lockdown 0.1.0

data/tasks/deployment.rake

@@ -0,0 +1,34 @@
+desc 'Release the website and new gem version'
+task :deploy => [:check_version, :website, :release] do
+  puts "Remember to create SVN tag:"
+  puts "svn copy svn+ssh://#{rubyforge_username}@rubyforge.org/var/svn/#{PATH}/trunk " +
+    "svn+ssh://#{rubyforge_username}@rubyforge.org/var/svn/#{PATH}/tags/REL-#{VERS} "
+  puts "Suggested comment:"
+  puts "Tagging release #{CHANGES}"
+end
+
+desc 'Runs tasks website_generate and install_gem as a local deployment of the gem'
+task :local_deploy => [:website_generate, :install_gem]
+
+task :check_version do
+  unless ENV['VERSION']
+    puts 'Must pass a VERSION=x.y.z release version'
+    exit
+  end
+  unless ENV['VERSION'] == VERS
+    puts "Please update your version.rb to match the release version, currently #{VERS}"
+    exit
+  end
+end
+
+desc 'Install the package as a gem, without generating documentation(ri/rdoc)'
+task :install_gem_no_doc => [:clean, :package] do
+  sh "#{'sudo ' unless Hoe::WINDOZE }gem install pkg/*.gem --no-rdoc --no-ri"
+end
+
+namespace :manifest do
+  desc 'Recreate Manifest.txt to include ALL files'
+  task :refresh do
+    `rake check_manifest | patch -p0 > Manifest.txt`
+  end
+end

data/tasks/environment.rake

@@ -0,0 +1,7 @@
+task :ruby_env do
+  RUBY_APP = if RUBY_PLATFORM =~ /java/
+    "jruby"
+  else
+    "ruby"
+  end unless defined? RUBY_APP
+end

data/tasks/website.rake

@@ -0,0 +1,17 @@
+desc 'Generate website files'
+task :website_generate => :ruby_env do
+  (Dir['website/**/*.txt'] - Dir['website/version*.txt']).each do |txt|
+    sh %{ #{RUBY_APP} script/txt2html #{txt} > #{txt.gsub(/txt$/,'html')} }
+  end
+end
+
+desc 'Upload website files to rubyforge'
+task :website_upload do
+  host = "#{rubyforge_username}@rubyforge.org"
+  remote_dir = "/var/www/gforge-projects/#{PATH}/"
+  local_dir = 'website'
+  sh %{rsync -aCv #{local_dir}/ #{host}:#{remote_dir}}
+end
+
+desc 'Generate and upload website files'
+task :website => [:website_generate, :website_upload, :publish_docs]

data/test/test_generator_helper.rb

@@ -0,0 +1,20 @@
+require File.dirname(__FILE__) + '/test_helper'
+require 'fileutils'
+
+# Must set before requiring generator libs.
+TMP_ROOT = File.dirname(__FILE__) + "/tmp" unless defined?(TMP_ROOT)
+PROJECT_NAME = "myproject" unless defined?(PROJECT_NAME)
+app_root = File.join(TMP_ROOT, PROJECT_NAME)
+if defined?(APP_ROOT)
+  APP_ROOT.replace(app_root)
+else
+  APP_ROOT = app_root
+end
+
+begin
+  require 'rubigen'
+rescue LoadError
+  require 'rubygems'
+  require 'rubigen'
+end
+require 'rubigen/helpers/generator_test_helper'

data/test/test_helper.rb

@@ -0,0 +1,2 @@
+require 'test/unit'
+require File.dirname(__FILE__) + '/../lib/lockdown'

data/test/test_lockdown.rb

@@ -0,0 +1,11 @@
+require File.dirname(__FILE__) + '/test_helper.rb'
+
+class TestLockdown < Test::Unit::TestCase
+
+  def setup
+  end
+  
+  def test_truth
+    assert true
+  end
+end

