hipaapotamus 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ec4db2663583e74c68d65ef09d1735a0df311755
-  data.tar.gz: 5755cee77600fe63a03ea05076db68552d48984a
+  metadata.gz: 27838a5cec369c4c46d64d4f8e9ac240d466302c
+  data.tar.gz: 5b04acd2ac7021c43bd3dc11aee49fe9db48ea24
 SHA512:
-  metadata.gz: 17f4315d70ded832c4deed238dbf998d02200dffdfcf40dddadffc4b0a4da19c584afd9fad9b78cd4abfb5601e3775eddb62bc2f9829214aff73a93f41be21e0
-  data.tar.gz: 9840c2108a4b73824db16793cfb5c2ef2db85cc189439b6e0701fb85bbe8b31451e8fbde9901a5eb6b7ab1f10830d9367c55a929201dcc3fb2ad1ee063d13892
+  metadata.gz: 28ae854376df17925f8caf2248aac680e2789680671c2eb7a9a35288a68427d4f27c0c587dad68f2447f7964ffac3c02383c9f5c84b5ff067a1d2da70165931e
+  data.tar.gz: a78f8f5289e87d662797e318a52e42d9d4c2db074231c1edac8884ed9987554f38ce575aa0aeb034a81ea9e2f3b28a521ab987affd1ff9b28c3cbe234c481180

data/.gitignore

@@ -7,3 +7,4 @@
 /pkg/
 /spec/reports/
 /tmp/
+/.idea/

data/.travis.yml

@@ -1,4 +1,22 @@
 language: ruby
+
 rvm:
-  - 2.2.1
-before_install: gem install bundler -v 1.10.5
+  - 2.0.0
+  - 2.1.7
+  - 2.2.3
+
+cache: bundler
+
+before_install:
+  - sudo apt-get autoremove sqlite3
+  - sudo apt-get install python-software-properties
+  - sudo apt-add-repository -y ppa:travis-ci/sqlite3
+  - sudo apt-get -y update
+  - sudo apt-cache show sqlite3
+  - sudo apt-get install sqlite3=3.7.15.1-1~travis1
+  - sudo sqlite3 -version
+  - gem install bundler -v 1.10.5
+
+
+script:
+  - bundle exec rake test

data/README.md

@@ -1,4 +1,5 @@
-# Hipaapotamus
+# ![Hipaa Hippo](http://imgh.us/hipaa-hippo.svg)Hipaapotamus
+[![Build Status](https://travis-ci.org/anarchocurious/hipaapotamus.svg)](https://travis-ci.org/anarchocurious/hipaapotamus)
 
 Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/hipaapotamus`. To experiment with that code, run `bin/console` for an interactive prompt.
 
@@ -20,9 +21,65 @@ Or install it yourself as:
 
     $ gem install hipaapotamus
 
+Once the gem is installed, run:
+
+    $ rails generate hipaapotamus:install
+
+and run:
+
+    $ rake db:migrate
+
+to create the hipaapotamus_actions table.
+
 ## Usage
 
-TODO: Write usage instructions here
+### Setting up Agents
+
+Include Hipaapotamus::Agent on any models you want to act as an agent (for example, User) and override the hipaapotamus_display_name method to display whatever agent identifier you like:
+
+```ruby
+class User < ActiveRecord::Base
+  include Hipaapotamus::Agent
+  
+  def hipaapotamus_display_name
+    email
+  end
+end
+```
+
+### Setting up Protected Models
+
+Include Hipaapotamus::Protected on any models you want to be protected by a Hipaapotamus Policy:
+
+```ruby
+class MedicalSecret < ActiveRecord::Base
+  include Hipaapotamus::Protected
+end
+```
+
+### Setting up a Policy
+
+Create a policies folder in your app directory and add your policy as follows (using MedicalSecret from above). Hipaapotamus will automatically against the policy when actions are attempted. When authorizing, the policy has access to the agent and the protected model.
+
+```ruby
+class MedicalSecretPolicy < Hipaapotamus::Policy
+  def access?
+    agent.medical_secrets.include? protected
+  end
+
+  def creation?
+    agent.medical_secrets.include? protected
+  end
+
+  def modification?
+    agent.medical_secrets.include? protected
+  end
+
+  def destruction?
+    agent.medical_secrets.include? protected
+  end
+end
+```
 
