RubyGems - sand - Versions diffs - 0.1.0 - Mend

sand 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (29) hide show

checksums.yaml +7 -0
data/.document +5 -0
data/.gitignore +6 -0
data/.rdoc_options +16 -0
data/.rspec +1 -0
data/.rubocop.yml +6 -0
data/.travis.yml +8 -0
data/ChangeLog.md +4 -0
data/Gemfile +3 -0
data/LICENSE.txt +21 -0
data/README.md +50 -0
data/Rakefile +26 -0
data/lib/sand.rb +44 -0
data/lib/sand/helpers.rb +35 -0
data/lib/sand/middleware.rb +40 -0
data/lib/sand/policy_finder.rb +48 -0
data/lib/sand/util.rb +7 -0
data/lib/sand/version.rb +3 -0
data/sand.gemspec +33 -0
data/spec/.rubocop.yml +2 -0
data/spec/application/rack_spec.rb +11 -0
data/spec/application/shared_application_examples.rb +72 -0
data/spec/application/sinatra_spec.rb +12 -0
data/spec/sand_spec.rb +97 -0
data/spec/spec_helper.rb +6 -0
data/spec/support/rack_app.rb +47 -0
data/spec/support/shared_application_code.rb +58 -0
data/spec/support/sinatra_app.rb +46 -0
metadata +234 -0

checksums.yaml ADDED

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 3e35fa0c449b867bf7a2a4ca9896bcef5dab595c
+  data.tar.gz: 97ae09fb52cb0a5e79f3a026682a8ee136dc7a47
+SHA512:
+  metadata.gz: e207da09669c379140f79f5b976f61f9a19479ea4b883112beaa0853588f7fc4da5f543febee4c7b6fb68b532d49b17a077cdf980ea103f063ad3a37c077e58a
+  data.tar.gz: 81a1995877fdeb8491961fde669fde5ad89a29cdb16c2d000ef0d02ed6754ffd1d96ee8b6449fe30493a6b2f892efa95c12bb34f96bddf96e5ce3b4c9d67c954

data/.document ADDED

@@ -0,0 +1,5 @@
+lib/**/*.rb
+README.md
+ChangeLog.md
+LICENSE.txt

data/.gitignore ADDED

@@ -0,0 +1,6 @@
+/.bundle
+/Gemfile.lock
+/html/
+/pkg/
+/vendor/cache/*.gem
+tags

data/.rdoc_options ADDED

@@ -0,0 +1,16 @@
+--- !ruby/object:RDoc::Options
+encoding: UTF-8
+static_path: []
+rdoc_include:
+  - .
+charset: UTF-8
+exclude:
+hyperlink_all: false
+line_numbers: false
+main_page: README.md
+markup: markdown
+show_hash: false
+tab_width: 8
+title: sand Documentation
+visibility: :protected
+webcvs:

data/.rspec ADDED

	@@ -0,0 +1 @@
1	+ --colour --format documentation

data/.rubocop.yml ADDED

@@ -0,0 +1,6 @@
+---
+Style/Documentation:
+  Enabled: false
+AllCops:
+  Exclude:
+    - 'spec/support/*_app.rb'

data/.travis.yml ADDED

@@ -0,0 +1,8 @@
+---
+language: ruby
+rvm:
+  - 2.0
+  - 2.1
+  - 2.2
+before_install:
+  - gem install bundler

data/ChangeLog.md ADDED

@@ -0,0 +1,4 @@
+### 0.1.0 / 2016-02-05
+* Initial release:

data/Gemfile ADDED

@@ -0,0 +1,3 @@
+source 'https://rubygems.org'
+gemspec

data/LICENSE.txt ADDED

@@ -0,0 +1,21 @@
+Rack Specific modifications Copyright (c) 2016 Nick Tomlin
+Otherwise Copyright (c) 2012 Jonas Nicklas, Elabs AB
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md ADDED

