rad_ext 0.0.1

data/Rakefile

@@ -0,0 +1,12 @@
+require 'rake_ext'
+
+project(
+  name: "rad_ext",
+  gem: true,
+  summary: "Extensions for Rad Framework",
+
+  bin: 'bin',
+
+  author: "Alexey Petrushin",
+  homepage: "http://github.com/alexeypetrushin/rad_ext"
+)

data/lib/rad/configurators/abstract.rb

@@ -0,0 +1,22 @@
+class Abstract
+  def initialize dir
+    @dir = File.expand_path(dir)
+  end
+  
+  # def config options = {}
+  #   rad.config.merge_config! "#{dir}/config/config.yml", options
+  # end
+  
+  def routes
+    routes_file = "#{dir}/config/routes.rb"
+    load routes_file if File.exist? routes_file
+  end
+  
+  def locales
+    I18n.load_path += Dir["#{dir}/config/locales/**/*.{rb,yml}"]
+    I18n.load_path += Dir["#{dir}/config/locales/*.{rb,yml}"]
+  end
+  
+  protected        
+    attr_reader :dir #, :after_config, :after_environment
+end

data/lib/rad/configurators/runtime.rb

@@ -0,0 +1,2 @@
+class Runtime < Abstract
+end

data/lib/rad/configurators/web.rb

@@ -0,0 +1,32 @@
+class Web < Abstract      
+  def asset_paths *relative_paths
+    relative_paths = relative_paths.first if relative_paths.first.is_a? Array
+    relative_paths.each do |relative_path|
+      path = "#{dir}/#{relative_path}"
+      rad.assets.paths << path unless rad.assets.paths.include? path
+    end
+  end
+  
+  def load_paths *relative_paths
+    relative_paths = relative_paths.first if relative_paths.first.is_a? Array
+    relative_paths.each do |relative_path|
+      path = "#{dir}/#{relative_path}"
+      $LOAD_PATH << path unless $LOAD_PATH.include? path
+    end
+  end
+  
+  def template_paths *relative_paths
+    rad.template
+    
+    relative_paths = relative_paths.first if relative_paths.first.is_a? Array
+    relative_paths.each do |relative_path|
+      path = "#{dir}/#{relative_path}"
+      rad.template.paths << path unless rad.template.paths.include? path
+    end
+  end
+  
+  def autoload_paths *relative_paths
+    relative_paths = relative_paths.first if relative_paths.first.is_a? Array        
+    relative_paths.each{|d| autoload_dir "#{dir}/#{d}", true}
+  end      
+end

data/lib/rad/controller/forgery_protector.rb

@@ -0,0 +1,31 @@
+module ForgeryProtector
+  BROWSER_GENERATED_TYPES = %w(
+    text/html
+    text/plain
+    application/x-www-form-urlencoded
+    multipart/form-data    
+  ).to_set
+  
+  BROWSER_GENERATED_FORMATS = %w(html js)
+  
+  protected
+    def protect_from_forgery
+      request = workspace.request
+      if request.session        
+        sat = request.session['authenticity_token']
+        content_type = request.content_type
+        format = workspace.params.format
+
+        allow = (
+          request.get? or
+          (content_type.present? and !BROWSER_GENERATED_TYPES.include?(content_type.downcase)) or
+          (format.present? and !BROWSER_GENERATED_FORMATS.include?(format)) or
+          (sat.present? and sat == params.authenticity_token)
+        )
+        
+        raise "invalid authenticity token!" unless allow
+
+        @authenticity_token = sat
+      end
+    end
+end

data/lib/rad/processors/ajax_helper.rb

@@ -0,0 +1,16 @@
+# Sets format for :js as :html and wraps body into <textarea>
+# Forms with files can be submitted by ajax only via iframe, and it requires 
+# the response have 'html' encoding and be wrapped into <textarea>
+class AjaxHelper < Conveyors::Processor      
+  def call
+    response = workspace.response.must_be.defined
+    request = workspace.request.must_be.defined
+    
+    next_processor.call
+    
+    if workspace.params? and workspace.params.format == 'js' and !request.xhr?
+      response.content_type = Mime['html']
+      workspace.content = "<textarea>#{workspace.content}</textarea>"
+    end          
+  end
+end

