ixtlan-guard 0.6.0 → 0.6.1

data/features/generators.feature

@@ -0,0 +1,18 @@
+Feature: Generators for ixtlan-guard
+
+  Scenario: The guard generator creates a guard file for each controller
+    Given I create new rails application with template "simple.template" and "simple" tests
+    And I execute "rails generate controller users promote go"
+    And I execute "rails generate scaffold account name:string --skip"
+    And I execute "rake db:migrate test"
+    Then the output should contain "7 tests, 10 assertions, 0 failures, 0 errors"
+
+  Scenario: The user-management-model generator creates user/group models, etc
+    Given I create new rails application with template "user_management.template" and "user-management" specs
+    And I execute "rails generate rspec:install"
+    And I execute "rails generate ixtlan:user_management_models user group name:string domain name:string locale code:string"
+# this tes env is needed since we execute the specs directly
+    And I execute "rails rake db:migrate -- -Drails.env=test"
+# needed due to bug in rspec-maven-plugin with emtpy gem-path
+    And I execute "gem exec ../rubygems/bin/rspec spec/user_management_models_spec.rb"
+    Then the output should contain "14 examples, 0 failures"

data/features/step_definitions/ruby_maven.rb

@@ -0,0 +1,170 @@
+require 'fileutils'
+
+module Maven
+  class RubyMaven
+
+    # make the command line for the goals of the jruby-maven-plugins nicer
+    PLUGINS = {
+      :rake => [:rake],
+      :ruby => [:jruby, :compile],
+      :gem => [:package, :install, :push, :exec, :pom, :initialize, :irb],
+      :gemify => [:gemify, :versions],
+      :rails2 => [:new, :generate, :rake, :server, :console],
+      :rails3 => [:new, :generate, :rake, :server, :console, :dbconsole, :pom, :initialize],
+      :cucumber => [:test],
+      :rspec => [:test],
+      :runit => [:test],
+      :bundler => [:install]
+    }
+    ALIASES = {
+      :jruby => :ruby, 
+      :spec => :rspec, 
+      :rails => :rails3, 
+      :bundle => :bundler
+    }
+
+    def initialize
+      @command = "#{ENV['GEM_HOME']}/bin/rmvn"
+      @jruby = File.read(@command).split("\n")[0].sub(/^#!/, '')
+      @maven_home = File.expand_path(Dir.glob("#{ENV['GEM_HOME']}/gems/ruby-maven-*-java")[0])
+    end
+
+    def launch_jruby(args)
+      classpath_array.each do |path|
+        require path
+      end
+
+      java.lang.System.setProperty("classworlds.conf", 
+                                   File.join(@maven_home, 'bin', "m2.conf"))
+
+      java.lang.System.setProperty("maven.home", @maven_home)
+
+      org.codehaus.plexus.classworlds.launcher.Launcher.main(args)
+    end
+
+    def classpath_array
+      (Dir.glob(File.join(@maven_home, "boot", "*jar")) + 
+       Dir.glob(File.join(@maven_home, "ext", "ruby-tools*jar"))).each do |path|
+        path
+      end
+    end
+    
+    def launch_java(*args)
+      "java -cp #{classpath_array.join(':')} -Dmaven.home=#{File.expand_path(@maven_home)} -Dclassworlds.conf=#{File.expand_path(File.join(@maven_home, 'bin', 'm2.conf'))} org.codehaus.plexus.classworlds.launcher.Launcher #{args.join ' '}"
+    end
+       
+    def prepare(args)
+      if args.size > 0 
+        name = args[0].to_sym
+        name = ALIASES[name] || name
+        if PLUGINS.member?(name)
+          start = 1
+          if args.size > 1
+            if PLUGINS[name].member? args[1].to_sym
+              goal = args[1].to_sym
+              start = 2
+            else
+              goal = PLUGINS[name][0]
+            end
+          else
+            goal = PLUGINS[name][0]
+          end
+          aa = if index = args.index("--")
+                 args[(index + 1)..-1]
+               else
+                 []
+               end
+          ruby_args = (args[start, (index || 1000) - start] || []).join(' ')
+
+          # determine the version and delete from args if given
+          version = args.detect do |a|
+            a =~ /^-Dplugin.version=/
+          end
+          if version
+            aa.delete(version)
+            version.sub!(/^-Dplugin.version=/, ':')
+          end
+          aa << "de.saumya.mojo:#{name}-maven-plugin#{version}:#{goal}"
+          aa << "-Dargs=#{ruby_args}" if ruby_args.size > 0
+          args.replace(aa)
+        else
+          args.delete("--")
+        end
+      end
+      args
+    end
+
+    def log(args)
+      log = File.join('log', 'rmvn.log')
+      if File.exists? File.dirname(log)
+        File.open(log, 'a') do |f|
+          f.puts args.join ' '
+        end
+      end
+    end
+
+    def maybe_print_help(args)
+      if args.size == 0 || args[0] == "--help"
+        puts "usage: rmvn [<plugin name>|<plugin alias> [<args>] [-- <maven options>] | [<maven goal>|<maven phase> <maven options>] | --help"
+        PLUGINS.each do |name, goals|
+          puts
+          print "plugin #{name}"
+          print " - alias: #{ALIASES[name]}" if ALIASES[name]
+          puts
+          if goals.size > 1
+            print "\tgoals       : #{goals.join(',')}"
+            puts
+          end
+          print "\tdefault goal: #{goals[0]}"
+          puts
+        end
+        puts
+        ["--help"]
+      else
+        args
+      end
+    end
+
+    def options
+      @options ||= {}
+    end
+    
+    def options_string
+      options_array.join ' '
+    end
+    
+    def options_array
+      options.collect do |k,v|
+        if k =~ /^-D/
+          v = "=#{v}" if v
+        else
+          v = " #{v}" if v
+        end
+        "#{k}#{v}"
+      end
+    end
+
+    def command_line(args)
+      args = prepare(args)
+      args = maybe_print_help(args)
+      args
+    end
+
+    def exec(*args)
+      a = command_line(args.dup.flatten)
+      a << options_array
+      a.flatten!
+      #puts a.join ' '
+      #launch_jruby(a)
+      args_line = args.join ' '
+      full = "#{@jruby} #{@command} #{args_line} #{args_line =~ / -- / ? '' : '--'} #{options_string}"
+      system full
+    end
+
+    def exec_in(launchdirectory, *args)
+      FileUtils.cd(launchdirectory) do
+        exec(args)
+      end
+    end
+  end
+end

