branston 0.3.2

data/lib/branston/vendor/plugins/restful_authentication/notes/SecurityPatterns.txt

@@ -0,0 +1,163 @@
+h1. Security from the perspective of a community site.
+
+Better than anything you'll read below on the subject:
+
+* "The OWASP Guide to Building Secure Web Applications":http://www.owasp.org/index.php/Category:OWASP_Guide_Project
+* "Secure Programming for Linux and Unix HOWTO":http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/web-authentication.html
+* "Core Security Patterns":http://www.coresecuritypatterns.com/patterns.htm
+* Stephen Downes' article on "Authentication and Identification":http://www.downes.ca/post/12
+
+h2. Snazzy Diagram
+
+!http://github.com/technoweenie/restful-authentication/tree/master/notes/SecurityFramework.png?raw=true!:http://github.com/technoweenie/restful-authentication/tree/master/notes/SecurityFramework.png
+
+(in notes/SecurityFramework.png)
+
+h2. Terms
+
+* Identification: Assign this visitor a name and an associated identity
+  (picture, website, favorite pokemon, trust metric, security roles).
+  
+  bq. "Behold. I am not Gandalf the Grey, whom you betrayed, I am Gandalf the White,
+  who has returned from death." -- Tolkien
+
+* Authentication: Verify this visitor matches the claimed identity.
+
+  bq. "My name is Werner Brandis. My voice is my password. Verify me." -- Sneakers
+
+* Authorization: Given a request (Actions+Resource+Environment), decide if it's safe.
+
+  bq. "Of every tree of the garden thou mayest freely eat: But of the tree of
+  the knowledge of good and evil, thou shalt not eat of it: for in the day that
+  thou eatest thereof thou shalt surely die." -- Gen 2:16-17
+  
+* Trust: Confidence this visitor will act reliably.
+  
+  bq. "A copper! A copper! How d'ya like that, boys? And we went for it. _I_ went
+  for it. Treated him like a kid brother. And I was gonna split fifty-fifty with
+  a copper." -- James Cagney, White Heat
+
+** Reputation from Trust Network: Award trust to this visitor based on what other trusted parties say.
+
+  bq. "He used my name? In the /street/?  He called me a punk? My name was on
+  the street? When we bounce from this s-t here, Y'all gonna go down on them
+  corners, let the people know: word did not get back to me. Let 'em know Marlo
+  step to any m-f-: Omar, Barksdale, whoever. My name IS my NAME." -- Marlo
+  Stansfield, The Wire (paraphrased)
+
+* Reputation from Past Actions:
+
+  bq. "The man you just killed was just released from prison. He could've f-in'
+  walked. All he had to do was say my dad's name, but he didn't; he kept his
+  f-ing mouth shut. And did his f-in' time, and he did it like a man. He did
+  four years for us.  So, Mr. Orange, you're tellin' me this very good friend of
+  mine, who did four years for my father, who in four years never made a deal,
+  no matter what they dangled in front of him, you're telling me that now, that
+  now this man is free, and we're making good on our commitment to him, he's
+  just gonna decide, out of the f-ing blue, to rip us off?" -- Nice Guy Eddie,
+  Reservoir Dogs
+
+* Access control
+  
+** Role
+  * http://en.wikipedia.org/wiki/Role-based_access_control
+  * "Role-Based Access Control FAQ":http://csrc.nist.gov/groups/SNS/rbac/faq.html
+  * "Role Based Access Control and Role Based Security":http://csrc.nist.gov/groups/SNS/rbac/ from the NIST Computer Security Division
+
+
+* Auditing & Recovery
+
+h2. Concept
+
+@  The below is a mixture of half-baked, foolish and incomplete. Just sos you know. @
+
+* Identity here will mean 'online presence' -- user account, basically.
+* Person will mean the remote endpoint -- whether that's a person or robot or
+  company.  (Security papers call this "Subject" but that's awful).
+* It's easy to confuse 'person' and 'identity', so easy I probably have below.
+
+Why do you need to authenticate?  For authorization. So traditionally, we think
+
+  person <- (ath'n token) <- identity <- (policy) <- actions
+
+That is, actions are attached to an identity by security policy, identity is
+attached to a person by their authentication token.
+
+The problem is that we cannot authenticate a /person/, only the token they
+present: password, ATM card+PIN number, etc.
+bq. "The Doors of Durin, Lord of Moria. Speak friend, and enter" -- Tolkien
+
+Anyone who presents that card+PIN, Elvish catchphrase, or voice print will be
+authenticated to act as the corresponding identity (account holder, friend of
+the elves, nerdy scientist), and we have no control over those tokens.
+
+  person <- (ath'n token) <- identity <- (az'n policy) <- actions
+        ^^^^ This step is wrong.
+
+The solution is to not care, or rather to reframe our goals.
+
+What we actually want is not to /control/ users' actions, but to /predict/ them.
+When Mr. Blonde helps Mr. White rob a jewelry store it's a security failure for
+the store but a success for the crime gang.  When Mr. Orange (an undercover cop)
+shoots Mr. Blonde it's a security failure for the crime gang and a success for
+the police.  We want to know how to use
+
+  ( identity, past actions ) => (trust, future actions)
+
+If you can predict someone is a vandal or troll, don't let them change pages, or
+only let them post to Ye Flaming Pitte of Flamage.
+
+We can to reasonable satisfaction authenticate a token: only grant that
+identity to visitors who bear that token.  So this part is fine:
+  
+    person   (token)<- identity
+
+But we have no control over authentication token - identity correspondence.
+This part is broken:
+
+    person x (token)<- identity
+
+The only one who does have that control is the person behind that identity.
