rabbitcage 0.1.0

data/.document

@@ -0,0 +1,5 @@
+README.rdoc
+lib/**/*.rb
+bin/*
+features/**/*.feature
+LICENSE

data/.gitignore

@@ -0,0 +1,22 @@
+## MAC OS
+.DS_Store
+
+## TEXTMATE
+*.tmproj
+tmtags
+
+## EMACS
+*~
+\#*
+.\#*
+
+## VIM
+*.swp
+
+## PROJECT::GENERAL
+coverage
+rdoc
+pkg
+
+## PROJECT::SPECIFIC
+rabbitcage.gemspec

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2009 Dominik Sander
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.markdown

@@ -0,0 +1,61 @@
+# RabbitCage
+
+**WARNING: This project is at a very early stage of development. The command line options and the config file format will most likely change in future versions.**
+
+RabbitCage is a AMQP application firewall build on EventMachine. The code has been heavily inspired by mojombo's awesome [ProxyMachine](http://github.com/mojombo/proxymachine/).
+
+RabbitCage was written because RabbitMQ's access control capabilities are rather limited.
+
+RabbitCage works as a transparent, content aware proxy between the connecting client and a AMQP broker (currently only tested with RabbitMQ). Based on configured ACL-like rules RabbitCage will either forward or reject the message. Messages sent from the broker are forwarded directly to the client using EventMachine's [proxy incoming to](http://eventmachine.rubyforge.org/EventMachine/Connection.html#M000275), though it will just affect the client -> server performance.
+
+## Installation
+
+	sudo gem install rabbitcage
+
+## Running
+
+	Usage:
+	rabbitcage -c <config file> [-h <host>] [-p <port>]
+	
+	Options:
+	    -c, --config CONFIG              Configuration file
+	    -h, --host HOST                  Hostname to bind. Default 0.0.0.0
+	    -p, --port PORT                  Port to listen on. Default 5672
+	    -r, --remote-host HOST           Hostname of the RabbitMQ server to connect to. Default 'localhost'
+	    -x, --remote-port PORT           Port of the RabbitMQ server to connect to. Default 5673
+	    -v                               Verbose output (denied requests).
+	    -V                               Very verbose output (denied requests/allowed requests).
+	    -D                               Debug output (denied requests/allowed requests/debug info).
+
+## Example config file
+	# Basic syntax:
+	# allow|deny 'username'|:all, AMQP method|:all, AMQP class|:all, Hash of AMQP method properties
+	#
+	# This example will allow the admin user to perform any action on the broker.
+	# A guest is allowed to consume every exchange which name does not start with 'private_' and
+	# register every queue which name does not start with 'reserved_'
+	include RabbitCageACL
+	config do
+	  allow 'admin', :all, :all
+	  allow 'guest', :all, :queue, :name => /^(?!reserved_)/
+	  allow 'guest', :all, :exchange, :name => /^(?!private_)/
+	  allow 'guest', [:consume, :get], :basic
+	  allow 'guest', :all, :connection
+	  allow 'guest', :all, :channel
+	  allow 'guest', :all, :access
+	  default :deny
+	end
+
+## Note on Patches/Pull Requests
+ 
+* Fork the project.
+* Make your feature addition or bug fix.
+* Add tests for it. This is important so I don't break it in a
+  future version unintentionally.
+* Commit, do not mess with rakefile, version, or history.
+  (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
+* Send me a pull request. Bonus points for topic branches.
+
+## Copyright
+
+Copyright (c) 2009 Dominik Sander. See LICENSE for details.