data/features/step_definitions/simple_steps.rb

@@ -0,0 +1,82 @@
+require 'fileutils'
+require File.join(File.dirname(__FILE__), 'ruby_maven')
+
+def rmvn
+  @rmvn ||= Maven::RubyMaven.new
+end
+
+def copy_tests(tests)
+  FileUtils.mkdir_p(@app_directory)
+  FileUtils.cp_r(File.join('templates', "tests-#{tests}", "."), 
+                 File.join(@app_directory, 'test'))
+end
+
+def copy_specs(specs)
+  FileUtils.mkdir_p(@app_directory)
+  FileUtils.cp_r(File.join('templates', "specs-#{specs}", "."), 
+                 File.join(@app_directory, 'spec'))
+end
+
+def create_rails_application(template)
+  name = template.sub(/.template$/, '')
+  @app_directory = File.join('target', name)
+
+  # rails version from gemspec
+  gemspec = File.read(Dir.glob("*.gemspec")[0])
+  rails_version = gemspec.split("\n").detect { |l| l =~ /development_dep.*rails/ }.sub(/'$/, '').sub(/.*'/, '')
+  
+  rmvn.options['-Dplugin.version'] = '0.28.4-SNAPSHOT'
+  rmvn.options['-Drails.version'] = rails_version
+  rmvn.options['-Dgem.home'] = ENV['GEM_HOME']
+  rmvn.options['-Dgem.path'] = ENV['GEM_PATH']
+  rmvn.options['-o'] = nil
+
+  FileUtils.rm_rf(@app_directory)
+
+  rmvn.exec("rails", "new", @app_directory, "-f")
+
+  # TODO that should be done via the rails new task !!!
+  rmvn.exec_in(@app_directory, "rails", "rake", "rails:template LOCATION=" + File.expand_path("templates/#{template}"))
+end
+
+Given /^I create new rails application with template "(.*)"$/ do |template|
+  create_rails_application(template)
+end
+
+Given /^I create new rails application with template "(.*)" and "(.*)" tests$/ do |template, tests|
+  create_rails_application(template)
+  copy_tests(tests)
+end
+
+Given /^I create new rails application with template "(.*)" and "(.*)" specs$/ do |template, specs|
+  create_rails_application(template)
+  copy_specs(specs)
+end
+
+Given /^me an existing rails application "(.*)"$/ do |name|
+  @app_directory = File.join('target', name)
+end
+
+Given /^me an existing rails application "(.*)" and "(.*)" tests$/ do |name, tests|
+  @app_directory = File.join('target', name)
+  copy_tests(tests)
+end
+
+Given /^me an existing rails application "(.*)" and "(.*)" specs$/ do |name, specs|
+  @app_directory = File.join('target', name)
+  copy_specs(specs)
+end
+
+And /^I execute \"(.*)\"$/ do |args|
+  rmvn.options['-l'] = "output.log"
+  rmvn.exec_in(@app_directory, args)
+end
+
+Then /^the output should contain \"(.*)\"$/ do |expected|
+  result = File.read(File.join(@app_directory, "output.log"))
+  expected.split(/\"?\s+and\s+\"?/).each do |exp|
+    puts exp
+    (result =~ /.*#{exp}.*/).should_not be_nil
+  end
+end
+

