authoritah 0.0.1

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2009 Steven Mohapi-Banks
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,51 @@
+=Respec' my Authoritah!!
+
+A stupidly simple authorization gem for Rails.
+
+==Installation
+
+Make sure Github is in your repo sources:
+  $ gem sources -a http://gems.github.com
+  
+Installation:
+  $ sudo gem install indmill-authoritah
+  
+==Usage
+
+By default (i.e. when no Authoritah declarations are made) all requests are allowed. Authoritah is pretty flexible in introducing authorization rules to your application. An example is called for:
+
+  class WidgetController < ApplicationController
+  
+    permits :current_user => :admin?
+  end
+  
+This is a wildcard rule. It assumes you have a method on your controller called "current_user" (as something like restful_authentication or authlogic would provide) that returns an object that can respond to an admin? message - the rule will pass if admin? returns true. Once a permit rule is defined access to the actions of this controller are ONLY permitted if you fulfill the predicate. 
+
+  class WidgetController < ApplicationController
+
+    permits :current_user => :admin?, :to => [:create, :destroy]
+    permits :current_user => :logged_in?, :to => :show
+  end
+
+What about if we only want to control access to certain actions? Easy, add a :to option and pass it an action or array of actions. You can add as many rules and scope them by action - Authoritah will ensure that a request is only permitted if all rules for a given action pass.
+
+You also have the ability to expressly forbid access using the forbids directive:
+
+  class WidgetController < ApplicationController
+
+    permits :current_user => :logged_in?
+    forbids :current_user => :blacklisted?, :from => [:create, :destroy]
+  end
+
+In this scenario any logged in user can access the controller actions, but any user responding true to blacklisted? will be forbidden from running the :create or :destroy actions.
+
+The final feature so far is the ability to pass a Proc as the predicate:
+
+  class WidgetController < ApplicationController
+
+    forbids :current_user => Proc.new {|user| user.name.index("Hacky McHackster") }
+  end
+
+The Proc gets passed the result of the :current_user message to the controller for you to specify more complex rules.
+
+This is VERY early and probably has a legion of bugs, but there's a good spread of specs and I'll be improving it over the coming days. Thanks for watching.

data/init.rb

@@ -0,0 +1 @@
+require "authoritah.rb"

data/lib/authoritah.rb

@@ -0,0 +1,127 @@
+module Authoritah
+  module Controller
+
+    class OptionsError < StandardError
+      def initialize(message)
+        super(message)
+      end
+    end
+
+    def self.included(base)
+      base.send(:extend, ClassMethods)
+      base.send(:include, InstanceMethods)
+      
+      base.before_filter :check_permissions
+    end
+    
+    module ClassMethods
+      
+      def permits(*args)
+        apply_declaration(:permit, :to, args)
+      end
+      
+      def forbids(*args)
+        apply_declaration(:forbid, :from, args)
+      end
+      
+      def apply_declaration(perm_type, action_identifier, args)
+        options = args.extract_options!
+        actions = options.delete(action_identifier)
+        
+        check_role_selectors(options)
+        
+        role_method     = options.first[0]
+        role_predicate  = options.first[1]
+        
+        controller_permissions[controller_name.to_sym] ||= PermissionSet.new
+        controller_permissions[controller_name.to_sym] <<
+          {:type => perm_type, :role_method => role_method, :role_predicate => role_predicate, :actions => actions ? Array(actions) : nil}
+      end
+      
+      def this_controllers_permissions
+        controller_permissions[controller_name.to_sym]
+      end
+      
+      protected
+      
+        def check_role_selectors(options)
+          raise Authoritah::Controller::OptionsError.new("Too many role selectors") if options.size > 1
+        end
+        
+        def controller_permissions
+          @@controller_permissions ||= {}
+        end
+        
+        def clear_permissions
+          @@controller_permissions = {}
+        end
+    end
+    
+    module InstanceMethods
+
+      def check_permissions
+        return true if permitted?(action_name.to_sym)
+        render(:file => File.join(RAILS_ROOT, 'public', '404.html'), :status => 404) 
+        false
+      end
+      
+      protected
+      
+        def permitted?(action)
+          return true unless permissions = self.class.this_controllers_permissions
+          permissions.permits?(self, action) && !permissions.forbids?(self, action)
+        end
+    end
+    
+    class PermissionSet
+      
+      def <<(permission_hash)
+        permission_hash[:actions] = [:all] unless permission_hash[:actions]
+        permissions << permission_hash
+      end
+      
+      def size
+        permissions.size
+      end
+      
+      def first
+        permissions.first
+      end
+      
+      def permits?(controller, action)
+        apply_rules(:permit, controller, action).include?(false) == false
+      end
+
+      def forbids?(controller, action)
+        apply_rules(:forbid, controller, action).include?(true)
+      end
+      
+      def permissions
+        @permissions ||= []
+      end
+      
+      protected
+      
+        def apply_rules(rule_type, controller, action)
+          permissions.select{|p| 
+            p[:type] == rule_type
+          }.select{|p| 
+            p[:actions].include?(action) || p[:actions].include?(:all)
+          }.map do |permission|
+            begin
+              if permission[:role_predicate].is_a? Symbol
+                controller.send(permission[:role_method]).send(permission[:role_predicate])
+              elsif permission[:role_predicate].is_a? Proc
+                permission[:role_predicate].call(controller.send(permission[:role_method]))
+              else
+                false
+              end
+            rescue
+              false
+            end
+          end
+        end
+    end
+    
+  end
+end