+They can reasonably guarantee
+  
+    person ->(token)<- identity
+
+If that person is going to be in your community, they have an interest in their
+identity: they want to be known as someone who isn't a punk, or doesn't troll,
+or does troll and better than anyone, or won't rat you out to the cops.  The
+actions of a person are moderated by their interest in maintaining their
+reputation:
+  
+    past actions -> reputation ->person
+
+So give up authorization in favor of auditing and recoverability, and authorize
+based on reputation -- on the past behavior and vouchsafes offered by the
+identity,
+  
+    reputation -> trust -> permissions ->actions
+
+They want to know that they have full control of their identity; among other
+things, privacy and an understanding that nobody can act without permission on
+their behalf. In fact, we can assure that only a token-holder can assume the
+corresponding identity:
+  
+    person ->(token)<->identity ->(trust) actions ->reputation ->person
+
+poop
+
+    reputation ->trust
+
+
+So we need to
+* Understand and encourage how their security interests aligns with ours,
+* Understand how it doesn't, and be robust in the face of that; and
+* Recover gracefully if it goes wrong.
+
+Instead of
+
+  authorization -> user -> token -> identity
+  
+we assign roles based on
+
+  authorization <- trust <- reputation <- identity <- token <- person
+

data/lib/branston/vendor/plugins/restful_authentication/notes/Tradeoffs.txt

@@ -0,0 +1,126 @@
+Guides to best practices:
+* "The OWASP Guide to Building Secure Web Applications":http://www.owasp.org/index.php/Category:OWASP_Guide_Project
+* "Secure Programming for Linux and Unix HOWTO":http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/web-authentication.html
+* [[http://www.coresecuritypatterns.com/patterns.htm]]
+
+***************************************************************************
+h2. Session resetting
+
+Best practices recommend that you regenerate all session tokens (for us, the
+browser session ID and the remember_token cookie) on any privilege change (for
+us, logging in or logging out) -- see http://tinyurl.com/5vdvuq.  This release
+properly regenerates remember_token cookies, but does *not* by default
+reset_session.
+
+Calling reset_session can interact with Form Authentication tokens (a *much*
+more important security feature).  If a visitor logs in but has a form open in
+another tab, or uses the back button to pull one up from their history (perhaps
+the one that required them to log in), they will get the exceedingly unpleasant
+Request Forgery error.  Imagine spending twenty minutes crafting a devastating
+critique of this week's Battlestar Galactica episode, finding you need to log in
+before posting -- but then getting a Request Forgery when you re-attempt the
+post.  Frak!  Thus, it's disabled by default.
+
+On the other hand, this does moderately reduce your defense-in-depth against a
+"Cross-Site Request Forgery":http://en.wikipedia.org/wiki/CSRF attack.  To
+enable session_resetting, look for any
+   # reset session
+lines in the app/controllers/session_controller.rb and
+app/controllers/users_controller.rb and uncomment them.
+
+***************************************************************************
+h2. Site Key
+
+A Site key gives additional protection against a dictionary attack if your
+DB is ever compromised.  With no site key, we store
+  DB_password = hash(user_password, DB_user_salt)
+If your database were to be compromised you'd be vulnerable to a dictionary
+attack on all your stupid users' passwords.  With a site key, we store
+  DB_password = hash(user_password, DB_user_salt, Code_site_key)
+That means an attacker needs access to both your site's code *and* its
+database to mount an "offline dictionary attack.":http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/web-authentication.html
+
+It's probably of minor importance, but recommended by best practices: 'defense
+in depth'.  Needless to say, if you upload this to github or the youtubes or
+otherwise place it in public view you'll kinda defeat the point.  Your users'
+passwords are still secure, and the world won't end, but defense_in_depth -= 1.
+
+Please note: if you change this, all the passwords will be invalidated, so DO
+keep it someplace secure.  Use the random value given or type in the lyrics to
+your favorite Jay-Z song or something; any moderately long, unpredictable text.
+
+***************************************************************************
+h2. Password stretching
+
+If someone were to capture your user accounts database, they could farm it out
+for brute-force or dictionary-attack password cracking.  "Password Stretching"
+makes brute force (even with a compromised database and site key) attacks
+harder, and scales with Moore's law.  Basically, you apply the password
+encryption process several times, meaning that each brute-force attempt takes
+that much longer.  Hash your password ten times, and a brute-force attack takes
+ten times longer; hash 100,000 times and an attack takes 100,000 times longer.
+
+  bq. "To squeeze the most security out of a limited-entropy password or
+  passphrase, we can use two techniques [salting and stretching]... that are so
+  simple and obvious that they should be used in every password system.  There
+  is really no excuse not to use them. ... Choose stretching factor so computing
+  K from (salt, passwd) takes 200-1000 ms. Store r with the user's password, and
+  increase it as computers get faster." -- http://tinyurl.com/37lb73
+  Practical Security (Ferguson & Scheier) p350
+
+Now, adding even a 0.2s delay to page requests isn't justifiable for most online
+applications, and storing r is unnecessary (at least on your first design
+iteration).  But 
+  On a 1G Slicehost already under moderate load:
+  irb(main):005:0> puts Time.now; (10**6).times{ secure_digest(Time.now, rand) }; puts Time.now
+  Fri May 16 08:26:16 +0000 2008
+  Fri May 16 08:30:58 +0000 2008
+  => 280s/1M ~= 0.000_3 ms / digest
+A modest 10 (the default here) foldings makes brute forcing, even given the site
+key and database, 10 times harder at a 3ms penalty.  An app that otherwise
+serves 100 reqs/s is reduced to 78 signin reqs/s; an app that does 10reqs/s is
+reduced to 9.7 signin reqs/s
+
+* http://www.owasp.org/index.php/Hashing_Java
+* "An Illustrated Guide to Cryptographic Hashes":http://www.unixwiz.net/techtips/iguide-crypto-hashes.html
+
+The default of 10 is a reasonable compromise, but the security-paranoid and
+resource-rich may consider increasing REST_AUTH_DIGEST_STRETCHES to match the
+one-second best-practices value, while those with existing userbases (whose
+passwords would otherwise no longer work) should leave the value at one.
+
+***************************************************************************
+h2. Token regeneration
+
+The session and the remember_token should both be expired and regenerated
+every time we cross the logged out / logged in barrier by either password
+or cookie.  ("To reduce the risk from session hijacking":http://www.owasp.org/index.php/Session_Management#Regeneration_of_Session_Tokens
+and brute force attacks, the HTTP server can seamlessly expire and
+regenerate tokens. This decreases the window of opportunity for a replay or
+brute force attack.)  It does mean we set the cookie more often.