data/lib/generators/guard/controller/controller_generator.rb~

@@ -0,0 +1,22 @@
+module Ixtlan
+  class ControllerGenerator < Rails::Generators::NamedBase
+
+    source_root File.expand_path('../../templates', __FILE__)
+      
+    argument :actions, :type => :array, :default => [], :banner => "action action"
+      
+    check_class_collision :suffix => "Guard"
+    
+    def create_guard_file
+      template 'guard.rb', File.join('app', 'guards', class_path, "#{file_name}_guard.rb")
+    end
+
+    def guard_class_name
+      class_name
+    end
+
+    def aliases
+    end
+
+  end
+end

data/lib/generators/guard/templates/guard.yml~

@@ -0,0 +1,20 @@
+class <%= guard_class_name %>Guard
+  def initialize(guard)
+    #guard.name = "<%= plural_file_name %>"
+<% if aliases -%>
+    guard.aliases = <%= aliases.inspect %>
+<% end -%>
+    guard.action_map= {
+<% case actions
+   when Array
+     for action in actions -%>
+       :<%= action %> => [],
+<%   end 
+   when Hash
+     actions.each do |action, groups| -%>
+      :<%= action %> => <%= groups.inspect %>,
+<%   end
+   end -%>
+    }
+  end
+end

data/lib/ixtlan/guard/abstract_session.rb

@@ -0,0 +1,61 @@
+module Ixtlan
+  module Guard
+    class AbstractSession
+
+      attr_accessor :permissions, :user, :idle_session_timeout
+
+      def self.create(login, password)
+        self.do_create(authenticate(login, password))
+      end
+      
+      def self.create_remote(login, password)
+        self.do_create(authenticate_remote(login, password))
+      end
+      
+      private
+
+      def self.do_create(user)
+        result = new
+        
+        if user.valid?
+          result.user = user
+        else
+          result.log = user.to_log # error message
+        end
+        result
+      end
+
+      public
+
+      def log=(msg)
+        @log = msg
+      end
+
+      def to_log
+        if @log
+          @log
+        else
+          "Session(user-id: #{user.id}, idle-session-timeout: #{idle_session_timeout})"
+        end
+      end
+
+      def valid?
+        @log.nil?
+      end
+      
+      def attributes
+        {'idle_session_timeout' => idle_session_timeout, 'permissions' => permissions, 'user' => user}
+      end
+      
+      protected
+
+      def self.authenticate(login, password)
+        raise "not implemented"
+      end
+
+      def self.authenticate_remote(login, password)
+        raise "not implemented"
+      end
+    end
+  end
+end  