data/spec/authoritah_spec.rb

@@ -0,0 +1,210 @@
+require File.dirname(__FILE__) + '/spec_helper'
+
+describe Authoritah::Controller do
+  
+  before(:each) do
+    ActionController::Base.send(:include, Authoritah::Controller)
+    ActionController::Base.send(:clear_permissions)
+  end
+  
+  describe "adding methods to controllers" do
+    it "should add an permits method to the controller" do
+      ActionController::Base.methods.should include('permits')
+    end
+
+    it "should add a forbids method to the controller" do
+      ActionController::Base.methods.should include('forbids')
+    end
+
+    it "should add a before_filter to check permissions to the controller" do
+      ActionController::Base.before_filters.should include(:check_permissions)
+    end
+  end
+  
+  it "should raise an error if too many role selectors specified" do
+    lambda do
+      TestAuthorizerController.permits(:current_user => :logged_in?, :another_user => :logged_out?)
+    end.should raise_error(Authoritah::Controller::OptionsError)
+  end
+    
+  describe "a basic permits wildcard rule" do
+    before(:each) do
+      TestAuthorizerController.permits(:current_user => :logged_in?)
+      @permissions = TestAuthorizerController.send(:controller_permissions)[:test_authorizer]
+    end
+    it "should have one permission" do @permissions.size.should == 1 end
+    it "should use current_user to retrieve the 'role object'" do @permissions.first[:role_method].should == :current_user end
+    it "should use logged_in? as the predicate to call on the 'role object'" do @permissions.first[:role_predicate].should == :logged_in? end
+    it "should not specify the actions" do @permissions.first[:actions].should == [:all] end
+  end
+
+  describe "a basic permits rule on a single action" do
+    before(:each) do
+      TestAuthorizerController.permits(:current_user => :logged_in?, :to => :show)
+      @permissions = TestAuthorizerController.send(:controller_permissions)[:test_authorizer]
+    end
+    it "should have one permission" do @permissions.size.should == 1 end
+    it "should use current_user to retrieve the 'role object'" do @permissions.first[:role_method].should == :current_user end
+    it "should use logged_in? as the predicate to call on the 'role object'" do @permissions.first[:role_predicate].should == :logged_in? end
+    it "should specify the action" do @permissions.first[:actions].should == [:show] end
+  end
+
+  describe "a basic rule on many actions" do
+    before(:each) do
+      TestAuthorizerController.permits(:current_user => :logged_in?, :to => [:show, :create, :update])
+      @permissions = TestAuthorizerController.send(:controller_permissions)[:test_authorizer]
+    end
+    it "should specify the actions" do @permissions.first[:actions].should == [:show, :create, :update] end
+  end
+end
+
+describe TestAuthorizerController, :type => :controller do
+
+  before(:each) do
+    TestAuthorizerController.send(:include, Authoritah::Controller)
+    TestAuthorizerController.send(:clear_permissions)
+  end
+  
+  context "with no permissions set " do
+    it "should render the index" do get :index; response.should render_template('index') end
+  end
+  
+  describe "specifying permit rules" do
+    context "with a wildcard permission" do
+      before(:each) do
+        TestAuthorizerController.permits(:current_user => :logged_in?)
+      end
+
+      context "a logged in user" do
+        before(:each) do
+          controller.stubs(:current_user => stub(:logged_in? => true))
+        end
+        it "should render index" do
+          get :index
+          response.should render_template('index')
+        end
+      end
+      context "an unauthenticated user" do
+        before(:each) do
+          controller.stubs(:current_user => false)
+        end
+        it "should receive a 404" do
+          get :index
+          response.status.should == "404 Not Found"
+          response.should render_template(File.join(RAILS_ROOT, 'public', '/404.html'))
+        end
+      end
+    end
+
+    context "with a single permitted action" do
+      before(:each) do
+        TestAuthorizerController.permits(:current_user => :logged_in?, :to => :create)
+      end
+
+      context "a logged in user" do