+
+  http://www.owasp.org/index.php/Session_Management#Regeneration_of_Session_Tokens
+  http://palisade.plynt.com/issues/2004Jul/safe-auth-practices/
+
+
+***************************************************************************
+h2. Field validation
+
+We restrict login names to only contain the characters
+<nowiki>A-Za-z0-9.-_@</nowiki> This allows (most) email addresses and is safe
+for urls, database expressions (the at sign, technically reserved in a url, will
+survive in most browsers).  If you want to be more permissive:
+*  "URL-legal characters":http://www.blooberry.com/indexdot/html/topics/urlencoding.htm are <nowiki>-_.!~*'()</nowiki>
+*  "XML-legal characters":http://www.sklar.com/blog/archives/96-XML-vs.-Control-Characters.html are <nowiki>Char ::= #x9 | #xA | #xD | [#x20-#xD7FF] | [#xE000-#xFFFD] | [#x10000-#x10FFFF]</nowiki>
+*  "Email-address legal characters":http://tools.ietf.org/html/rfc2822#section-3.4.1 are <nowiki>0-9a-zA-Z!#\$%\&\'\*\+_/=\?^\-`\{|\}~\.</nowiki> but see "this discussion of what is sane"http://www.regular-expressions.info/email.html (as opposed to legal)
+
+We restrict email addresses to match only those actually seen in the wild,
+invalidating some that are technically allowed (characters such as % and ! that
+date back to UUCP days.  The line to allow all RFC-2822 emails is commented out,
+so feel free to enable it, or remove this validation.  See "this discussion of
+what is sane"http://www.regular-expressions.info/email.html as opposed to what
+is legal.  Also understand that this is just a cursory bogus-input check --
+there's no guarantee that this email matches an account or is even well-formed.
+
+If you change these validations you should change the RSpec tests as well.
+

data/lib/branston/vendor/plugins/restful_authentication/notes/Trustification.txt

@@ -0,0 +1,49 @@
+See also
+* "Trustlet Wiki":http://www.trustlet.org/wiki
+
+Potential Ingredients for a trust metric
+
+h2. Reputation
+
+* Web of trust
+* Reputation systems
+** Akismet, Viking, etc.
+
+* prove_as_human Completing a 
+* validate_email
+
+  logged_in
+  akismet, etc.
+  session duration
+
+h2. Accountability
+
+Does the person tied to this identity stand to lose or gain anything based on this action?
+
+
+h2. Past history
+
+* past history
+** we can revisit past trust decisions based on revised trust estimates
+* recency of errors (reduce trust on an application exception)
+
+h2. Commitment
+
+* are_you_sure -- ask for con
+* willingness to pay a "hate task" (compute big hash) a la Zed Shaw
+* send_me_one_cent a micropayment
+** shows commitment
+** secondary validation from payment system
+** offsets rist
+
+h2. Identity Binding
+
+* Stale sessions
+  bq. "If your application allows users to be logged in for long periods of time
+  ensure that controls are in place to revalidate a user’s authorization to a
+  resource. For example, if Bob has the role of “Top Secret” at 1:00, and at
+  2:00 while he is logged in his role is reduced to Secret he should not be able
+  to access “Top Secret” data any more." -- http://www.owasp.org/index.php/Guide_to_Authorization
+
+* how I authenticated: for instance, 'logged in by cookie' << 'logged in by password'
+

data/lib/branston/vendor/plugins/restful_authentication/rails/init.rb

@@ -0,0 +1,3 @@
+require File.join(File.dirname(__FILE__), "..", "lib", "authentication")
+require File.join(File.dirname(__FILE__), "..", "lib", "authentication", "by_password")
+require File.join(File.dirname(__FILE__), "..", "lib", "authentication", "by_cookie_token")

data/lib/branston/vendor/plugins/restful_authentication/restful-authentication.gemspec

@@ -0,0 +1,33 @@
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{restful-authentication}
+  s.version = "1.1.1"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["RailsJedi", "Rick Olson"]
+  s.date = %q{2008-07-04}
+  s.description = %q{This widely-used plugin provides a foundation for securely managing user.}
+  s.email = %q{railsjedi@gmail.com}
+  s.extra_rdoc_files = ["README.textile"]
+  s.files = ["CHANGELOG", "README.textile", "Rakefile", "TODO", "generators/authenticated/authenticated_generator.rb", "generators/authenticated/lib/insert_routes.rb", "generators/authenticated/templates/_model_partial.html.erb", "generators/authenticated/templates/activation.erb", "generators/authenticated/templates/authenticated_system.rb", "generators/authenticated/templates/authenticated_test_helper.rb", "generators/authenticated/templates/controller.rb", "generators/authenticated/templates/helper.rb", "generators/authenticated/templates/login.html.erb", "generators/authenticated/templates/mailer.rb", "generators/authenticated/templates/migration.rb", "generators/authenticated/templates/model.rb", "generators/authenticated/templates/model_controller.rb", "generators/authenticated/templates/model_helper.rb", "generators/authenticated/templates/model_helper_spec.rb", "generators/authenticated/templates/observer.rb", "generators/authenticated/templates/signup.html.erb", "generators/authenticated/templates/signup_notification.erb", "generators/authenticated/templates/site_keys.rb", "generators/authenticated/templates/spec/controllers/access_control_spec.rb", "generators/authenticated/templates/spec/controllers/authenticated_system_spec.rb", "generators/authenticated/templates/spec/controllers/sessions_controller_spec.rb", "generators/authenticated/templates/spec/controllers/users_controller_spec.rb", "generators/authenticated/templates/spec/fixtures/users.yml", "generators/authenticated/templates/spec/helpers/users_helper_spec.rb", "generators/authenticated/templates/spec/models/user_spec.rb", "generators/authenticated/templates/stories/rest_auth_stories.rb", "generators/authenticated/templates/stories/rest_auth_stories_helper.rb", "generators/authenticated/templates/stories/steps/ra_navigation_steps.rb", "generators/authenticated/templates/stories/steps/ra_resource_steps.rb", "generators/authenticated/templates/stories/steps/ra_response_steps.rb", "generators/authenticated/templates/stories/steps/user_steps.rb", "generators/authenticated/templates/stories/users/accounts.story", "generators/authenticated/templates/stories/users/sessions.story", "generators/authenticated/templates/test/functional_test.rb", "generators/authenticated/templates/test/mailer_test.rb", "generators/authenticated/templates/test/model_functional_test.rb", "generators/authenticated/templates/test/unit_test.rb", "generators/authenticated/USAGE", "init.rb", "lib/authentication/by_cookie_token.rb", "lib/authentication/by_password.rb", "lib/authentication.rb", "lib/authorization/aasm_roles.rb", "lib/authorization/stateful_roles.rb", "lib/authorization.rb", "lib/trustification/email_validation.rb", "lib/trustification.rb", "rails/init.rb"]
+  s.has_rdoc = true
+  s.homepage = %q{http://github.com/technoweenie/restful-authentication}
+  s.rdoc_options = ["--main", "README.textile"]
+  s.require_paths = ["lib"]
+  s.rubygems_version = %q{1.3.0}
+  s.summary = %q{Generates code for user login and authentication}
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 2
+
+    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
+      s.add_runtime_dependency(%q<rails>, ["~> 2.1.0"])
+    else
+      s.add_dependency(%q<rails>, ["~> 2.1.0"])
+    end
+  else
+    s.add_dependency(%q<rails>, ["~> 2.1.0"])
+  end
+end

data/lib/branston/vendor/plugins/restful_authentication/tasks/auth.rake

@@ -0,0 +1,33 @@
+require 'digest/sha1'
+require 'erb'
+
+def site_keys_file
+  File.join("config", "initializers", "site_keys.rb")
+end
+
+def secure_digest(*args)
+  Digest::SHA1.hexdigest(args.flatten.join('--'))
+end
+
+def make_token
+  secure_digest(Time.now, (1..10).map{ rand.to_s })
+end
+
+def make_site_keys_rb
+  site_key = secure_digest(Time.now, (1..10).map{ rand.to_s })
+  site_key_erb = <<-EOF
+# key of 40 chars length
+REST_AUTH_SITE_KEY         = '#{site_key}'
+REST_AUTH_DIGEST_STRETCHES = 10
+EOF
+end
+
+namespace :auth do
+  namespace :gen do
+    desc "Generates config/initializers/site_keys.rb"
+    task :site_key do
+      file = ENV['file'] || site_keys_file
+      File.open(file, "w"){|f| f.write(make_site_keys_rb)}
+    end
+  end
+end

metadata

@@ -0,0 +1,513 @@
+--- !ruby/object:Gem::Specification 
+name: branston
+version: !ruby/object:Gem::Version 
+  version: 0.3.2
+platform: ruby
+authors: 
+- dave.hrycyszyn@headlondon.com
+- dan@dangarland.co.uk
+- steve.laing@gmail.com
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-12-09 00:00:00 +00:00
+default_executable: branston
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: thoughtbot-shoulda
+  type: :development
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: rails
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 2.3.5
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: calendar_date_select
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "1.15"
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: cucumber
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - "="
+      - !ruby/object:Gem::Version 
+        version: 0.4.4
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: webrat
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 0.5.3
+    version: 
+description: Cucumber and more!
+email: dave.hrycyszyn@headlondon.com
+executables: 
+- branston
+extensions: []
+
+extra_rdoc_files: 
+- LICENSE
+- README.rdoc
+files: 
+- lib/branston/README
+- lib/branston/Rakefile
+- lib/branston/app/controllers/application_controller.rb
+- lib/branston/app/controllers/iterations_controller.rb
+- lib/branston/app/controllers/outcomes_controller.rb
+- lib/branston/app/controllers/preconditions_controller.rb
+- lib/branston/app/controllers/releases_controller.rb
+- lib/branston/app/controllers/scenarios_controller.rb
+- lib/branston/app/controllers/sessions_controller.rb
+- lib/branston/app/controllers/stories_controller.rb
+- lib/branston/app/controllers/user_roles_controller.rb
+- lib/branston/app/controllers/users_controller.rb
+- lib/branston/app/helpers/application_helper.rb
+- lib/branston/app/helpers/iterations_helper.rb
+- lib/branston/app/helpers/outcomes_helper.rb
+- lib/branston/app/helpers/preconditions_helper.rb
+- lib/branston/app/helpers/releases_helper.rb
+- lib/branston/app/helpers/sessions_helper.rb
+- lib/branston/app/helpers/stories_helper.rb
+- lib/branston/app/helpers/user_roles_helper.rb
+- lib/branston/app/helpers/users_helper.rb
+- lib/branston/app/models/iteration.rb
+- lib/branston/app/models/outcome.rb
+- lib/branston/app/models/participation.rb
+- lib/branston/app/models/precondition.rb
+- lib/branston/app/models/release.rb
+- lib/branston/app/models/scenario.rb
+- lib/branston/app/models/story.rb
+- lib/branston/app/models/user.rb
+- lib/branston/app/models/user_role.rb
+- lib/branston/app/views/iterations/_form.html.erb
+- lib/branston/app/views/iterations/edit.html.erb
+- lib/branston/app/views/iterations/index.html.erb
+- lib/branston/app/views/iterations/new.html.erb
+- lib/branston/app/views/iterations/show.html.erb
+- lib/branston/app/views/layouts/_footer.html.erb
+- lib/branston/app/views/layouts/_header.html.erb
+- lib/branston/app/views/layouts/_meta.html.erb
+- lib/branston/app/views/layouts/main.html.erb
+- lib/branston/app/views/layouts/outcomes.html.erb
+- lib/branston/app/views/layouts/preconditions.html.erb
+- lib/branston/app/views/layouts/releases.html.erb
+- lib/branston/app/views/layouts/user_roles.html.erb
+- lib/branston/app/views/outcomes/_outcome.html.erb