data/lib/ixtlan/guard/abstract_session.rb~

@@ -0,0 +1,59 @@
+module Resty
+  class  AbstractSession
+
+    attr_accessor :permissions, :user, :idle_session_timeout
+
+    def self.create(login, password)
+      self.do_create(authenticate(login, password))
+    end
+      
+    def self.create_remote(login, password)
+      self.do_create(authenticate_remote(login, password))
+    end
+      
+    private
+    def self.do_create(user)
+      result = new
+    
+      if user.valid?
+        result.user = user
+      else
+        result.log = user.to_log # error message
+      end
+      result
+    end
+
+    public
+
+    def log=(msg)
+      @log = msg
+    end
+
+    def to_log
+      if @log
+        @log
+      else
+        "Session(user-id: #{user.id}, idle-session-timeout: #{idle_session_timeout})"
+      end
+    end
+
+    def valid?
+      @log.nil?
+    end
+    
+    def attributes
+      {'idle_session_timeout' => idle_session_timeout, 'permissions' => permissions, 'user' => user}
+    end
+    
+    protected
+
+    def self.authenticate(login, password)
+      raise "not implemented"
+    end
+
+    def self.authenticate_remote(login, password)
+      raise "not implemented"
+    end
+  end
+end
+  

data/lib/ixtlan/guard/guard_config.rb~

@@ -0,0 +1,47 @@
+require 'yaml'
+module Ixtlan
+  module Guard
+    class Config
+
+      def initialize(options = {})
+        @guards_dir = options[:guards_dir]
+        @load_method = options[:cache] ? :cached_load_from_yaml_file : :load_from_yaml_file
+        raise GuardException.new("guards directory does not exists: #{@guards_dir}") unless File.directory?(@guards_dir)
+      end
+
+      def allowed_groups(resource, action)
+        if resource && action
+          resource = resource.to_s
+          groups = send(@load_method, resource)
+          groups[action.to_s] || groups["defaults"] || []
+        else
+          []
+        end
+      end
+
+      def has_guard?(resource)
+        File.exists? yaml_file(resource)
+      end
+
+      private
+      
+      def cached_load_from_yaml_file(resource)
+        @cache ||= {}
+        @cache[resource] ||= load_from_yaml_file(resource)
+      end
+
+      def yaml_file(resource)
+        File.join(@guards_dir, "#{resource}_guard.yml")
+      end
+
+      def load_from_yaml_file(resource)
+        file = yaml_file(resource)
+        if File.exists? file
+          YAML.load_file(file)[resource] || {}
+        else
+          {}
+        end
+      end
+    end
+  end
+end

data/lib/ixtlan/guard/guard_ng.rb~

@@ -0,0 +1,81 @@
+require 'ixtlan/guard/guard_config'
+
+module Ixtlan
+  module Guard
+    class GuardNG
+
+      def initialize(options = {})
+        options[:guards_dir] ||= File.expand_path(".")
+        @superuser = [(options[:superuser] || "root").to_s]
+        @config = Config.new(options)
+        @logger = options[:logger]
+      end
+
+      def block_groups(groups)
+        @blocked_groups = (groups || []).collect { |g| g.to_s}
+        @blocked_groups.delete(@superuser)
+        @blocked_groups
+      end
+
+      def blocked_groups
+        @blocked_groups ||= []
+      end
+
+      def logger
+        @logger ||= 
+          if defined?(Slf4r::LoggerFactory)
+            Slf4r::LoggerFactory.new(Ixtlan::Guard)
+          else
+            require 'logger'
+            Logger.new(STDOUT)
+          end
+      end
+
+      def allowed(resource, action, current_groups)
+        current_groups = current_groups.collect { |g| g.to_s }
+        allowed = @config.allowed_groups(resource, action) - blocked_groups + @superuser
+        if allowed.member?('*')
+          current_groups
+        else
+          intersect(allowed, current_groups)
+        end
+      end
+
+      def allowed?(resource, action, current_groups, flavor = nil, &block)
+        allowed_groups = allowed(resource, action, current_groups)
+        logger.debug { "guard #{resource}##{action}: #{allowed_groups.size > 0}" }
+        if allowed_groups.size > 0
+          if block
+            g = allowed_groups.detect do |group|
+              block.call(group).member?(flavor)
+            end
+            logger.debug do
+              if g
+                "found group #{g} for #{flavor}" 
+              else
+                "no group found for #{flavor}"
+              end
+            end
+            g != nil
+          else
+            true
+          end
+        else
+          unless @config.has_guard?(resource)
+            raise ::Ixtlan::Guard::GuardException.new("no guard config for '#{resource}'")
+          else
+            false
+          end
+        end
+      end
+
+      private
+      
+      def intersect(set1, set2)
+        set1 - (set1 - set2)
+      end
+    end
+    class GuardException < Exception; end
+    class PermissionDenied < GuardException; end
+  end
+end