+        before(:each) do
+          controller.stubs(:current_user => stub(:logged_in? => true))
+        end
+        it "should permit POST create" do post :create; response.should redirect_to('/success') end
+        it "should render index" do get :index; response.should render_template('index') end
+      end
+      context "an unauthenticated user" do
+        before(:each) do
+          controller.stubs(:current_user => false)
+        end
+        it "should receive a 404 when POST create" do
+          post :create
+          response.status.should == "404 Not Found"
+          response.should render_template(File.join(RAILS_ROOT, 'public', '/404.html'))
+        end
+        it "should render the index" do get :index; response.should render_template('index') end
+      end
+    end
+
+    context "with a multiple permitted actions" do
+      before(:each) do
+        TestAuthorizerController.permits(:current_user => :logged_in?, :to => [:create, :show, :index])
+      end
+
+      context "a logged in user" do
+        before(:each) do
+          controller.stubs(:current_user => stub(:logged_in? => true))
+        end
+        it "should permit create" do post :create; response.should redirect_to('/success') end
+        it "should render index" do get :index; response.should render_template('index') end
+      end
+      context "an unauthenticated user" do
+        before(:each) do
+          controller.stubs(:current_user => false)
+        end
+        it "should receive a 404 when POST create" do
+          post :create
+          response.status.should == "404 Not Found"
+          response.should render_template(File.join(RAILS_ROOT, 'public', '/404.html'))
+        end
+        it "should receive a 404" do get :index; response.status.should == "404 Not Found" end
+      end
+    end
+  end
+  
+  describe "specifying forbid rules" do
+    context "with a wildcard forbid" do
+      before(:each) do
+        TestAuthorizerController.forbids(:current_user => :blacklisted?)
+      end
+      context "a blacklisted user" do
+        before(:each) do
+          controller.stubs(:current_user => stub(:logged_in? => true, :blacklisted? => true))
+        end
+        it "should receive a 404" do
+          get :index
+          response.status.should == "404 Not Found"
+          response.should render_template(File.join(RAILS_ROOT, 'public', '/404.html'))
+        end
+      end
+      context "an unauthenticated user" do
+        it "should render index" do get :index; response.should render_template('index') end
+      end
+    end
+  end
+  
+  describe "specifying a combination of permit and forbid rules" do
+    context "with a wildcard forbid" do
+      before(:each) do
+        TestAuthorizerController.permits(:current_user => :logged_in?)
+        TestAuthorizerController.forbids(:current_user => :blacklisted?, :from => :create)
+      end
+      context "a logged in user" do
+        before(:each) do
+          controller.stubs(:current_user => stub(:logged_in? => true))
+        end
+        it "should permit create" do post :create; response.should redirect_to('/success') end
+        it "should render index" do get :index; response.should render_template('index') end
+      end
+      context "a blacklisted user" do
+        before(:each) do
+          controller.stubs(:current_user => stub(:logged_in? => true, :blacklisted? => true))
+        end
+        it "should receive a 404 for create" do post :create; response.status.should == "404 Not Found" end
+        it "should render index" do get :index; response.should render_template('index') end
+      end
+      context "an unauthenticated user" do
+        it "should receive a 404" do get :index; response.status.should == "404 Not Found" end
+      end
+    end
+  end
+  
+  describe "using a Proc" do
+    context "with a wildcard rule" do
+      before(:each) do
+        TestAuthorizerController.permits(:current_user => Proc.new {|u| u.logged_in?})
+      end
+      context "a logged in user" do
+        before(:each) do
+          controller.stubs(:current_user => stub(:logged_in? => true))
+        end
+        it "should render index" do get :index; response.should render_template('index') end
+      end
+    end
+  end
+end

