user.rb
+- app/models/user_session.rb
+- app/views/user_sessions/new.html.erb
+- app/views/users/_form.html.erb
+- app/views/users/edit.html.erb
+- app/views/users/index.html.erb
+- app/views/users/new.html.erb
+- app/views/users/show.html.erb
+- authcan_easyroller.gemspec
+- config/routes.rb
+- example/ability.rb
+- example/application.html.erb
+- example/main.css
+- lib/authcan_easyroller.rb
+- test/helper.rb
+- test/test_authcan_easyroller.rb
+has_rdoc: true
+homepage: http://github.com/topherfangio/authcan_easyroller
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.6
+signing_key: 
+specification_version: 3
+summary: Rails 3 engine for user authentication/authorization utilizing Authlogic, CanCan and EasyRoles
+test_files: 
+- test/helper.rb
+- test/test_authcan_easyroller.rb