data/lib/ixtlan/guard/guard_rails.rb~

@@ -0,0 +1,68 @@
+module Ixtlan
+  module ActionController #:nodoc:
+    module Guard #:nodoc:
+      def self.included(base)
+        base.send(:include, InstanceMethods)
+        unless base.respond_to?(:groups_for_current_user)
+          base.send(:include, GroupsMethod)
+        end
+      end
+
+      module GroupsMethod
+
+        protected
+
+        def groups_for_current_user
+          if current_user
+            current_user.groups.collect do |group|
+              group.name
+            end
+          else
+            []
+          end
+        end
+      end
+
+      module InstanceMethods #:nodoc:
+
+        protected
+
+        def guard
+          Rails.application.config.guard
+        end
+
+        def check(flavor = nil, &block)
+          unless guard.allowed?(params[:controller], 
+                                params[:action],
+                                groups_for_current_user, 
+                                flavor, 
+                                block)
+            if flavor
+              raise ::Ixtlan::Guard::PermissionDenied.new("permission denied for '#{resource}##{action}##{flavor}'")
+            else
+              raise ::Ixtlan::Guard::PermissionDenied.new("permission denied for '#{resource}##{action}'")
+            end
+          end
+          true
+        end
+
+        def authorization
+          check
+        end
+      end
+    end
+  end
+
+  module Allowed #:nodoc:
+    # Inclusion hook to make #allowed available as method
+    def self.included(base)
+      base.send(:include, InstanceMethods)
+    end
+    
+    module InstanceMethods #:nodoc:
+      def allowed?(resource, action)
+        controller.send(:guard).allowed?(controller, resource, action)
+      end
+    end
+  end
+end

data/lib/ixtlan/guard/permission_builder.rb~

@@ -0,0 +1,7 @@
+module Ixtlan
+  module Guard
+    class PermissionBuidler
+
+    end
+  end
+end

data/spec/guard_cache_spec.rb~

@@ -0,0 +1,73 @@
+require 'spec_helper'
+require 'ixtlan/guard/guard_ng'
+require 'logger'
+
+describe Ixtlan::Guard::GuardNG do
+
+  subject do
+    logger = Logger.new(STDOUT)
+    def logger.debug(&block)
+      info("\n\t[debug] " + block.call)
+    end
+    Ixtlan::Guard::GuardNG.new(:guards_dir => File.join(File.dirname(__FILE__), "guards"), :logger => logger )
+  end
+
+  it 'should fail with missing guard dir' do
+    lambda {Ixtlan::Guard::GuardNG.new(:guards_dir => "does_not_exists") }.should raise_error(Ixtlan::Guard::GuardException)
+  end
+
+  it 'should initialize' do
+    subject.should_not be_nil
+  end
+
+  it 'should fail without groups' do
+    subject.allowed?(:users, :something, []).should be_false
+  end
+
+  it 'should pass with user being root' do
+    subject.allowed?(:users, :show, [:root]).should be_true
+  end
+
+  it 'should pass "allow all groups" with user with any groups' do
+    subject.allowed?(:users, :index, [:any]).should be_true
+  end
+
+  it 'should pass' do
+    subject.allowed?(:users, :update, [:users]).should be_true
+  end
+
+  it 'should not pass with user when in blocked group' do
+    subject.block_groups([:users])
+    begin
+      subject.allowed?(:users, :update, [:users]).should be_false
+    ensure
+      subject.block_groups([])
+    end
+  end
+
+  it 'should pass with user when not in blocked group' do
+    subject.block_groups([:accounts])
+    begin
+      subject.allowed?(:users, :update, [:users]).should be_true
+    ensure
+      subject.block_groups([])
+    end
+  end
+
+  it 'should not block root group' do
+    subject.block_groups([:root])
+    begin
+      subject.allowed?(:users, :update, [:root]).should be_true
+    ensure
+      subject.block_groups([])
+    end
+  end
+
+  it 'should not pass' do
+    subject.allowed?(:users, :update, [:accounts]).should be_false
+  end
+
+  it 'should should use defaults on unknown action' do
+    subject.allowed?(:users, :unknow, [:users]).should be_true
+  end
+end

