firewall_constraint 0.0.1

data/spec/rails_app/public/javascripts/rails.js

@@ -0,0 +1,175 @@
+(function() {
+  // Technique from Juriy Zaytsev
+  // http://thinkweb2.com/projects/prototype/detecting-event-support-without-browser-sniffing/
+  function isEventSupported(eventName) {
+    var el = document.createElement('div');
+    eventName = 'on' + eventName;
+    var isSupported = (eventName in el);
+    if (!isSupported) {
+      el.setAttribute(eventName, 'return;');
+      isSupported = typeof el[eventName] == 'function';
+    }
+    el = null;
+    return isSupported;
+  }
+
+  function isForm(element) {
+    return Object.isElement(element) && element.nodeName.toUpperCase() == 'FORM'
+  }
+
+  function isInput(element) {
+    if (Object.isElement(element)) {
+      var name = element.nodeName.toUpperCase()
+      return name == 'INPUT' || name == 'SELECT' || name == 'TEXTAREA'
+    }
+    else return false
+  }
+
+  var submitBubbles = isEventSupported('submit'),
+      changeBubbles = isEventSupported('change')
+
+  if (!submitBubbles || !changeBubbles) {
+    // augment the Event.Handler class to observe custom events when needed
+    Event.Handler.prototype.initialize = Event.Handler.prototype.initialize.wrap(
+      function(init, element, eventName, selector, callback) {
+        init(element, eventName, selector, callback)
+        // is the handler being attached to an element that doesn't support this event?
+        if ( (!submitBubbles && this.eventName == 'submit' && !isForm(this.element)) ||
+             (!changeBubbles && this.eventName == 'change' && !isInput(this.element)) ) {
+          // "submit" => "emulated:submit"
+          this.eventName = 'emulated:' + this.eventName
+        }
+      }
+    )
+  }
+
+  if (!submitBubbles) {
+    // discover forms on the page by observing focus events which always bubble
+    document.on('focusin', 'form', function(focusEvent, form) {
+      // special handler for the real "submit" event (one-time operation)
+      if (!form.retrieve('emulated:submit')) {
+        form.on('submit', function(submitEvent) {
+          var emulated = form.fire('emulated:submit', submitEvent, true)
+          // if custom event received preventDefault, cancel the real one too
+          if (emulated.returnValue === false) submitEvent.preventDefault()
+        })
+        form.store('emulated:submit', true)
+      }
+    })
+  }
+
+  if (!changeBubbles) {
+    // discover form inputs on the page
+    document.on('focusin', 'input, select, texarea', function(focusEvent, input) {
+      // special handler for real "change" events
+      if (!input.retrieve('emulated:change')) {
+        input.on('change', function(changeEvent) {
+          input.fire('emulated:change', changeEvent, true)
+        })
+        input.store('emulated:change', true)
+      }
+    })
+  }
+
+  function handleRemote(element) {
+    var method, url, params;
+
+    var event = element.fire("ajax:before");
+    if (event.stopped) return false;
+
+    if (element.tagName.toLowerCase() === 'form') {
+      method = element.readAttribute('method') || 'post';
+      url    = element.readAttribute('action');
+      params = element.serialize();
+    } else {
+      method = element.readAttribute('data-method') || 'get';
+      url    = element.readAttribute('href');
+      params = {};
+    }
+
+    new Ajax.Request(url, {
+      method: method,
+      parameters: params,
+      evalScripts: true,
+
+      onComplete:    function(request) { element.fire("ajax:complete", request); },
+      onSuccess:     function(request) { element.fire("ajax:success",  request); },
+      onFailure:     function(request) { element.fire("ajax:failure",  request); }
+    });
+
+    element.fire("ajax:after");
+  }
+
+  function handleMethod(element) {
+    var method = element.readAttribute('data-method'),
+        url = element.readAttribute('href'),
+        csrf_param = $$('meta[name=csrf-param]')[0],
+        csrf_token = $$('meta[name=csrf-token]')[0];
+
+    var form = new Element('form', { method: "POST", action: url, style: "display: none;" });
+    element.parentNode.insert(form);
+
+    if (method !== 'post') {
+      var field = new Element('input', { type: 'hidden', name: '_method', value: method });
+      form.insert(field);
+    }
+
+    if (csrf_param) {
+      var param = csrf_param.readAttribute('content'),
+          token = csrf_token.readAttribute('content'),
+          field = new Element('input', { type: 'hidden', name: param, value: token });
+      form.insert(field);
+    }
+
+    form.submit();
+  }
+
+
+  document.on("click", "*[data-confirm]", function(event, element) {
+    var message = element.readAttribute('data-confirm');
+    if (!confirm(message)) event.stop();
+  });
+
+  document.on("click", "a[data-remote]", function(event, element) {
+    if (event.stopped) return;
+    handleRemote(element);
+    event.stop();
+  });
+
+  document.on("click", "a[data-method]", function(event, element) {
+    if (event.stopped) return;
+    handleMethod(element);
+    event.stop();
+  });
+
+  document.on("submit", function(event) {
+    var element = event.findElement(),
+        message = element.readAttribute('data-confirm');
+    if (message && !confirm(message)) {
+      event.stop();
+      return false;
+    }
+
+    var inputs = element.select("input[type=submit][data-disable-with]");
+    inputs.each(function(input) {
+      input.disabled = true;
+      input.writeAttribute('data-original-value', input.value);
+      input.value = input.readAttribute('data-disable-with');
+    });
+
+    var element = event.findElement("form[data-remote]");
+    if (element) {
+      handleRemote(element);
+      event.stop();
+    }
+  });
+
+  document.on("ajax:after", "form", function(event, element) {
+    var inputs = element.select("input[type=submit][disabled=true][data-disable-with]");
+    inputs.each(function(input) {
+      input.value = input.readAttribute('data-original-value');
+      input.removeAttribute('data-original-value');
+      input.disabled = false;
+    });
+  });
+})();