@@ -0,0 +1,50 @@
+sand [![Build Status](https://travis-ci.org/NickTomlin/ruby-sand.svg?branch=master)](https://travis-ci.org/NickTomlin/ruby-sand)
+===
+A ruby gem for authorization in rack/sinatra applications. Code mostly stolen from [Pundit](https://github.com/elabs/pundit).
+Usage
+---
+The [Pundit policy](https://github.com/elabs/pundit#policies) documentation provides an excellent introduction into creating defining policies.
+Once you've built your policies, you can start to use sand. By default, you can include sand in your rack application like so:
+```ruby
+require 'sand'
+use Sand::Middleware
+class MyModel < MyOrm::Model
+  # ...
+end
+class MyModelPolicy
+  # ...
+end
+class Routes
+  env['sand'].authorize(user, MyModel, :can_greet?)
+  [200, {}, ['Hello world']]
+end
+MyRackApp = Rack::Builder.new do
+  use Sand::Middleware
+  run SandApp.new
+end
+```
+This will add `authorize` and `policy_scope` underneath env['sand'], that you can call in your middleware / routes.
+Sinatra users can access sand's middleware via helpers by adding `Sand::Helpers`:
+```ruby
+require 'sinatra'
+use Sand::Helpers
+get '/' do
+  user = User.find(params[:user_id])
+  accounts = policy_scope(user, Account)
+  json accounts: accounts
+end
+```

data/Rakefile ADDED

@@ -0,0 +1,26 @@
+# encoding: utf-8
+require 'rubygems'
+begin
+  require 'bundler/setup'
+rescue LoadError => e
+  abort e.message
+end
+require 'rake'
+require 'rubygems/tasks'
+Gem::Tasks.new
+require 'rdoc/task'
+RDoc::Task.new
+task doc: :rdoc
+require 'rspec/core/rake_task'
+RSpec::Core::RakeTask.new
+require 'rubocop/rake_task'
+RuboCop::RakeTask.new
+task default: %w(rubocop spec)

data/lib/sand.rb ADDED

@@ -0,0 +1,44 @@
+require 'sand/version'
+require 'sand/policy_finder'
+require 'sand/util'
+require 'sand/helpers'
+require 'sand/middleware'
+module Sand
+  class Error < StandardError; end
+  class NotDefinedError < Error; end
+  class AuthorizationNotPerformed < Error; end
+  class ScopeNotPerformed < Error; end
+  class NotAuthorizedError < Error
+    attr_reader :record, :query, :policy
+    def initialize(options)
+      @record = options[:record]
+      @query = options[:query]
+      @policy = options[:policy]
+      super("not allowed to #{query} this #{record.inspect}")
+    end
+  end
+  def self.authorize(user, record, query)
+    policy = policy!(user, record)
+    unless policy.public_send(query)
+      raise NotAuthorizedError.new(policy: policy, record: record, query: query) # rubocop:disable Style/RaiseArgs, Metrics/LineLength
+    end
+    true
+  end
+  def self.policy!(user, record)
+    policy = PolicyFinder.new(record).policy!
+    policy.new(user, record)
+  end
+  def self.policy_scope(user, scope)
+    policy_scope = PolicyFinder.new(scope).scope!
+    policy_scope.new(user, scope).resolve
+  end
+end

data/lib/sand/helpers.rb ADDED

@@ -0,0 +1,35 @@
+module Sand
+  module Helpers
+    def policy_scope(user, record)
+      scoped!
+      scope = PolicyFinder.new(record).scope!
+      scope.new(user, record).resolve if scope
+    end
+    def authorize(user, record, query)
+      authorized!
+      policy = Sand.policy!(user, record)
+      unless policy.public_send(query)
+        raise Sand::NotAuthorizedError.new(policy: policy, query: query, record: record) # rubocop:disable Metrics/LineLength, Style/RaiseArgs
+      end
+    end
+    def skip_sand_authorization
+      authorized!
+    end
+    def skip_sand_scoping
+      scoped!
+    end
+    private
+    def authorized!
+      env['sand.authorized'] = true
+    end
+    def scoped!
+      env['sand.scoped'] = true
+    end
+  end
+end

