sorcery 0.4.2 → 0.5.0

data/Gemfile

@@ -2,13 +2,16 @@ source "http://rubygems.org"
 # Add dependencies required to use your gem here.
 # Example:
 #   gem "activesupport", ">= 2.3.5"
-gem "rails", ">= 3.0.0"
-gem 'json', ">= 1.5.1"
 gem 'oauth', ">= 0.4.4"
 gem 'oauth2', ">= 0.1.1"
+
 # Add dependencies to develop your gem here.
 # Include everything needed to run rake, tests, features, etc.
 group :development do
+  gem "rails", ">= 3.0.0"
+  gem 'json', ">= 1.5.1"
+  gem "mongoid", "~> 2.0"
+  gem "bson_ext", "~> 1.3"
   gem "rspec", "~> 2.5.0"
   gem 'rspec-rails', "~> 2.5.0"
   gem 'ruby-debug19'

data/Gemfile.lock

@@ -31,6 +31,8 @@ GEM
     addressable (2.2.4)
     archive-tar-minitar (0.5.2)
     arel (2.0.6)
+    bson (1.3.0)
+    bson_ext (1.3.0)
     builder (2.1.2)
     columnize (0.3.2)
     diff-lcs (1.1.2)
@@ -55,6 +57,13 @@ GEM
       mime-types (~> 1.16)
       treetop (~> 1.4.8)
     mime-types (1.16)
+    mongo (1.3.0)
+      bson (>= 1.3.0)
+    mongoid (2.0.1)
+      activemodel (~> 3.0)
+      mongo (~> 1.3)
+      tzinfo (~> 0.3.22)
+      will_paginate (~> 3.0.pre)
     multi_json (0.0.5)
     multipart-post (1.1.0)
     oauth (0.4.4)
@@ -113,15 +122,18 @@ GEM
     treetop (1.4.9)
       polyglot (>= 0.3.1)
     tzinfo (0.3.23)
+    will_paginate (3.0.pre2)
     yard (0.6.4)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
+  bson_ext (~> 1.3)
   bundler (~> 1.0.0)
   jeweler (~> 1.5.2)
   json (>= 1.5.1)
+  mongoid (~> 2.0)
   oauth (>= 0.4.4)
   oauth2 (>= 0.1.1)
   rails (>= 3.0.0)

data/README.rdoc

@@ -1,5 +1,6 @@
 = sorcery
 Magical Authentication for Rails 3 and Sinatra.
+Supports ActiveRecord and Mongoid.
 
 Inspired by restful_authentication, Authlogic and Devise.
 Crypto code taken almost unchanged from Authlogic.
@@ -15,7 +16,7 @@ It was built with a few goals in mind:
 * Less is more - less than 20 public methods to remember for the entire feature-set make the lib easy to 'get'.
 * No built-in or generated code - use the library's methods inside *your own* MVC structures, and don't fight to fix someone else's.
 * Magic yes, Voodoo no - the lib should be easy to hack for most developers.
-* Configuration over Confusion - Simple & short configuration as possible, not drowning in syntactic sugar.
+* Configuration over Confusion - Centralized (1 file), Simple & short configuration as possible, not drowning in syntactic sugar.
 * Keep MVC cleanly separated - DB is for models, sessions are for controllers. Models stay unaware of sessions.
 
 Hopefully, I've achieved this. If not, let me know.
@@ -28,7 +29,7 @@ Example Rails 3 app using sorcery: https://github.com/NoamB/sorcery-example-app
 
 Example Sinatra app using sorcery: https://github.com/NoamB/sorcery-example-app-sinatra
 
-Documentation: http://rubydoc.info/gems/sorcery/0.4.2/frames
+Documentation: http://rubydoc.info/gems/sorcery/0.5.0/frames
 
 Check out the tutorials in the github wiki!
 
