RubyGems - sand - Versions diffs - 0.1.0 - Mend

sand 0.1.0

Files changed (29) hide show

checksums.yaml +7 -0
data/.document +5 -0
data/.gitignore +6 -0
data/.rdoc_options +16 -0
data/.rspec +1 -0
data/.rubocop.yml +6 -0
data/.travis.yml +8 -0
data/ChangeLog.md +4 -0
data/Gemfile +3 -0
data/LICENSE.txt +21 -0
data/README.md +50 -0
data/Rakefile +26 -0
data/lib/sand.rb +44 -0
data/lib/sand/helpers.rb +35 -0
data/lib/sand/middleware.rb +40 -0
data/lib/sand/policy_finder.rb +48 -0
data/lib/sand/util.rb +7 -0
data/lib/sand/version.rb +3 -0
data/sand.gemspec +33 -0
data/spec/.rubocop.yml +2 -0
data/spec/application/rack_spec.rb +11 -0
data/spec/application/shared_application_examples.rb +72 -0
data/spec/application/sinatra_spec.rb +12 -0
data/spec/sand_spec.rb +97 -0
data/spec/spec_helper.rb +6 -0
data/spec/support/rack_app.rb +47 -0
data/spec/support/shared_application_code.rb +58 -0
data/spec/support/sinatra_app.rb +46 -0
metadata +234 -0

checksums.yaml ADDED

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 3e35fa0c449b867bf7a2a4ca9896bcef5dab595c
+  data.tar.gz: 97ae09fb52cb0a5e79f3a026682a8ee136dc7a47
+SHA512:
+  metadata.gz: e207da09669c379140f79f5b976f61f9a19479ea4b883112beaa0853588f7fc4da5f543febee4c7b6fb68b532d49b17a077cdf980ea103f063ad3a37c077e58a
+  data.tar.gz: 81a1995877fdeb8491961fde669fde5ad89a29cdb16c2d000ef0d02ed6754ffd1d96ee8b6449fe30493a6b2f892efa95c12bb34f96bddf96e5ce3b4c9d67c954

data/.document ADDED

@@ -0,0 +1,5 @@
+lib/**/*.rb
+README.md
+ChangeLog.md
+LICENSE.txt

data/.gitignore ADDED

@@ -0,0 +1,6 @@
+/.bundle
+/Gemfile.lock
+/html/
+/pkg/
+/vendor/cache/*.gem
+tags

data/.rdoc_options ADDED

@@ -0,0 +1,16 @@
+--- !ruby/object:RDoc::Options
+encoding: UTF-8
+static_path: []
+rdoc_include:
+  - .
+charset: UTF-8
+exclude:
+hyperlink_all: false
+line_numbers: false
+main_page: README.md
+markup: markdown
+show_hash: false
+tab_width: 8
+title: sand Documentation
+visibility: :protected
+webcvs:

data/.rspec ADDED

	@@ -0,0 +1 @@
1	+ --colour --format documentation

data/.rubocop.yml ADDED

@@ -0,0 +1,6 @@
+---
+Style/Documentation:
+  Enabled: false
+AllCops:
+  Exclude:
+    - 'spec/support/*_app.rb'

data/.travis.yml ADDED

@@ -0,0 +1,8 @@
+---
+language: ruby
+rvm:
+  - 2.0
+  - 2.1
+  - 2.2
+before_install:
+  - gem install bundler

data/ChangeLog.md ADDED

@@ -0,0 +1,4 @@
+### 0.1.0 / 2016-02-05
+* Initial release:

data/Gemfile ADDED

@@ -0,0 +1,3 @@
+source 'https://rubygems.org'
+gemspec

data/LICENSE.txt ADDED

@@ -0,0 +1,21 @@
+Rack Specific modifications Copyright (c) 2016 Nick Tomlin
+Otherwise Copyright (c) 2012 Jonas Nicklas, Elabs AB
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md ADDED