+- lib/branston/app/views/outcomes/_outcomes.html.erb
+- lib/branston/app/views/outcomes/create.js.rjs
+- lib/branston/app/views/outcomes/destroy.js.rjs
+- lib/branston/app/views/outcomes/edit.html.erb
+- lib/branston/app/views/outcomes/index.html.erb
+- lib/branston/app/views/outcomes/index.js.rjs
+- lib/branston/app/views/outcomes/new.html.erb
+- lib/branston/app/views/outcomes/new.js.rjs
+- lib/branston/app/views/outcomes/show.html.erb
+- lib/branston/app/views/preconditions/_precondition.html.erb
+- lib/branston/app/views/preconditions/_preconditions.html.erb
+- lib/branston/app/views/preconditions/create.js.rjs
+- lib/branston/app/views/preconditions/destroy.js.rjs
+- lib/branston/app/views/preconditions/edit.html.erb
+- lib/branston/app/views/preconditions/index.html.erb
+- lib/branston/app/views/preconditions/index.js.rjs
+- lib/branston/app/views/preconditions/new.html.erb
+- lib/branston/app/views/preconditions/new.js.rjs
+- lib/branston/app/views/preconditions/show.html.erb
+- lib/branston/app/views/releases/edit.html.erb
+- lib/branston/app/views/releases/index.html.erb
+- lib/branston/app/views/releases/new.html.erb
+- lib/branston/app/views/releases/show.html.erb
+- lib/branston/app/views/scenarios/_scenario.html.erb
+- lib/branston/app/views/scenarios/_scenarios.html.erb
+- lib/branston/app/views/scenarios/create.js.rjs
+- lib/branston/app/views/scenarios/destroy.js.rjs
+- lib/branston/app/views/scenarios/edit.html.erb
+- lib/branston/app/views/scenarios/index.html.erb
+- lib/branston/app/views/scenarios/index.js.rjs
+- lib/branston/app/views/scenarios/new.html.erb
+- lib/branston/app/views/scenarios/new.js.rjs
+- lib/branston/app/views/scenarios/show.html.erb
+- lib/branston/app/views/sessions/new.html.erb
+- lib/branston/app/views/stories/_form.html.erb
+- lib/branston/app/views/stories/_story.html.erb
+- lib/branston/app/views/stories/edit.html.erb
+- lib/branston/app/views/stories/index.html.erb
+- lib/branston/app/views/stories/new.html.erb
+- lib/branston/app/views/stories/show.html.erb
+- lib/branston/app/views/stories/show.js.rjs
+- lib/branston/app/views/stories/update.js.rjs
+- lib/branston/app/views/user_roles/edit.html.erb
+- lib/branston/app/views/user_roles/index.html.erb
+- lib/branston/app/views/user_roles/new.html.erb
+- lib/branston/app/views/user_roles/show.html.erb
+- lib/branston/app/views/users/_user_bar.html.erb
+- lib/branston/app/views/users/new.html.erb
+- lib/branston/config/boot.rb
+- lib/branston/config/database.yml
+- lib/branston/config/environment.rb
+- lib/branston/config/environments/cucumber.rb
+- lib/branston/config/environments/development.rb
+- lib/branston/config/environments/production.rb
+- lib/branston/config/environments/test.rb
+- lib/branston/config/initializers/backtrace_silencers.rb
+- lib/branston/config/initializers/inflections.rb
+- lib/branston/config/initializers/mime_types.rb
+- lib/branston/config/initializers/new_rails_defaults.rb
+- lib/branston/config/initializers/session_store.rb
+- lib/branston/config/initializers/site_keys.rb
+- lib/branston/config/locales/en.yml
+- lib/branston/config/routes.rb
+- lib/branston/coverage/app-controllers-application_controller_rb.html
+- lib/branston/coverage/app-controllers-iterations_controller_rb.html
+- lib/branston/coverage/app-controllers-outcomes_controller_rb.html
+- lib/branston/coverage/app-controllers-preconditions_controller_rb.html
+- lib/branston/coverage/app-controllers-releases_controller_rb.html
+- lib/branston/coverage/app-controllers-scenarios_controller_rb.html
+- lib/branston/coverage/app-controllers-sessions_controller_rb.html
+- lib/branston/coverage/app-controllers-stories_controller_rb.html
+- lib/branston/coverage/app-controllers-user_roles_controller_rb.html
+- lib/branston/coverage/app-controllers-users_controller_rb.html
+- lib/branston/coverage/app-helpers-application_helper_rb.html
+- lib/branston/coverage/app-helpers-iterations_helper_rb.html
+- lib/branston/coverage/app-helpers-outcomes_helper_rb.html
+- lib/branston/coverage/app-helpers-preconditions_helper_rb.html
+- lib/branston/coverage/app-helpers-releases_helper_rb.html
+- lib/branston/coverage/app-helpers-sessions_helper_rb.html
+- lib/branston/coverage/app-helpers-stories_helper_rb.html
+- lib/branston/coverage/app-helpers-user_roles_helper_rb.html
+- lib/branston/coverage/app-models-iteration_rb.html
+- lib/branston/coverage/app-models-outcome_rb.html
+- lib/branston/coverage/app-models-participation_rb.html
+- lib/branston/coverage/app-models-precondition_rb.html
+- lib/branston/coverage/app-models-release_rb.html
+- lib/branston/coverage/app-models-scenario_rb.html
+- lib/branston/coverage/app-models-story_rb.html
+- lib/branston/coverage/app-models-user_rb.html
+- lib/branston/coverage/app-models-user_role_rb.html
+- lib/branston/coverage/index.html
+- lib/branston/coverage/jquery-1.3.2.min.js
+- lib/branston/coverage/jquery.tablesorter.min.js
+- lib/branston/coverage/lib-faker_extras_rb.html
+- lib/branston/coverage/lib-story_generator_rb.html
+- lib/branston/coverage/print.css
+- lib/branston/coverage/rcov.js
+- lib/branston/coverage/screen.css
+- lib/branston/db/development.sqlite3
+- lib/branston/db/development_structure.sql
+- lib/branston/db/migrate/20091127114237_create_users.rb
+- lib/branston/db/migrate/20091127120627_create_iterations.rb
+- lib/branston/db/migrate/20091127122422_create_stories.rb
+- lib/branston/db/migrate/20091127131037_create_user_roles.rb
+- lib/branston/db/migrate/20091127144645_create_participations.rb
+- lib/branston/db/migrate/20091127164217_create_scenarios.rb
+- lib/branston/db/migrate/20091127164446_create_preconditions.rb
+- lib/branston/db/migrate/20091127164705_create_outcomes.rb