@@ -66,7 +67,7 @@ Below is a summary of the library methods. Most method names are self explaining
   # reset password
   User.load_from_reset_password_token(token)
   @user.deliver_reset_password_instructions!
-  @user.reset_password!(params)
+  @user.change_password!(new_password)
 
   # user activation
   User.load_from_activation_token(token)
@@ -193,19 +194,23 @@ External (see lib/sorcery/controller/submodules/external.rb):
 == Next Planned Features:
 
 
-I've got many plans which include (by priority):
+I've got some thoughts which include (unordered):
+* Passing a block to encrypt, allowing the developer to define his own mix of salting and encrypting
 * Forgot username, maybe as part of the reset_password module
 * Scoping logins (to a subdomain or another arbitrary field)
-* Mongoid support
+* Allowing storing the salt and crypted password in the same DB field for extra security
 * Other reset password strategies (security questions?)
 * Other brute force protection strategies (captcha)
-* Have an idea? Let me know, and it might get into the gem!
+
+
+Have an idea? Let me know, and it might get into the gem!
+
 
 Other stuff:
 * Improve specs speed
 * Provide an easy way to run specs after install
 * Improve documentation
-* Tty to reduce the number of library methods, and find better names to some
+* Try to reduce the number of library methods, and find better names to some
 
 
 == Backward compatibility

data/VERSION

@@ -1 +1 @@
-0.4.2
+0.5.0

data/lib/sorcery/controller/submodules/brute_force_protection.rb

@@ -19,7 +19,7 @@ module Sorcery
           # Increments the failed logins counter on every failed login.
           # Runs as a hook after a failed login.
           def update_failed_logins_count!(credentials)
-            user = Config.user_class.where("#{Config.user_class.sorcery_config.username_attribute_name} = ?", credentials[0]).first
+            user = Config.user_class.find_by_credentials(credentials)
             user.register_failed_login! if user
           end
           

data/lib/sorcery/crypto_providers/common.rb

@@ -13,14 +13,14 @@ module Sorcery
             attr_writer :stretches
 
             def encrypt(*tokens)
-              digest = tokens.flatten.join(join_token)
+              digest = tokens.flatten.compact.join(join_token)
               stretches.times { digest = secure_digest(digest) }
               digest
             end
 
             # Does the crypted password match the tokens? Uses the same tokens that were used to encrypt.
             def matches?(crypted, *tokens)
-              encrypt(*tokens) == crypted
+              encrypt(*tokens.compact) == crypted
             end
 
             def reset!

data/lib/sorcery/engine.rb

@@ -7,10 +7,6 @@ module Sorcery
   class Engine < Rails::Engine
     config.sorcery = ::Sorcery::Controller::Config
     
-    initializer "extend Model with sorcery" do |app|
-      ActiveRecord::Base.send(:include, Sorcery::Model) if defined?(ActiveRecord)
-    end
-    
     initializer "extend Controller with sorcery" do |app|
       ActionController::Base.send(:include, Sorcery::Controller)
       ActionController::Base.helper_method :current_user

data/lib/sorcery/initializers/initializer.rb

@@ -45,6 +45,7 @@ Rails.application.config.sorcery.configure do |config|
     # user.encryption_key = nil                                                       # encryption key used to encrypt reversible encryptions such as AES256.
     # user.custom_encryption_provider = nil                                           # use an external encryption class.
     # user.encryption_algorithm = :bcrypt                                             # encryption algorithm name. See 'encryption_algorithm=' for available options.
+    # user.subclasses_inherit_config = false                                          # make this configuration inheritable for subclasses. Useful for ActiveRecord's STI.
                                                                                       
     # -- user_activation --                                                           
     # user.activation_state_attribute_name = :activation_state                        # the attribute name to hold activation state (active/pending).

data/lib/sorcery/model/adapters/active_record.rb

@@ -0,0 +1,28 @@
+module Sorcery
+  module Model
+    module Adapters
+      module ActiveRecord
+        def self.included(klass)
+          klass.extend ClassMethods
+        end
+
+        module ClassMethods
+          def find_by_credentials(credentials)
+            where("#{@sorcery_config.username_attribute_name} = ?", credentials[0]).first
+          end
+
+          def find_by_token(token_attr_name, token)
+            where("#{token_attr_name} = ?", token).first
+          end
+
+          def get_current_users
+            config = sorcery_config
+            where("#{config.last_activity_at_attribute_name} IS NOT NULL") \
+            .where("#{config.last_logout_at_attribute_name} IS NULL OR #{config.last_activity_at_attribute_name} > #{config.last_logout_at_attribute_name}") \
+            .where("#{config.last_activity_at_attribute_name} > ? ", config.activity_timeout.seconds.ago.utc.to_s(:db))
+          end
+        end
+      end
+    end
+  end
+end