data/lib/rad/processors/ensure_no_www.rb

@@ -0,0 +1,30 @@
+# enshure domain has no www. except if there's custom subdomain
+class EnsureNoWww < Conveyors::Processor
+  def call
+    workspace.params.must_be.defined
+    if workspace.params.format == 'html' and url_with_www?
+      redirect_without_www
+    else
+      next_processor.call
+    end
+  end            
+  
+  protected
+    def uri
+      @uri ||= Uri.parse workspace.request.url
+    end
+  
+    def url_with_www?
+      uri.host =~ /^www\./
+    end
+    
+    def redirect_without_www
+      uri.host = uri.host.sub(/^www\./, '')
+      url = uri.to_s
+      
+      response = workspace.response
+      response.status = 301
+      response.headers['Location'] = url
+      response.body = %(<html><body>You are being <a href="#{url.html_escape}">redirected</a>.</body></html>)
+    end
+end

data/lib/rad_ext/configurators.rb

@@ -0,0 +1,13 @@
+# %w(
+#   abstract
+#   runtime
+#   web
+# ).each{|f| require "rad_ext/configurators/#{f}"}
+
+class Micon::Core
+  def configure configurator_name, dir, &block      
+    configurator_class = "Rad::Configurators::#{configurator_name.to_s.classify}".constantize      
+    configurator = configurator_class.new dir
+    block.call configurator if block
+  end
+end

data/lib/rad_ext/extensions/i18n/locales/ru/pluralization.rb

@@ -0,0 +1,62 @@
+# {
+#   :'ru' => {
+#     pluralize: lambda { |n| 
+#       # Правило плюрализации для русского языка, взято из CLDR, http://unicode.org/cldr/
+#       #
+#       #
+#       # Russian language pluralization rules, taken from CLDR project, http://unicode.org/cldr/
+#       #
+#       #   one -> n mod 10 is 1 and n mod 100 is not 11;
+#       #   few -> n mod 10 in 2..4 and n mod 100 not in 12..14;
+#       #   many -> n mod 10 is 0 or n mod 10 in 5..9 or n mod 100 in 11..14;
+#       #   other -> everything else
+#       #
+#       # Пример
+#       #
+#       #   :one  = 1, 21, 31, 41, 51, 61...
+#       #   :few  = 2-4, 22-24, 32-34...
+#       #   :many = 0, 5-20, 25-30, 35-40...
+#       #   :other = 1.31, 2.31, 5.31...
+#       modulo10 = n.modulo(10)
+#       modulo100 = n.modulo(100)
+#       
+#       if modulo10 == 1 && modulo100 != 11
+#         :one
+#       elsif (modulo10 == 2 || modulo10 == 3 || modulo10 == 4) && !(modulo100 == 12 || modulo100 == 13 || modulo100 == 14)
+#         :few
+#       elsif modulo10 == 0 || (modulo10 == 5 || modulo10 == 6 || modulo10 == 7 || modulo10 == 8 || modulo10 == 9) || (modulo100 == 11 || modulo100 == 12 || modulo100 == 13 || modulo100 == 14)
+#         :many
+#       else
+#         :other
+#       end
+#     }
+#   }
+# }
+
+{
+  ru: {
+    i18n: {
+      plural: {
+        rule: lambda{|n|
+          # Правило плюрализации для русского языка, взято из CLDR, http://unicode.org/cldr/
+          #
+          #
+          # Russian language pluralization rules, taken from CLDR project, http://unicode.org/cldr/
+          #
+          #   one -> n mod 10 is 1 and n mod 100 is not 11;
+          #   few -> n mod 10 in 2..4 and n mod 100 not in 12..14;
+          #   many -> n mod 10 is 0 or n mod 10 in 5..9 or n mod 100 in 11..14;
+          #   other -> everything else
+          #
+          # Пример
+          #
+          #   :one  = 1, 21, 31, 41, 51, 61...
+          #   :few  = 2-4, 22-24, 32-34...
+          #   :many = 0, 5-20, 25-30, 35-40...
+          #   :other = 1.31, 2.31, 5.31...
+          n % 10 == 1 && n % 100 != 11 ? :one : [2, 3, 4].include?(n % 10) && ![12, 13, 14].include?(n % 100) ? :few : n % 10 == 0 || [5, 6, 7, 8, 9].include?(n % 10) || [11, 12, 13, 14].include?(n % 100) ? :many : :other 
+        }
+      }
+    }
+  }
+}

