firewool 0.1.0

data/test/dummy/public/javascripts/rails.js

@@ -0,0 +1,191 @@
+(function() {
+  // Technique from Juriy Zaytsev
+  // http://thinkweb2.com/projects/prototype/detecting-event-support-without-browser-sniffing/
+  function isEventSupported(eventName) {
+    var el = document.createElement('div');
+    eventName = 'on' + eventName;
+    var isSupported = (eventName in el);
+    if (!isSupported) {
+      el.setAttribute(eventName, 'return;');
+      isSupported = typeof el[eventName] == 'function';
+    }
+    el = null;
+    return isSupported;
+  }
+
+  function isForm(element) {
+    return Object.isElement(element) && element.nodeName.toUpperCase() == 'FORM'
+  }
+
+  function isInput(element) {
+    if (Object.isElement(element)) {
+      var name = element.nodeName.toUpperCase()
+      return name == 'INPUT' || name == 'SELECT' || name == 'TEXTAREA'
+    }
+    else return false
+  }
+
+  var submitBubbles = isEventSupported('submit'),
+      changeBubbles = isEventSupported('change')
+
+  if (!submitBubbles || !changeBubbles) {
+    // augment the Event.Handler class to observe custom events when needed
+    Event.Handler.prototype.initialize = Event.Handler.prototype.initialize.wrap(
+      function(init, element, eventName, selector, callback) {
+        init(element, eventName, selector, callback)
+        // is the handler being attached to an element that doesn't support this event?
+        if ( (!submitBubbles && this.eventName == 'submit' && !isForm(this.element)) ||
+             (!changeBubbles && this.eventName == 'change' && !isInput(this.element)) ) {
+          // "submit" => "emulated:submit"
+          this.eventName = 'emulated:' + this.eventName
+        }
+      }
+    )
+  }
+
+  if (!submitBubbles) {
+    // discover forms on the page by observing focus events which always bubble
+    document.on('focusin', 'form', function(focusEvent, form) {
+      // special handler for the real "submit" event (one-time operation)
+      if (!form.retrieve('emulated:submit')) {
+        form.on('submit', function(submitEvent) {
+          var emulated = form.fire('emulated:submit', submitEvent, true)
+          // if custom event received preventDefault, cancel the real one too
+          if (emulated.returnValue === false) submitEvent.preventDefault()
+        })
+        form.store('emulated:submit', true)
+      }
+    })
+  }
+
+  if (!changeBubbles) {
+    // discover form inputs on the page
+    document.on('focusin', 'input, select, texarea', function(focusEvent, input) {
+      // special handler for real "change" events
+      if (!input.retrieve('emulated:change')) {
+        input.on('change', function(changeEvent) {
+          input.fire('emulated:change', changeEvent, true)
+        })
+        input.store('emulated:change', true)
+      }
+    })
+  }
+
+  function handleRemote(element) {
+    var method, url, params;
+
+    var event = element.fire("ajax:before");
+    if (event.stopped) return false;
+
+    if (element.tagName.toLowerCase() === 'form') {
+      method = element.readAttribute('method') || 'post';
+      url    = element.readAttribute('action');
+      params = element.serialize();
+    } else {
+      method = element.readAttribute('data-method') || 'get';
+      url    = element.readAttribute('href');
+      params = {};
+    }
+
+    new Ajax.Request(url, {
+      method: method,
+      parameters: params,
+      evalScripts: true,
+
+      onComplete:    function(request) { element.fire("ajax:complete", request); },
+      onSuccess:     function(request) { element.fire("ajax:success",  request); },
+      onFailure:     function(request) { element.fire("ajax:failure",  request); }
+    });
+
+    element.fire("ajax:after");
+  }
+
+  function handleMethod(element) {
+    var method = element.readAttribute('data-method'),
+        url = element.readAttribute('href'),
+        csrf_param = $$('meta[name=csrf-param]')[0],
+        csrf_token = $$('meta[name=csrf-token]')[0];
+
+    var form = new Element('form', { method: "POST", action: url, style: "display: none;" });
+    element.parentNode.insert(form);
+
+    if (method !== 'post') {
+      var field = new Element('input', { type: 'hidden', name: '_method', value: method });
+      form.insert(field);
+    }
+
+    if (csrf_param) {
+      var param = csrf_param.readAttribute('content'),
+          token = csrf_token.readAttribute('content'),
+          field = new Element('input', { type: 'hidden', name: param, value: token });
+      form.insert(field);
+    }
+
+    form.submit();
+  }
+
+
+  document.on("click", "*[data-confirm]", function(event, element) {
+    var message = element.readAttribute('data-confirm');
+    if (!confirm(message)) event.stop();
+  });
+
+  document.on("click", "a[data-remote]", function(event, element) {
+    if (event.stopped) return;
+    handleRemote(element);
+    event.stop();
+  });
+
+  document.on("click", "a[data-method]", function(event, element) {
+    if (event.stopped) return;
+    handleMethod(element);
+    event.stop();
+  });
+
+  document.on("submit", function(event) {
+    var element = event.findElement(),
+        message = element.readAttribute('data-confirm');
+    if (message && !confirm(message)) {
+      event.stop();
+      return false;
+    }
+
+    var inputs = element.select("input[type=submit][data-disable-with]");
+    inputs.each(function(input) {
+      input.disabled = true;
+      input.writeAttribute('data-original-value', input.value);
+      input.value = input.readAttribute('data-disable-with');
+    });
+
+    var element = event.findElement("form[data-remote]");
+    if (element) {
+      handleRemote(element);
+      event.stop();
+    }
+  });
+
+  document.on("ajax:after", "form", function(event, element) {
+    var inputs = element.select("input[type=submit][disabled=true][data-disable-with]");
+    inputs.each(function(input) {
+      input.value = input.readAttribute('data-original-value');
+      input.removeAttribute('data-original-value');
+      input.disabled = false;
+    });
+  });
+
+  Ajax.Responders.register({
+    onCreate: function(request) {
+      var csrf_meta_tag = $$('meta[name=csrf-token]')[0];
+
+      if (csrf_meta_tag) {
+        var header = 'X-CSRF-Token',
+            token = csrf_meta_tag.readAttribute('content');
+
+        if (!request.options.requestHeaders) {
+          request.options.requestHeaders = {};
+        }
+        request.options.requestHeaders[header] = token;
+      }
+    }
+  });
+})();