+- lib/branston/db/migrate/20091127172849_add_title_to_stories.rb
+- lib/branston/db/migrate/20091127172950_add_story_id_to_user_role.rb
+- lib/branston/db/migrate/20091127173744_add_author_id_to_story.rb
+- lib/branston/db/migrate/20091202105555_create_releases.rb
+- lib/branston/db/migrate/20091204173634_add_slug_to_stories.rb
+- lib/branston/db/pristine.sqlite3
+- lib/branston/db/production.sqlite3
+- lib/branston/db/schema.rb
+- lib/branston/db/seeds.rb
+- lib/branston/db/test.sqlite3
+- lib/branston/doc/README_FOR_APP
+- lib/branston/doc/branston.zargo
+- lib/branston/features/step_definitions/webrat_steps.rb
+- lib/branston/features/support/env.rb
+- lib/branston/features/support/paths.rb
+- lib/branston/features/support/version_check.rb
+- lib/branston/lib/authenticated_system.rb
+- lib/branston/lib/authenticated_test_helper.rb
+- lib/branston/lib/branston.rb
+- lib/branston/lib/client.rb
+- lib/branston/lib/faker_extras.rb
+- lib/branston/lib/story_generator.rb
+- lib/branston/lib/tasks/cucumber.rake
+- lib/branston/lib/tasks/make_pristine_copy.rake
+- lib/branston/log/cucumber.log
+- lib/branston/log/development.log
+- lib/branston/log/test.log
+- lib/branston/public/404.html
+- lib/branston/public/422.html
+- lib/branston/public/500.html
+- lib/branston/public/blank_iframe.html
+- lib/branston/public/favicon.ico
+- lib/branston/public/images/branston_pickle_bg.png
+- lib/branston/public/images/calendar_date_select/calendar.gif
+- lib/branston/public/images/icons/back_icon_30x23.png
+- lib/branston/public/images/icons/delete_icon_20x19.png
+- lib/branston/public/images/icons/delete_icon_30x29.png
+- lib/branston/public/images/icons/plus_icon_15x15.png
+- lib/branston/public/images/icons/plus_icon_20x20.png
+- lib/branston/public/images/icons/plus_icon_30x30.png
+- lib/branston/public/images/img01.gif
+- lib/branston/public/images/img02.gif
+- lib/branston/public/images/img03.gif
+- lib/branston/public/images/img04.gif
+- lib/branston/public/images/img05.gif
+- lib/branston/public/images/img06.gif
+- lib/branston/public/images/img07.gif
+- lib/branston/public/images/img08.gif
+- lib/branston/public/images/logo.png
+- lib/branston/public/images/rails.png
+- lib/branston/public/javascripts/accordion.js
+- lib/branston/public/javascripts/application.js
+- lib/branston/public/javascripts/calendar_date_select/calendar_date_select.js
+- lib/branston/public/javascripts/calendar_date_select/calendar_date_select.prototype.js
+- lib/branston/public/javascripts/calendar_date_select/format_american.js
+- lib/branston/public/javascripts/calendar_date_select/format_db.js
+- lib/branston/public/javascripts/calendar_date_select/format_euro_24hr.js
+- lib/branston/public/javascripts/calendar_date_select/format_euro_24hr_ymd.js
+- lib/branston/public/javascripts/calendar_date_select/format_finnish.js
+- lib/branston/public/javascripts/calendar_date_select/format_german.js
+- lib/branston/public/javascripts/calendar_date_select/format_hyphen_ampm.js
+- lib/branston/public/javascripts/calendar_date_select/format_iso_date.js
+- lib/branston/public/javascripts/calendar_date_select/format_italian.js
+- lib/branston/public/javascripts/calendar_date_select/locale/de.js
+- lib/branston/public/javascripts/calendar_date_select/locale/fi.js
+- lib/branston/public/javascripts/calendar_date_select/locale/fr.js
+- lib/branston/public/javascripts/calendar_date_select/locale/pl.js
+- lib/branston/public/javascripts/calendar_date_select/locale/pt.js
+- lib/branston/public/javascripts/calendar_date_select/locale/ru.js
+- lib/branston/public/javascripts/controls.js
+- lib/branston/public/javascripts/dragdrop.js
+- lib/branston/public/javascripts/effects.js
+- lib/branston/public/javascripts/prototype.js
+- lib/branston/public/robots.txt
+- lib/branston/public/stylesheets/application.css
+- lib/branston/public/stylesheets/calendar_date_select/blue.css
+- lib/branston/public/stylesheets/calendar_date_select/default.css
+- lib/branston/public/stylesheets/calendar_date_select/plain.css
+- lib/branston/public/stylesheets/calendar_date_select/red.css
+- lib/branston/public/stylesheets/calendar_date_select/silver.css
+- lib/branston/public/stylesheets/scaffold.css
+- lib/branston/public/stylesheets/style.css
+- lib/branston/public/stylesheets/ui-lightness/images/ui-bg_diagonals-thick_18_b81900_40x40.png
+- lib/branston/public/stylesheets/ui-lightness/images/ui-bg_diagonals-thick_20_666666_40x40.png
+- lib/branston/public/stylesheets/ui-lightness/images/ui-bg_flat_10_000000_40x100.png
+- lib/branston/public/stylesheets/ui-lightness/images/ui-bg_glass_100_f6f6f6_1x400.png
+- lib/branston/public/stylesheets/ui-lightness/images/ui-bg_glass_100_fdf5ce_1x400.png
+- lib/branston/public/stylesheets/ui-lightness/images/ui-bg_glass_65_ffffff_1x400.png
+- lib/branston/public/stylesheets/ui-lightness/images/ui-bg_gloss-wave_35_f6a828_500x100.png
+- lib/branston/public/stylesheets/ui-lightness/images/ui-bg_highlight-soft_100_eeeeee_1x100.png
+- lib/branston/public/stylesheets/ui-lightness/images/ui-bg_highlight-soft_75_ffe45c_1x100.png
+- lib/branston/public/stylesheets/ui-lightness/images/ui-icons_222222_256x240.png
+- lib/branston/public/stylesheets/ui-lightness/images/ui-icons_228ef1_256x240.png
+- lib/branston/public/stylesheets/ui-lightness/images/ui-icons_ef8c08_256x240.png
+- lib/branston/public/stylesheets/ui-lightness/images/ui-icons_ffd27a_256x240.png
+- lib/branston/public/stylesheets/ui-lightness/images/ui-icons_ffffff_256x240.png
+- lib/branston/public/stylesheets/ui-lightness/jquery-ui-1.7.2.custom.css
+- lib/branston/script/about
+- lib/branston/script/console
+- lib/branston/script/cucumber
+- lib/branston/script/dbconsole
+- lib/branston/script/destroy
+- lib/branston/script/generate
+- lib/branston/script/performance/benchmarker