data/lib/rad_ext/extensions/i18n.rb

@@ -0,0 +1,16 @@
+# Hack, ActiveSupport currently uses differrent version
+# gem 'i18n', '>= 0.4.1'
+# require 'i18n'
+
+require "i18n/backend/pluralization" 
+I18n::Backend::Simple.send(:include, I18n::Backend::Pluralization)
+
+I18n.load_path += Dir["#{__FILE__.dirname}/i18n/locales/*/*.{rb,yml}"]
+
+
+# 
+# Helpers for Rad
+# 
+[Rad::Controller::Abstract, Rad::Controller::Context].each do |klass|
+  klass.delegate :t, to: I18n
+end

data/lib/rad_ext/extensions/prepare_model.rb

@@ -0,0 +1,16 @@
+Rad::Controller::Abstract::ClassMethods.class_eval do
+  def prepare_model aclass, opt = {}
+    opt = opt.symbolize_keys
+    id = opt.delete(:id) || :id    
+    variable = opt.delete(:variable) || aclass.alias.underscore
+    
+    finder = opt.delete(:finder) || :find!
+    
+    method = "prepare_#{variable}"
+    define_method method do
+      model = aclass.send finder, params[id]
+      instance_variable_set "@#{variable}", model
+    end
+    before method, opt
+  end
+end

data/lib/rad_ext/extensions/user_error.rb

@@ -0,0 +1,12 @@
+class UserError < StandardError
+end
+
+Object.class_eval do
+  def raise_user_error msg
+    raise UserError, msg
+  end
+
+  def self.raise_user_error msg
+    raise UserError, msg
+  end
+end

data/lib/rad_ext/extensions.rb

@@ -0,0 +1,7 @@
+require 'rad'
+
+%w(
+  i18n
+  prepare_model
+  user_error
+).each{|f| require "rad_ext/extensions/#{f}"}

data/lib/rad_ext/gems.rb

@@ -0,0 +1,7 @@
+gem 'i18n', '0.5.0'
+
+
+if respond_to? :fake_gem
+  fake_gem 'rad_core'
+  fake_gem 'rad_assets'
+end

data/lib/rad_ext/profiles/web_ext.rb

@@ -0,0 +1,70 @@
+# 
+# Router
+# 
+rad.router.routers = [
+  [:alias_router, Rad::Router::AliasRouter.new],
+  [:basic_router, Rad::Router::BasicRouter.new],    
+  [:restful_router, Rad::Router::RestfulRouter.new],
+  [:object_router, Rad::Router::ObjectRouter.new]
+]
+
+
+# 
+# Conveyors
+# 
+rad.conveyors.web do |web|
+  # conveyor      
+  web.use Rad::Conveyors::Processors::ConveyorLogger
+
+  # http      
+  web.use Rad::Http::Processors::HttpWriter
+  web.use Rad::Http::Processors::PrepareParams
+  web.use Rad::Http::Processors::EvaluateFormat
+  web.use Rad::Http::Processors::HttpLogger
+
+  # forgery protection
+  web.use Rad::Processors::PrepareAutenticityToken
+
+  # ensure no www
+  web.use Rad::Processors::EnsureNoWww
+
+  # ajax
+  web.use Rad::Processors::AjaxHelper
+
+  # html
+  # web.use ScopedParams
+  web.use Rad::Html::Processors::PrepareFlash
+
+  # controller
+  web.use Rad::Controller::Processors::ControllerErrorHandling
+
+  # router
+  web.use Rad::Router::Processors::Router, :class, :method_name
+
+  # controller      
+  web.use Rad::Controller::Processors::ControllerLogger
+  web.use Rad::Controller::Processors::ControllerCaller
+
+  web.build!
+end
+
+
+# 
+# RackAdapter
+# 
+rad.http.initialize_rack do |builder|
+  # CommonLogger, ShowExceptions, Lint
+  builder.use Rack::Lint if rad.development?
+  
+  # Static Files
+  if rad.http.static? and rad.http.public_path and rad.development?
+    filters = /^\/.*?\/static\/|^\/static\/|\/favicon/
+    builder.use Rad::Assets::StaticFiles, filters
+  end
+
+  # use Rack::Session::Cookie, key: 'rack.session', domain: 'foo.com', path: '/', expire_after: 2592000, secret: 'change_me'  
+  builder.use Rack::Session::Cookie, rad.http.session.stringify_keys if rad.http.session
+
+  # builder.use Rack::CommonLogger
+  builder.use Rack::MethodOverride
+end