@@ -0,0 +1,50 @@
+sand [![Build Status](https://travis-ci.org/NickTomlin/ruby-sand.svg?branch=master)](https://travis-ci.org/NickTomlin/ruby-sand)
+===
+A ruby gem for authorization in rack/sinatra applications. Code mostly stolen from [Pundit](https://github.com/elabs/pundit).
+Usage
+---
+The [Pundit policy](https://github.com/elabs/pundit#policies) documentation provides an excellent introduction into creating defining policies.
+Once you've built your policies, you can start to use sand. By default, you can include sand in your rack application like so:
+```ruby
+require 'sand'
+use Sand::Middleware
+class MyModel < MyOrm::Model
+  # ...
+end
+class MyModelPolicy
+  # ...
+end
+class Routes
+  env['sand'].authorize(user, MyModel, :can_greet?)
+  [200, {}, ['Hello world']]
+end
+MyRackApp = Rack::Builder.new do
+  use Sand::Middleware
+  run SandApp.new
+end
+```
+This will add `authorize` and `policy_scope` underneath env['sand'], that you can call in your middleware / routes.
+Sinatra users can access sand's middleware via helpers by adding `Sand::Helpers`:
+```ruby
+require 'sinatra'
+use Sand::Helpers
+get '/' do
+  user = User.find(params[:user_id])
+  accounts = policy_scope(user, Account)
+  json accounts: accounts
+end
+```

data/Rakefile ADDED

@@ -0,0 +1,26 @@
+# encoding: utf-8
+require 'rubygems'
+begin
+  require 'bundler/setup'
+rescue LoadError => e
+  abort e.message
+end
+require 'rake'
+require 'rubygems/tasks'
+Gem::Tasks.new
+require 'rdoc/task'
+RDoc::Task.new
+task doc: :rdoc
+require 'rspec/core/rake_task'
+RSpec::Core::RakeTask.new
+require 'rubocop/rake_task'
+RuboCop::RakeTask.new
+task default: %w(rubocop spec)

data/lib/sand.rb ADDED

@@ -0,0 +1,44 @@
+require 'sand/version'
+require 'sand/policy_finder'
+require 'sand/util'
+require 'sand/helpers'
+require 'sand/middleware'
+module Sand
+  class Error < StandardError; end
+  class NotDefinedError < Error; end
+  class AuthorizationNotPerformed < Error; end
+  class ScopeNotPerformed < Error; end
+  class NotAuthorizedError < Error
+    attr_reader :record, :query, :policy
+    def initialize(options)
+      @record = options[:record]
+      @query = options[:query]
+      @policy = options[:policy]
+      super("not allowed to #{query} this #{record.inspect}")
+    end
+  end
+  def self.authorize(user, record, query)
+    policy = policy!(user, record)
+    unless policy.public_send(query)
+      raise NotAuthorizedError.new(policy: policy, record: record, query: query) # rubocop:disable Style/RaiseArgs, Metrics/LineLength
+    end
+    true
+  end
+  def self.policy!(user, record)
+    policy = PolicyFinder.new(record).policy!
+    policy.new(user, record)
+  end
+  def self.policy_scope(user, scope)
+    policy_scope = PolicyFinder.new(scope).scope!
+    policy_scope.new(user, scope).resolve
+  end
+end

data/lib/sand/helpers.rb ADDED

@@ -0,0 +1,35 @@
+module Sand
+  module Helpers
+    def policy_scope(user, record)
+      scoped!
+      scope = PolicyFinder.new(record).scope!
+      scope.new(user, record).resolve if scope
+    end
+    def authorize(user, record, query)
+      authorized!
+      policy = Sand.policy!(user, record)
+      unless policy.public_send(query)
+        raise Sand::NotAuthorizedError.new(policy: policy, query: query, record: record) # rubocop:disable Metrics/LineLength, Style/RaiseArgs
+      end
+    end
+    def skip_sand_authorization
+      authorized!
+    end
+    def skip_sand_scoping
+      scoped!
+    end
+    private
+    def authorized!
+      env['sand.authorized'] = true
+    end
+    def scoped!
+      env['sand.scoped'] = true
+    end
+  end
+end

data/lib/sand/middleware.rb ADDED

@@ -0,0 +1,40 @@
+module Sand
+  class RequestMethods
+    attr_accessor :env
+    include Sand::Helpers
+    def initialize(env)
+      @env = env
+    end
+  end
+  class Middleware
+    attr_reader :app, :env, :options, :response
+    DEFAULT_OPTIONS = {
+      pass: []
+    }.freeze
+    def initialize(app, options = {})
+      @env = nil
+      @app = app
+      @options = DEFAULT_OPTIONS.merge(options)
+    end
+    def passed?
+      return true if options[:pass].any? { |r| r =~ env['REQUEST_PATH'] }
+      return true if env['sand.pass'] == true || env['sand.scoped'] || env['sand.authorized'] == true # rubocop:disable Metrics/LineLength
+      false
+    end
+    def call(env)
+      @env = env
+      env['sand'] = RequestMethods.new(env)
+      result = app.call(env)
+      return result if passed?
+      raise Sand::AuthorizationNotPerformed
+    end
+  end
+end

data/lib/sand/policy_finder.rb ADDED

@@ -0,0 +1,48 @@
+module Sand
+  class PolicyFinder
+    POLICY_SUFFIX = 'Policy'.freeze
+    def initialize(object)
+      @object = object
+    end
+    def scope!
+      policy!::Scope
+    rescue NameError
+      raise NotDefinedError
+    end
+    def policy!
+      klass = find
+      klass = Util.constantize(klass) if klass.is_a?(String)
+      klass
+    rescue NameError
+      raise NotDefinedError
+    end
+    private
+    # rubocop:disable Metrics/PerceivedComplexity, Metrics/MethodLength, Metrics/CyclomaticComplexity, Metrics/AbcSize, Metrics/LineLength
+    def find
+      klass = @object
+      return klass if @object.nil?
+      if @object.respond_to?(:sand_policy)
+        @object.sand_policy
+      elsif @object.class.respond_to?(:sand_policy)
+        @object.sand_policy
+      else
+        klass = if @object.is_a?(Symbol)
+                  @object.to_s.camelize
+                elsif @object.respond_to?(:model)
+                  @object.model
+                elsif @object.respond_to?(:model_class)
+                  @object.model_class
+                else
+                  @object.to_s
+                end
+        "#{klass}#{POLICY_SUFFIX}"
+      end
+    end
+  end
+end

data/lib/sand/util.rb ADDED

@@ -0,0 +1,7 @@
+module Sand
+  module Util
+    def self.constantize(str = '')
+      str.split('::').inject(Module) { |a, e| a.const_get(e) }
+    end
+  end
+end

data/lib/sand/version.rb ADDED

@@ -0,0 +1,3 @@
+module Sand
+  VERSION = '0.1.0'.freeze
+end

data/sand.gemspec ADDED

@@ -0,0 +1,33 @@
+# -*- encoding: utf-8 -*-
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'sand/version'
+Gem::Specification.new do |gem|
+  gem.name          = 'sand'
+  gem.version       = Sand::VERSION
+  gem.summary       = 'Authorization for rack-based applications'
+  gem.description   = 'A ruby gem for authorization for use in sinatra/rack applications. Heavily inspired [Pundit](https://github.com/elabs/pundit)' # rubocop:disable Metrics/LineLength
+  gem.license       = 'MIT'
+  gem.authors       = ['Nick Tomlin']
+  gem.email         = 'nick.tomlin@gmail.com'
+  gem.homepage      = 'https://rubygems.org/gems/sand'
+  gem.files         = `git ls-files`.split($INPUT_RECORD_SEPARATOR)
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.require_paths = ['lib']
+  gem.add_development_dependency 'bundler', '~> 1.10'
+  gem.add_development_dependency 'rake', '~> 10.0'
+  gem.add_development_dependency 'rdoc', '~> 4.0'
+  gem.add_development_dependency 'rspec', '~> 3.0'
+  gem.add_development_dependency 'rubygems-tasks', '~> 0.2'
+  gem.add_development_dependency 'rubocop', '~> 0.37.0'
+  gem.add_development_dependency 'pry', '0.10.3'
+  gem.add_development_dependency 'rack-test', '~> 0.6.3'
+  gem.add_development_dependency 'sinatra', '~> 1.4.7'
+  gem.add_development_dependency 'sequel', '~> 4.31'
+  gem.add_development_dependency 'sqlite3'
+end