data/spec/rails_app/public/robots.txt

@@ -0,0 +1,5 @@
+# See http://www.robotstxt.org/wc/norobots.html for documentation on how to use the robots.txt file
+#
+# To ban all spiders from the entire site uncomment the next two lines:
+# User-Agent: *
+# Disallow: /

data/spec/rails_app/script/rails

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
+
+APP_PATH = File.expand_path('../../config/application',  __FILE__)
+require File.expand_path('../../config/boot',  __FILE__)
+require 'rails/commands'

data/spec/rails_app/test/performance/browsing_test.rb

@@ -0,0 +1,9 @@
+require 'test_helper'
+require 'rails/performance_test_help'
+
+# Profiling results for each test method are written to tmp/performance.
+class BrowsingTest < ActionDispatch::PerformanceTest
+  def test_homepage
+    get '/'
+  end
+end

data/spec/rails_app/test/test_helper.rb

@@ -0,0 +1,13 @@
+ENV["RAILS_ENV"] = "test"
+require File.expand_path('../../config/environment', __FILE__)
+require 'rails/test_help'
+
+class ActiveSupport::TestCase
+  # Setup all fixtures in test/fixtures/*.(yml|csv) for all tests in alphabetical order.
+  #
+  # Note: You'll currently still have to declare fixtures explicitly in integration tests
+  # -- they do not yet inherit this setting
+  fixtures :all
+
+  # Add more helper methods to be used by all tests here...
+end