data/lib/rad_ext/protect_from_forgery.rb

@@ -0,0 +1,56 @@
+# 
+# Processor
+# 
+class Rad::Processors::PrepareAutenticityToken < Rad::Conveyors::Processor      
+  def call        
+    if rad.http.session
+      request = workspace.request.must_be.defined
+      params = workspace.params.must_be.defined
+          
+      token = request.session['authenticity_token']
+
+      if token.blank? and request.get? and
+        token = generate_authenticity_token
+        request.session['authenticity_token'] = token
+      end              
+    end
+    
+    next_processor.call
+  end
+
+    
+  protected
+    def generate_authenticity_token
+      ActiveSupport::SecureRandom.base64(32)
+    end
+end
+
+
+# 
+# Controller
+# 
+Rad::Controller::Http.include Rad::Controller::ForgeryProtector
+
+Rad::Controller::Http::ClassMethods.class_eval do    
+  def protect_from_forgery options = {}
+    before :protect_from_forgery, options
+  end
+end
+
+
+# 
+# View
+# 
+Rad::Html::FormHelper.class_eval do
+  def authenticity_token 
+    @authenticity_token
+  end
+
+  alias_method :form_tag_without_at, :form_tag
+  def form_tag *args, &b    
+    form_tag_without_at *args do
+      concat(hidden_field_tag('authenticity_token', authenticity_token) + "\n") if authenticity_token
+      b.call if b
+    end
+  end
+end

data/lib/rad_ext/require.rb

@@ -0,0 +1,5 @@
+%w(
+  configurators
+  extensions
+  protect_from_forgery
+).each{|f| require "rad_ext/#{f}"}

data/lib/rad_ext/spec.rb

@@ -0,0 +1,4 @@
+module Rad::Controller::ForgeryProtector
+  def protect_from_forgery; end
+end
+    

data/lib/rad_ext/tasks.rb

@@ -0,0 +1,18 @@
+require 'rake_ext'
+require 'ruby_ext'
+
+task :environment do
+  require 'rad'
+  rad.mode = ENV['m'] || ENV['mode'] || ENV['env'] || ENV['environment'] || :development
+  rad.runtime_path = File.expand_path '.'
+  
+  require 'rad_ext'
+  rad.web
+    
+  require 'rad_ext/utils/cli_helper'
+
+  Rad::CliHelper.use_runtime_path!
+
+  load "./init.rb"
+  rad.environment
+end

data/lib/rad_ext/utils/cli_helper.rb

@@ -0,0 +1,34 @@
+module Rad::CliHelper
+  RUNTIME_DIR = 'runtime'
+
+  class << self
+    inject logger: :logger
+    
+    def run_console
+      prepare_running_environment
+
+      require 'irb'
+      IRB.start        
+    end
+
+    def run_server
+      app = prepare_running_environment
+  
+      rad.http.run app, rad.http.host, rad.http.port
+    end
+      
+    def use_runtime_path!
+      runtime_path = "./#{RUNTIME_DIR}"
+      Dir.chdir runtime_path if Dir.exist? runtime_path
+    end
+
+    protected
+      def prepare_running_environment
+        use_runtime_path!
+        
+        require 'rack'
+        app, options = Rack::Builder.parse_file 'config.ru'
+        app
+      end
+  end
+end

data/lib/rad_ext.rb

@@ -0,0 +1,18 @@
+require 'rad'
+require 'rad_ext/gems'
+
+lib_dir = __FILE__.dirname
+autoload_dir lib_dir
+
+rad.must_not.include :web
+rad.register :web, depends_on: [:html, :router, :controller, :http] do  
+  require 'rad/core_web/_require'
+  require 'rad_ext/require'
+  
+  load 'rad_ext/profiles/web_ext.rb'
+  load 'rad/profiles/mailer.rb'
+  
+  rad.assets
+  
+  true
+end

data/readme.md

@@ -0,0 +1,12 @@
+# Extensions for the Rad framework.
+
+- face - tools for rapid interface creation.
+- common_interface - common user interface for Rad.
+- rad_ext - additions and extensions of the Rad.
+- rad_js - JS plugin for the Rad.
+- rad - Rapid Application Development tool built upon of the Rad.
+
+Please go to specs for docs.
+
+P.S.
+All these components will be in standalone gems, but right now it's simpler for me to hold all of them in one place.