 ## Development
 
@@ -39,3 +96,4 @@ Bug reports and pull requests are welcome on GitHub at https://github.com/[USERN
 
 The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
 
+

data/Rakefile

@@ -1,6 +1,18 @@
+require "bundler/setup"
+require "hipaapotamus"
 require "bundler/gem_tasks"
 require "rspec/core/rake_task"
 
-RSpec::Core::RakeTask.new(:spec)
+RSpec::Core::RakeTask.new(:test)
+task spec: :test
 
-task :default => :spec
+task :console do
+  ActiveRecord::Base.establish_connection(adapter: 'sqlite3', database: ':memory:')
+  ActiveRecord::Base.connection.execute 'CREATE TABLE hipaapotamus_actions (id integer PRIMARY KEY NOT NULL, agent_id integer, agent_type character varying NOT NULL, protected_id integer, protected_type character varying NOT NULL, serialized_protected_attributes text NOT NULL, action_type integer NOT NULL, performed_at timestamp without time zone NOT NULL, created_at timestamp without time zone NOT NULL);'
+
+  require 'pry'
+  Hipaapotamus.pry
+end
+
+# For travis
+task default: :test

data/hipaapotamus.gemspec

@@ -4,21 +4,28 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'hipaapotamus/version'
 
 Gem::Specification.new do |spec|
-  spec.name          = "hipaapotamus"
+  spec.name          = 'hipaapotamus'
   spec.version       = Hipaapotamus::VERSION
-  spec.authors       = ["Alec Larsen"]
-  spec.email         = ["aleclarsen42@gmail.com"]
+  spec.authors       = ['Alec Larsen', 'Jacob Lee']
 
   spec.summary       = %q{Hipaapotamus is an amazing gem for amazing people}
-  spec.homepage      = "https://github.com/anarchocurious/hipaapotamus"
-  spec.license       = "MIT"
+  spec.homepage      = 'https://github.com/anarchocurious/hipaapotamus'
+  spec.license       = 'MIT'
 
   spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
-  spec.bindir        = "exe"
+  spec.bindir        = 'bin'
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
-  spec.require_paths = ["lib"]
+  spec.require_paths = ['lib']
 
-  spec.add_development_dependency "bundler", "~> 1.10"
-  spec.add_development_dependency "rake", "~> 10.0"
-  spec.add_development_dependency "rspec", "~> 3.0"
+  spec.required_ruby_version = '~> 2.0'
+
+  spec.add_runtime_dependency 'activerecord', '~> 4.1'
+  spec.add_runtime_dependency 'activesupport', '~> 4.1'
+
+  spec.add_development_dependency 'bundler', '~> 1.10'
+  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'rspec', '~> 3.3'
+  spec.add_development_dependency 'pry'
+  spec.add_development_dependency 'sqlite3', '1.3.11'
+  spec.add_development_dependency 'database_cleaner', '1.0.1'
 end

data/lib/generators/hipaapotamus/install_generator.rb

@@ -0,0 +1,18 @@
+require 'rails/generators'
+require 'rails/generators/active_record'
+
+module Hipaapotamus
+  class InstallGenerator < ::Rails::Generators::Base
+    include ::Rails::Generators::Migration
+
+    def self.next_migration_number(dirname)
+      ::ActiveRecord::Generators::Base.next_migration_number(dirname)
+    end
+
+    source_root File.expand_path('../templates', __FILE__)
+
+    def create_migration_file
+      migration_template 'create_hipaapotamus_actions.rb', 'db/migrate/create_hipaapotamus_actions.rb'
+    end
+  end
+end

data/lib/generators/hipaapotamus/templates/create_hipaapotamus_actions.rb

@@ -0,0 +1,19 @@
+class CreateHipaapotamusActions < ActiveRecord::Migration
+  def change
+    create_table :hipaapotamus_actions do |t|
+      t.integer :agent_id
+      t.string :agent_type, null: false
+
+      t.integer :protected_id
+      t.string :protected_type, null: false
+      t.text :serialized_protected_attributes, null: false
+
+      t.integer :action_type, null: false
+
+      t.boolean :is_transactional, null: false
+
+      t.datetime :performed_at, null: false
+      t.datetime :created_at, null: false
+    end
+  end
+end