data/Rakefile

@@ -0,0 +1,55 @@
+require 'rubygems'
+require 'rake'
+
+begin
+  require 'jeweler'
+  Jeweler::Tasks.new do |gem|
+    gem.name = "rabbitcage"
+    gem.summary = %Q{A AMQP firewall which allows to restrict user access to RabbitMQ using ACLs.}
+    gem.description = %Q{RabbitMQ's access control capabilities are rather limited. RabbitCage enables fine-grated permission setups, you define which user can perform which AMQP method on which class.}
+    gem.email = "git@dsander.de"
+    gem.homepage = "http://github.com/dsander/rabbitcage"
+    gem.authors = ["Dominik Sander"]
+    gem.add_development_dependency "bacon", ">= 0"
+    gem.add_dependency "amqp", ">= 0.6.5"
+    gem.add_dependency "eventmachine", ">= 0.12.10"
+    # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
+  end
+  Jeweler::GemcutterTasks.new
+rescue LoadError
+  puts "Jeweler (or a dependency) not available. Install it with: gem install jeweler"
+end
+
+require 'rake/testtask'
+Rake::TestTask.new(:spec) do |spec|
+  spec.libs << 'lib' << 'spec'
+  spec.pattern = 'spec/**/*_spec.rb'
+  spec.verbose = true
+end
+
+begin
+  require 'rcov/rcovtask'
+  Rcov::RcovTask.new do |spec|
+    spec.libs << 'spec'
+    spec.pattern = 'spec/**/*_spec.rb'
+    spec.verbose = true
+  end
+rescue LoadError
+  task :rcov do
+    abort "RCov is not available. In order to run rcov, you must: sudo gem install spicycode-rcov"
+  end
+end
+
+task :spec => :check_dependencies
+
+task :default => :spec
+
+require 'rake/rdoctask'
+Rake::RDocTask.new do |rdoc|
+  version = File.exist?('VERSION') ? File.read('VERSION') : ""
+
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title = "rabbitcage #{version}"
+  rdoc.rdoc_files.include('README*')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end

data/VERSION

@@ -0,0 +1 @@
+0.1.0

data/bin/rabbitcage

@@ -0,0 +1,66 @@
+#!/usr/bin/env ruby
+$:.unshift File.join(File.dirname(__FILE__), *%w[.. lib])
+require 'rabbitcage'
+require 'optparse'
+
+
+
+begin
+  options = {:host => "0.0.0.0", :port => 5672, :remote_host => 'localhost', :remote_port => 5673, :log_level => Logger::ERROR}
+ 
+  opts = OptionParser.new do |opts|
+    opts.banner = <<-EOF
+Usage:
+rabbitcage -c <config file> [-h <host>] [-p <port>]
+ 
+Options:
+EOF
+    opts.on("-cCONFIG", "--config CONFIG", "Configuration file") do |x|
+      options[:config] = x
+    end
+ 
+    opts.on("-hHOST", "--host HOST", "Hostname to bind. Default 0.0.0.0") do |x|
+      options[:host] = x
+    end
+ 
+    opts.on("-pPORT", "--port PORT", "Port to listen on. Default 5672") do |x|
+      options[:port] = x
+    end
+
+    opts.on("-rHOST", "--remote-host HOST", "Hostname of the RabbitMQ server to connect to. Default 'localhost'") do |x|
+      options[:host] = x
+    end
+
+    
+    opts.on("-xPORT", "--remote-port PORT", "Port of the RabbitMQ server to connect to. Default 5673") do |x|
+      options[:remote_port] = x
+    end
+    
+    opts.on("-v", "Verbose output (denied requests).") do |x|
+      options[:log_level] = Logger::WARN
+    end
+    
+    opts.on("-V", "Very verbose output (denied requests/allowed requests).") do |x|
+      options[:log_level] = Logger::INFO
+    end
+    
+    opts.on("-D", "Debug output (denied requests/allowed requests/debug info).") do |x|
+      options[:log_level] = Logger::DEBUG
+    end
+    
+  end
+ 
+  opts.parse!
+ 
+  load(options[:config])
+  name = options[:config].split('/').last.chomp('.rb')
+  RabbitCage.run('config', options[:host], options[:port], options[:remote_host], options[:remote_port], options[:log_level])
+rescue Exception => e
+  if e.instance_of?(SystemExit)
+    raise
+  else
+    LOGGER.fatal 'Uncaught exception'
+    LOGGER.fatal e.message
+    LOGGER.fatal "\n"+e.backtrace.join("\n")
+  end
+end