data/spec/extensions/i18n_spec/locales/en/general.yml

@@ -0,0 +1,5 @@
+en:
+  name: "Name"
+  comments:
+    one: "%{count} comment"
+    many: "%{count} comments"

data/spec/extensions/i18n_spec/locales/ru/general.yml

@@ -0,0 +1,7 @@
+ru:
+  name: "Имя"
+  comments_count:
+    one: "%{count} комментарий"
+    few: "%{count} комментария"
+    many: "%{count} комментариев"
+    other: "%{count} комментариев"

data/spec/extensions/i18n_spec.rb

@@ -0,0 +1,32 @@
+# encoding: utf-8
+
+require "spec_helper_with_rad"
+
+describe 'I18n' do
+  before :all do
+    rad.web
+    rad.reset :conveyors
+    
+    I18n.load_path += Dir["#{spec_dir}/locales/*/*.{rb,yml}"]
+  end
+  
+  def t *args
+    I18n.t *args
+  end
+  
+  it "basic" do
+    I18n.locale = 'en'
+    t(:name).should == "Name"
+    t(:name).is_a?(String).should be_true
+    
+    I18n.locale = 'ru'
+    t(:name).should == "Имя"
+  end
+  
+  it "pluggable pluralization" do
+    I18n.locale = 'ru'
+    t(:comments_count, count: 1).should == "1 комментарий"
+    t(:comments_count, count: 2).should == "2 комментария"
+    t(:comments_count, count: 5).should == "5 комментариев"
+  end
+end

data/spec/extensions/prepare_model_spec.rb

@@ -0,0 +1,36 @@
+require "spec_helper_with_rad"
+
+describe "User Error" do
+  rad.web
+  rad.reset :conveyors
+  isolate :conveyors, before: :all
+
+  before :all do    
+    load 'spec_helper/web_profile.rb'
+    
+    class ::SomeModel
+      def self.find! id
+        id.should == 'some id'
+        SomeModel.new
+      end
+    end
+  end  
+  after :all do
+    remove_constants %w(SomeModel ControllerSpec)
+  end
+  
+  it "user error" do
+    class ::ControllerSpec
+      inherit Rad::Controller::Http
+      
+      prepare_model SomeModel, id: :some_model, variable: 'some_model'
+      
+      def action
+        @some_model.should_not == nil
+        render inline: 'ok'
+      end
+    end
+
+    ccall(ControllerSpec, :action, some_model: 'some id').should == 'ok'
+  end
+end

data/spec/extensions/user_error_spec.rb

@@ -0,0 +1,36 @@
+require "spec_helper_with_rad"
+
+describe "User Error" do
+  rad.web
+  rad.reset :conveyors
+  
+  isolate :conveyors, before: :all
+  
+  before(:all){load 'spec_helper/web_profile.rb'}
+  
+  after :all do
+    remove_constants %w(UserErrorSpec)
+  end
+  
+  it "user error" do
+    class ::UserErrorSpec
+      inherit Rad::Controller::Http
+      
+      def call
+        raise_user_error "some error"
+      end      
+      
+      protected
+        def catch_user_error
+          begin
+            yield
+          rescue UserError => ue
+            render inline: "Catched #{ue.message}"
+          end
+        end
+        around :catch_user_error
+    end
+    
+    ccall(UserErrorSpec, :call).should == "Catched some error"
+  end
+end

