expose 0.1.0

data/.gitignore

@@ -0,0 +1,7 @@
+*.gem
+.bundle
+Gemfile.lock
+pkg/*
+.rvmrc
+OLD
+spec/db/*.db

data/Gemfile

@@ -0,0 +1,4 @@
+source "http://rubygems.org"
+
+# Specify your gem's dependencies in expose.gemspec
+gemspec

data/README.rdoc

@@ -0,0 +1,105 @@
+== Expose
+
+Expose allows you to dynamically adjust the 'attr_accessible' or
+'attr_protected' of a model.  This is only for managing mass-assignment
+security, and not overall security.
+
+=== Model
+
+  The following would let you mass_assign :sometimes_important when the :state
+  is 'new' or 'pending'.
+
+  class Account < ActiveRecord::Base
+    include Expose::Model
+  
+    # name:string
+    # sometimes_important:string
+    # state:string ... example [:new, :pending, :closed]
+
+    expose :sometimes_important,
+      :if => Proc.new { |account| [:new,:pending].include?(account.state) }
+    
+    # same result as line above (just using)
+    expose :sometimes_important, :state => [:new, :pending]
+    
+    # similar to line above
+    expose :sometimes_important,
+      :unless => Proc.new { |account| [:closed].include?(account.state) }
+    
+    # same as line above
+    expose :sometimes_important, :not_state => :closed
+
+    # using whitelist strategy
+    attr_accessible :name
+    
+    # OR, using blacklist strategy
+    # attr_protected :sometimes_important 
+
+  end
+
+== Notes
+
+This gem has only been tested with Rails 3.1.rc3, but should work with Rails
+3.X. It only uses the hook :mass_assignment_authorizer.
+
+== Todo
+
+This gem is in the early stages of development, so use at your own risk.
+
+Plans/Ideas:
+  - add 'protect' version, which does the opposite of 'expose'
+  - maybe disable attr_protected.  Using this gem shows an interest in
+    mass-assignment security.  Why not ensure use of a whitelist only
+    strategy.
+  - add controller version (so that session data can be used, ie: role of
+    logged in user)
+  - add better error handling and option checking, maybe add some logging
+  - do not require ActiveRecord, but rather ActiveModel
+  - not require adding 'include Expose::Model'.  When I do, the class variable
+    '_exposures' is shared by all subclasses of ActiveRecord::Base, and each
+    declared model then sees the same '_exposures'. 
+
+== Installation
+
+Install the gem:
+
+  gem install expose
+
+Or add Expose to your Gemfile and bundle it up:
+
+  gem 'expose'
+
+== Options
+
+'expose' handles a series of options. Those are:
+
+* :if * - When true, the attribute will be added to whitelist.
+
+* :unless * - When false, the attribute will be added to whitelist.
+
+* :state * - When in this state, the attribute will be added to whitelist.
+
+* :not_state * - When not in this state, the attribute will be added to
+  whitelist.
+
+== Maintainers
+
+* Mark G (http://github.com/attack)
+
+== Contributors
+
+* you
+
+== Influence
+
+* trusted-params (https://github.com/ryanb/trusted-params) -
+  An ActiveController only version, not compatible with Rails 3.X.
+
+== Bugs and Feedback
+
+If you discover any bugs or want to drop a line, feel free to create an issue
+on GitHub.
+
+http://github.com/attack/expose/issues
+
+MIT License. Copyright 2011 Mark G. http://github.com/attack

data/Rakefile

@@ -0,0 +1,11 @@
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+
+desc 'Default: run specs.'
+task :default => :spec
+
+desc 'Test the expose gem.'
+RSpec::Core::RakeTask.new(:spec) do |spec|
+  spec.pattern = 'spec/**/*_spec.rb'
+  spec.rspec_opts = ["-c"]
+end

data/expose.gemspec

@@ -0,0 +1,26 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "expose/version"
+
+Gem::Specification.new do |s|
+  s.name        = "expose"
+  s.version     = Expose::VERSION
+  s.platform    = Gem::Platform::RUBY
+  s.authors     = ["Mark G"]
+  s.email       = ["expose@attackcorp.com"]
+  s.homepage    = "https://github.com/attack/expose"
+  s.summary     = %q{Simple dynamic configuration of attr_protected}
+  s.description = %q{Simple dynamic configuration of attr_protected}
+
+  s.rubyforge_project = "expose"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {spec}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+  
+  s.add_dependency("rails", "~> 3.0")
+  
+  s.add_development_dependency("rspec", "~> 2.6")
+  s.add_development_dependency('sqlite3-ruby')
+end