data/lib/rabbitcage/client_connection.rb

@@ -0,0 +1,95 @@
+class RabbitCage
+  class ClientConnection < EventMachine::Connection
+    def self.start(host, port)
+      $server = EM.start_server(host, port, self)
+      LOGGER.info "Listening on #{host}:#{port}"
+      LOGGER.info "Send QUIT to quit after waiting for all connections to finish."
+      LOGGER.info "Send TERM or INT to quit after waiting for up to 10 seconds for connections to finish."
+    end
+
+    def post_init
+      LOGGER.info "Accepted #{peer}"
+      @buffer = []
+      @tries = 0
+      RabbitCage.incr
+    end
+
+    def peer
+      @peer ||=
+      begin
+        port, ip = Socket.unpack_sockaddr_in(get_peername)
+        "#{ip}:#{port}"
+      end
+    end
+
+    def receive_data(data)
+        handle_data data
+    rescue => e
+      close_connection
+      LOGGER.error "#{e.class} - #{e.message}"
+      LOGGER.debug "\n#{e.backtrace.join("\n")}"
+    end
+
+    def handle_data(data)
+      @timer.cancel if @timer
+      data2 = data.dup
+
+      while frame = AMQP::Frame.parse(data2)
+        LOGGER.debug "Got frame: " + frame.payload.inspect
+        case frame.payload
+        when AMQP::Protocol::Connection::Open
+          @vhost = frame.payload.virtual_host
+        when AMQP::Protocol::Connection::StartOk
+          length = frame.payload.response[10].unpack('c').first
+          @user =  frame.payload.response[11..10+length]
+        end
+
+        command = self.filter(frame.payload)
+        if command == :deny
+          LOGGER.warn generate_log_line(frame.payload, command) if frame.payload.class != AMQP::Protocol::Basic::Get
+          resp = AMQP::Protocol::Channel::Close.new(:reply_code => 403,
+                                            :reply_text => "ACCESS_REFUSED - access to '#{frame.payload.queue || frame.payload.exchange rescue 'the server'}' in vhost '#{@vhost}' refused for user '#{@user}' by rabbitcage",
+                                            :method_id => 10,
+                                            :class_id => 50,
+                                           ).to_frame
+          resp.channel = frame.channel
+          self.send_data resp.to_s
+          return
+        else
+          LOGGER.info generate_log_line(frame.payload, command) if frame.payload.class != AMQP::Protocol::Basic::Get
+        end
+      end
+      if @server_side || try_server_connect(RabbitCage.rabbit_host, RabbitCage.rabbit_port)
+        @server_side.send_data data
+      end
+    end
+
+    def try_server_connect(host, port)
+      @server_side = ServerConnection.request(host, port, self)
+      LOGGER.info "Successful connection to #{host}:#{port}."
+      true
+    rescue => e
+      @server_side = nil
+      if @tries < 10
+        @tries += 1
+        LOGGER.error "Failed on server connect attempt #{@tries}. Trying again..."
+        @timer.cancel if @timer
+        @timer = EventMachine::Timer.new(0.1) do
+          self.handle_data
+        end
+      else
+        LOGGER.error "Failed after ten connection attempts."
+      end
+      false
+    end
+
+    def unbind
+      @server_side.close_connection_after_writing if @server_side
+      RabbitCage.decr
+    end
+    
+    def generate_log_line(payload, command)
+      "#{peer} #{command} #{payload.class.to_s[16..-1]}\tuser:#{@user} vh:#{@vhost} q:#{payload.respond_to?(:queue) ? payload.queue : 'nil'} ex:#{payload.respond_to?(:exchange) ? payload.exchange : 'nil'}"
+    end
+  end
+end

data/lib/rabbitcage/core_extensions.rb

@@ -0,0 +1,20 @@
+
+# ripped from active_record
+class String
+  def camelize(first_letter_in_uppercase = true)
+    if first_letter_in_uppercase
+      self.gsub(/\/(.?)/) { "::#{$1.upcase}" }.gsub(/(?:^|_)(.)/) { $1.upcase }
+    else
+      self.first + self.camelize[1..-1]
+    end
+  end
+end
+class Symbol
+  def camelize(first_letter_in_uppercase = true)
+    if first_letter_in_uppercase
+      self.to_s.gsub(/\/(.?)/) { "::#{$1.upcase}" }.gsub(/(?:^|_)(.)/) { $1.upcase }
+    else
+      self.first + self.camelize[1..-1]
+    end
+  end
+end