data/test/test_lockdown_generator.rb

@@ -0,0 +1,43 @@
+require File.join(File.dirname(__FILE__), "test_generator_helper.rb")
+
+class TestLockdownGenerator < Test::Unit::TestCase
+  include RubiGen::GeneratorTestHelper
+
+  def setup
+    bare_setup
+  end
+  
+  def teardown
+    bare_teardown
+  end
+  
+  # Some generator-related assertions:
+  #   assert_generated_file(name, &block) # block passed the file contents
+  #   assert_directory_exists(name)
+  #   assert_generated_class(name, &block)
+  #   assert_generated_module(name, &block)
+  #   assert_generated_test_for(name, &block)
+  # The assert_generated_(class|module|test_for) &block is passed the body of the class/module within the file
+  #   assert_has_method(body, *methods) # check that the body has a list of methods (methods with parentheses not supported yet)
+  #
+  # Other helper methods are:
+  #   app_root_files - put this in teardown to show files generated by the test method (e.g. p app_root_files)
+  #   bare_setup - place this in setup method to create the APP_ROOT folder for each test
+  #   bare_teardown - place this in teardown method to destroy the TMP_ROOT or APP_ROOT folder after each test
+  
+  def test_generator_without_options
+    run_generator('lockdown', [APP_ROOT], sources)
+    assert_directory_exists "path/to/included/folder"
+    assert_generated_file   "path/to/included/folder/some_file"
+  end
+  
+  private
+  def sources
+    [RubiGen::PathSource.new(:test, File.join(File.dirname(__FILE__),"..", generator_path))
+    ]
+  end
+  
+  def generator_path
+    "app_generators"
+  end
+end