data/spec/guard_export_spec.rb~

@@ -0,0 +1,89 @@
+require 'spec_helper'
+require 'ixtlan/guard/guard_ng'
+require 'logger'
+
+describe Ixtlan::Guard::GuardNG do
+
+  subject do
+    logger = Logger.new(STDOUT)
+    def logger.debug(&block)
+      info("\n\t[debug] " + block.call)
+    end
+    Ixtlan::Guard::GuardNG.new(:guards_dir => File.join(File.dirname(__FILE__), "guards"), :logger => logger )
+  end
+
+  it 'should fail with missing guard dir' do
+    lambda {Ixtlan::Guard::GuardNG.new(:guards_dir => "does_not_exists") }.should raise_error(Ixtlan::Guard::GuardException)
+  end
+
+  it 'should initialize' do
+    subject.should_not be_nil
+  end
+
+  it 'should fail without groups' do
+    subject.allowed?(:users, :something, []).should be_false
+  end
+
+  it 'should pass with user being root' do
+    subject.allowed?(:users, :show, [:root]).should be_true
+  end
+
+  it 'should pass "allow all groups" with user with any groups' do
+    subject.allowed?(:users, :index, [:any]).should be_true
+  end
+
+  it 'should pass' do
+    subject.allowed?(:users, :update, [:users]).should be_true
+  end
+
+  it 'should not pass with user when in blocked group' do
+    subject.block_groups([:users])
+    begin
+      subject.allowed?(:users, :update, [:users]).should be_false
+    ensure
+      subject.block_groups([])
+    end
+  end
+
+  it 'should pass with user when not in blocked group' do
+    subject.block_groups([:accounts])
+    begin
+      subject.allowed?(:users, :update, [:users]).should be_true
+    ensure
+      subject.block_groups([])
+    end
+  end
+
+  it 'should not block root group' do
+    subject.block_groups([:root])
+    begin
+      subject.allowed?(:users, :update, [:root]).should be_true
+    ensure
+      subject.block_groups([])
+    end
+  end
+
+  it 'should not pass' do
+    subject.allowed?(:users, :update, [:accounts]).should be_false
+  end
+
+  it 'should should use defaults on unknown action' do
+    subject.allowed?(:users, :unknow, [:users]).should be_true
+  end
+
+  it 'should pass with right group and allowed flavor' do
+    subject.allowed?(:users, :update, [:users], :example){ |g| [:example]}.should be_true
+  end
+
+  it 'should not pass with wrong group but allowed flavor' do
+    subject.allowed?(:users, :update, [:accounts], :example){ |g| [:example]}.should be_false
+  end
+
+  it 'should not pass with wrong group but disallowed flavor' do
+    subject.allowed?(:users, :update, [:accounts], :example){ |g| []}.should be_false
+  end
+
+  it 'should not pass with right group and disallowed flavor' do
+    subject.allowed?(:users, :update, [:users], :example){ |g| []}.should be_false
+  end
+end

data/spec/guards/accounts1_guard.yml~

@@ -0,0 +1,3 @@
+users:
+  defaults: [users]
+  index: [*]

data/spec/guards/accounts2_guard.yml~

@@ -0,0 +1,2 @@
+accounts:
+  defaults: [users]

data/spec/guards/defaults_guard.yml~

@@ -0,0 +1,5 @@
+no_defaults:
+  edit: [no_admin, no_master]
+  index: [*]
+  show: [no_admin]
+  destroy: 

data/spec/guards/no_defaults_guard.yml~

@@ -0,0 +1,6 @@
+tools:
+ # defaults: [users]
+  edit: [admin, users]
+  index: [*]
+  show: [admin]
+  destroy: 

data/spec/guards/tools_guard.yml~

@@ -0,0 +1,3 @@
+users:
+  defaults: [users]
+  index: [*]

data/spec/guards/users1_guard.yml~

@@ -0,0 +1,2 @@
+accounts:
+  defaults: [users]

data/spec/guards/users2_guard.yml~

@@ -0,0 +1,3 @@
+accounts:
+  defaults: [users]
+  index: [admin]

data/spec/guards/users_guard.yml~

@@ -0,0 +1,13 @@
+class UsersGuard
+  def initialize(guard)
+    guard.name = "users"
+    guard.aliases= {:edit => :update}
+    guard.action_map= {
+      :index => [:*],
+      :show => [:users],
+      :create => [:users],
+      :update => [:users],
+      :destroy => [:users]
+    }
+  end
+end