data/lib/sorcery/model/adapters/mongoid.rb

@@ -0,0 +1,59 @@
+module Sorcery
+  module Model
+    module Adapters
+      module Mongoid
+        def self.included(klass)
+          klass.extend ClassMethods
+          klass.send(:include, InstanceMethods)
+        end
+
+        module InstanceMethods
+          def increment(attr)
+            self.inc(attr,1)
+          end
+        end
+
+        module ClassMethods
+          def find_by_credentials(credentials)
+            where(@sorcery_config.username_attribute_name => credentials[0]).first
+          end
+
+          def find_by_provider_and_uid(provider, uid)
+            where(:provider => provider, :uid => uid).first
+          end
+
+          def find_by_id(id)
+            find(id)
+          end
+
+          def find_by_activation_token(token)
+            where(:activation_token => token).first
+          end
+
+          def find_by_remember_me_token(token)
+            where(:remember_me_token => token).first
+          end
+
+          def find_by_username(username)
+            where(:username => username).first
+          end
+
+          def transaction(&blk)
+            tap(&blk)
+          end
+
+          def find_by_token(token_attr_name, token)
+            where(token_attr_name => token).first
+          end
+
+          def get_current_users
+            config = sorcery_config
+            where(config.last_activity_at_attribute_name.ne => nil) \
+            .any_of({config.last_logout_at_attribute_name => nil},{config.last_activity_at_attribute_name.gt => config.last_logout_at_attribute_name}) \
+            .and(config.last_activity_at_attribute_name.gt => config.activity_timeout.seconds.ago.utc.to_s(:db)).order_by([:_id,:asc])
+          end
+        end
+      end
+    end
+  end
+end

data/lib/sorcery/model/submodules/activity_logging.rb

@@ -9,6 +9,7 @@ module Sorcery
       module ActivityLogging
         def self.included(base)
           base.extend(ClassMethods)
+
           base.sorcery_config.class_eval do
             attr_accessor :last_login_at_attribute_name,                  # last login attribute name.
                           :last_logout_at_attribute_name,                 # last logout attribute name.
@@ -23,15 +24,23 @@ module Sorcery
                              :@activity_timeout                            => 10 * 60)
             reset!
           end
+
+          base.sorcery_config.after_config << :define_activity_logging_mongoid_fields if defined?(Mongoid) and base.ancestors.include?(Mongoid::Document)
         end
         
         module ClassMethods
           # get all users with last_activity within timeout
           def current_users
             config = sorcery_config
-            where("#{config.last_activity_at_attribute_name} IS NOT NULL") \
-            .where("#{config.last_logout_at_attribute_name} IS NULL OR #{config.last_activity_at_attribute_name} > #{config.last_logout_at_attribute_name}") \
-            .where("#{config.last_activity_at_attribute_name} > ? ", config.activity_timeout.seconds.ago.utc.to_s(:db))
+            get_current_users
+          end
+
+          protected
+
+          def define_activity_logging_mongoid_fields
+            field sorcery_config.last_login_at_attribute_name, type: DateTime
+            field sorcery_config.last_logout_at_attribute_name, type: DateTime
+            field sorcery_config.last_activity_at_attribute_name, type: DateTime
           end
         end
       end

data/lib/sorcery/model/submodules/brute_force_protection.rb

@@ -21,13 +21,18 @@ module Sorcery
           end
           
           base.sorcery_config.before_authenticate << :prevent_locked_user_login
+          base.sorcery_config.after_config << :define_brute_force_protection_mongoid_fields if defined?(Mongoid) and base.ancestors.include?(Mongoid::Document)
           base.extend(ClassMethods)
           base.send(:include, InstanceMethods)
         end
         
         module ClassMethods
           protected
-          
+
+          def define_brute_force_protection_mongoid_fields
+            field sorcery_config.failed_logins_count_attribute_name, type: Integer
+            field sorcery_config.lock_expires_at_attribute_name, type: DateTime
+          end
         end
         
         module InstanceMethods

data/lib/sorcery/model/submodules/external.rb

@@ -32,6 +32,7 @@ module Sorcery
           
           base.send(:include, InstanceMethods)
           base.extend(ClassMethods)
+
         end
         