data/website/index.html

@@ -0,0 +1,302 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+  <link rel="stylesheet" href="stylesheets/screen.css" type="text/css" media="screen" />
+  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+  <title>
+      lockdown
+  </title>
+  <script src="javascripts/rounded_corners_lite.inc.js" type="text/javascript"></script>
+<style>
+
+</style>
+  <script type="text/javascript">
+    window.onload = function() {
+      settings = {
+          tl: { radius: 10 },
+          tr: { radius: 10 },
+          bl: { radius: 10 },
+          br: { radius: 10 },
+          antiAlias: true,
+          autoPad: true,
+          validTags: ["div"]
+      }
+      var versionBox = new curvyCorners(settings, document.getElementById("version"));
+      versionBox.applyCornersToAll();
+    }
+  </script>
+</head>
+<body>
+<div id="main">
+
+    <h1>lockdown</h1>
+    <div id="version" class="clickable" onclick='document.location = "http://rubyforge.org/projects/lockdown"; return false'>
+      <p>Get Version</p>
+      <a href="http://rubyforge.org/projects/lockdown" class="numbers">0.1.0</a>
+    </div>
+    <h1>&#x2192; &#8216;lockdown&#8217;</h1>
+
+
+	<h3>Lockdown has not been officially released!  This page is a Work-In-Progress. The first version will be released by May 1st.</h3>
+
+
+	<h2>What</h2>
+
+
+	<p>Lockdown is a authentication/authorization system for RubyOnRails and Merb designed for simplicity and extensibility.  All access rules are in (initially) defined in lib/lockdown/access.rb.  With the included <span class="caps">ORM</span> support (ActiveRecord or DataMapper) and management screens you can add user defined rules to the system.</p>
+
+
+	<p>If there is a &#8220;spec&#8221; directory, a test helper file will be included to provied some basic functionality for use with RSpec. This will show you how to create mock user objects and sign in as an adminstrator.</p>
+
+
+	<p>Also included is functionality to auto-populate created_by and updated_by fields.</p>
+
+
+	<p>Some model level access right functionality will also be added in the near future.</p>
+
+
+	<h2>Installing</h2>
+
+
+	<p>For the people who don&#8217;t care to know the details and just want to get the system installed:</p>
+
+
+<pre>
+$ sudo gem install lockdown
+$ cd &lt;your_project_directory&gt;
+$ lockdown .
+</pre>
+
+	<p>This will create a &#8220;lockdown&#8221; directory in the lib dir add two files: access.rb and session.rb.  Modify access.rb to define the rules that apply to your system.</p>
+
+
+	<p>I recommend reading this page to get a feel for Lockdown&#8217;s functionality.</p>
+
+
+	<h2>How it works</h2>
+
+
+Lockdown stores an array of access rights in the session.  For example, if you have a standard <span class="caps">REST</span> users controller, the access rights would be:
+<pre>
+  users/index
+  users/show
+  users/edit
+  users/update
+  users/new
+  users/create
+  users/destroy (delete for Merb)
+</pre>
+
+	<p>The above list will be stored in the session as an array and each request is tested against this list.  So this means, you <strong>should not use client side session storage</strong>.  If you can, I recommend using memcache, but a database session store will suffice.</p>
+
+
+	<p>To define access rights you need to modify lib/lockdown/access.rb.  This is the default access.rb included with Lockdown:
+<pre class='syntax'>
+  <span class="ident">require</span> <span class="punct">&quot;</span><span class="string">lockdown</span><span class="punct">&quot;</span>
+
+  <span class="keyword">module </span><span class="module">Lockdown</span>
+  <span class="comment">#</span>
+  <span class="comment">#</span>
+  <span class="comment"># Permissions are used to group access rights into logical components.</span>
+  <span class="comment"># Each method defined in the Permissions module represents an array</span>
+  <span class="comment"># of methods from a controller (or multiple controllers.)</span>
+  <span class="comment"># </span>
+  <span class="comment"># Controller methods available are: </span>
+  <span class="comment">#</span>
+  <span class="comment">#   # Returns all methods from all controllers</span>
+  <span class="comment">#   all_controllers</span>
+  <span class="comment">#  </span>
+  <span class="comment">#   # Returns all methods from all controllers listed</span>
+  <span class="comment">#   all_methods :controller1, controller2, ...</span>
+  <span class="comment">#  </span>
+  <span class="comment">#   # For a single controller, returns only methods listed</span>
+  <span class="comment">#   only_methods :controller1, :method1, :method2, ...</span>
+  <span class="comment">#  </span>
+  <span class="comment">#   # For a single controller, returns all methods except the methods listed</span>
+  <span class="comment">#   all_except_methods :controller1, :method1, :method2, ...</span>
+  <span class="comment">#</span>
+  <span class="comment">#   They all return an array of controller/action.  For example, if you had a</span>
+  <span class="comment">#   standard REST controller called products this would be the result:</span>
+  <span class="comment">#</span>
+  <span class="comment">#</span>