data/lib/sand/middleware.rb ADDED

@@ -0,0 +1,40 @@
+module Sand
+  class RequestMethods
+    attr_accessor :env
+    include Sand::Helpers
+    def initialize(env)
+      @env = env
+    end
+  end
+  class Middleware
+    attr_reader :app, :env, :options, :response
+    DEFAULT_OPTIONS = {
+      pass: []
+    }.freeze
+    def initialize(app, options = {})
+      @env = nil
+      @app = app
+      @options = DEFAULT_OPTIONS.merge(options)
+    end
+    def passed?
+      return true if options[:pass].any? { |r| r =~ env['REQUEST_PATH'] }
+      return true if env['sand.pass'] == true || env['sand.scoped'] || env['sand.authorized'] == true # rubocop:disable Metrics/LineLength
+      false
+    end
+    def call(env)
+      @env = env
+      env['sand'] = RequestMethods.new(env)
+      result = app.call(env)
+      return result if passed?
+      raise Sand::AuthorizationNotPerformed
+    end
+  end
+end

data/lib/sand/policy_finder.rb ADDED

@@ -0,0 +1,48 @@
+module Sand
+  class PolicyFinder
+    POLICY_SUFFIX = 'Policy'.freeze
+    def initialize(object)
+      @object = object
+    end
+    def scope!
+      policy!::Scope
+    rescue NameError
+      raise NotDefinedError
+    end
+    def policy!
+      klass = find
+      klass = Util.constantize(klass) if klass.is_a?(String)
+      klass
+    rescue NameError
+      raise NotDefinedError
+    end
+    private
+    # rubocop:disable Metrics/PerceivedComplexity, Metrics/MethodLength, Metrics/CyclomaticComplexity, Metrics/AbcSize, Metrics/LineLength
+    def find
+      klass = @object
+      return klass if @object.nil?
+      if @object.respond_to?(:sand_policy)
+        @object.sand_policy
+      elsif @object.class.respond_to?(:sand_policy)
+        @object.sand_policy
+      else
+        klass = if @object.is_a?(Symbol)
+                  @object.to_s.camelize
+                elsif @object.respond_to?(:model)
+                  @object.model
+                elsif @object.respond_to?(:model_class)
+                  @object.model_class
+                else
+                  @object.to_s
+                end
+        "#{klass}#{POLICY_SUFFIX}"
+      end
+    end
+  end
+end

data/lib/sand/util.rb ADDED

@@ -0,0 +1,7 @@
+module Sand
+  module Util
+    def self.constantize(str = '')
+      str.split('::').inject(Module) { |a, e| a.const_get(e) }
+    end
+  end
+end

data/lib/sand/version.rb ADDED

@@ -0,0 +1,3 @@
+module Sand
+  VERSION = '0.1.0'.freeze
+end

data/sand.gemspec ADDED

@@ -0,0 +1,33 @@
+# -*- encoding: utf-8 -*-
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'sand/version'
+Gem::Specification.new do |gem|
+  gem.name          = 'sand'
+  gem.version       = Sand::VERSION
+  gem.summary       = 'Authorization for rack-based applications'
+  gem.description   = 'A ruby gem for authorization for use in sinatra/rack applications. Heavily inspired [Pundit](https://github.com/elabs/pundit)' # rubocop:disable Metrics/LineLength
+  gem.license       = 'MIT'
+  gem.authors       = ['Nick Tomlin']
+  gem.email         = 'nick.tomlin@gmail.com'
+  gem.homepage      = 'https://rubygems.org/gems/sand'
+  gem.files         = `git ls-files`.split($INPUT_RECORD_SEPARATOR)
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.require_paths = ['lib']
+  gem.add_development_dependency 'bundler', '~> 1.10'
+  gem.add_development_dependency 'rake', '~> 10.0'
+  gem.add_development_dependency 'rdoc', '~> 4.0'
+  gem.add_development_dependency 'rspec', '~> 3.0'
+  gem.add_development_dependency 'rubygems-tasks', '~> 0.2'
+  gem.add_development_dependency 'rubocop', '~> 0.37.0'
+  gem.add_development_dependency 'pry', '0.10.3'
+  gem.add_development_dependency 'rack-test', '~> 0.6.3'
+  gem.add_development_dependency 'sinatra', '~> 1.4.7'
+  gem.add_development_dependency 'sequel', '~> 4.31'
+  gem.add_development_dependency 'sqlite3'
+end