         module ClassMethods

data/lib/sorcery/model/submodules/remember_me.rb

@@ -21,8 +21,22 @@ module Sorcery
           end
           
           base.send(:include, InstanceMethods)
+
+          base.sorcery_config.after_config << :define_remember_me_mongoid_fields if defined?(Mongoid) and base.ancestors.include?(Mongoid::Document)
+
+          base.extend(ClassMethods)
+        end
+
+        module ClassMethods
+          protected
+
+          def define_remember_me_mongoid_fields
+            field sorcery_config.remember_me_token_attribute_name, type: String
+            field sorcery_config.remember_me_token_expires_at_attribute_name, type: DateTime
+          end
+
         end
-        
+
         module InstanceMethods
           # You shouldn't really use this one yourself - it's called by the controller's 'remember_me!' method.
           def remember_me!

data/lib/sorcery/model/submodules/reset_password.rb

@@ -34,10 +34,12 @@ module Sorcery
           end
           
           base.sorcery_config.after_config << :validate_mailer_defined
-          
+          base.sorcery_config.after_config << :define_reset_password_mongoid_fields if defined?(Mongoid) and base.ancestors.include?(Mongoid::Document)
+
           base.extend(ClassMethods)
           base.send(:include, TemporaryToken)
           base.send(:include, InstanceMethods)
+
         end
         
         module ClassMethods
@@ -57,6 +59,11 @@ module Sorcery
             raise ArgumentError, msg if @sorcery_config.reset_password_mailer == nil
           end
 
+          def define_reset_password_mongoid_fields
+            field sorcery_config.reset_password_token_attribute_name, type: String
+            field sorcery_config.reset_password_token_expires_at_attribute_name, type: DateTime
+            field sorcery_config.reset_password_email_sent_at_attribute_name, type: DateTime
+          end
         end
         
         module InstanceMethods
@@ -75,9 +82,9 @@ module Sorcery
           end
           
           # Clears token and tries to update the new password for the user.
-          def reset_password!(params)
+          def change_password!(new_password)
             clear_reset_password_token
-            update_attributes(params)
+            update_attributes(sorcery_config.password_attribute_name => new_password)
           end
 
           protected

data/lib/sorcery/model/submodules/user_activation.rb

@@ -38,12 +38,14 @@ module Sorcery
           end
           
           base.sorcery_config.after_config << :validate_mailer_defined
-          
+          base.sorcery_config.after_config << :define_user_activation_mongoid_fields if defined?(Mongoid) and base.ancestors.include?(Mongoid::Document)
           base.sorcery_config.before_authenticate << :prevent_non_active_login
           
           base.extend(ClassMethods)
           base.send(:include, TemporaryToken)
           base.send(:include, InstanceMethods)
+
+
         end
         
         module ClassMethods
@@ -62,6 +64,14 @@ module Sorcery
             msg = "To use user_activation submodule, you must define a mailer (config.user_activation_mailer = YourMailerClass)."
             raise ArgumentError, msg if @sorcery_config.user_activation_mailer == nil
           end
+
+          def define_user_activation_mongoid_fields
+            self.class_eval do
+              field sorcery_config.activation_state_attribute_name, type: String
+              field sorcery_config.activation_token_attribute_name, type: String
+              field sorcery_config.activation_token_expires_at_attribute_name, type: DateTime
+            end
+          end
         end
         
         module InstanceMethods

data/lib/sorcery/model/temporary_token.rb

@@ -10,7 +10,7 @@ module Sorcery
       module ClassMethods
         def load_from_token(token, token_attr_name, token_expiration_date_attr)
           return nil if token.blank?
-          user = where("#{token_attr_name} = ?", token).first
+          user = find_by_token(token_attr_name,token)
           if !user.blank? && !user.send(token_expiration_date_attr).nil?
             return Time.now.utc < user.send(token_expiration_date_attr) ? user : nil
           end

data/lib/sorcery/model.rb

@@ -26,10 +26,18 @@ module Sorcery
                 end
               end
             end
-            
+
             # This runs the options block set in the initializer on the model class.
             ::Sorcery::Controller::Config.user_config.tap{|blk| blk.call(@sorcery_config) if blk}
-            
+
+            self.class_eval do
+              field sorcery_config.username_attribute_name, type: String
+              field sorcery_config.password_attribute_name, type: String
+              field sorcery_config.email_attribute_name, type: String unless sorcery_config.username_attribute_name == sorcery_config.email_attribute_name
+              field sorcery_config.crypted_password_attribute_name, type: String
+              field sorcery_config.salt_attribute_name, type: String
+            end if defined?(Mongoid) and self.ancestors.include?(Mongoid::Document)
+
             # add virtual password accessor and ORM callbacks
             self.class_eval do
               attr_accessor @sorcery_config.password_attribute_name
@@ -38,7 +46,7 @@ module Sorcery
               after_save :clear_virtual_password, :if => Proc.new { |record| record.send(sorcery_config.password_attribute_name).present? }
             end
             