data/spec/requests/dummy_controller_spec.rb

@@ -0,0 +1,65 @@
+require 'spec_helper'
+
+describe "dummy stuff" do
+  before(:all) do
+
+  end
+  it 'should get default action' do
+    get '/dummy/index'
+    response.should be_success
+  end
+  
+  it 'should get dynamic constraint' do
+    get root_path, nil, "REMOTE_ADDR" => "127.0.0.1"
+    open_session do |sess|
+      sess.remote_addr = '127.0.0.1'
+      get '/dummy/blocked_by_dynamic'
+      response.should be_success
+    end
+  end
+  
+  context 'given a good ip' do
+    around do |example|
+      get root_path, nil, "REMOTE_ADDR" => "10.0.0.45"
+      open_session do |sess|
+        sess.remote_addr = '10.0.0.45'
+        example.run
+      end
+    end
+    
+    it 'should get inline constraint' do
+        get '/dummy/blocked_by_inline'
+        response.should be_success
+    end
+    
+    it 'should get block constraint' do
+      get '/dummy/blocked_by_block'
+      response.should be_success
+    end
+  end
+  
+  context 'given a bad ip' do
+    around do |example|
+      get root_path, nil, "REMOTE_ADDR" => "55.55.55.55"
+      open_session do |sess|
+        sess.remote_addr = '55.55.55.55'
+        example.run
+      end
+    end
+    
+    it 'should not get inline constraint' do
+      get '/dummy/blocked_by_inline'
+      response.status.should eql 404
+    end
+    
+    it 'should not get block constraint' do
+      get '/dummy/blocked_by_block'
+      response.status.should eql 404 
+    end
+    
+    it 'should not get dynamic constraint' do
+      get '/dummy/blocked_by_dynamic'
+      response.status.should eql 404 
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,15 @@
+require "bundler"
+Bundler.setup
+ENV["RAILS_ENV"] ||= 'test'
+require 'rails_app/config/environment'
+require 'rspec/rails'
+require 'shoulda/integrations/rspec2'
+require 'rubygems'
+
+RSpec.configure do |config|
+  config.before(:all) do
+    class ::ApplicationController < ActionController::Base
+    end
+  end
+
+end