data/test/dummy/public/robots.txt

@@ -0,0 +1,5 @@
+# See http://www.robotstxt.org/wc/norobots.html for documentation on how to use the robots.txt file
+#
+# To ban all spiders from the entire site uncomment the next two lines:
+# User-Agent: *
+# Disallow: /

data/test/dummy/script/rails

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
+
+APP_PATH = File.expand_path('../../config/application',  __FILE__)
+require File.expand_path('../../config/boot',  __FILE__)
+require 'rails/commands'

data/test/dummy/test/functional/dummy_controller_test.rb

@@ -0,0 +1,8 @@
+require 'test_helper'
+
+class DummyControllerTest < ActionController::TestCase
+  # Replace this with your real tests.
+  test "the truth" do
+    assert true
+  end
+end

data/test/dummy/test/performance/browsing_test.rb

@@ -0,0 +1,9 @@
+require 'test_helper'
+require 'rails/performance_test_help'
+
+# Profiling results for each test method are written to tmp/performance.
+class BrowsingTest < ActionDispatch::PerformanceTest
+  def test_homepage
+    get '/'
+  end
+end

data/test/dummy/test/test_helper.rb

@@ -0,0 +1,13 @@
+ENV["RAILS_ENV"] = "test"
+require File.expand_path('../../config/environment', __FILE__)
+require 'rails/test_help'
+
+class ActiveSupport::TestCase
+  # Setup all fixtures in test/fixtures/*.(yml|csv) for all tests in alphabetical order.
+  #
+  # Note: You'll currently still have to declare fixtures explicitly in integration tests
+  # -- they do not yet inherit this setting
+  fixtures :all
+
+  # Add more helper methods to be used by all tests here...
+end

data/test/dummy/test/unit/helpers/dummy_helper_test.rb

@@ -0,0 +1,4 @@
+require 'test_helper'
+
+class DummyHelperTest < ActionView::TestCase
+end

data/test/firewool_test.rb

@@ -0,0 +1,59 @@
+require 'test_helper'
+require 'yaml'
+
+class FirewoolTest < ActionController::TestCase
+  tests DummyController
+  
+  # So rails on a before_filter uses the instance variable in requests:
+  # http://guides.rubyonrails.org/action_controller_overview.html
+  # So let's create an instance to test with.
+  dc = DummyController.new
+
+  # get our configuration, which we'll change later for certain tests
+  conf_file = dc.class.firewool_config[Rails.env]
+  
+  # test basic module includes/extends  
+  context "The controller" do
+    should "respond to instance method from module" do
+      assert dc.respond_to? :ip_filter
+    end
+  end
+  
+  # test reading firewool.yml config file
+  context "The Firewool" do
+    should "have the configuration loaded" do
+      assert conf_file.key?("ip_restriction"), "Should have the ip_restriction in firewool conf file"
+      assert conf_file.key?("allow"), "Should have the ip_ranges_allowed in firewool conf file"
+    end
+  end
+  
+  # test policy enforcement
+  context "The Firewool" do
+    should "allow valid IPs while blocking invalid IPs" do
+      # reset the configuration, this is weird that I have to 
+      # , I thought this would go in order
+      dc.class.firewool_config[Rails.env]["allow"] = ["192.168.0.0/16"]
+      assert_equal false, dc.ip_allow?("172.168.0.1")
+      assert_equal false, dc.ip_allow?("12.168.0.1")
+      assert_equal false, dc.ip_allow?("0.0.0.0")
+      assert_equal true, dc.ip_allow?("192.168.0.1")
+    end
+  end
+  
+  context "The Firewool" do
+    should "allow valid IPs when using a default allow" do
+      dc.class.firewool_config[Rails.env]["allow"] = ["0.0.0.0"]
+      assert_equal true, dc.ip_allow?("12.168.0.1")
+    end
+  end
+  
+  context "The Firewool" do
+    should "allow and disallow correctly with a default allow" do
+      dc.class.firewool_config[Rails.env]["allow"] = ["0.0.0.0"]
+      # puts dc.class.firewool_config[Rails.env]
+      assert_equal true, dc.ip_allow?("12.168.0.1")
+      assert_equal true, dc.ip_allow?("192.168.0.1")
+      assert_equal false, dc.ip_allow?("172.16.0.1")
+    end
+  end
+end