+  <span class="comment">#     all_methods :products  =&gt; [ &quot;products/index , &quot;products/show&quot;,</span>
+  <span class="comment">#                                 &quot;products/new&quot;, &quot;products/edit&quot;,</span>
+  <span class="comment">#                                 &quot;products/create&quot;, &quot;products/update&quot;,</span>
+  <span class="comment">#                                 &quot;products/destroy&quot;]</span>
+  <span class="comment">#</span>
+    <span class="keyword">module </span><span class="module">Permissions</span>
+      <span class="keyword">class </span><span class="punct">&lt;&lt;</span> <span class="constant">self</span>
+ 
+        <span class="keyword">def </span><span class="method">sessions_management</span>
+          <span class="comment"># all_methods :sessions</span>
+        <span class="keyword">end</span>
+
+      <span class="keyword">end</span> <span class="comment"># end class block</span>
+    <span class="keyword">end</span> <span class="comment"># end Permissions module</span>
+ 
+  <span class="comment">#</span>
+  <span class="comment"># UserGroups are used to group Permissions together to define role type</span>
+  <span class="comment"># functionality. Users may belong to multiple groups.</span>
+  <span class="comment"># </span>
+    <span class="keyword">module </span><span class="module">UserGroups</span>
+      <span class="keyword">class </span><span class="punct">&lt;&lt;</span> <span class="constant">self</span>
+
+        <span class="comment">#</span>
+        <span class="comment"># This method defines which UserGroups cannot be managed</span>
+        <span class="comment"># via the management screens. </span>
+        <span class="comment"># </span>
+        <span class="comment"># Users can still be assigned to these groups.</span>
+        <span class="comment">#</span>
+        <span class="keyword">def </span><span class="method">private_records</span>
+          <span class="punct">[</span><span class="symbol">:administrators</span><span class="punct">]</span>
+        <span class="keyword">end</span>
+        <span class="comment">#</span>
+        <span class="comment"># This method defines which UserGroups have limited access</span>
+        <span class="comment"># via the management screens. Deletion is not allowed.</span>
+        <span class="comment"># </span>
+        <span class="comment"># Users can still be assigned to these groups.</span>
+        <span class="comment">#</span>
+        <span class="keyword">def </span><span class="method">protected_records</span>
+          <span class="punct">[</span><span class="symbol">:public_access</span><span class="punct">,</span> <span class="symbol">:registered_users</span><span class="punct">]</span>
+        <span class="keyword">end</span>
+         
+        <span class="comment"># ** The administrator method is &quot;special&quot;, please don't rename.</span>
+        <span class="comment">#			If you remove/rename, etc... YOU WILL BREAK STUFF</span>
+        <span class="comment">#</span>
+        <span class="comment"># Standard administrator user group.</span>
+        <span class="comment"># Please don't alter without careful consideration.</span>
+        <span class="comment">#</span>
+        <span class="keyword">def </span><span class="method">administrators</span>
+          <span class="punct">[</span><span class="symbol">:all</span><span class="punct">]</span>
+        <span class="keyword">end</span>
+         
+        <span class="comment"># ** The public_access method is &quot;special&quot;, please don't rename.</span>
+        <span class="comment">#			If you remove/rename, etc... YOU WILL BREAK STUFF</span>
+        <span class="comment">#</span>
+        <span class="comment"># Standard public_access user group.  </span>
+        <span class="comment">#</span>
+        <span class="comment"># Feel free to add Permissions to the array without issue.</span>
+        <span class="comment">#</span>
+        <span class="comment"># **Notice:  All permissions added to this public_access group will not be</span>
+        <span class="comment">#             restricted to logged in users.</span>
+        <span class="comment">#             So be careful what you add here!</span>
+        <span class="comment">#</span>
+        <span class="keyword">def </span><span class="method">public_access</span>
+          <span class="punct">[</span><span class="symbol">:sessions_management</span><span class="punct">]</span> 
+        <span class="keyword">end</span>
+ 
+        <span class="comment"># ** The registered_users method is &quot;special&quot;, please don't rename.</span>
+        <span class="comment">#			Not as special as the others, but still...</span>
+        <span class="comment">#</span>
+        <span class="comment"># All newly created users are assigned to this User Group by default</span>
+        <span class="comment">#</span>
+        <span class="keyword">def </span><span class="method">registered_users</span>
+          <span class="comment">#[:my_account]</span>
+        <span class="keyword">end</span>
+
+        <span class="comment">#</span>
+        <span class="comment"># Define your own user groups below</span>
+        <span class="comment">#</span>