data/lib/expose/version.rb

@@ -0,0 +1,3 @@
+module Expose
+  VERSION = "0.1.0"
+end

data/lib/expose.rb

@@ -0,0 +1,131 @@
+require "expose/version"
+
+module Expose
+  
+  module Model
+  
+    def self.included(base)
+      base.class_eval do
+        extend ClassMethods
+        
+        class_attribute :_exposures, :instance_writer => false
+        self._exposures = Hash.new { |h,k| h[k] = [] }
+      end
+    end
+
+    module ClassMethods
+      # USAGE
+      # expose :attribute_name, :if => Proc.new {|model condition}
+      # expose :attribute_name, :state => :new, :state => [:new,:locked]
+      # - this will add :param_name to the 'attr_accessible' params if the condition is true
+      #
+      def expose(*config)
+        options = config.extract_options!
+        options.symbolize_keys!
+        options.assert_valid_keys(:if, :unless, :state, :not_state)
+            
+        # TODO - warnings of improper use
+        # :name (attribute)
+        # validate in attr_protected or not in attr_accessible, otherwise no need to expose
+        #
+        # :state + :not_state
+        # include warning if any similarities in :state and :not_state, as they would cancel each other out
+
+        config.each do |attr|
+          if self.attribute_method?(attr.to_sym)
+            # if _exposures.has_key?(name.to_sym)
+            #   # log duplication ?
+            # end
+            _exposures[attr.to_sym] = options
+          else
+           raise "Expose: invalid attribute - #{name.to_s}"
+          end
+        end
+      end
+    end
+     
+    protected
+    
+    def mass_assignment_authorizer(attributes)
+      attribute_list = super
+      if attribute_list.is_a?(ActiveModel::MassAssignmentSecurity::WhiteList)
+        attribute_list += attributes_to_expose
+      else
+        attribute_list -= attributes_to_expose
+      end
+      attribute_list
+    end
+    
+    def attributes_to_expose
+      attributes_to_expose = []
+      
+      # if there are exposures
+      if _exposures && _exposures.respond_to?(:each)
+        # go through each exposure
+        _exposures.each do |k,v|
+          
+          # assume exposure of the attribute
+          expose_attr = true
+          
+          # RESPOND to configuration
+          #
+          
+          # run through both :if and :unless ... then expose attribute if applicable
+          if v.key?(:if) || v.key?(:unless)
+            expose_attr = (applicable?(v[:if], true) && applicable?(v[:unless], false))
+          end
+          
+          # try to match state
+          if v.key?(:state)
+            # convert to Array
+            allowed_states = v[:state].is_a?(Array) ? v[:state] : [v[:state].to_s]
+            
+            # expose attribute if the current state is in expected states
+            expose_attr = ( self.respond_to?(:state) &&
+                            self.state &&
+                            allowed_states.include?(self.state.to_s))
+          end
+          
+          # try to NOT match state
+          if v.key?(:not_state)
+            # convert to Array
+            disallowed_states = v[:not_state].is_a?(Array) ? v[:not_state] : [v[:not_state].to_s]
+            
+            # expose attribute if the current state is NOT in expected states
+            expose_attr = ( self.respond_to?(:state) &&
+                            ( !self.state ||
+                              !disallowed_states.include?(self.state.to_s)))
+          end
+      
+          # if nothing is preventing this attribute from being exposed (eg. all pass, or no options)
+          # then add the attribute to attr_accessible
+          attributes_to_expose << k.to_s if expose_attr
+        end
+      end
+      
+      attributes_to_expose
+    end
+
+    # Evaluates the scope options :if or :unless. Returns true if the proc
+    # method, or string evals to the expected value.
+    def applicable?(string_proc_or_symbol, expected) #:nodoc:
+      case string_proc_or_symbol
+        when String
+          eval(string_proc_or_symbol) == expected
+        when Proc
+          string_proc_or_symbol.call(self) == expected
+        when Symbol
+          send(string_proc_or_symbol) == expected
+        else
+          true
+      end
+    end
+    
+  end
+  
+end
+# This is currently commented out, and therefore you need to use
+# 'include Expose::Model' at the top of any subclass of 
+# ActiveRecord::Base where you want to use :expose.
+#
+#ActiveRecord::Base.class_eval { include Expose::Model }