data/spec/.rubocop.yml ADDED

	@@ -0,0 +1,2 @@
1	+ Metrics/LineLength:
2	+ Enabled: false # I'm fine with long specs :screaming-cat-face:

data/spec/application/rack_spec.rb ADDED

@@ -0,0 +1,11 @@
+require 'spec_helper'
+require 'support/rack_app'
+require 'rack/test'
+RSpec.describe 'Sand in the context of a rack Application' do
+  include_examples 'RackApplications'
+  def app
+    MyRackApp
+  end
+end

data/spec/application/shared_application_examples.rb ADDED

@@ -0,0 +1,72 @@
+RSpec.shared_examples 'RackApplications' do
+  include Rack::Test::Methods
+  before(:each) do
+    # poor man's database cleaner
+    User.all.each(&:delete)
+    Account.all.each(&:delete)
+  end
+  let!(:user) { User.create(name: 'Normal User', admin: false) }
+  let!(:admin_user) { User.create(name: 'Admin User', admin: true) }
+  describe 'finding resources via policy_scope' do
+    it "returns resources based on the Policy's Scope.resolve for 'admin' users" do
+      3.times { |x| Account.create(title: "Account #{x}") }
+      get "/users/#{admin_user.id}/accounts"
+      expect(last_response).to be_ok
+      body = JSON.parse(last_response.body)
+      expect(body.size).to eq(3)
+    end
+    it "returns resources based on the Policy's Scope.resolve for 'normal'" do
+      2.times do |x|
+        account = Account.create(title: "Owned Account #{x}")
+        Role.create(role: 'Normal', user_id: user.id, account_id: account.id)
+      end
+      Account.create(title: 'Not owned Account')
+      get "/users/#{user.id}/accounts"
+      expect(last_response).to be_ok
+      body = JSON.parse(last_response.body)
+      expect(body.size).to eq(2)
+    end
+  end
+  describe 'verify_scoped' do
+    it 'raises a Sand::NotAuthorizedError if policy has not been authorized' do
+      expect do
+        get '/verify_scoped/fail'
+      end.to raise_error Sand::AuthorizationNotPerformed
+    end
+    it 'does nothing if resource has been authorized' do
+      get '/verify_scoped/succeed'
+      expect(last_response).to be_ok
+    end
+    it 'allows users to skip authorization' do
+      get '/verify_scoped/pass'
+      expect(last_response).to be_ok
+    end
+  end
+  describe 'verify_authorized' do
+    before { Account.create(title: 'Test') }
+    it 'raises an error if resource has not been authorized' do
+      expect do
+        get '/verify_authorized/fail'
+      end.to raise_error Sand::NotAuthorizedError
+    end
+    it 'does nothing if resource has been authorized' do
+      get '/verify_authorized/success'
+      expect(last_response).to be_ok
+    end
+  end
+end

data/spec/application/sinatra_spec.rb ADDED

@@ -0,0 +1,12 @@
+require 'spec_helper'
+require 'support/sinatra_app'
+require 'rack/test'
+require 'json'
+RSpec.describe Sand::Helpers do
+  include_examples 'RackApplications'
+  def app
+    Sinatra::Application
+  end
+end