data/spec/railsenv/app/controllers/application.rb

@@ -0,0 +1,2 @@
+class ApplicationController < ActionController::Base
+end

data/spec/railsenv/config/boot.rb

@@ -0,0 +1,110 @@
+# Don't change this file!
+# Configure your app in config/environment.rb and config/environments/*.rb
+
+RAILS_ROOT = "#{File.dirname(__FILE__)}/.." unless defined?(RAILS_ROOT)
+
+module Rails
+  class << self
+    def boot!
+      unless booted?
+        preinitialize
+        pick_boot.run
+      end
+    end
+
+    def booted?
+      defined? Rails::Initializer
+    end
+
+    def pick_boot
+      (vendor_rails? ? VendorBoot : GemBoot).new
+    end
+
+    def vendor_rails?
+      File.exist?("#{RAILS_ROOT}/vendor/rails")
+    end
+
+    def preinitialize
+      load(preinitializer_path) if File.exist?(preinitializer_path)
+    end
+
+    def preinitializer_path
+      "#{RAILS_ROOT}/config/preinitializer.rb"
+    end
+  end
+
+  class Boot
+    def run
+      load_initializer
+      Rails::Initializer.run(:set_load_path)
+    end
+  end
+
+  class VendorBoot < Boot
+    def load_initializer
+      require "#{RAILS_ROOT}/vendor/rails/railties/lib/initializer"
+      Rails::Initializer.run(:install_gem_spec_stubs)
+      Rails::GemDependency.add_frozen_gem_path
+    end
+  end
+
+  class GemBoot < Boot
+    def load_initializer
+      self.class.load_rubygems
+      load_rails_gem
+      require 'initializer'
+    end
+
+    def load_rails_gem
+      if version = self.class.gem_version
+        gem 'rails', version
+      else
+        gem 'rails'
+      end
+    rescue Gem::LoadError => load_error
+      $stderr.puts %(Missing the Rails #{version} gem. Please `gem install -v=#{version} rails`, update your RAILS_GEM_VERSION setting in config/environment.rb for the Rails version you do have installed, or comment out RAILS_GEM_VERSION to use the latest version installed.)
+      exit 1
+    end
+
+    class << self
+      def rubygems_version
+        Gem::RubyGemsVersion rescue nil
+      end
+
+      def gem_version
+        if defined? RAILS_GEM_VERSION
+          RAILS_GEM_VERSION
+        elsif ENV.include?('RAILS_GEM_VERSION')
+          ENV['RAILS_GEM_VERSION']
+        else
+          parse_gem_version(read_environment_rb)
+        end
+      end
+
+      def load_rubygems
+        min_version = '1.3.2'
+        require 'rubygems'
+        unless rubygems_version >= min_version
+          $stderr.puts %Q(Rails requires RubyGems >= #{min_version} (you have #{rubygems_version}). Please `gem update --system` and try again.)
+          exit 1
+        end
+
+      rescue LoadError
+        $stderr.puts %Q(Rails requires RubyGems >= #{min_version}. Please install RubyGems and try again: http://rubygems.rubyforge.org)
+        exit 1
+      end
+
+      def parse_gem_version(text)
+        $1 if text =~ /^[^#]*RAILS_GEM_VERSION\s*=\s*["']([!~<>=]*\s*[\d.]+)["']/
+      end
+
+      private
+        def read_environment_rb
+          File.read("#{RAILS_ROOT}/config/environment.rb")
+        end
+    end
+  end
+end
+
+# All that for this:
+Rails.boot!