data/spec/db/EMPTY

@@ -0,0 +1 @@
+This directory is left empty, for testing db file to reside in, but not included

data/spec/expose_accessible_spec.rb

@@ -0,0 +1,174 @@
+require 'spec_helper'
+
+describe 'Expose' do
+  
+  describe "using attr_accessible strategy" do
+    describe "initial setup" do
+      before(:each) do
+        class User < ActiveRecord::Base
+          include Expose::Model
+          attr_accessible :name
+          attr_accessible :not_important
+        end
+      end
+      subject { User.new }
+    
+      it { should expose(:name) }
+      it { should protect(:important) }
+      it { should protect(:sometimes_important) }
+      it { should expose(:not_important) }
+    end
+    
+    describe "expose with no options" do
+      before(:each) do
+        class User < ActiveRecord::Base
+          include Expose::Model
+          attr_accessible :name
+          attr_accessible :not_important
+          expose :sometimes_important
+        end
+      end
+      subject { User.new }
+    
+      it { should expose(:name) }
+      it { should protect(:important) }
+      it { should expose(:sometimes_important) }
+      it { should expose(:not_important) }
+    end
+    
+    describe "expose with :if" do
+      before(:each) do
+        class User < ActiveRecord::Base
+          include Expose::Model
+          attr_accessible :name
+          attr_accessible :not_important
+          expose :sometimes_important, :if => Proc.new { |user| user.name == 'example name' }
+        end
+      end
+      subject { User.new }
+    
+      it { should expose(:name) }
+      it { should protect(:important) }
+      it { should expose(:not_important) }
+    
+      context "when :if is true" do
+        subject { User.new(:name => 'example name') }
+        it { should expose(:sometimes_important) }
+      end
+    
+      context "when :if is false" do
+        subject { User.new(:name => 'name') }
+        it { should protect(:sometimes_important) }
+      end
+    end
+    
+    describe "expose with :unless" do
+      before(:each) do
+        class User < ActiveRecord::Base
+          include Expose::Model
+          attr_accessible :name
+          attr_accessible :not_important
+          expose :sometimes_important, :unless => Proc.new { |user| user.name == 'example name' }
+        end
+      end
+      subject { User.new }
+    
+      it { should expose(:name) }
+      it { should protect(:important) }
+      it { should expose(:not_important) }
+    
+      context "when :unless is true" do
+        subject { User.new(:name => 'example name') }
+        it { should protect(:sometimes_important) }
+      end
+    
+      context "when :unless is false" do
+        subject { User.new(:name => 'name') }
+        it { should expose(:sometimes_important) }
+      end
+    end
+
+    describe "expose with :state" do
+      before(:each) do
+        class User < ActiveRecord::Base
+          include Expose::Model
+          attr_accessible :state
+          attr_accessible :name
+          attr_accessible :not_important
+          expose :sometimes_important, :state => 'open'
+        end
+      end
+      subject { User.new }
+  
+      it { should expose(:name) }
+      it { should protect(:important) }
+      it { should expose(:not_important) }
+    
+      context "when :state matches" do
+        subject { User.new(:state => 'open') }
+        it { should expose(:sometimes_important) }
+      end
+    
+      context "when :state doesn't match" do
+        subject { User.new(:state => 'closed') }
+        it { should protect(:sometimes_important) }
+      end
+    end
+
+    describe "expose with :not_state" do
+      before(:each) do
+        class User < ActiveRecord::Base
+          include Expose::Model
+          attr_accessible :state
+          attr_accessible :name
+          attr_accessible :not_important
+          expose :sometimes_important, :not_state => 'closed'
+        end
+      end
+      subject { User.new }
+    
+      it { should expose(:name) }
+      it { should protect(:important) }
+      it { should expose(:not_important) }
+    
+      context "when :not_state doesn't match" do
+        subject { User.new(:state => 'open') }
+        it { should expose(:sometimes_important) }
+      end
+    
+      context "when :state matches" do
+        subject { User.new(:state => 'closed') }
+        it { should protect(:sometimes_important) }
+      end
+    end
+    
+    describe "allow multiple attributes in a single definition" do
+      before(:each) do
+        class User < ActiveRecord::Base
+          include Expose::Model
+          attr_accessible :state
+          attr_accessible :name
+          attr_accessible :not_important
+          expose :important, :sometimes_important, :if => Proc.new { |user| user.name == 'example name' }
+        end
+      end
+      subject { User.new }
+    
+      it { should expose(:name) }
+      it { should expose(:not_important) }
+    
+      context "when :if is true" do
+        subject { User.new(:name => 'example name') }
+        it { should expose(:important) }
+        it { should expose(:sometimes_important) }
+      end
+    
+      context "when :if is false" do
+        subject { User.new(:name => 'name') }
+        it { should protect(:important) }
+        it { should protect(:sometimes_important) }
+      end
+    end
+    
+  end
+end