data/spec/sand_spec.rb ADDED

@@ -0,0 +1,97 @@
+require 'spec_helper'
+RSpec.describe Sand do
+  class PostPolicy < Struct.new(:user, :post) # rubocop:disable Style/StructInheritance
+    def update?
+      post.user == user
+    end
+    def destroy?
+      false
+    end
+    def show?
+      true
+    end
+  end
+  class PostPolicy::Scope < Struct.new(:user, :scope) # rubocop:disable Style/StructInheritance, Style/ClassAndModuleChildren
+    def resolve
+      scope.published
+    end
+  end
+  class Post < Struct.new(:user) # rubocop:disable Style/StructInheritance
+    def self.published
+      :published
+    end
+    def to_s
+      'Post'
+    end
+    def inspect
+      '#<Post>'
+    end
+  end
+  let(:user) { double }
+  let(:post) { Post.new(user) }
+  describe '.authorize' do
+    it 'infers the policy and authorizes based on it' do
+      expect(Sand.authorize(user, post, :update?)).to be_truthy
+    end
+    it 'raises an error with a query and action' do
+      expect { Sand.authorize(user, post, :destroy?) }.to raise_error(Sand::NotAuthorizedError, 'not allowed to destroy? this #<Post>') do |error|
+        expect(error.query).to eq :destroy?
+        expect(error.record).to eq post
+        expect(error.policy).to eq Sand.policy!(user, post)
+      end
+    end
+  end
+  describe '.policy_scope' do
+    it 'returns an instantiated policy scope given a plain model class' do
+      expect(Sand.policy_scope(user, Post)).to eq :published
+    end
+    it 'uses Model.policy if it is defined' do
+      class NonStandardPolicyKlass < Struct.new(:user) # rubocop:disable Style/StructInheritance
+        class Scope < Struct.new(:user, :resource) # rubocop:disable Style/StructInheritance
+          def resolve
+            :resolved
+          end
+        end
+      end
+      class NonStandardKlass
+        def to_s
+          'WillBreak'
+        end
+        def self.sand_policy
+          NonStandardPolicyKlass
+        end
+      end
+      expect(Sand.policy_scope(user, NonStandardKlass)).to eq(:resolved)
+    end
+  end
+  describe '.policy!' do
+    it 'rests on default NameErrors if policy does not exist' do
+      class Foo
+      end
+      expect do
+        Sand.policy!(user, Foo)
+      end.to raise_error Sand::NotDefinedError
+    end
+    it 'succesfully finds a policy if one is defined' do
+      policy = Sand.policy!(user, post)
+      expect(policy).to be_an_instance_of(PostPolicy)
+    end
+  end
+end

data/spec/spec_helper.rb ADDED

@@ -0,0 +1,6 @@
+require 'rspec'
+require 'sand'
+require 'pry'
+require 'application/shared_application_examples'
+ENV['RACK_ENV'] = 'test'

data/spec/support/rack_app.rb ADDED

@@ -0,0 +1,47 @@
+require 'rack'
+require 'json'
+require 'support/shared_application_code'
+class SandApp # rubocop:disable
+  def json_response(data)
+    [200, {}, JSON.dump(data)]
+  end
+  def call(env)
+    request = Rack::Request.new(env)
+    case request.path_info
+    when %r{/accounts$}
+      id = /\d/.match(request.path_info)[0]
+      user = User[id]
+      accounts = env['sand'].policy_scope(user, Account)
+      json_response(accounts.map(&:to_hash))
+    when %r{/verify_scoped/failure}
+      [200, {}, [1, 2, 3]]
+    when %r{/verify_scoped/succeed}
+      accounts = env['sand'].policy_scope(user, Account)
+      json_response(accounts.map(&:to_hash))
+    when %r{/verify_scoped/pass}
+      env['sand'].skip_sand_scoping
+      [200, {}, ['yay']]
+    when %r{/verify_authorized/fail}
+      user = User.find('1')
+      account = Account.first
+      env['sand'].authorize(user, account, :will_fail_action)
+      [200, {}, ['yay']]
+    when %r{/verify_authorized/success}
+      user = User.find('1')
+      account = Account.first
+      env['sand'].authorize(user, account, :will_succeed_action)
+      [200, {}, ['yay']]
+    else
+      [404, {}, []]
+    end
+  end
+end
+MyRackApp = Rack::Builder.new do
+  use Sand::Middleware
+  run SandApp.new
+end