data/lib/hipaapotamus.rb

@@ -1,5 +1,62 @@
-require "hipaapotamus/version"
+require 'active_record'
+require 'hipaapotamus/accountability_context'
+require 'hipaapotamus/accountability_error'
+require 'hipaapotamus/accountable_controller'
+require 'hipaapotamus/action'
+require 'hipaapotamus/agent'
+require 'hipaapotamus/anonymous_agent'
+require 'hipaapotamus/execution'
+require 'hipaapotamus/policy'
+require 'hipaapotamus/protected'
+require 'hipaapotamus/record_callback_proxy'
+require 'hipaapotamus/system_agent'
+require 'hipaapotamus/version'
 
 module Hipaapotamus
-  # Your code goes here...
+  class << self
+    def transaction_manager
+      ActiveRecord::Base.connection.transaction_manager
+    end
+
+    def root_transaction
+      transaction_manager.instance_exec { @stack.try(:first) } || current_transaction
+    end
+
+    def current_transaction
+      transaction_manager.current_transaction
+    end
+
+    def current_transaction_state
+      current_transaction.try(:state)
+    end
+
+    def current_accountability_context
+      AccountabilityContext.current
+    end
+
+    def current_agent
+      current_accountability_context.try(:agent)
+    end
+
+    def with_accountability(agent, &block)
+      execution = nil
+      accountability_context = AccountabilityContext.new(agent)
+
+      is_using_callbacks = root_transaction.joinable?
+
+      root_transaction.add_record RecordCallbackProxy.new accountability_context if is_using_callbacks
+
+      accountability_context.within do
+        execution = Execution.new(&block)
+      end
+
+      accountability_context.finalize! unless is_using_callbacks
+
+      execution.try(:value)
+    end
+
+    def without_accountability(&block)
+      with_accountability(AnonymousAgent.instance, &block)
+    end
+  end
 end

data/lib/hipaapotamus/accountability_context.rb

@@ -0,0 +1,97 @@
+require 'hipaapotamus/accountability_error'
+
+module Hipaapotamus
+  class AccountabilityContext
+    THREAD_STORAGE_KEY = :hipaapotamus_active_accountability_context
+
+    attr_reader :agent, :parent_accountability_context, :progenitor_actions
+
+    def initialize(agent)
+      raise AccountabilityError, 'Cannot create AccountabilityContext without a valid Agent' unless agent.is_a? Agent
+
+      @agent = agent
+      @open = true
+      @finalized = false
+
+      within { yield(self) } if block_given?
+    end
+
+    def open?
+      @open
+    end
+
+    # noinspection RubyArgCount
+    def record_action(protected, action_type, transactional = false)
+      action = Action.new(
+        agent: agent,
+        protected: protected,
+        action_type: action_type,
+        source_transaction_state: Hipaapotamus.current_transaction_state,
+        is_transactional: transactional,
+        performed_at: DateTime.now
+      )
+
+      actions << action
+    end
+
+    def finalized?
+      @finalized
+    end
+
+    def finalize!
+      raise(AccountabilityError, 'AccountabilityContext is open') if open?
+      raise(AccountabilityError, 'AccountabilityContext is finalized') if finalized?
+
+      Action.bulk_insert(log_worthy_actions) if root?
+
+      @finalized = true
+    end
+
+    def root?
+      parent_accountability_context.nil?
+    end
+
+    def within
+      raise(AccountabilityError, 'AccountabilityContext is not open') unless open?
+      @open = false
+
+      @parent_accountability_context = Thread.current[THREAD_STORAGE_KEY]
+      Thread.current[THREAD_STORAGE_KEY] = self
+
+      begin
+
+        yield(self)
+      ensure
+        Thread.current[THREAD_STORAGE_KEY] = @parent_accountability_context
+      end
+    end
+
+    protected
+
+    def actions
+      raise(AccountabilityError, 'AccountabilityContext is open') if open?
+
+      @actions ||= if root?
+        []
+      else
+        parent_accountability_context.actions
+      end
+    end
+
+    private
+
+    def log_worthy_actions
+      actions.select(&:log_worthy?)
+    end
+
+    class << self
+      def current
+        Thread.current[THREAD_STORAGE_KEY]
+      end
+
+      def current!
+        current || raise(AccountabilityError, 'Not within an AccountabilityContext')
+      end
+    end
+  end
+end