metadata

@@ -2,7 +2,7 @@
 name: ixtlan-guard
 version: !ruby/object:Gem::Version 
   prerelease: 
-  version: 0.6.0
+  version: 0.6.1
 platform: ruby
 authors: 
   - mkristian
@@ -10,7 +10,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-09-05 00:00:00 +05:30
+date: 2011-10-16 00:00:00 +05:30
 default_executable: 
 dependencies: 
   - !ruby/object:Gem::Dependency 
@@ -19,12 +19,9 @@ dependencies:
     requirement: &id001 !ruby/object:Gem::Requirement 
       none: false
       requirements: 
-        - - ">="
+        - - ~>
           - !ruby/object:Gem::Version 
             version: 0.6.0
-        - - <
-          - !ruby/object:Gem::Version 
-            version: 0.6.99999
     type: :runtime
     version_requirements: *id001
   - !ruby/object:Gem::Dependency 
@@ -97,9 +94,11 @@ files:
   - lib/generators/erb/user_management_controller_generator.rb
   - lib/generators/guard/controller/USAGE
   - lib/generators/guard/controller/controller_generator.rb
+  - lib/generators/guard/controller/controller_generator.rb~
   - lib/generators/guard/scaffold/USAGE
   - lib/generators/guard/scaffold/scaffold_generator.rb
   - lib/generators/guard/templates/guard.yml
+  - lib/generators/guard/templates/guard.yml~
   - lib/generators/ixtlan/user_management_scaffold/user_management_scaffold_generator.rb
   - lib/generators/ixtlan/user_management_controller/USAGE
   - lib/generators/ixtlan/user_management_controller/user_management_controller_generator.rb
@@ -116,27 +115,46 @@ files:
   - lib/generators/active_record/templates/group_user_migration.rb
   - lib/generators/active_record/templates/flavor_model.rb
   - lib/ixtlan/guard.rb
+  - lib/ixtlan/guard/abstract_session.rb
+  - lib/ixtlan/guard/abstract_session.rb~
+  - lib/ixtlan/guard/guard_rails.rb~
   - lib/ixtlan/guard/guard_ng.rb
+  - lib/ixtlan/guard/permission_builder.rb~
+  - lib/ixtlan/guard/guard_ng.rb~
   - lib/ixtlan/guard/guard_config.rb
   - lib/ixtlan/guard/guard_rails.rb
+  - lib/ixtlan/guard/guard_config.rb~
   - lib/ixtlan/guard/railtie.rb
   - lib/ixtlan/guard/controllers/maintenance_controller.rb
   - lib/ixtlan/guard/controllers/permissions_controller.rb
   - lib/ixtlan/guard/spec/user_management_models_spec.rb
   - lib/ixtlan/guard/models/maintenance.rb
   - lib/ixtlan/guard/models/user_update_manager.rb
+  - spec/guard_export_spec.rb~
   - spec/guard_export_spec.rb
   - spec/spec_helper.rb
   - spec/guard_cache_spec.rb
+  - spec/guard_cache_spec.rb~
   - spec/guard_spec.rb
   - spec/railtie_spec.rb
+  - spec/guards/accounts1_guard.yml~
   - spec/guards/users_guard.yml
   - spec/guards/users2_guard.yml
+  - spec/guards/accounts2_guard.yml~
+  - spec/guards/users2_guard.yml~
+  - spec/guards/users_guard.yml~
+  - spec/guards/users1_guard.yml~
+  - spec/guards/tools_guard.yml~
   - spec/guards/no_defaults_guard.yml
   - spec/guards/defaults_guard.yml
   - spec/guards/users1_guard.yml
   - spec/guards/person_guard.yml
   - spec/guards/accounts_guard.yml
+  - spec/guards/no_defaults_guard.yml~
+  - spec/guards/defaults_guard.yml~
+  - features/step_definitions/ruby_maven.rb
+  - features/step_definitions/simple_steps.rb
+  - features/generators.feature
 has_rdoc: true
 homepage: http://github.com/mkristian/ixtlan-guard
 licenses: 
@@ -170,3 +188,6 @@ test_files:
   - spec/guard_cache_spec.rb
   - spec/guard_spec.rb
   - spec/railtie_spec.rb
+  - features/generators.feature
+  - features/step_definitions/ruby_maven.rb
+  - features/step_definitions/simple_steps.rb