data/spec/expose_errors_spec.rb

@@ -0,0 +1,83 @@
+require 'spec_helper'
+
+describe 'Expose' do
+  describe "handles errors" do
+    
+    describe "initial setup (sanity check)" do
+      before(:each) do
+        class User < ActiveRecord::Base
+          include Expose::Model
+          attr_protected :important
+          attr_protected :sometimes_important
+        end
+      end
+      subject { User.new }
+    
+      it { should expose(:name) }
+      it { should protect(:important) }
+      it { should protect(:sometimes_important) }
+      it { should expose(:not_important) }
+    end
+  
+    describe "expose with invalid name" do
+      it "raises error" do
+        expect { 
+          class User < ActiveRecord::Base
+            include Expose::Model
+            attr_protected :important
+            attr_protected :sometimes_important
+            expose :invalid_name
+          end }.to raise_error
+      end
+      # it "should skip over invalid name, issure warning" do
+      #   subject.send(:_exposures).should_not include(:invalid_name)
+      # end
+    end
+    
+    describe "expose with double declaration" do
+      before(:each) do
+        class User < ActiveRecord::Base
+          include Expose::Model
+          attr_protected :important
+          attr_protected :sometimes_important
+          expose :sometimes_important, :state => 'new'
+          expose :sometimes_important, :not_state => 'closed'
+          expose :sometimes_important, :state => 'open'
+        end
+      end
+      subject { User.new }
+      
+      it "writes over the previous definitions" do
+        subject.send(:_exposures).should include(:sometimes_important)
+        subject.send(:_exposures)[:sometimes_important].should include(:state)
+        subject.send(:_exposures)[:sometimes_important].should_not include(:not_state)
+        subject.send(:_exposures)[:sometimes_important][:state].should == 'open'
+      end
+    end
+    
+    describe "expose two classes with no interferences" do
+      before(:each) do
+        class User < ActiveRecord::Base
+          include Expose::Model
+          attr_protected :important
+          attr_protected :sometimes_important
+          expose :sometimes_important, :state => 'open'
+        end
+        class Account < ActiveRecord::Base
+          include Expose::Model
+          attr_protected :important
+          attr_protected :sometimes_important
+          expose :important, :state => 'new'
+        end
+      end
+      
+      it "keeps separate exposure lists" do
+        User.send(:_exposures).should include(:sometimes_important)
+        User.send(:_exposures).should_not include(:important)
+        Account.send(:_exposures).should include(:important)
+        Account.send(:_exposures).should_not include(:sometimes_important)
+      end
+    end
+    
+  end
+end