data/lib/rabbitcage/filter.rb

@@ -0,0 +1,92 @@
+# encoding: utf-8
+
+module RabbitCageACL
+  def allow user, action, object, properties = {}
+    RabbitCage::Filter.register :allow, user, action, object, properties 
+  end
+  def deny user, action, object, properties = {}
+    RabbitCage::Filter.register :deny, user, action, object, properties 
+  end
+  
+  def default action
+    RabbitCage::Filter.set_default(action)
+  end
+end
+
+class RabbitCage
+  class Filter
+    @rules = {}
+    
+    def self.register permission, user, action, object, properties
+      available_actions = {:queue => ['Declare', 'Bind', 'Unbind', 'Delete', 'Purge'],
+                           :connection => ['Start', 'StartOk', 'Open', 'Tune', 'TuneOk', 'Close', 'Redirect', 'Secure'],
+                           :channel => ['Open', 'Flow', 'Alert', 'Close', 'CloseOk'],
+                           :exchange => ['Declare', 'Delete'],
+                           :access => ['Request'],
+                           :basic => ['Qos', 'Consume', 'Cancel', 'Publish', 'Deliver', 'Get', 'Ack', 'Reject']
+                         }
+      klass = []
+      if action.is_a? Array
+        klass = action.collect { |a| "AMQP::Protocol::#{object.camelize}::#{a.camelize}" }.join(',')
+      else
+        if action == :all && object != :all
+          klass = available_actions[object].collect { |x| "AMQP::Protocol::#{object.camelize}::#{x}" }
+        elsif action == :all && object == :all
+          klass = :any
+        elsif action != :all && object == :all
+          raise "This acl format is currently not supported"
+          exit
+        else
+          klass = "AMQP::Protocol::#{object.camelize}::#{action.camelize}"
+        end
+      end
+      klass = klass.join(', ') if klass.class == Array
+      @rules[klass] = [] unless @rules[klass].class == Array
+      
+      name = properties.delete(:name)
+      properties[object] = name if name
+      cond = []
+      cond << ('@user =' << (user.is_a?(Regexp) ? "~ #{user.inspect}" : "= '#{user}'"))  if user != :all
+        
+      properties.each_pair do |p, value|
+        cond << ("frame.#{p} =" << (value.is_a?(Regexp) ? "~ #{value.inspect}" : "= '#{value}'"))
+      end
+      
+      @rules[klass] << {:permission => permission, :user => user, :properties => cond.join(' and ') }
+    end
+    
+    def self.generate_properties(properties, object)
+      properties
+    end
+    
+    def self.set_default action
+      @default = action
+    end 
+    
+    def self.build
+      require 'erb'
+      method = ERB.new(%q[
+  def filter(frame)
+    <%- if @rules.any? -%>
+      <%- @rules[:any].each do |rule| -%>
+        return :<%= rule[:permission]  %> if <%= rule[:properties] %>
+      <%- end -%>
+      case frame  # 4
+        <%- @rules.each_pair do |klass, r|-%>
+          <%-  next if klass == :any -%>
+          when <%= klass %>
+            <%- r.each do |rule| -%>
+              return :<%= rule[:permission]  %> if <%= rule[:properties] %>
+            <%- end -%>
+        <%- end -%>
+      end
+    <%- end -%>
+    :<%= @default %>
+  end
+  ].gsub!(/^  /,''), nil, '>-%').result(binding)  
+    LOGGER.debug "Generated filter method:\n#{method}"
+    RabbitCage::ClientConnection.class_eval method
+  
+    end
+  end
+end

data/lib/rabbitcage/server_connection.rb

@@ -0,0 +1,19 @@
+class RabbitCage
+  class ServerConnection < EventMachine::Connection
+    def self.request(host, port, client_side)
+      EventMachine.connect(host, port, self, client_side)
+    end
+
+    def initialize(conn)
+      @client_side = conn
+    end
+
+    def post_init
+      proxy_incoming_to(@client_side, 10240)
+    end
+    
+    def unbind
+      @client_side.close_connection_after_writing
+    end
+  end
+end