-            @sorcery_config.after_config << :add_config_inheritence if @sorcery_config.subclasses_inherit_config
+            @sorcery_config.after_config << :add_config_inheritance if @sorcery_config.subclasses_inherit_config
             @sorcery_config.after_config.each { |c| send(c) }
           end
         end
@@ -57,7 +65,7 @@ module Sorcery
       # returns the user if success, nil otherwise.
       def authenticate(*credentials)
         raise ArgumentError, "at least 2 arguments required" if credentials.size < 2
-        user = where("#{@sorcery_config.username_attribute_name} = ?", credentials[0]).first
+        user = find_by_credentials(credentials)
         _salt = user.send(@sorcery_config.salt_attribute_name) if user && !@sorcery_config.salt_attribute_name.nil? && !@sorcery_config.encryption_provider.nil?
         user if user && @sorcery_config.before_authenticate.all? {|c| user.send(c)} && credentials_match?(user.send(@sorcery_config.crypted_password_attribute_name),credentials[1],_salt)
       end
@@ -80,7 +88,7 @@ module Sorcery
         @sorcery_config.encryption_provider.matches?(crypted, *tokens)
       end
       
-      def add_config_inheritence
+      def add_config_inheritance
         self.class_eval do
           def self.inherited(subclass)
             subclass.class_eval do
@@ -111,7 +119,7 @@ module Sorcery
       protected
       
       # creates new salt and saves it.
-      # encrypts password with salt and save it.
+      # encrypts password with salt and saves it.
       def encrypt_password
         config = sorcery_config
         new_salt = self.send(:"#{config.salt_attribute_name}=", generate_random_token) if !config.salt_attribute_name.nil?
@@ -135,7 +143,7 @@ module Sorcery
       
       # Random code, used for salt and temporary tokens.
       def generate_random_token
-        return Digest::SHA1.hexdigest( Time.now.to_s.split(//).sort_by {rand}.join )
+        Digest::SHA1.hexdigest( Time.now.to_s.split(//).sort_by {rand}.join )
       end
     end
 

data/lib/sorcery/sinatra.rb

@@ -1,4 +1,3 @@
-ActiveRecord::Base.send(:include, Sorcery::Model) if defined?(ActiveRecord)
 if defined?(Sinatra::Base)
   Sinatra::Base.send(:include, Sorcery::Controller::Adapters::Sinatra)
   Sinatra::Base.send(:include, Sorcery::Controller)

data/lib/sorcery/test_helpers/internal/sinatra.rb

@@ -2,6 +2,8 @@ module Sorcery
   module TestHelpers
     module Internal
       module Sinatra
+        include ::Sorcery::TestHelpers::Sinatra::CookieSessionMethods
+        include ::Sorcery::TestHelpers::Sinatra::InstanceMethods
 
         class ::Sinatra::Application
           class << self
@@ -24,64 +26,14 @@ module Sorcery
           end
         end
 
-        def get_sinatra_app(app)
-          while app.class != ::Sinatra::Application do
-            app = app.instance_variable_get(:@app)
-          end
-          app
-        end
-
-        def login_user(user=nil)
-          user ||= @user
-          get_sinatra_app(subject).send(:login_user,user)
-          get_sinatra_app(subject).send(:after_login!,user,[user.username,'secret'])
-        end
-
-        def logout_user
-          get_sinatra_app(subject).send(:logout)
-        end
-
         def clear_user_without_logout
-          get_sinatra_app(subject).instance_variable_set(:@current_user,nil)
+          get_sinatra_app(subject).instance_variable_set(:@current_user, nil)
         end
 