data/spec/expose_protected_spec.rb

@@ -0,0 +1,171 @@
+require 'spec_helper'
+
+describe 'Expose' do
+  
+  describe "using attr_protected strategy" do
+    describe "initial setup" do
+      before(:each) do
+        class User < ActiveRecord::Base
+          include Expose::Model
+          attr_protected :important
+          attr_protected :sometimes_important
+        end
+      end
+      subject { User.new }
+    
+      it { should expose(:name) }
+      it { should protect(:important) }
+      it { should protect(:sometimes_important) }
+      it { should expose(:not_important) }
+    end
+  
+    describe "expose with no options" do
+      before(:each) do
+        class User < ActiveRecord::Base
+          include Expose::Model
+          attr_protected :important
+          attr_protected :sometimes_important
+          expose :sometimes_important
+        end
+      end
+      subject { User.new }
+    
+      it { should expose(:name) }
+      it { should protect(:important) }
+      it { should expose(:sometimes_important) }
+      it { should expose(:not_important) }
+    end
+  
+    describe "expose with :if" do
+      before(:each) do
+        class User < ActiveRecord::Base
+          include Expose::Model
+          attr_protected :important
+          attr_protected :sometimes_important
+          expose :sometimes_important, :if => Proc.new { |user| user.name == 'example name' }
+        end
+      end
+      subject { User.new }
+    
+      it { should expose(:name) }
+      it { should protect(:important) }
+      it { should expose(:not_important) }
+    
+      context "when :if is true" do
+        subject { User.new(:name => 'example name') }
+        it { should expose(:sometimes_important) }
+      end
+    
+      context "when :if is false" do
+        subject { User.new(:name => 'name') }
+        it { should protect(:sometimes_important) }
+      end
+    end
+  
+    describe "expose with :unless" do
+      before(:each) do
+        class User < ActiveRecord::Base
+          include Expose::Model
+          attr_protected :important
+          attr_protected :sometimes_important
+          expose :sometimes_important, :unless => Proc.new { |user| user.name == 'example name' }
+        end
+      end
+      subject { User.new }
+    
+      it { should expose(:name) }
+      it { should protect(:important) }
+      it { should expose(:not_important) }
+    
+      context "when :unless is true" do
+        subject { User.new(:name => 'example name') }
+        it { should protect(:sometimes_important) }
+      end
+    
+      context "when :unless is false" do
+        subject { User.new(:name => 'name') }
+        it { should expose(:sometimes_important) }
+      end
+    end
+  
+    describe "expose with :state" do
+      before(:each) do
+        class User < ActiveRecord::Base
+          include Expose::Model
+          attr_protected :important
+          attr_protected :sometimes_important
+          expose :sometimes_important, :state => 'open'
+        end
+      end
+      subject { User.new }
+    
+      it { should expose(:name) }
+      it { should protect(:important) }
+      it { should expose(:not_important) }
+    
+      context "when :state matches" do
+        subject { User.new(:state => 'open') }
+        it { should expose(:sometimes_important) }
+      end
+    
+      context "when :state doesn't match" do
+        subject { User.new(:state => 'closed') }
+        it { should protect(:sometimes_important) }
+      end
+    end
+  
+    describe "expose with :not_state" do
+      before(:each) do
+        class User < ActiveRecord::Base
+          include Expose::Model
+          attr_protected :important
+          attr_protected :sometimes_important
+          expose :sometimes_important, :not_state => 'closed'
+        end
+      end
+      subject { User.new }
+    
+      it { should expose(:name) }
+      it { should protect(:important) }
+      it { should expose(:not_important) }
+    
+      context "when :not_state doesn't match" do
+        subject { User.new(:state => 'open') }
+        it { should expose(:sometimes_important) }
+      end
+    
+      context "when :state matches" do
+        subject { User.new(:state => 'closed') }
+        it { should protect(:sometimes_important) }
+      end
+    end
+    
+    describe "allow multiple attributes in a single definition" do
+      before(:each) do
+        class User < ActiveRecord::Base
+          include Expose::Model
+          attr_protected :important
+          attr_protected :sometimes_important
+          expose :important, :sometimes_important, :if => Proc.new { |user| user.name == 'example name' }
+        end
+      end
+      subject { User.new }
+    
+      it { should expose(:name) }
+      it { should expose(:not_important) }
+    
+      context "when :if is true" do
+        subject { User.new(:name => 'example name') }
+        it { should expose(:important) }
+        it { should expose(:sometimes_important) }
+      end
+    
+      context "when :if is false" do
+        subject { User.new(:name => 'name') }
+        it { should protect(:important) }
+        it { should protect(:sometimes_important) }
+      end
+    end
+    
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,41 @@
+require 'rubygems'
+require 'bundler'
+Bundler.setup(:default, :development, :test)
+
+require 'rails'
+require 'active_support'
+require 'active_model'
+require 'active_record'
+require 'expose'
+require 'rspec'
+
+root = File.expand_path(File.join(File.dirname(__FILE__), '..'))
+ActiveRecord::Base.establish_connection(
+  :adapter => "sqlite3", 
+  :database => "#{root}/spec/db/expose.db"
+)
+
+RSpec.configure do |config|
+end
+
+# create the tables for the test in the database
+ActiveRecord::Base.connection.execute("DROP TABLE IF EXISTS 'users'")
+ActiveRecord::Base.connection.create_table(:users) do |t|
+  t.string :name, :default => 'name'
+  t.string :important, :default => 'important'
+  t.string :sometimes_important, :default => 'sometimes_important'
+  t.string :not_important, :default => 'not_important'
+  t.string :state, :default => 'new'
+end
+
+ActiveRecord::Base.connection.execute("DROP TABLE IF EXISTS 'accounts'")
+ActiveRecord::Base.connection.create_table(:accounts) do |t|
+  t.string :name, :default => 'name'
+  t.string :important, :default => 'important'
+  t.string :sometimes_important, :default => 'sometimes_important'
+  t.string :not_important, :default => 'not_important'
+  t.string :state, :default => 'new'
+end
+
+Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each {|f| require f}
+