data/spec/processors/protect_from_forgery_spec.rb

@@ -0,0 +1,188 @@
+require "spec_helper_with_rad"
+
+describe "Forgery protection" do    
+  rad.web
+  rad.reset :conveyors
+  
+  with_prepare_params
+    
+  isolate :conveyors
+
+  before :all do    
+    class ForgerySpecHelper < Rad::Conveyors::Processor
+      def call
+        block = workspace.check_forgery.before_request
+        block.call workspace if block
+        workspace.before_request_done = true
+
+        next_processor.call
+
+        block = workspace.check_forgery.after_request
+        block.call workspace if block
+        workspace.after_request_done = true    
+      end
+    end
+    
+    rad.conveyors.web do |web|
+      web.use Rad::Http::Processors::PrepareParams
+      web.use Rad::Http::Processors::EvaluateFormat
+      web.use ForgerySpecHelper
+      web.use Rad::Processors::PrepareAutenticityToken
+      web.use Rad::Controller::Processors::ControllerCaller
+    end          
+
+    class ::AnRemote
+      inherit Rad::Controller::Http
+      
+      protect_from_forgery only: :protected_method
+      
+      def protected_method
+        render inline: 'protected result'
+      end
+      
+      def method_without_protection
+        render inline: 'result'
+      end
+      
+      def dumb_method; end
+    end
+  end
+  
+  after :all do
+    rad.reset :conveyors
+    remove_constants %w(AnRemote ForgerySpecHelper)
+  end
+  
+  before do
+    rad.http.stub(:session).and_return({'key' => 'session_id'})
+  end
+  
+  def check_forgery opt    
+    workspace = nil 
+    
+    result = rad.http.call(rad.http.mock_environment, check_forgery: opt.to_openobject) do |c|
+      c.call
+      workspace = rad[:workspace]
+    end
+        
+    workspace.before_request_done.should be_true
+    workspace.after_request_done.should be_true
+    workspace
+  end
+  
+  it "should set :authenticity_token only for :get and 'html' request" do
+    check_forgery(
+      before_request: lambda{|workspace|        
+        workspace.env['REQUEST_METHOD'] = 'GET'        
+        workspace.env['CONTENT_TYPE'] = 'text/html'
+        workspace.class = AnRemote
+        workspace.method_name = :dumb_method
+      },
+      after_request: lambda{|workspace|
+        workspace.request.session['authenticity_token'].should_not be_blank
+      }
+    )
+    
+    # post
+    check_forgery(
+      before_request: lambda{|workspace|        
+        workspace.env['REQUEST_METHOD'] = 'POST'        
+        workspace.env['CONTENT_TYPE'] = 'text/html'
+        workspace.class = AnRemote
+        workspace.method_name = :dumb_method
+      },
+      after_request: lambda{|workspace|
+        workspace.request.session['authenticity_token'].should be_blank
+      }
+    )
+  end
+  
+  it "should check any non :get request with browser's formats for :authenticity_token" do
+    lambda{
+      check_forgery(
+        before_request: lambda{|workspace|        
+          workspace.env['REQUEST_METHOD'] = 'POST'        
+          workspace.env['CONTENT_TYPE'] = 'text/html'
+          workspace.class = AnRemote
+          workspace.method_name = 'protected_method'
+        }
+      )
+    }.should raise_error(/invalid authenticity token/)
+  end
+    
+  it "should pass request with correct authenticity_token" do
+    check_forgery(
+      before_request: lambda{|workspace|
+        workspace.env['REQUEST_METHOD'] = 'POST'        
+        workspace.env['CONTENT_TYPE'] = 'text/html'
+        workspace.request.session['authenticity_token'] = 'secure token'
+        workspace.params['authenticity_token'] = 'secure token'
+        workspace.class = AnRemote
+        workspace.method_name = 'protected_method'
+      },
+      after_request: lambda{|workspace|
+        workspace.content.should == "protected result"
+      }
+    )
+  end
+    
+  it "should not check request with non-browser content type" do
+    check_forgery(
+      before_request: lambda{|workspace|
+        workspace.env['REQUEST_METHOD'] = 'POST'        
+        workspace.env['CONTENT_TYPE'] = 'non-browser-format'
+        workspace.class = AnRemote
+        workspace.method_name = 'protected_method'
+      },
+      after_request: lambda{|workspace|
+        workspace.content.should == "protected result"
+      }
+    )
+  end
+    
+  it "should not check request with non-browser format" do
+    check_forgery(
+      before_request: lambda{|workspace|
+        workspace.env['REQUEST_METHOD'] = 'POST'        
+        workspace.env['CONTENT_TYPE'] = 'text/html'
+        workspace.params['format'] = 'json'
+        workspace.class = AnRemote
+        workspace.method_name = 'protected_method'
+      },
+      after_request: lambda{|workspace|
+        workspace.content.should == "protected result"
+      }
+    )
+  end
+  
+  it "should not protect non protected methods" do
+    check_forgery(
+      before_request: lambda{|workspace|        
+        workspace.env['REQUEST_METHOD'] = 'POST'        
+        workspace.env['CONTENT_TYPE'] = 'text/html'
+        workspace.class = AnRemote
+        workspace.method_name = 'method_without_protection'
+      },
+      after_request: lambda{|workspace|
+        workspace.content.should == "result"
+      }
+    )    
+  end
+  
+  # it "OUTDATED should use :session_authenticity_token from params (for flash support)" do
+  #   check_forgery(
+  #     before_request: lambda{|workspace|
+  #       workspace.env['REQUEST_METHOD'] = 'POST'        
+  #       workspace.params.format = 'text/html'
+  #       # workspace.params['session_authenticity_token'] = 'secure token'
+  #       workspace.params['authenticity_token'] = 'secure token'
+  #       workspace.class = AnRemote
+  #       workspace.method_name = 'protected_method'
+  #     },
+  #     after_request: lambda{|workspace|
+  #       workspace.content.should == "protected result"
+  #     }
+  #   )
+  # end
+
+end