+      <span class="keyword">end</span> <span class="comment"># end class block</span>
+    <span class="keyword">end</span> <span class="comment"># end UserGroups module</span>
+  <span class="keyword">end</span> <span class="comment"># end Lockdown module</span>
+</pre></p>
+
+
+	<h2>Some History</h2>
+
+
+	<p>Lockdown was initially designed as a authentication/authorization system to be configured by system administrators. This means it was database driven and had an interface to manage the access rights.  I didn&#8217;t like the static methodology of using code scattered amongst the controllers to define my access rights for the system.  I also didn&#8217;t like the fact that everything was accessible unless you restricted access.  So, I designed Lockdown to restrict access to all resources unless rights have been granted.</p>
+
+
+	<p>The system was nice and worked well until I had a project that required RSpec tests.  I don&#8217;t have anything against testing frameworks (now that I&#8217;ve see the light) but what bothered me most what the fact that I would have to duplicate the information I already defined in my migrations as mock data.  I simply refused to do that extra work.  So, a serious refactoring of Lockdown was required.</p>
+
+
+<blockquote>This is where the access.rb file was born. This file contains the rules that grant/deny access to your system.  More on this later.</blockquote>
+
+	<p>After the RSpec project was completed, the refactoring continued.  This time the focus was on releasing the code to the masses.  I like this system a lot and think both the system itself and the community could benefit from releasing this as an open source project.</p>
+
+
+	<p>In the middle of my refactoring for a public release, I made the decision to use Merb (when the choice was mine). This meant I needed to modify Lockdown for use with Merb.  So this is what I have done.</p>
+
+
+	<p>There is code in place for using Lockdown with Rails, after all, that&#8217;s where Lockdown was born.  However, I have not yet tested the Rails functionality after this last refactor.  In addition, the deployment mechanism for Rails has to be tested.</p>
+
+
+	<p>Writing code for public release is difficult and much different from architecting/coding for a closed source project.  A lot of things you could get by with in a proprietary application won&#8217;t be well received by the general public.  In addition, if you don&#8217;t make things easy, the adoption rate will probably be non-existent.</p>
+
+
+	<h2>Features</h2>
+
+
+	<p><strong>I have these components (for the most part)...figuring out how to package them.  The following is just an idea right now&#8230; </strong>
+<br/>
+<br/>
+The goal of Lockdown is to give you only what you want from the system.</p>
+
+
+	<p>The initial install is all that is required to lock down your system.  However, you&#8217;ll probably want the authorization functionality.  You can get this by:</p>
+
+
+	<p><pre class='syntax'><span class="ident">rake</span> <span class="ident">lockdown</span><span class="symbol">:install:authorization</span></pre></p>
+
+
+	<p>If you want to install <span class="caps">ORM</span> support:</p>
+
+
+	<p><pre class='syntax'><span class="ident">rake</span> <span class="ident">lockdown</span><span class="symbol">:install:orm</span></pre></p>
+
+
+	<p>If you want to install management screens (ORM support included):
+<pre class='syntax'><span class="ident">rake</span> <span class="ident">lockdown</span><span class="symbol">:install:management</span></pre></p>
+
+
+	<p>If you want to install authorization + management screens:
+<pre class='syntax'><span class="ident">rake</span> <span class="ident">lockdown</span><span class="symbol">:install:all</span></pre></p>
+
+
+	<h2>Forum</h2>
+
+
+	<p><a href="http://groups.google.com/group/stonean_lockdown?hl=en">http://groups.google.com/group/stonean_lockdown?hl=en</a></p>
+
+
+	<h2>How to submit patches</h2>
+
+
+	<p>The Clone <span class="caps">URL</span>: git://github.com/stonean/lockdown.git</p>
+
+
+	<p>Read the <a href="http://drnicwilliams.com/2007/06/01/8-steps-for-fixing-other-peoples-code/">8 steps for fixing other people&#8217;s code</a> and for section <a href="http://drnicwilliams.com/2007/06/01/8-steps-for-fixing-other-peoples-code/#8b-google-groups">8b: Submit patch to Google Groups</a>, use the Google Group above.</p>
+
+
+	<p>I&#8217;m new to git and this whole opensource project admin gig, so please be patient with my stumbling around.</p>
+
+
+	<h2>License</h2>
+
+
+	<p>This code is free to use under the terms of the <span class="caps">MIT</span> license.</p>
+
+
+	<h2>Contact</h2>
+
+
+	<p>Comments and suggestions are welcome via the <a href="http://groups.google.com/group/stonean_lockdown?hl=en">forum</a></p>
+    <p class="coda">
+      22nd April 2008<br/>
+      Theme extended from <a href="http://rb2js.rubyforge.org/">Paul Battley</a>
+    </p>
+</div>
+<script type="text/javascript">
+  var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
+  document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
+</script>
+<script type="text/javascript">
+  var pageTracker = _gat._getTracker("UA-4189092-1");
+  pageTracker._initData();
+  pageTracker._trackPageview();
+</script>
+</body>
+</html>