data/spec/railsenv/config/database.yml

@@ -0,0 +1,25 @@
+# SQLite version 3.x
+#   gem install sqlite3-ruby (not necessary on OS X Leopard)
+development:
+  adapter: sqlite3
+  database: db/development.sqlite3
+  pool: 5
+  timeout: 5000
+
+# Warning: The database defined as "test" will be erased and
+# re-generated from your development database when you run "rake".
+# Do not set this db to the same as development or production.
+test: &TEST
+  adapter: sqlite3
+  database: db/test.sqlite3
+  pool: 5
+  timeout: 5000
+
+production:
+  adapter: sqlite3
+  database: db/production.sqlite3
+  pool: 5
+  timeout: 5000
+
+cucumber:
+  <<: *TEST

data/spec/railsenv/config/environment.rb

@@ -0,0 +1,37 @@
+# Be sure to restart your server when you modify this file
+
+# Specifies gem version of Rails to use when vendor/rails is not present
+RAILS_GEM_VERSION = '2.3.4' unless defined? RAILS_GEM_VERSION
+
+# Bootstrap the Rails environment, frameworks, and default configuration
+require File.join(File.dirname(__FILE__), 'boot')
+
+Rails::Initializer.run do |config|
+  # Settings in config/environments/* take precedence over those specified here.
+  # Application configuration should go into files in config/initializers
+  # -- all .rb files in that directory are automatically loaded.
+
+  # Add additional load paths for your own custom dirs
+  # config.load_paths += %W( #{RAILS_ROOT}/extras )
+
+  # Specify gems that this application depends on and have them installed with rake gems:install
+
+  # Only load the plugins named here, in the order given (default is alphabetical).
+  # :all can be used as a placeholder for all plugins not explicitly named
+  # config.plugins = [ :exception_notification, :ssl_requirement, :all ]
+
+  # Skip frameworks you're not going to use. To use Rails without a database,
+  # you must remove the Active Record framework.
+  # config.frameworks -= [ :active_record, :active_resource, :action_mailer ]
+
+  # Activate observers that should always be running
+  # config.active_record.observers = :cacher, :garbage_collector, :forum_observer
+
+  # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
+  # Run "rake -D time" for a list of tasks for finding time zone names.
+  config.time_zone = 'UTC'
+
+  # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
+  # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}')]
+  # config.i18n.default_locale = :de
+end

data/spec/railsenv/config/environments/cucumber.rb

@@ -0,0 +1,23 @@
+config.cache_classes = true # This must be true for Cucumber to operate correctly!
+
+# Log error messages when you accidentally call methods on nil.
+config.whiny_nils = true
+
+# Show full error reports and disable caching
+config.action_controller.consider_all_requests_local = true
+config.action_controller.perform_caching             = false
+
+# Disable request forgery protection in test environment
+config.action_controller.allow_forgery_protection    = false
+
+# Tell Action Mailer not to deliver emails to the real world.
+# The :test delivery method accumulates sent emails in the
+# ActionMailer::Base.deliveries array.
+config.action_mailer.delivery_method = :test
+
+config.gem 'cucumber',    :lib => false,        :version => '>=0.3.100' unless File.directory?(File.join(Rails.root, 'vendor/plugins/cucumber'))
+config.gem 'webrat',      :lib => false,        :version => '>=0.5.0' unless File.directory?(File.join(Rails.root, 'vendor/plugins/webrat'))
+config.gem 'rspec',       :lib => false,        :version => '>=1.2.6' unless File.directory?(File.join(Rails.root, 'vendor/plugins/rspec'))
+config.gem 'rspec-rails', :lib => 'spec/rails', :version => '>=1.2.6' unless File.directory?(File.join(Rails.root, 'vendor/plugins/rspec-rails'))
+
+config.gem 'spork',       :lib => false,        :version => '>=0.5.9' unless File.directory?(File.join(Rails.root, 'vendor/plugins/spork'))

data/spec/railsenv/config/environments/development.rb

@@ -0,0 +1,17 @@
+# Settings specified here will take precedence over those in config/environment.rb
+
+# In the development environment your application's code is reloaded on
+# every request.  This slows down response time but is perfect for development
+# since you don't have to restart the webserver when you make code changes.
+config.cache_classes = false
+
+# Log error messages when you accidentally call methods on nil.
+config.whiny_nils = true
+
+# Show full error reports and disable caching
+config.action_controller.consider_all_requests_local = true
+config.action_view.debug_rjs                         = true
+config.action_controller.perform_caching             = false
+
+# Don't care if the mailer can't send
+config.action_mailer.raise_delivery_errors = false