data/spec/spec_helper/web_profile.rb

@@ -0,0 +1,3 @@
+rad.conveyors.web do |web|
+  web.use Rad::Controller::Processors::ControllerCaller
+end

data/spec/spec_helper.rb

@@ -0,0 +1,2 @@
+require 'rspec_ext'
+require 'rad_ext'

data/spec/spec_helper_with_rad.rb

@@ -0,0 +1,4 @@
+require 'spec_helper'
+
+require 'rad'
+require 'rad/spec'

metadata

@@ -0,0 +1,110 @@
+--- !ruby/object:Gem::Specification
+name: rad_ext
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Alexey Petrushin
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2011-07-04 00:00:00.000000000 +04:00
+default_executable: 
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: i18n
+  requirement: &2956510 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - =
+      - !ruby/object:Gem::Version
+        version: 0.5.0
+  type: :runtime
+  prerelease: false
+  version_requirements: *2956510
+- !ruby/object:Gem::Dependency
+  name: rad_core
+  requirement: &2956210 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: *2956210
+- !ruby/object:Gem::Dependency
+  name: rad_assets
+  requirement: &2955960 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: *2955960
+description: 
+email: 
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- Rakefile
+- readme.md
+- lib/rad/configurators/abstract.rb
+- lib/rad/configurators/runtime.rb
+- lib/rad/configurators/web.rb
+- lib/rad/controller/forgery_protector.rb
+- lib/rad/processors/ajax_helper.rb
+- lib/rad/processors/ensure_no_www.rb
+- lib/rad_ext/configurators.rb
+- lib/rad_ext/extensions/i18n/locales/ru/pluralization.rb
+- lib/rad_ext/extensions/i18n.rb
+- lib/rad_ext/extensions/prepare_model.rb
+- lib/rad_ext/extensions/user_error.rb
+- lib/rad_ext/extensions.rb
+- lib/rad_ext/gems.rb
+- lib/rad_ext/profiles/web_ext.rb
+- lib/rad_ext/protect_from_forgery.rb
+- lib/rad_ext/require.rb
+- lib/rad_ext/spec.rb
+- lib/rad_ext/tasks.rb
+- lib/rad_ext/utils/cli_helper.rb
+- lib/rad_ext.rb
+- spec/extensions/i18n_spec/locales/en/general.yml
+- spec/extensions/i18n_spec/locales/ru/general.yml
+- spec/extensions/i18n_spec.rb
+- spec/extensions/prepare_model_spec.rb
+- spec/extensions/user_error_spec.rb
+- spec/processors/protect_from_forgery_spec.rb
+- spec/spec_helper/web_profile.rb
+- spec/spec_helper.rb
+- spec/spec_helper_with_rad.rb
+has_rdoc: true
+homepage: http://github.com/alexeypetrushin/rad_ext
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.5.1
+signing_key: 
+specification_version: 3
+summary: Extensions for Rad Framework
+test_files: []