+- lib/branston/script/performance/profiler
+- lib/branston/script/plugin
+- lib/branston/script/runner
+- lib/branston/script/server
+- lib/branston/test/blueprints.rb
+- lib/branston/test/fixtures/outcomes.yml
+- lib/branston/test/fixtures/preconditions.yml
+- lib/branston/test/functional/iterations_controller_test.rb
+- lib/branston/test/functional/outcomes_controller_test.rb
+- lib/branston/test/functional/preconditions_controller_test.rb
+- lib/branston/test/functional/releases_controller_test.rb
+- lib/branston/test/functional/scenarios_controller_test.rb
+- lib/branston/test/functional/sessions_controller_test.rb
+- lib/branston/test/functional/stories_controller_test.rb
+- lib/branston/test/functional/user_roles_controller_test.rb
+- lib/branston/test/functional/users_controller_test.rb
+- lib/branston/test/performance/browsing_test.rb
+- lib/branston/test/test_helper.rb
+- lib/branston/test/unit/client_test.rb
+- lib/branston/test/unit/helpers/iterations_helper_test.rb
+- lib/branston/test/unit/helpers/outcomes_helper_test.rb
+- lib/branston/test/unit/helpers/preconditions_helper_test.rb
+- lib/branston/test/unit/helpers/releases_helper_test.rb
+- lib/branston/test/unit/helpers/stories_helper_test.rb
+- lib/branston/test/unit/helpers/user_roles_helper_test.rb
+- lib/branston/test/unit/iteration_test.rb
+- lib/branston/test/unit/outcome_test.rb
+- lib/branston/test/unit/participation_test.rb
+- lib/branston/test/unit/precondition_test.rb
+- lib/branston/test/unit/release_test.rb
+- lib/branston/test/unit/scenario_test.rb
+- lib/branston/test/unit/story_generator_test.rb
+- lib/branston/test/unit/story_test.rb
+- lib/branston/test/unit/user_role_test.rb
+- lib/branston/test/unit/user_test.rb
+- lib/branston/test/xml/example.xml
+- lib/branston/test/xml/no_scenarios.xml
+- lib/branston/vendor/plugins/calendar_date_select-1.15/History.txt
+- lib/branston/vendor/plugins/calendar_date_select-1.15/MIT-LICENSE
+- lib/branston/vendor/plugins/calendar_date_select-1.15/Manifest.txt
+- lib/branston/vendor/plugins/calendar_date_select-1.15/Rakefile
+- lib/branston/vendor/plugins/calendar_date_select-1.15/Readme.txt
+- lib/branston/vendor/plugins/calendar_date_select-1.15/init.rb
+- lib/branston/vendor/plugins/calendar_date_select-1.15/js_test/functional/cds_test.html
+- lib/branston/vendor/plugins/calendar_date_select-1.15/js_test/prototype.js
+- lib/branston/vendor/plugins/calendar_date_select-1.15/js_test/test.css
+- lib/branston/vendor/plugins/calendar_date_select-1.15/js_test/unit/cds_helper_methods.html
+- lib/branston/vendor/plugins/calendar_date_select-1.15/js_test/unittest.js
+- lib/branston/vendor/plugins/calendar_date_select-1.15/lib/calendar_date_select.rb
+- lib/branston/vendor/plugins/calendar_date_select-1.15/lib/calendar_date_select/calendar_date_select.rb
+- lib/branston/vendor/plugins/calendar_date_select-1.15/lib/calendar_date_select/form_helpers.rb
+- lib/branston/vendor/plugins/calendar_date_select-1.15/lib/calendar_date_select/includes_helper.rb
+- lib/branston/vendor/plugins/calendar_date_select-1.15/public/blank_iframe.html
+- lib/branston/vendor/plugins/calendar_date_select-1.15/public/images/calendar_date_select/calendar.gif
+- lib/branston/vendor/plugins/calendar_date_select-1.15/public/javascripts/calendar_date_select/calendar_date_select.js
+- lib/branston/vendor/plugins/calendar_date_select-1.15/public/javascripts/calendar_date_select/format_american.js
+- lib/branston/vendor/plugins/calendar_date_select-1.15/public/javascripts/calendar_date_select/format_db.js
+- lib/branston/vendor/plugins/calendar_date_select-1.15/public/javascripts/calendar_date_select/format_euro_24hr.js
+- lib/branston/vendor/plugins/calendar_date_select-1.15/public/javascripts/calendar_date_select/format_euro_24hr_ymd.js
+- lib/branston/vendor/plugins/calendar_date_select-1.15/public/javascripts/calendar_date_select/format_finnish.js
+- lib/branston/vendor/plugins/calendar_date_select-1.15/public/javascripts/calendar_date_select/format_hyphen_ampm.js
+- lib/branston/vendor/plugins/calendar_date_select-1.15/public/javascripts/calendar_date_select/format_iso_date.js
+- lib/branston/vendor/plugins/calendar_date_select-1.15/public/javascripts/calendar_date_select/format_italian.js
+- lib/branston/vendor/plugins/calendar_date_select-1.15/public/javascripts/calendar_date_select/locale/de.js
+- lib/branston/vendor/plugins/calendar_date_select-1.15/public/javascripts/calendar_date_select/locale/fi.js
+- lib/branston/vendor/plugins/calendar_date_select-1.15/public/javascripts/calendar_date_select/locale/fr.js
+- lib/branston/vendor/plugins/calendar_date_select-1.15/public/javascripts/calendar_date_select/locale/pl.js
+- lib/branston/vendor/plugins/calendar_date_select-1.15/public/javascripts/calendar_date_select/locale/pt.js
+- lib/branston/vendor/plugins/calendar_date_select-1.15/public/javascripts/calendar_date_select/locale/ru.js
+- lib/branston/vendor/plugins/calendar_date_select-1.15/public/stylesheets/calendar_date_select/blue.css
+- lib/branston/vendor/plugins/calendar_date_select-1.15/public/stylesheets/calendar_date_select/default.css
+- lib/branston/vendor/plugins/calendar_date_select-1.15/public/stylesheets/calendar_date_select/plain.css
+- lib/branston/vendor/plugins/calendar_date_select-1.15/public/stylesheets/calendar_date_select/red.css
+- lib/branston/vendor/plugins/calendar_date_select-1.15/public/stylesheets/calendar_date_select/silver.css
+- lib/branston/vendor/plugins/calendar_date_select-1.15/spec/calendar_date_select/calendar_date_select_spec.rb
+- lib/branston/vendor/plugins/calendar_date_select-1.15/spec/calendar_date_select/form_helpers_spec.rb
+- lib/branston/vendor/plugins/calendar_date_select-1.15/spec/spec_helper.rb