data/spec/.rubocop.yml ADDED

	@@ -0,0 +1,2 @@
1	+ Metrics/LineLength:
2	+ Enabled: false # I'm fine with long specs :screaming-cat-face:

data/spec/application/rack_spec.rb ADDED

@@ -0,0 +1,11 @@
+require 'spec_helper'
+require 'support/rack_app'
+require 'rack/test'
+RSpec.describe 'Sand in the context of a rack Application' do
+  include_examples 'RackApplications'
+  def app
+    MyRackApp
+  end
+end

data/spec/application/shared_application_examples.rb ADDED

@@ -0,0 +1,72 @@
+RSpec.shared_examples 'RackApplications' do
+  include Rack::Test::Methods
+  before(:each) do
+    # poor man's database cleaner
+    User.all.each(&:delete)
+    Account.all.each(&:delete)
+  end
+  let!(:user) { User.create(name: 'Normal User', admin: false) }
+  let!(:admin_user) { User.create(name: 'Admin User', admin: true) }
+  describe 'finding resources via policy_scope' do
+    it "returns resources based on the Policy's Scope.resolve for 'admin' users" do
+      3.times { |x| Account.create(title: "Account #{x}") }
+      get "/users/#{admin_user.id}/accounts"
+      expect(last_response).to be_ok
+      body = JSON.parse(last_response.body)
+      expect(body.size).to eq(3)
+    end
+    it "returns resources based on the Policy's Scope.resolve for 'normal'" do
+      2.times do |x|
+        account = Account.create(title: "Owned Account #{x}")
+        Role.create(role: 'Normal', user_id: user.id, account_id: account.id)
+      end
+      Account.create(title: 'Not owned Account')
+      get "/users/#{user.id}/accounts"
+      expect(last_response).to be_ok
+      body = JSON.parse(last_response.body)
+      expect(body.size).to eq(2)
+    end
+  end
+  describe 'verify_scoped' do
+    it 'raises a Sand::NotAuthorizedError if policy has not been authorized' do
+      expect do
+        get '/verify_scoped/fail'
+      end.to raise_error Sand::AuthorizationNotPerformed
+    end
+    it 'does nothing if resource has been authorized' do
+      get '/verify_scoped/succeed'
+      expect(last_response).to be_ok
+    end
+    it 'allows users to skip authorization' do
+      get '/verify_scoped/pass'
+      expect(last_response).to be_ok
+    end
+  end
+  describe 'verify_authorized' do
+    before { Account.create(title: 'Test') }
+    it 'raises an error if resource has not been authorized' do
+      expect do
+        get '/verify_authorized/fail'
+      end.to raise_error Sand::NotAuthorizedError
+    end
+    it 'does nothing if resource has been authorized' do
+      get '/verify_authorized/success'
+      expect(last_response).to be_ok
+    end
+  end
+end

data/spec/application/sinatra_spec.rb ADDED

@@ -0,0 +1,12 @@
+require 'spec_helper'
+require 'support/sinatra_app'
+require 'rack/test'
+require 'json'
+RSpec.describe Sand::Helpers do
+  include_examples 'RackApplications'
+  def app
+    Sinatra::Application
+  end
+end