data/spec/support/shared_application_code.rb ADDED

@@ -0,0 +1,58 @@
+require 'sequel'
+DB = Sequel.sqlite
+DB.create_table :users do
+  primary_key :id
+  String :name
+  Boolean :admin
+end
+DB.create_table :accounts do
+  primary_key :id
+  String :title
+end
+DB.create_table :roles do
+  Integer  'user_id'
+  Integer  'account_id'
+  String   'role'
+end
+class Account < Sequel::Model; end
+class User < Sequel::Model; end
+class Role < Sequel::Model
+  many_to_one :user
+  many_to_one :account
+end
+class AccountPolicy
+  def initialize(user, record)
+    @user = user
+    @record = record
+  end
+  def will_fail_action
+    false
+  end
+  def will_succeed_action
+    true
+  end
+  class Scope
+    attr_reader :user, :scope
+    def initialize(user, scope)
+      @user = user
+      @scope = scope
+    end
+    def resolve
+      return [] if user.nil?
+      return scope.all if user.admin
+      scope.join(:roles, account_id: :id).where(user_id: user.id)
+    end
+  end
+end

data/spec/support/sinatra_app.rb ADDED

@@ -0,0 +1,46 @@
+require 'sinatra'
+require 'sand'
+require 'json'
+require 'support/shared_application_code'
+get '/' do
+  'Index'
+end
+helpers Sand::Helpers
+use Sand::Middleware
+get '/users/:user_id/accounts' do
+  user = User[params[:user_id]]
+  accounts = policy_scope(user, Account)
+  send :erb, accounts.map(&:to_hash).to_json
+end
+get '/verify_scoped/fail' do
+  send :erb, Account.all.map(&:to_hash).to_json
+end
+get '/verify_scoped/succeed' do
+  user = User.find('1')
+  accounts = policy_scope(user, Account)
+  send :erb, accounts.map(&:to_hash).to_json
+end
+get '/verify_scoped/pass' do
+  skip_sand_scoping
+  200
+end
+get '/verify_authorized/fail' do
+  user = User.find('1')
+  account = Account.first
+  authorize(user, account, :will_fail_action)
+  send :erb, account.to_json
+end
+get '/verify_authorized/success' do
+  user = User.find('1')
+  account = Account.first
+  authorize(user, account, :will_succeed_action)
+  send :erb, account.to_json
+end

metadata ADDED

@@ -0,0 +1,234 @@
+--- !ruby/object:Gem::Specification
+name: sand
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Nick Tomlin
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2016-03-18 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.10'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.10'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rdoc
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: rubygems-tasks
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.2'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.37.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.37.0
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.10.3
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.10.3
+- !ruby/object:Gem::Dependency
+  name: rack-test
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.6.3
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.6.3
+- !ruby/object:Gem::Dependency
+  name: sinatra
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.4.7
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.4.7
+- !ruby/object:Gem::Dependency
+  name: sequel
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.31'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.31'
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: A ruby gem for authorization for use in sinatra/rack applications. Heavily
+  inspired [Pundit](https://github.com/elabs/pundit)
+email: nick.tomlin@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".document"
+- ".gitignore"
+- ".rdoc_options"
+- ".rspec"
+- ".rubocop.yml"
+- ".travis.yml"
+- ChangeLog.md
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/sand.rb
+- lib/sand/helpers.rb
+- lib/sand/middleware.rb
+- lib/sand/policy_finder.rb
+- lib/sand/util.rb
+- lib/sand/version.rb
+- sand.gemspec
+- spec/.rubocop.yml
+- spec/application/rack_spec.rb
+- spec/application/shared_application_examples.rb
+- spec/application/sinatra_spec.rb
+- spec/sand_spec.rb
+- spec/spec_helper.rb
+- spec/support/rack_app.rb
+- spec/support/shared_application_code.rb
+- spec/support/sinatra_app.rb
+homepage: https://rubygems.org/gems/sand
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.4.5
+signing_key:
+specification_version: 4
+summary: Authorization for rack-based applications
+test_files:
+- spec/.rubocop.yml
+- spec/application/rack_spec.rb
+- spec/application/shared_application_examples.rb
+- spec/application/sinatra_spec.rb
+- spec/sand_spec.rb
+- spec/spec_helper.rb
+- spec/support/rack_app.rb
+- spec/support/shared_application_code.rb
+- spec/support/sinatra_app.rb