data/spec/support/matchers.rb

@@ -0,0 +1,46 @@
+RSpec::Matchers.define :expose do |attr|
+  match do |subject|
+    # expect {
+    #   current_value = subject.send(attr.to_sym)
+    #   subject.attributes = {attr.to_sym => (current_value && !current_value.blank? ? (current_value + '_new') : 'new')}
+    # }.to change{ subject.send(attr.to_sym) }
+    old_value = subject.send(attr.to_sym).to_s
+    subject.update_attributes({attr.to_sym => (old_value && !old_value.blank? ? (old_value + '_new') : 'new')})
+    subject.reload
+    old_value != subject.send(attr.to_sym)
+  end
+
+  failure_message_for_should do |subject|
+    "expected that #{subject} does not protect #{attr}, but it does"
+  end
+
+  failure_message_for_should_not do |subject|
+    "expected that #{subject} attr_protects #{attr}, but it does not"
+  end
+
+  description do
+    "NOT attr_protected :#{attr}"
+  end
+end
+
+RSpec::Matchers.define :protect do |attr|
+  match do |subject|
+    old_value = subject.send(attr.to_sym)
+    subject.attributes = {attr.to_sym => (old_value && !old_value.blank? ? (old_value + '_new') : 'new')}
+    new_value = subject.send(attr.to_sym)
+    
+    old_value == new_value
+  end
+  
+  failure_message_for_should do |subject|
+    "expected that #{subject} attr_protects #{attr}, but it does not"
+  end
+
+  failure_message_for_should_not do |subject|
+    "expected that #{subject} does not protect #{attr}, but it does"
+  end
+  
+  description do
+    "attr_protected :#{attr}"
+  end
+end

metadata

@@ -0,0 +1,93 @@
+--- !ruby/object:Gem::Specification
+name: expose
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+  prerelease: 
+platform: ruby
+authors:
+- Mark G
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2011-06-20 00:00:00.000000000 -04:00
+default_executable: 
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: &2153270260 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: *2153270260
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: &2153269760 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.6'
+  type: :development
+  prerelease: false
+  version_requirements: *2153269760
+- !ruby/object:Gem::Dependency
+  name: sqlite3-ruby
+  requirement: &2153269380 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *2153269380
+description: Simple dynamic configuration of attr_protected
+email:
+- expose@attackcorp.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- README.rdoc
+- Rakefile
+- expose.gemspec
+- lib/expose.rb
+- lib/expose/version.rb
+- spec/db/EMPTY
+- spec/expose_accessible_spec.rb
+- spec/expose_errors_spec.rb
+- spec/expose_protected_spec.rb
+- spec/spec_helper.rb
+- spec/support/matchers.rb
+has_rdoc: true
+homepage: https://github.com/attack/expose
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: expose
+rubygems_version: 1.6.2
+signing_key: 
+specification_version: 3
+summary: Simple dynamic configuration of attr_protected
+test_files: []