data/spec/sand_spec.rb ADDED

@@ -0,0 +1,97 @@
+require 'spec_helper'
+RSpec.describe Sand do
+  class PostPolicy < Struct.new(:user, :post) # rubocop:disable Style/StructInheritance
+    def update?
+      post.user == user
+    end
+    def destroy?
+      false
+    end
+    def show?
+      true
+    end
+  end
+  class PostPolicy::Scope < Struct.new(:user, :scope) # rubocop:disable Style/StructInheritance, Style/ClassAndModuleChildren
+    def resolve
+      scope.published
+    end
+  end
+  class Post < Struct.new(:user) # rubocop:disable Style/StructInheritance
+    def self.published
+      :published
+    end
+    def to_s
+      'Post'
+    end
+    def inspect
+      '#<Post>'
+    end
+  end
+  let(:user) { double }
+  let(:post) { Post.new(user) }
+  describe '.authorize' do
+    it 'infers the policy and authorizes based on it' do
+      expect(Sand.authorize(user, post, :update?)).to be_truthy
+    end
+    it 'raises an error with a query and action' do
+      expect { Sand.authorize(user, post, :destroy?) }.to raise_error(Sand::NotAuthorizedError, 'not allowed to destroy? this #<Post>') do |error|
+        expect(error.query).to eq :destroy?
+        expect(error.record).to eq post
+        expect(error.policy).to eq Sand.policy!(user, post)
+      end
+    end
+  end
+  describe '.policy_scope' do
+    it 'returns an instantiated policy scope given a plain model class' do
+      expect(Sand.policy_scope(user, Post)).to eq :published
+    end
+    it 'uses Model.policy if it is defined' do
+      class NonStandardPolicyKlass < Struct.new(:user) # rubocop:disable Style/StructInheritance
+        class Scope < Struct.new(:user, :resource) # rubocop:disable Style/StructInheritance
+          def resolve
+            :resolved
+          end
+        end
+      end
+      class NonStandardKlass
+        def to_s
+          'WillBreak'
+        end
+        def self.sand_policy
+          NonStandardPolicyKlass
+        end
+      end
+      expect(Sand.policy_scope(user, NonStandardKlass)).to eq(:resolved)
+    end
+  end
+  describe '.policy!' do
+    it 'rests on default NameErrors if policy does not exist' do
+      class Foo
+      end
+      expect do
+        Sand.policy!(user, Foo)
+      end.to raise_error Sand::NotDefinedError
+    end
+    it 'succesfully finds a policy if one is defined' do
+      policy = Sand.policy!(user, post)
+      expect(policy).to be_an_instance_of(PostPolicy)
+    end
+  end
+end

data/spec/spec_helper.rb ADDED

@@ -0,0 +1,6 @@
+require 'rspec'
+require 'sand'
+require 'pry'
+require 'application/shared_application_examples'
+ENV['RACK_ENV'] = 'test'

data/spec/support/rack_app.rb ADDED

@@ -0,0 +1,47 @@
+require 'rack'
+require 'json'
+require 'support/shared_application_code'
+class SandApp # rubocop:disable
+  def json_response(data)
+    [200, {}, JSON.dump(data)]
+  end
+  def call(env)
+    request = Rack::Request.new(env)
+    case request.path_info
+    when %r{/accounts$}
+      id = /\d/.match(request.path_info)[0]
+      user = User[id]
+      accounts = env['sand'].policy_scope(user, Account)
+      json_response(accounts.map(&:to_hash))
+    when %r{/verify_scoped/failure}
+      [200, {}, [1, 2, 3]]
+    when %r{/verify_scoped/succeed}
+      accounts = env['sand'].policy_scope(user, Account)
+      json_response(accounts.map(&:to_hash))
+    when %r{/verify_scoped/pass}
+      env['sand'].skip_sand_scoping
+      [200, {}, ['yay']]
+    when %r{/verify_authorized/fail}
+      user = User.find('1')
+      account = Account.first
+      env['sand'].authorize(user, account, :will_fail_action)
+      [200, {}, ['yay']]
+    when %r{/verify_authorized/success}
+      user = User.find('1')
+      account = Account.first
+      env['sand'].authorize(user, account, :will_succeed_action)
+      [200, {}, ['yay']]
+    else
+      [404, {}, []]
+    end
+  end
+end
+MyRackApp = Rack::Builder.new do
+  use Sand::Middleware
+  run SandApp.new
+end