data/test/test_helper.rb

@@ -0,0 +1,7 @@
+require 'rubygems'
+require 'shoulda'
+require 'bundler'
+require 'firewool'
+require "dummy/config/environment"
+require "rails/test_help"
+Bundler.setup

data/watchr.rb

@@ -0,0 +1,73 @@
+ENV["WATCHR"] = "1"
+system 'clear'
+
+def growl(message)
+  growlnotify = `which growlnotify`.chomp
+  title = "Watchr Test Results"
+  passed = message.include?('0 failures, 0 errors')
+  image = passed ? "~/.watchr_images/passed.png" : "~/.watchr_images/failed.png"
+  severity = passed ? "-1" : "1"
+  options = "-w -n Watchr --image '#{File.expand_path(image)}'"
+  options << " -m '#{message}' '#{title}' -p #{severity}"
+  system %(#{growlnotify} #{options} &)
+end
+
+def run(cmd)
+  puts(cmd)
+  `#{cmd}`
+end
+
+def run_test_file(file)
+  system('clear')
+  result = run(%Q(ruby -I"lib:test" -rubygems #{file}))
+  result_lines = result.split("\n")
+  msg = result_lines[result_lines.size - 3]
+  growl msg rescue nil
+  puts result
+end
+
+def run_all_tests
+  system('clear')
+  result = run "rake test"
+  result_lines = result.split("\n")
+  # new rake has Test run options as last line, result is 2 lines up
+  msg = result_lines[result_lines.size - 3]
+  growl msg rescue nil
+  puts result
+end
+
+def related_test_files(path)
+  Dir['test/**/*.rb'].select { |file| file =~ /#{File.basename(path).split(".").first}_test.rb/ }
+end
+
+def run_suite
+  run_all_tests
+end
+
+watch('test/test_helper\.rb') { run_all_tests }
+watch('test/.*_test\.rb') { |m| run_test_file(m[0]) }
+watch('lib/.*\.rb') { run_all_tests }
+watch('lib/firewool/.*\.rb') { run_all_tests }
+
+
+# Ctrl-\
+Signal.trap 'QUIT' do
+  puts " --- Running all tests ---\n\n"
+  run_all_tests
+end
+
+@interrupted = false
+
+# Ctrl-C
+Signal.trap 'INT' do
+  if @interrupted then
+    @wants_to_quit = true
+    abort("\n")
+  else
+    puts "Interrupt a second time to quit"
+    @interrupted = true
+    Kernel.sleep 1.5
+    # raise Interrupt, nil # let the run loop catch it
+    run_suite
+  end
+end