data/lib/rabbitcage.rb

@@ -0,0 +1,137 @@
+require 'rubygems'
+require 'eventmachine'
+require 'amqp'
+require 'logger'
+require 'socket'
+
+require 'rabbitcage/client_connection'
+require 'rabbitcage/server_connection'
+require 'rabbitcage/filter'
+require 'rabbitcage/core_extensions'
+LOGGER = Logger.new(STDOUT)
+LOGGER.datetime_format = "%m-%d %H:%M:%S "
+
+class RabbitCage
+  MAX_FAST_SHUTDOWN_SECONDS = 10
+
+  class << self
+    def update_procline
+      $0 = "rabbitcage #{VERSION} - #{@@name} #{@@listen} - #{self.stats} cur/max/tot conns"
+    end
+  
+    def stats
+      "#{@@counter}/#{@@maxcounter}/#{@@totalcounter}"
+    end
+  
+    def count
+      @@counter
+    end
+  
+    def incr
+      @@totalcounter += 1
+      @@counter += 1
+      @@maxcounter = @@counter if @@counter > @@maxcounter
+      self.update_procline
+      @@counter
+    end
+  
+    def decr
+      @@counter -= 1
+      if $server.nil?
+        LOGGER.info "Waiting for #{@@counter} connections to finish."
+      end
+      self.update_procline
+      EM.stop if $server.nil? and @@counter == 0
+      @@counter
+    end
+  
+    def set_config(block)
+      @@config = block
+    end
+  
+    def config
+      @@config
+    end
+    
+    def rabbit_host
+      @@remote_host
+    end
+    
+    def rabbit_port
+      @@remote_port
+    end
+    def build_filter
+      RabbitCage.config.call
+      @@filter = Filter.build
+    end
+    
+    def filter frame
+      Filter.filter frame
+    end
+  
+    def graceful_shutdown(signal)
+      EM.stop_server($server) if $server
+      LOGGER.info "Received #{signal} signal. No longer accepting new connections."
+      LOGGER.info "Waiting for #{RabbitCage.count} connections to finish."
+      $server = nil
+      EM.stop if RabbitCage.count == 0
+    end
+  
+    def fast_shutdown(signal)
+      EM.stop_server($server) if $server
+      LOGGER.info "Received #{signal} signal. No longer accepting new connections."
+      LOGGER.info "Maximum time to wait for connections is #{MAX_FAST_SHUTDOWN_SECONDS} seconds."
+      LOGGER.info "Waiting for #{RabbitCage.count} connections to finish."
+      $server = nil
+      EM.stop if RabbitCage.count == 0
+      Thread.new do
+        sleep MAX_FAST_SHUTDOWN_SECONDS
+        exit!
+      end
+    end
+  
+    def run(name, host, port, rhost, rport, log_level)
+      @@totalcounter = 0
+      @@maxcounter = 0
+      @@counter = 0
+      @@name = name
+      @@listen = "#{host}:#{port}"
+      @@remote_host = rhost
+      @@remote_port = rport
+      LOGGER.level = log_level
+
+      self.update_procline
+      EM.epoll
+      
+      RabbitCage.build_filter
+      
+      EM.run do
+        RabbitCage::ClientConnection.start(host, port)
+        trap('QUIT') do
+          self.graceful_shutdown('QUIT')
+        end
+        trap('TERM') do
+          self.fast_shutdown('TERM')
+        end
+        trap('INT') do
+          self.fast_shutdown('INT')
+        end
+      end
+    end
+  
+    def version
+      yml = YAML.load(File.read(File.join(File.dirname(__FILE__), *%w[.. VERSION.yml])))
+      "#{yml[:major]}.#{yml[:minor]}.#{yml[:patch]}"
+    rescue
+      'unknown'
+    end
+  end
+
+  VERSION = self.version
+end
+
+module Kernel
+  def config(&block)
+    RabbitCage.set_config(block)
+  end
+end

data/spec/rabbitcage_spec.rb

@@ -0,0 +1,7 @@
+require 'spec_helper'
+
+describe "Rabbitcage" do
+  it "fails" do
+    should.flunk "hey buddy, you should probably rename this file and start specing for real"
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,8 @@
+require 'rubygems'
+require 'bacon'
+
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+require 'rabbitcage'
+
+Bacon.summary_on_exit

metadata

@@ -0,0 +1,99 @@
+--- !ruby/object:Gem::Specification 
+name: rabbitcage
+version: !ruby/object:Gem::Version 
+  version: 0.1.0
+platform: ruby
+authors: 
+- Dominik Sander
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-12-20 00:00:00 +01:00
+default_executable: rabbitcage
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: bacon
+  type: :development
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: amqp
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 0.6.5
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: eventmachine
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 0.12.10
+    version: 
+description: RabbitMQ's access control capabilities are rather limited. RabbitCage enables fine-grated permission setups, you define which user can perform which AMQP method on which class.
+email: git@dsander.de
+executables: 
+- rabbitcage
+extensions: []
+
+extra_rdoc_files: 
+- LICENSE
+- README.markdown
+files: 
+- .document
+- .gitignore
+- LICENSE
+- README.markdown
+- Rakefile
+- VERSION
+- bin/rabbitcage
+- lib/rabbitcage.rb
+- lib/rabbitcage/client_connection.rb
+- lib/rabbitcage/core_extensions.rb
+- lib/rabbitcage/filter.rb
+- lib/rabbitcage/server_connection.rb
+- spec/rabbitcage_spec.rb
+- spec/spec_helper.rb
+has_rdoc: true
+homepage: http://github.com/dsander/rabbitcage
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.5
+signing_key: 
+specification_version: 3
+summary: A AMQP firewall which allows to restrict user access to RabbitMQ using ACLs.
+test_files: 
+- spec/rabbitcage_spec.rb
+- spec/spec_helper.rb