         def assigns
           ::Sinatra::Application.sorcery_vars
         end
 
-        class SessionData
-          def initialize(cookies)
-            @cookies = cookies
-            @data = cookies['rack.session']
-            if @data
-              @data = @data.unpack("m*").first
-              @data = Marshal.load(@data)
-            else
-              @data = {}
-            end
-          end
-
-          def [](key)
-            @data[key]
-          end
-
-          def []=(key, value)
-            @data[key] = value
-            session_data = Marshal.dump(@data)
-            session_data = [session_data].pack("m*")
-            @cookies.merge("rack.session=#{Rack::Utils.escape(session_data)}", URI.parse("//example.org//"))
-            raise "session variable not set" unless @cookies['rack.session'] == session_data
-          end
-        end
-
-        def session
-          SessionData.new(rack_test_session.instance_variable_get(:@rack_mock_session).cookie_jar)
-        end
-
-        def cookies
-          rack_test_session.instance_variable_get(:@rack_mock_session).cookie_jar
-        end
-
         def sorcery_reload!(submodules = [], options = {})
           reload_user_class
 
@@ -90,9 +42,9 @@ module Sorcery
           ::Sorcery::Controller::Config.reset!
 
           # clear all filters
-          ::Sinatra::Application.instance_variable_set(:@filters,{:before => [],:after => []})
+          ::Sinatra::Application.instance_variable_set(:@filters, {:before => [], :after => []})
           ::Sinatra::Application.class_eval do
-            load File.join(File.dirname(__FILE__),'..','..','..','..','spec','sinatra','filters.rb')
+            load File.join(File.dirname(__FILE__), '..', '..', '..', '..', 'spec', 'sinatra', 'filters.rb')
           end
 
           # configure
@@ -102,7 +54,7 @@ module Sorcery
           ::Sinatra::Application.send(:include, Sorcery::Controller)
 
           ::Sorcery::Controller::Config.user_config do |user|
-            options.each do |property,value|
+            options.each do |property, value|
               user.send(:"#{property}=", value)
             end
           end

data/lib/sorcery/test_helpers/internal.rb

@@ -30,9 +30,10 @@ module Sorcery
       end
 
       def create_new_external_user(provider, attributes_hash = nil)
-        user_attributes_hash = attributes_hash || {:username => 'gizmo', :authentications_attributes => [{:provider => provider, :uid => 123}]}
+        user_attributes_hash = attributes_hash || {:username => 'gizmo'}
         @user = User.new(user_attributes_hash)
         @user.save!
+        @user.authentications.create!({:provider => provider, :uid => 123})
         @user
       end
 

data/lib/sorcery/test_helpers/sinatra.rb

@@ -76,9 +76,12 @@ module Sorcery
         end
 
         def session
-          SessionData.new(rack_test_session.instance_variable_get(:@rack_mock_session).cookie_jar)
+          SessionData.new(cookies)
         end
 
+        def cookies
+          rack_test_session.instance_variable_get(:@rack_mock_session).cookie_jar
+        end
       end
     end
   end

data/lib/sorcery.rb

@@ -2,6 +2,10 @@ module Sorcery
   autoload :Model, 'sorcery/model'
   module Model
     autoload :TemporaryToken, 'sorcery/model/temporary_token'
+    module Adapters
+      autoload :ActiveRecord, 'sorcery/model/adapters/active_record'
+      autoload :Mongoid, 'sorcery/model/adapters/mongoid'
+    end
     module Submodules
       autoload :UserActivation, 'sorcery/model/submodules/user_activation'
       autoload :ResetPassword, 'sorcery/model/submodules/reset_password'
@@ -56,7 +60,24 @@ module Sorcery
 
   end
 
-  
+  if defined?(ActiveRecord)
+    ActiveRecord::Base.send(:include, Sorcery::Model)
+    ActiveRecord::Base.send(:include, ::Sorcery::Model::Adapters::ActiveRecord)
+  end
+
+  if defined?(Mongoid)
+    Mongoid::Document.module_eval do
+      included do
+        attr_reader :new_record
+        include Sorcery::Model::Adapters::Mongoid
+        include Sorcery::Model
+      end
+    end
+  end
+
   require 'sorcery/engine' if defined?(Rails) && Rails::VERSION::MAJOR == 3
   require 'sorcery/sinatra' if defined?(Sinatra)
+
+
+
 end