+- lib/branston/vendor/plugins/in_place_editing/README
+- lib/branston/vendor/plugins/in_place_editing/Rakefile
+- lib/branston/vendor/plugins/in_place_editing/init.rb
+- lib/branston/vendor/plugins/in_place_editing/lib/in_place_editing.rb
+- lib/branston/vendor/plugins/in_place_editing/lib/in_place_macros_helper.rb
+- lib/branston/vendor/plugins/in_place_editing/test/in_place_editing_test.rb
+- lib/branston/vendor/plugins/in_place_editing/test/test_helper.rb
+- lib/branston/vendor/plugins/restful_authentication/CHANGELOG
+- lib/branston/vendor/plugins/restful_authentication/LICENSE
+- lib/branston/vendor/plugins/restful_authentication/README.textile
+- lib/branston/vendor/plugins/restful_authentication/Rakefile
+- lib/branston/vendor/plugins/restful_authentication/TODO
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/USAGE
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/authenticated_generator.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/lib/insert_routes.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/_model_partial.html.erb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/activation.erb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/authenticated_system.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/authenticated_test_helper.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/controller.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/features/accounts.feature
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/features/sessions.feature
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/features/step_definitions/ra_env.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/features/step_definitions/ra_navigation_steps.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/features/step_definitions/ra_resource_steps.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/features/step_definitions/ra_response_steps.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/features/step_definitions/rest_auth_features_helper.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/features/step_definitions/user_steps.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/helper.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/login.html.erb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/mailer.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/migration.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/model.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/model_controller.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/model_helper.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/model_helper_spec.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/observer.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/signup.html.erb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/signup_notification.erb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/site_keys.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/spec/controllers/access_control_spec.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/spec/controllers/authenticated_system_spec.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/spec/controllers/sessions_controller_spec.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/spec/controllers/users_controller_spec.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/spec/fixtures/users.yml
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/spec/helpers/users_helper_spec.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/spec/models/user_spec.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/test/functional_test.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/test/mailer_test.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/test/model_functional_test.rb
+- lib/branston/vendor/plugins/restful_authentication/generators/authenticated/templates/test/unit_test.rb
+- lib/branston/vendor/plugins/restful_authentication/init.rb
+- lib/branston/vendor/plugins/restful_authentication/lib/authentication.rb
+- lib/branston/vendor/plugins/restful_authentication/lib/authentication/by_cookie_token.rb
+- lib/branston/vendor/plugins/restful_authentication/lib/authentication/by_password.rb
+- lib/branston/vendor/plugins/restful_authentication/lib/authorization.rb
+- lib/branston/vendor/plugins/restful_authentication/lib/authorization/aasm_roles.rb
+- lib/branston/vendor/plugins/restful_authentication/lib/authorization/stateful_roles.rb
+- lib/branston/vendor/plugins/restful_authentication/lib/trustification.rb
+- lib/branston/vendor/plugins/restful_authentication/lib/trustification/email_validation.rb
+- lib/branston/vendor/plugins/restful_authentication/notes/AccessControl.txt
+- lib/branston/vendor/plugins/restful_authentication/notes/Authentication.txt
+- lib/branston/vendor/plugins/restful_authentication/notes/Authorization.txt
+- lib/branston/vendor/plugins/restful_authentication/notes/RailsPlugins.txt
+- lib/branston/vendor/plugins/restful_authentication/notes/SecurityFramework.graffle
+- lib/branston/vendor/plugins/restful_authentication/notes/SecurityFramework.png
+- lib/branston/vendor/plugins/restful_authentication/notes/SecurityPatterns.txt
+- lib/branston/vendor/plugins/restful_authentication/notes/Tradeoffs.txt
+- lib/branston/vendor/plugins/restful_authentication/notes/Trustification.txt
+- lib/branston/vendor/plugins/restful_authentication/rails/init.rb
+- lib/branston/vendor/plugins/restful_authentication/restful-authentication.gemspec
+- lib/branston/vendor/plugins/restful_authentication/tasks/auth.rake
+- LICENSE
+- README.rdoc
+has_rdoc: true
+homepage: http://github.com/futurechimp/branston
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.5
+signing_key: 
+specification_version: 3
+summary: An experiment in turning user stories into cucumber files
+test_files: []
+