data/spec/railsenv/config/environments/production.rb

@@ -0,0 +1,28 @@
+# Settings specified here will take precedence over those in config/environment.rb
+
+# The production environment is meant for finished, "live" apps.
+# Code is not reloaded between requests
+config.cache_classes = true
+
+# Full error reports are disabled and caching is turned on
+config.action_controller.consider_all_requests_local = false
+config.action_controller.perform_caching             = true
+config.action_view.cache_template_loading            = true
+
+# See everything in the log (default is :info)
+# config.log_level = :debug
+
+# Use a different logger for distributed setups
+# config.logger = SyslogLogger.new
+
+# Use a different cache store in production
+# config.cache_store = :mem_cache_store
+
+# Enable serving of images, stylesheets, and javascripts from an asset server
+# config.action_controller.asset_host = "http://assets.example.com"
+
+# Disable delivery errors, bad email addresses will be ignored
+# config.action_mailer.raise_delivery_errors = false
+
+# Enable threaded mode
+# config.threadsafe!

data/spec/railsenv/config/environments/test.rb

@@ -0,0 +1,29 @@
+# Settings specified here will take precedence over those in config/environment.rb
+
+# The test environment is used exclusively to run your application's
+# test suite.  You never need to work with it otherwise.  Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs.  Don't rely on the data there!
+config.cache_classes = true
+
+# Log error messages when you accidentally call methods on nil.
+config.whiny_nils = true
+
+# Show full error reports and disable caching
+config.action_controller.consider_all_requests_local = true
+config.action_controller.perform_caching             = false
+config.action_view.cache_template_loading            = true
+
+# Disable request forgery protection in test environment
+config.action_controller.allow_forgery_protection    = false
+
+# Tell Action Mailer not to deliver emails to the real world.
+# The :test delivery method accumulates sent emails in the
+# ActionMailer::Base.deliveries array.
+config.action_mailer.delivery_method = :test
+
+# Use SQL instead of Active Record's schema dumper when creating the test database.
+# This is necessary if your schema can't be completely dumped by the schema dumper,
+# like if you have constraints or database-specific column types
+# config.active_record.schema_format = :sql
+

data/spec/railsenv/config/initializers/backtrace_silencers.rb

@@ -0,0 +1,7 @@
+# Be sure to restart your server when you modify this file.
+
+# You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
+# Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
+
+# You can also remove all the silencers if you're trying do debug a problem that might steem from framework code.
+# Rails.backtrace_cleaner.remove_silencers!

data/spec/railsenv/config/initializers/inflections.rb

@@ -0,0 +1,10 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format 
+# (all these examples are active by default):
+# ActiveSupport::Inflector.inflections do |inflect|
+#   inflect.plural /^(ox)$/i, '\1en'
+#   inflect.singular /^(ox)en/i, '\1'
+#   inflect.irregular 'person', 'people'
+#   inflect.uncountable %w( fish sheep )
+# end

data/spec/railsenv/config/initializers/mime_types.rb

@@ -0,0 +1,5 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new mime types for use in respond_to blocks:
+# Mime::Type.register "text/richtext", :rtf
+# Mime::Type.register_alias "text/html", :iphone

data/spec/railsenv/config/initializers/new_rails_defaults.rb

@@ -0,0 +1,21 @@
+# Be sure to restart your server when you modify this file.
+
+# These settings change the behavior of Rails 2 apps and will be defaults
+# for Rails 3. You can remove this initializer when Rails 3 is released.
+
+if defined?(ActiveRecord)
+  # Include Active Record class name as root for JSON serialized output.
+  ActiveRecord::Base.include_root_in_json = true
+
+  # Store the full class name (including module namespace) in STI type column.
+  ActiveRecord::Base.store_full_sti_class = true
+end
+
+# ActionController::Routing.generate_best_match = false
+
+# Use ISO 8601 format for JSON serialized times and dates.
+ActiveSupport.use_standard_json_time_format = true
+
+# Don't escape HTML entities in JSON, leave that for the #json_escape helper.
+# if you're including raw json in an HTML page.
+ActiveSupport.escape_html_entities_in_json = false