metadata

@@ -0,0 +1,189 @@
+--- !ruby/object:Gem::Specification 
+name: firewool
+version: !ruby/object:Gem::Version 
+  prerelease: 
+  version: 0.1.0
+platform: ruby
+authors: 
+- Chris Dillon
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-02-15 00:00:00 -05:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: ipaddress
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 0.7.0
+  type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: shoulda
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+  type: :development
+  version_requirements: *id002
+description: Provides ip filtering based on a black/white list.
+email: 
+- squarism@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- .gitignore
+- Gemfile
+- README.rdoc
+- Rakefile
+- firewool.gemspec
+- lib/firewool.rb
+- lib/firewool/hook.rb
+- lib/firewool/instance_methods.rb
+- lib/firewool/railtie.rb
+- lib/firewool/version.rb
+- test/dummy/.gitignore
+- test/dummy/Gemfile
+- test/dummy/README
+- test/dummy/Rakefile
+- test/dummy/app/controllers/application_controller.rb
+- test/dummy/app/controllers/dummy_controller.rb
+- test/dummy/app/helpers/application_helper.rb
+- test/dummy/app/helpers/dummy_helper.rb
+- test/dummy/app/views/layouts/application.html.erb
+- test/dummy/config.ru
+- test/dummy/config/application.rb
+- test/dummy/config/boot.rb
+- test/dummy/config/database.yml
+- test/dummy/config/environment.rb
+- test/dummy/config/environments/development.rb
+- test/dummy/config/environments/production.rb
+- test/dummy/config/environments/test.rb
+- test/dummy/config/firewool.yml
+- test/dummy/config/initializers/backtrace_silencers.rb
+- test/dummy/config/initializers/inflections.rb
+- test/dummy/config/initializers/mime_types.rb
+- test/dummy/config/initializers/secret_token.rb
+- test/dummy/config/initializers/session_store.rb
+- test/dummy/config/locales/en.yml
+- test/dummy/config/routes.rb
+- test/dummy/db/seeds.rb
+- test/dummy/doc/README_FOR_APP
+- test/dummy/lib/tasks/.gitkeep
+- test/dummy/public/403.html
+- test/dummy/public/404.html
+- test/dummy/public/422.html
+- test/dummy/public/500.html
+- test/dummy/public/favicon.ico
+- test/dummy/public/images/rails.png
+- test/dummy/public/index.html
+- test/dummy/public/javascripts/application.js
+- test/dummy/public/javascripts/controls.js
+- test/dummy/public/javascripts/dragdrop.js
+- test/dummy/public/javascripts/effects.js
+- test/dummy/public/javascripts/prototype.js
+- test/dummy/public/javascripts/rails.js
+- test/dummy/public/robots.txt
+- test/dummy/public/stylesheets/.gitkeep
+- test/dummy/script/rails
+- test/dummy/test/functional/dummy_controller_test.rb
+- test/dummy/test/performance/browsing_test.rb
+- test/dummy/test/test_helper.rb
+- test/dummy/test/unit/helpers/dummy_helper_test.rb
+- test/dummy/vendor/plugins/.gitkeep
+- test/firewool_test.rb
+- test/test_helper.rb
+- watchr.rb
+has_rdoc: true
+homepage: http://github.com/squarism/firewool
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+requirements: []
+
+rubyforge_project: firewool
+rubygems_version: 1.5.2
+signing_key: 
+specification_version: 3
+summary: Firewalling gem for rails.  Baa.
+test_files: 
+- test/dummy/.gitignore
+- test/dummy/Gemfile
+- test/dummy/README
+- test/dummy/Rakefile
+- test/dummy/app/controllers/application_controller.rb
+- test/dummy/app/controllers/dummy_controller.rb
+- test/dummy/app/helpers/application_helper.rb
+- test/dummy/app/helpers/dummy_helper.rb
+- test/dummy/app/views/layouts/application.html.erb
+- test/dummy/config.ru
+- test/dummy/config/application.rb
+- test/dummy/config/boot.rb
+- test/dummy/config/database.yml
+- test/dummy/config/environment.rb
+- test/dummy/config/environments/development.rb
+- test/dummy/config/environments/production.rb
+- test/dummy/config/environments/test.rb
+- test/dummy/config/firewool.yml
+- test/dummy/config/initializers/backtrace_silencers.rb
+- test/dummy/config/initializers/inflections.rb
+- test/dummy/config/initializers/mime_types.rb
+- test/dummy/config/initializers/secret_token.rb
+- test/dummy/config/initializers/session_store.rb
+- test/dummy/config/locales/en.yml
+- test/dummy/config/routes.rb
+- test/dummy/db/seeds.rb
+- test/dummy/doc/README_FOR_APP
+- test/dummy/lib/tasks/.gitkeep
+- test/dummy/public/403.html
+- test/dummy/public/404.html
+- test/dummy/public/422.html
+- test/dummy/public/500.html
+- test/dummy/public/favicon.ico
+- test/dummy/public/images/rails.png
+- test/dummy/public/index.html
+- test/dummy/public/javascripts/application.js
+- test/dummy/public/javascripts/controls.js
+- test/dummy/public/javascripts/dragdrop.js
+- test/dummy/public/javascripts/effects.js
+- test/dummy/public/javascripts/prototype.js
+- test/dummy/public/javascripts/rails.js
+- test/dummy/public/robots.txt
+- test/dummy/public/stylesheets/.gitkeep
+- test/dummy/script/rails
+- test/dummy/test/functional/dummy_controller_test.rb
+- test/dummy/test/performance/browsing_test.rb
+- test/dummy/test/test_helper.rb
+- test/dummy/test/unit/helpers/dummy_helper_test.rb
+- test/dummy/vendor/plugins/.gitkeep
+- test/firewool_test.rb
+- test/test_helper.rb