data/lib/hipaapotamus/accountability_error.rb

@@ -0,0 +1,2 @@
+class AccountabilityError < StandardError
+end

data/lib/hipaapotamus/accountable_controller.rb

@@ -0,0 +1,28 @@
+require 'active_support/concern'
+
+module Hipaapotamus
+  module AccountableController
+    extend ActiveSupport::Concern
+
+    included do
+      around_action :wrap_in_accountability_context
+      rescue_from AccountabilityError, with: :agent_not_authorized
+    end
+
+    private
+
+    def current_agent
+      current_user
+    end
+
+    def wrap_in_accountability_context
+      Hipaapotamus.with_accountability(current_agent) do
+        yield
+      end
+    end
+
+    def agent_not_authorized(accountability_error)
+      render text: accountability_error.to_s, status: 401
+    end
+  end
+end

data/lib/hipaapotamus/action.rb

@@ -0,0 +1,123 @@
+require 'active_record'
+
+module Hipaapotamus
+  class Action < ActiveRecord::Base
+    self.table_name = 'hipaapotamus_actions'
+
+    attr_accessor :source_transaction_state
+
+    enum action_type: { access: 0, creation: 1, modification: 2, destruction: 3,
+                        attempted_access: 4, attempted_creation: 5, attempted_modification: 6, attempted_destruction: 7 }
+
+    def transactional?
+      is_transactional
+    end
+
+    def log_worthy?
+      persisted? || !transactional? || source_transaction_state.committed?
+    end
+
+    def agent_class
+      agent_type.try(:constantize)
+    end
+
+    def agent
+      if agent_class < Singleton
+        agent_class.instance
+      else
+        agent_class.find(agent_id)
+      end
+    end
+
+    def agent=(agent)
+      if agent.is_a? Singleton
+        self.agent_id = nil
+      else
+        self.agent_id = agent.id
+      end
+
+      self.agent_type = agent.class.name
+    end
+
+    def protected_class
+      protected_type.try(:constantize)
+    end
+
+    def protected
+      @protected ||= protected_class.new.tap do |protected|
+        if protected_id.present?
+          protected.id = protected_id
+        end
+
+        if protected_attributes.present?
+          protected.assign_attributes protected_attributes
+        end
+
+        protected.authorize_access!
+      end
+    end
+
+    def protected=(protected)
+      self.protected_id = protected.try(:id)
+      self.protected_type = protected.try(:class).try(:name)
+      self.protected_attributes = protected.try(:attributes)
+
+      @protected = protected
+    end
+
+    def protected_attributes
+      JSON.parse(serialized_protected_attributes) if serialized_protected_attributes.present?
+    end
+
+    def protected_attributes=(protected_attributes)
+      self.serialized_protected_attributes = protected_attributes.try(:to_json)
+    end
+
+    validate :not_changed
+    validates :agent_type, :protected_type, :protected_attributes, :action_type, :performed_at, presence: true
+
+    scope :with_protected, -> (protected) { where(protected_type: protected.class.name, protected_id: protected.id) }
+
+    class << self
+      def bulk_insert(actions)
+        if actions.length > 0
+          actions.each do |action|
+            raise ActiveRecord::RecordInvalid, 'unable to modify existing actions' unless action.new_record?
+            raise ActiveRecord::RecordInvalid, action.errors.full_messages.to_sentence unless action.valid?
+          end
+
+          attributeses = actions.map(&:attributes)
+
+          now = DateTime.now
+          attributeses.each { |attributes| attributes['created_at'] = now } if self.column_names.include?('created_at')
+          attributeses.each { |attributes| attributes['updated_at'] = now } if self.column_names.include?('updated_at')
+
+          uniq_keys = attributeses.map { |attributes| attributes.keys }.flatten(1).uniq.reject { |key| key == primary_key || key == primary_key.to_sym }
+
+          column_names = uniq_keys.map(&:to_s)
+          rows = attributeses.map { |attributes| uniq_keys.map { |key| attributes[key] } }
+
+          value_template = "(#{column_names.map{'?'}.join(', ')})"
+
+          value_clauses = rows.map { |values| sanitize_sql_array([value_template, *values]) }
+          values_clause = value_clauses.join(', ')
+
+          column_clauses = column_names.map { |column_name| connection.quote_column_name(column_name) }
+          columns_clause = "#{connection.quote_column_name(table_name)} (#{column_clauses.join(', ')})"
+
+          insert_statement = "INSERT INTO #{columns_clause} VALUES #{values_clause};"
+
+          connection.execute(insert_statement)
+        end
+      end
+    end
+
+    private
+
+    def not_changed
+      unless new_record?
+        self.errors.add(:action, 'cannot be changed')
+      end
+    end
+  end
+end