data/spec/railsenv/config/initializers/session_store.rb

@@ -0,0 +1,15 @@
+# Be sure to restart your server when you modify this file.
+
+# Your secret key for verifying cookie session data integrity.
+# If you change this key, all old sessions will become invalid!
+# Make sure the secret is at least 30 characters and all random, 
+# no regular words or you'll be exposed to dictionary attacks.
+ActionController::Base.session = {
+  :key         => '_cukejuice_session',
+  :secret      => 'f39ba5ef73a04aa66e9a8ab1291899f124a5a58f9702b12b5079a598666d7e395a48b7ee54c08061345686c9c2f1f7a6fc51a24596673dc8deae54cf1fdea630'
+}
+
+# Use the database for sessions instead of the cookie-based default,
+# which shouldn't be used to store highly confidential information
+# (create the session table with "rake db:sessions:create")
+# ActionController::Base.session_store = :active_record_store

data/spec/railsenv/config/locales/en.yml

@@ -0,0 +1,4 @@
+# Sample localization file for English. Add more files in this directory for other locales.
+# See http://github.com/svenfuchs/rails-i18n/tree/master/rails%2Flocale for starting points.
+
+en:

data/spec/railsenv/config/routes.rb

@@ -0,0 +1,14 @@
+ActionController::Routing::Routes.draw do |map|
+
+  map.root :controller => 'welcome', :action => 'index'
+  
+  map.resources :accounts
+  map.dashboard '/dashboard', :controller => 'accounts', :action => 'index'
+
+  map.resources :projects do |projects|
+    projects.resources :features
+  end
+
+  map.connect ':controller/:action/:id'
+  map.connect ':controller/:action/:id.:format'
+end

data/spec/spec_helper.rb

@@ -0,0 +1,31 @@
+ENV["RAILS_ENV"] = "test"
+require File.expand_path(File.dirname(__FILE__) + "/railsenv/config/environment")
+require 'spec'
+require 'spec/rails'
+ 
+Spec::Runner.configure do |config|
+  config.use_transactional_fixtures = true
+  config.use_instantiated_fixtures  = false
+  config.mock_with :mocha
+end
+ 
+plugin_spec_dir = File.dirname(__FILE__)
+ActiveRecord::Base.logger = Logger.new(plugin_spec_dir + "/debug.log")
+ 
+dir = File.expand_path(File.dirname(__FILE__))
+require "#{dir}/../lib/authoritah"
+
+class TestAuthorizerController < ActionController::Base
+  
+  def index
+    render
+  end
+  
+  def create
+    redirect_to '/success'
+  end
+  
+  def show
+  end
+end
+

metadata

@@ -0,0 +1,75 @@
+--- !ruby/object:Gem::Specification 
+name: authoritah
+version: !ruby/object:Gem::Version 
+  version: 0.0.1
+platform: ruby
+authors: 
+- Steven Mohapi-Banks
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-09-24 00:00:00 +01:00
+default_executable: 
+dependencies: []
+
+description: A really simple authorization plugin for Rails.
+email: steven.mohapibanks@me.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- LICENSE
+- README.rdoc
+files: 
+- init.rb
+- lib/authoritah.rb
+- LICENSE
+- README.rdoc
+has_rdoc: true
+homepage: http://github.com/indmill/authoritah
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.4
+signing_key: 
+specification_version: 3
+summary: A really simple authorization plugin for Rails.
+test_files: 
+- spec/authoritah_spec.rb
+- spec/spec_helper.rb
+- spec/railsenv/app/controllers/application.rb
+- spec/railsenv/config/boot.rb
+- spec/railsenv/config/database.yml
+- spec/railsenv/config/environment.rb
+- spec/railsenv/config/environments/cucumber.rb
+- spec/railsenv/config/environments/development.rb
+- spec/railsenv/config/environments/production.rb
+- spec/railsenv/config/environments/test.rb
+- spec/railsenv/config/initializers/backtrace_silencers.rb
+- spec/railsenv/config/initializers/inflections.rb
+- spec/railsenv/config/initializers/mime_types.rb
+- spec/railsenv/config/initializers/new_rails_defaults.rb
+- spec/railsenv/config/initializers/session_store.rb
+- spec/railsenv/config/locales/en.yml
+- spec/railsenv/config/routes.rb