data/website/index.txt

@@ -0,0 +1,218 @@
+h1. lockdown
+
+h1. → 'lockdown'
+
+h3. Lockdown has not been officially released!  This page is a Work-In-Progress. The first version will be released by May 1st. 
+
+h2. What
+
+Lockdown is a authentication/authorization system for RubyOnRails and Merb designed for simplicity and extensibility.  All access rules are in (initially) defined in lib/lockdown/access.rb.  With the included ORM support (ActiveRecord or DataMapper) and management screens you can add user defined rules to the system.
+
+If there is a "spec" directory, a test helper file will be included to provied some basic functionality for use with RSpec. This will show you how to create mock user objects and sign in as an adminstrator.
+
+Also included is functionality to auto-populate created_by and updated_by fields.
+
+Some model level access right functionality will also be added in the near future.
+
+h2. Installing
+
+For the people who don't care to know the details and just want to get the system installed:
+
+<pre>
+$ sudo gem install lockdown
+$ cd <your_project_directory>
+$ lockdown .
+</pre>
+
+This will create a "lockdown" directory in the lib dir add two files: access.rb and session.rb.  Modify access.rb to define the rules that apply to your system.
+
+I recommend reading this page to get a feel for Lockdown's functionality.  
+
+h2. How it works
+
+Lockdown stores an array of access rights in the session.  For example, if you have a standard REST users controller, the access rights would be:
+<pre>
+  users/index
+  users/show
+  users/edit
+  users/update
+  users/new
+  users/create
+  users/destroy (delete for Merb)
+</pre>
+
+The above list will be stored in the session as an array and each request is tested against this list.  So this means, you <strong>should not use client side session storage</strong>.  If you can, I recommend using memcache, but a database session store will suffice.
+
+To define access rights you need to modify lib/lockdown/access.rb.  This is the default access.rb included with Lockdown:
+<pre syntax="ruby">
+  require "lockdown"
+
+  module Lockdown
+  #
+  #
+  # Permissions are used to group access rights into logical components.
+  # Each method defined in the Permissions module represents an array
+  # of methods from a controller (or multiple controllers.)
+  # 
+  # Controller methods available are: 
+  #
+  #   # Returns all methods from all controllers
+  #   all_controllers
+  #  
+  #   # Returns all methods from all controllers listed
+  #   all_methods :controller1, controller2, ...
+  #  
+  #   # For a single controller, returns only methods listed
+  #   only_methods :controller1, :method1, :method2, ...
+  #  
+  #   # For a single controller, returns all methods except the methods listed
+  #   all_except_methods :controller1, :method1, :method2, ...
+  #
+  #   They all return an array of controller/action.  For example, if you had a
+  #   standard REST controller called products this would be the result:
+  #
+  #
+  #     all_methods :products  => [ "products/index , "products/show",
+  #                                 "products/new", "products/edit",
+  #                                 "products/create", "products/update",
+  #                                 "products/destroy"]
+  #
+    module Permissions
+      class << self
+ 
+        def sessions_management
+          # all_methods :sessions
+        end
+
+      end # end class block
+    end # end Permissions module
+ 
+  #
+  # UserGroups are used to group Permissions together to define role type
+  # functionality. Users may belong to multiple groups.
+  # 
+    module UserGroups
+      class << self
+
+        #
+        # This method defines which UserGroups cannot be managed
+        # via the management screens. 
+        # 
+        # Users can still be assigned to these groups.
+        #
+        def private_records
+          [:administrators]
+        end
+        #
+        # This method defines which UserGroups have limited access
+        # via the management screens. Deletion is not allowed.
+        # 
+        # Users can still be assigned to these groups.
+        #
+        def protected_records
+          [:public_access, :registered_users]
+        end
+         
+        # ** The administrator method is "special", please don't rename.
+        #			If you remove/rename, etc... YOU WILL BREAK STUFF
+        #
+        # Standard administrator user group.
+        # Please don't alter without careful consideration.
+        #
+        def administrators
+          [:all]
+        end
+         
+        # ** The public_access method is "special", please don't rename.