data/spec/support/shared_application_code.rb ADDED

@@ -0,0 +1,58 @@
+require 'sequel'
+DB = Sequel.sqlite
+DB.create_table :users do
+  primary_key :id
+  String :name
+  Boolean :admin
+end
+DB.create_table :accounts do
+  primary_key :id
+  String :title
+end
+DB.create_table :roles do
+  Integer  'user_id'
+  Integer  'account_id'
+  String   'role'
+end
+class Account < Sequel::Model; end
+class User < Sequel::Model; end
+class Role < Sequel::Model
+  many_to_one :user
+  many_to_one :account
+end
+class AccountPolicy
+  def initialize(user, record)
+    @user = user
+    @record = record
+  end
+  def will_fail_action
+    false
+  end
+  def will_succeed_action
+    true
+  end
+  class Scope
+    attr_reader :user, :scope
+    def initialize(user, scope)
+      @user = user
+      @scope = scope
+    end
+    def resolve
+      return [] if user.nil?
+      return scope.all if user.admin
+      scope.join(:roles, account_id: :id).where(user_id: user.id)
+    end
+  end
+end

data/spec/support/sinatra_app.rb ADDED

@@ -0,0 +1,46 @@
+require 'sinatra'
+require 'sand'
+require 'json'
+require 'support/shared_application_code'
+get '/' do
+  'Index'
+end
+helpers Sand::Helpers
+use Sand::Middleware
+get '/users/:user_id/accounts' do
+  user = User[params[:user_id]]
+  accounts = policy_scope(user, Account)
+  send :erb, accounts.map(&:to_hash).to_json
+end
+get '/verify_scoped/fail' do
+  send :erb, Account.all.map(&:to_hash).to_json
+end
+get '/verify_scoped/succeed' do
+  user = User.find('1')
+  accounts = policy_scope(user, Account)
+  send :erb, accounts.map(&:to_hash).to_json
+end
+get '/verify_scoped/pass' do
+  skip_sand_scoping
+  200
+end
+get '/verify_authorized/fail' do
+  user = User.find('1')
+  account = Account.first
+  authorize(user, account, :will_fail_action)
+  send :erb, account.to_json
+end
+get '/verify_authorized/success' do
+  user = User.find('1')
+  account = Account.first
+  authorize(user, account, :will_succeed_action)
+  send :erb, account.to_json
+end

metadata ADDED

@@ -0,0 +1,234 @@
+--- !ruby/object:Gem::Specification
+name: sand
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Nick Tomlin
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2016-03-18 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.10'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.10'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rdoc
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: rubygems-tasks
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.2'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.37.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.37.0
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.10.3
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.10.3
+- !ruby/object:Gem::Dependency
+  name: rack-test
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.6.3
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.6.3
+- !ruby/object:Gem::Dependency
+  name: sinatra
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.4.7
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.4.7
+- !ruby/object:Gem::Dependency
+  name: sequel
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.31'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.31'
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: A ruby gem for authorization for use in sinatra/rack applications. Heavily
+  inspired [Pundit](https://github.com/elabs/pundit)
+email: nick.tomlin@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".document"
+- ".gitignore"
+- ".rdoc_options"
+- ".rspec"
+- ".rubocop.yml"
+- ".travis.yml"
+- ChangeLog.md
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/sand.rb
+- lib/sand/helpers.rb
+- lib/sand/middleware.rb
+- lib/sand/policy_finder.rb
+- lib/sand/util.rb
+- lib/sand/version.rb
+- sand.gemspec
+- spec/.rubocop.yml
+- spec/application/rack_spec.rb
+- spec/application/shared_application_examples.rb
+- spec/application/sinatra_spec.rb
+- spec/sand_spec.rb
+- spec/spec_helper.rb
+- spec/support/rack_app.rb
+- spec/support/shared_application_code.rb
+- spec/support/sinatra_app.rb
+homepage: https://rubygems.org/gems/sand
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.4.5
+signing_key:
+specification_version: 4
+summary: Authorization for rack-based applications
+test_files:
+- spec/.rubocop.yml
+- spec/application/rack_spec.rb
+- spec/application/shared_application_examples.rb
+- spec/application/sinatra_spec.rb
+- spec/sand_spec.rb
+- spec/spec_helper.rb
+- spec/support/rack_app.rb
+- spec/support/shared_application_code.rb
+- spec/support/sinatra_app.rb