metadata

@@ -0,0 +1,249 @@
+--- !ruby/object:Gem::Specification 
+name: firewall_constraint
+version: !ruby/object:Gem::Version 
+  hash: 29
+  prerelease: false
+  segments: 
+  - 0
+  - 0
+  - 1
+  version: 0.0.1
+platform: ruby
+authors: 
+- Mike Auclair
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-03-23 00:00:00 -04:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: rails
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 7
+        segments: 
+        - 3
+        - 0
+        - 0
+        version: 3.0.0
+  type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: ipaddress
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :runtime
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency 
+  name: rails
+  prerelease: false
+  requirement: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - "="
+      - !ruby/object:Gem::Version 
+        hash: 13
+        segments: 
+        - 3
+        - 0
+        - 5
+        version: 3.0.5
+  type: :development
+  version_requirements: *id003
+- !ruby/object:Gem::Dependency 
+  name: shoulda
+  prerelease: false
+  requirement: &id004 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id004
+- !ruby/object:Gem::Dependency 
+  name: rspec-rails
+  prerelease: false
+  requirement: &id005 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 27
+        segments: 
+        - 2
+        - 5
+        - 0
+        version: 2.5.0
+  type: :development
+  version_requirements: *id005
+description: Rails 3 firewall route constraints
+email: 
+- mike@mikeauclair.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- .gitignore
+- Gemfile
+- Rakefile
+- firewall_constraint.gemspec
+- lib/firewall_constraint.rb
+- lib/firewall_constraint/version.rb
+- spec/rails_app/.gitignore
+- spec/rails_app/Gemfile
+- spec/rails_app/README
+- spec/rails_app/Rakefile
+- spec/rails_app/app/controllers/application_controller.rb
+- spec/rails_app/app/controllers/dummy_controller.rb
+- spec/rails_app/app/helpers/application_helper.rb
+- spec/rails_app/app/views/layouts/application.html.erb
+- spec/rails_app/app/views/payment/info_for_cc.html.erb
+- spec/rails_app/app/views/payment/info_for_ec.html.erb
+- spec/rails_app/app/views/payment/process_cc_payment.html.erb
+- spec/rails_app/app/views/payment/process_from_session.html.erb
+- spec/rails_app/config.ru
+- spec/rails_app/config/application.rb
+- spec/rails_app/config/boot.rb
+- spec/rails_app/config/database.yml
+- spec/rails_app/config/environment.rb
+- spec/rails_app/config/environments/development.rb
+- spec/rails_app/config/environments/production.rb
+- spec/rails_app/config/environments/test.rb
+- spec/rails_app/config/firewall_constraint.yml
+- spec/rails_app/config/initializers/backtrace_silencers.rb
+- spec/rails_app/config/initializers/inflections.rb
+- spec/rails_app/config/initializers/mime_types.rb
+- spec/rails_app/config/initializers/secret_token.rb
+- spec/rails_app/config/initializers/session_store.rb
+- spec/rails_app/config/locales/en.yml
+- spec/rails_app/config/routes.rb
+- spec/rails_app/db/seeds.rb
+- spec/rails_app/doc/README_FOR_APP
+- spec/rails_app/lib/tasks/.gitkeep
+- spec/rails_app/public/404.html
+- spec/rails_app/public/422.html
+- spec/rails_app/public/500.html
+- spec/rails_app/public/favicon.ico
+- spec/rails_app/public/images/rails.png
+- spec/rails_app/public/index.html
+- spec/rails_app/public/javascripts/application.js
+- spec/rails_app/public/javascripts/controls.js
+- spec/rails_app/public/javascripts/dragdrop.js
+- spec/rails_app/public/javascripts/effects.js
+- spec/rails_app/public/javascripts/prototype.js
+- spec/rails_app/public/javascripts/rails.js
+- spec/rails_app/public/robots.txt
+- spec/rails_app/public/stylesheets/.gitkeep
+- spec/rails_app/script/rails
+- spec/rails_app/test/performance/browsing_test.rb
+- spec/rails_app/test/test_helper.rb
+- spec/rails_app/vendor/plugins/.gitkeep
+- spec/requests/dummy_controller_spec.rb
+- spec/spec_helper.rb
+has_rdoc: true
+homepage: ""
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: firewallconstraint
+rubygems_version: 1.3.7
+signing_key: 
+specification_version: 3
+summary: Rails 3 firewall route constraints
+test_files: 
+- spec/rails_app/.gitignore
+- spec/rails_app/Gemfile
+- spec/rails_app/README
+- spec/rails_app/Rakefile
+- spec/rails_app/app/controllers/application_controller.rb
+- spec/rails_app/app/controllers/dummy_controller.rb
+- spec/rails_app/app/helpers/application_helper.rb
+- spec/rails_app/app/views/layouts/application.html.erb
+- spec/rails_app/app/views/payment/info_for_cc.html.erb
+- spec/rails_app/app/views/payment/info_for_ec.html.erb
+- spec/rails_app/app/views/payment/process_cc_payment.html.erb
+- spec/rails_app/app/views/payment/process_from_session.html.erb
+- spec/rails_app/config.ru
+- spec/rails_app/config/application.rb
+- spec/rails_app/config/boot.rb
+- spec/rails_app/config/database.yml
+- spec/rails_app/config/environment.rb
+- spec/rails_app/config/environments/development.rb
+- spec/rails_app/config/environments/production.rb
+- spec/rails_app/config/environments/test.rb
+- spec/rails_app/config/firewall_constraint.yml
+- spec/rails_app/config/initializers/backtrace_silencers.rb
+- spec/rails_app/config/initializers/inflections.rb
+- spec/rails_app/config/initializers/mime_types.rb
+- spec/rails_app/config/initializers/secret_token.rb
+- spec/rails_app/config/initializers/session_store.rb
+- spec/rails_app/config/locales/en.yml
+- spec/rails_app/config/routes.rb
+- spec/rails_app/db/seeds.rb
+- spec/rails_app/doc/README_FOR_APP
+- spec/rails_app/lib/tasks/.gitkeep
+- spec/rails_app/public/404.html
+- spec/rails_app/public/422.html
+- spec/rails_app/public/500.html
+- spec/rails_app/public/favicon.ico
+- spec/rails_app/public/images/rails.png
+- spec/rails_app/public/index.html
+- spec/rails_app/public/javascripts/application.js
+- spec/rails_app/public/javascripts/controls.js
+- spec/rails_app/public/javascripts/dragdrop.js
+- spec/rails_app/public/javascripts/effects.js
+- spec/rails_app/public/javascripts/prototype.js
+- spec/rails_app/public/javascripts/rails.js
+- spec/rails_app/public/robots.txt
+- spec/rails_app/public/stylesheets/.gitkeep
+- spec/rails_app/script/rails
+- spec/rails_app/test/performance/browsing_test.rb
+- spec/rails_app/test/test_helper.rb
+- spec/rails_app/vendor/plugins/.gitkeep
+- spec/requests/dummy_controller_spec.rb
+- spec/spec_helper.rb