data/lib/hipaapotamus/agent.rb

@@ -0,0 +1,16 @@
+require 'active_support/concern'
+require 'hipaapotamus/accountability_context'
+
+module Hipaapotamus
+  module Agent
+    extend ActiveSupport::Concern
+
+    def with_accountability(&block)
+      Hipaapotamus.with_accountability(self, &block)
+    end
+
+    def hipaapotamus_display_name
+      "#{self.class.name}(id=#{id})" rescue self.class.name
+    end
+  end
+end

data/lib/hipaapotamus/anonymous_agent.rb

@@ -0,0 +1,6 @@
+require 'hipaapotamus/system_agent'
+
+module Hipaapotamus
+  class AnonymousAgent < SystemAgent
+  end
+end

data/lib/hipaapotamus/execution.rb

@@ -0,0 +1,25 @@
+module Hipaapotamus
+  class Execution
+    def initialize
+      begin
+        @value = yield
+        @raised = false
+      rescue StandardError => value
+        @value = value
+        @raised = true
+      end
+    end
+
+    def raised?
+      @raised
+    end
+
+    def value
+      if raised?
+        raise @value
+      else
+        @value
+      end
+    end
+  end
+end

data/lib/hipaapotamus/policy.rb

@@ -0,0 +1,41 @@
+require 'hipaapotamus/accountability_error'
+
+module Hipaapotamus
+  class Policy
+    attr_reader :agent, :protected
+
+    def initialize(agent, protected)
+      @agent, @protected = agent, protected
+    end
+
+    def authorized?(action)
+      SystemAgent === agent || try(:"#{action}?")
+    end
+
+    def authorize!(action)
+      authorized?(action) || raise(AccountabilityError, "#{agent.hipaapotamus_display_name} does not have #{action} privileges to #{protected.hipaapotamus_display_name}")
+    end
+
+    def creation?
+      false
+    end
+
+    def access?
+      false
+    end
+
+    def modification?
+      false
+    end
+
+    def destruction?
+      false
+    end
+
+    class << self
+      def authorize!(agent, protected, action)
+        new(agent, protected).authorize!(action)
+      end
+    end
+  end
+end

data/lib/hipaapotamus/protected.rb

@@ -0,0 +1,97 @@
+require 'hipaapotamus/accountability_error'
+
+module Hipaapotamus
+  module Protected
+    extend ActiveSupport::Concern
+
+    class_methods do
+      def policy_class_name
+        @policy_class_name ||= "#{name}Policy"
+      end
+
+      def policy_class
+        if policy_class_name
+          @policy_class ||= policy_class_name.constantize
+        end
+      end
+
+      def policy_class!
+        policy_class || raise(AccountabilityError, "Could not find the policy class for #{name}")
+      end
+    end
+
+    included do
+      delegate :policy_class, :policy_class!, to: :class
+
+      after_initialize :authorize_access!, unless: :new_record?
+      after_create :authorize_creation!
+      after_update :authorize_modification!
+      after_destroy :authorize_destruction!
+    end
+
+    def hipaapotamus_display_name
+      if new_record?
+        "a new #{self.class.name}"
+      else
+
+        "#{self.class.name}(#{self.class.primary_key}=#{self[self.class.primary_key]})"
+      end
+    end
+
+    def authorize_access!
+      accountability_context = AccountabilityContext.current!
+
+      begin
+        policy_class!.authorize!(accountability_context.agent, self, :access)
+
+        accountability_context.record_action(self, :access)
+      rescue AccountabilityError => error
+        accountability_context.record_action(self, :attempted_access)
+
+        raise error
+      end
+    end
+
+    def authorize_creation!
+      accountability_context = AccountabilityContext.current!
+
+      begin
+        policy_class!.authorize!(accountability_context.agent, self, :creation)
+
+        accountability_context.record_action(self, :creation, true)
+      rescue AccountabilityError => error
+        accountability_context.record_action(self, :attempted_creation)
+
+        raise error
+      end
+    end
+
+    def authorize_modification!
+      accountability_context = AccountabilityContext.current!
+
+      begin
+        policy_class!.authorize!(accountability_context.agent, self, :modification)
+
+        accountability_context.record_action(self, :modification, true)
+      rescue AccountabilityError => error
+        accountability_context.record_action(self, :attempted_modification)
+
+        raise error
+      end
+    end
+
+    def authorize_destruction!
+      accountability_context = AccountabilityContext.current!
+
+      begin
+        policy_class!.authorize!(accountability_context.agent, self, :destruction)
+
+        accountability_context.record_action(self, :destruction, true)
+      rescue AccountabilityError => error
+        accountability_context.record_action(self, :attempted_destruction)
+
+        raise error
+      end
+    end
+  end
+end