+        #			If you remove/rename, etc... YOU WILL BREAK STUFF
+        #
+        # Standard public_access user group.  
+        #
+        # Feel free to add Permissions to the array without issue.
+        #
+        # **Notice:  All permissions added to this public_access group will not be
+        #             restricted to logged in users.
+        #             So be careful what you add here!
+        #
+        def public_access
+          [:sessions_management] 
+        end
+ 
+        # ** The registered_users method is "special", please don't rename.
+        #			Not as special as the others, but still...
+        #
+        # All newly created users are assigned to this User Group by default
+        #
+        def registered_users
+          #[:my_account]
+        end
+
+        #
+        # Define your own user groups below
+        #
+      end # end class block
+    end # end UserGroups module
+  end # end Lockdown module
+</pre>
+
+
+h2. Some History
+
+Lockdown was initially designed as a authentication/authorization system to be configured by system administrators. This means it was database driven and had an interface to manage the access rights.  I didn't like the static methodology of using code scattered amongst the controllers to define my access rights for the system.  I also didn't like the fact that everything was accessible unless you restricted access.  So, I designed Lockdown to restrict access to all resources unless rights have been granted. 
+
+The system was nice and worked well until I had a project that required RSpec tests.  I don't have anything against testing frameworks (now that I've see the light) but what bothered me most what the fact that I would have to duplicate the information I already defined in my migrations as mock data.  I simply refused to do that extra work.  So, a serious refactoring of Lockdown was required.
+
+<blockquote>This is where the access.rb file was born. This file contains the rules that grant/deny access to your system.  More on this later.</blockquote>
+
+After the RSpec project was completed, the refactoring continued.  This time the focus was on releasing the code to the masses.  I like this system a lot and think both the system itself and the community could benefit from releasing this as an open source project.  
+
+In the middle of my refactoring for a public release, I made the decision to use Merb (when the choice was mine). This meant I needed to modify Lockdown for use with Merb.  So this is what I have done.
+
+There is code in place for using Lockdown with Rails, after all, that's where Lockdown was born.  However, I have not yet tested the Rails functionality after this last refactor.  In addition, the deployment mechanism for Rails has to be tested.
+
+Writing code for public release is difficult and much different from architecting/coding for a closed source project.  A lot of things you could get by with in a proprietary application won't be well received by the general public.  In addition, if you don't make things easy, the adoption rate will probably be non-existent.
+
+
+h2. Features
+
+<strong>I have these components (for the most part)...figuring out how to package them.  The following is just an idea right now... </strong>
+<br/>
+<br/>
+The goal of Lockdown is to give you only what you want from the system.  
+
+The initial install is all that is required to lock down your system.  However, you'll probably want the authorization functionality.  You can get this by: 
+
+<pre syntax="ruby">rake lockdown:install:authorization</pre>
+
+If you want to install ORM support:
+
+<pre syntax="ruby">rake lockdown:install:orm</pre>
+
+If you want to install management screens (ORM support included):
+<pre syntax="ruby">rake lockdown:install:management</pre>
+
+If you want to install authorization + management screens:
+<pre syntax="ruby">rake lockdown:install:all</pre>
+
+
+h2. Forum
+
+"http://groups.google.com/group/stonean_lockdown?hl=en":http://groups.google.com/group/stonean_lockdown?hl=en
+
+
+h2. How to submit patches
+
+The Clone URL: git://github.com/stonean/lockdown.git
+
+Read the "8 steps for fixing other people's code":http://drnicwilliams.com/2007/06/01/8-steps-for-fixing-other-peoples-code/ and for section "8b: Submit patch to Google Groups":http://drnicwilliams.com/2007/06/01/8-steps-for-fixing-other-peoples-code/#8b-google-groups, use the Google Group above.
+
+I'm new to git and this whole opensource project admin gig, so please be patient with my stumbling around.
+
+h2. License
+
+This code is free to use under the terms of the MIT license.
+
+h2. Contact
+
+Comments and suggestions are welcome via the "forum":http://groups.google.com/group/stonean_lockdown?hl=en
+