data/lib/hipaapotamus/record_callback_proxy.rb

@@ -0,0 +1,27 @@
+require 'active_record'
+
+module Hipaapotamus
+  class RecordCallbackProxy
+    attr_reader :accountability_context
+
+    def initialize(accountability_context)
+      @accountability_context = accountability_context
+    end
+
+    def rolledback!(*args)
+      accountability_context.finalize!
+    end
+
+    def before_committed!(*args)
+      # NOOP
+    end
+
+    def committed!(*args)
+      accountability_context.finalize!
+    end
+
+    def add_to_transaction
+      ActiveRecord::Base.connection.add_transaction_record(self)
+    end
+  end
+end

data/lib/hipaapotamus/system_agent.rb

@@ -0,0 +1,13 @@
+require 'singleton'
+require 'hipaapotamus/agent'
+
+module Hipaapotamus
+  class SystemAgent
+    include Singleton
+    include Agent
+
+    def hipaapotamus_display_name
+      self.class.name
+    end
+  end
+end

data/lib/hipaapotamus/version.rb

@@ -1,3 +1,3 @@
 module Hipaapotamus
-  VERSION = "0.1.0"
+  VERSION = '0.2.0'
 end

metadata

@@ -1,15 +1,44 @@
 --- !ruby/object:Gem::Specification
 name: hipaapotamus
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Alec Larsen
+- Jacob Lee
 autorequire: 
-bindir: exe
+bindir: bin
 cert_chain: []
-date: 2015-11-06 00:00:00.000000000 Z
+date: 2015-12-11 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: activerecord
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.1'
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.1'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -44,17 +73,58 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '3.3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '3.3'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.3.11
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.3.11
+- !ruby/object:Gem::Dependency
+  name: database_cleaner
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.0.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.0.1
 description: 
-email:
-- aleclarsen42@gmail.com
+email: 
 executables: []
 extensions: []
 extra_rdoc_files: []
@@ -66,10 +136,21 @@ files:
 - LICENSE.txt
 - README.md
 - Rakefile
-- bin/console
-- bin/setup
 - hipaapotamus.gemspec
+- lib/generators/hipaapotamus/install_generator.rb
+- lib/generators/hipaapotamus/templates/create_hipaapotamus_actions.rb
 - lib/hipaapotamus.rb
+- lib/hipaapotamus/accountability_context.rb
+- lib/hipaapotamus/accountability_error.rb
+- lib/hipaapotamus/accountable_controller.rb
+- lib/hipaapotamus/action.rb
+- lib/hipaapotamus/agent.rb
+- lib/hipaapotamus/anonymous_agent.rb
+- lib/hipaapotamus/execution.rb
+- lib/hipaapotamus/policy.rb
+- lib/hipaapotamus/protected.rb
+- lib/hipaapotamus/record_callback_proxy.rb
+- lib/hipaapotamus/system_agent.rb
 - lib/hipaapotamus/version.rb
 homepage: https://github.com/anarchocurious/hipaapotamus
 licenses:
@@ -81,9 +162,9 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - "~>"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -96,4 +177,3 @@ signing_key:
 specification_version: 4
 summary: Hipaapotamus is an amazing gem for amazing people
 test_files: []
-has_rdoc: 

data/bin/console

@@ -1,14 +0,0 @@
-#!/usr/bin/env ruby
-
-require "bundler/setup"
-require "hipaapotamus"
-
-# You can add fixtures and/or initialization code here to make experimenting
-# with your gem easier. You can also use a different console, if you like.
-
-# (If you use this, don't forget to add pry to your Gemfile!)
-# require "pry"
-# Pry.start
-
-require "irb"
-IRB.start

data/bin/setup

@@ -1,7 +0,0 @@
-#!/bin/bash
-set -euo pipefail
-IFS=$'\n\t'
-
-bundle install
-
-# Do any other automated setup that you need to do here