Merge branch 'bartt'

Conflicts:
	README
	lib/ssl_requirement.rb

.gitignore

@@ -0,0 +1 @@
+*.gem

README

@@ -7,37 +7,143 @@ they should be redirected.
 
 Example:
 
-  class ApplicationController < ActionController::Base
-    include SslRequirement
-  end
-
-  class AccountController < ApplicationController
-    ssl_required :signup, :payment
-    ssl_allowed :index
-
-    def signup
-      # Non-SSL access will be redirected to SSL
-    end
-
-    def payment
-      # Non-SSL access will be redirected to SSL
+    class ApplicationController < ActionController::Base
+      include ::SslRequirement
     end
 
-    def index
-      # This action will work either with or without SSL
+    class AccountController < ApplicationController
+      ssl_required :signup, :payment
+      ssl_allowed :index
+
+      def signup
+        # Non-SSL access will be redirected to SSL
+      end
+
+      def payment
+        # Non-SSL access will be redirected to SSL
+      end
+
+      def index
+        # This action will work either with or without SSL
+      end
+
+      def other
+        # SSL access will be redirected to non-SSL
+      end
     end
 
-    def other
-      # SSL access will be redirected to non-SSL
+If a majority (or all) of your actions require SSL, then use ssl_exceptions instead of ssl_required.
+You can list out the actions that you do NOT want to be SSL protected. Calling ssl_exceptions without
+any actions listed will make ALL actions SSL protected.
+
+To allow SSL for any action  use ssl_allowed and pass in :all
+
+Example:
+
+   # This will enable SSL for any action in your application.
+   class ApplicationController < ActionController::Base
+      include ::SslRequirement
+
+      ssl_allowed :all
     end
-  end
-
+
 You can overwrite the protected method ssl_required? to rely on other things
 than just the declarative specification. Say, only premium accounts get SSL.
 
+For SSL domains that differ from the domain of the redirecting site, add the
+following code to development.rb / test.rb / production.rb:
+
+    # Redirects to https://secure.example.com instead of the default
+    # https://www.example.com.
+    config.after_initialize do
+      SslRequirement.ssl_host = 'secure.example.com'
+    end
+
+For non-SSL domains that differ from domain of redirecting site, add the
+following code to development.rb / test.rb / production.rb:
+
+  # Redirects to http://nonsecure.example.com instead of the default
+  # http://www.example.com.
+  config.after_initialize do
+    SslRequirement.non_ssl_host = 'nonsecure.example.com'
+  end
+
+You can also use a Proc to determine the ssl_host or non_ssl_host on the fly:
+
+  config.after_initialize do
+      SslRequirement.ssl_host = Proc.new do
+    'secure.example.com'
+    end
+    end
+
+You are able to turn disable ssl redirects by adding the following environment configuration file:
+
+    SslRequirement.disable_ssl_check = true
+
 P.S.: Beware when you include the SslRequirement module. At the time of
 inclusion, it'll add the before_filter that validates the declarations. Some
 times you'll want to run other before_filters before that. They should then be
 declared ahead of including this module.
 
+SSL URL Helper
+==============
+This plugin also adds a helper a :secure option to url_for and named_routes. This property
+allows you to set a url as secure or not secure. It uses the disable_ssl_check to determine
+if the option should be ignored or not so you can develop as normal. It also
+will obey if you override SslRequirement.ssl_host or
+SslRequirement.non_ssl_host (see above)
+
+Here is an example of creating a secure url:
+
+    <%= url_for(:controller => "c", :action => "a", :secure => true) %>
+
+If disable_ssl_check returns false url_for will return the following:
+
+    https://yoursite.com/c/a
+
+Furthermore, you can use the secure option in a named route to create a secure form as follows:
+
+    <% form_tag session_path(:secure => true), :class => 'home_login' do -%>
+      <p>
+        <label for="name">Email</label>
+        <%= text_field_tag 'email', '', :class => 'text', :tabindex => 1 %>
+      </p>
+      <p>
+        <label for="password">Password</label>
+        <%= password_field_tag 'password', '', :class => 'text', :tabindex => 2 %>
+      </p>
+      <p>
+        <%= submit_tag "Login", :id => 'login_submit', :value => "", :alt => "Login" %>
+      </p>
+    <% end -%>
+
+Testing with Shoulda
+====================
+
+If you are using Shoulda, a few contexts and macros are provided:
+
+    class RegistrationsControllerTest < ActionController::TestCase
+      without_ssl_context do
+        context "GET to :new" do
+          setup do
+            get :new
+          end
+          should_redirect_to_ssl
+        end
+      end
+
+      with_ssl_context do
+        context "GET to :new" do
+          setup do
+            get :new
+          end
+          # your usual testing goes here
+        end
+      end
+    end
+
+
+Copyright
+=========
+
 Copyright (c) 2005 David Heinemeier Hansson, released under the MIT license

Rakefile

@@ -0,0 +1,26 @@
+require 'rake'
+require 'rake/testtask'
+
+desc "Run the unit tests"
+task :default => 'test'
+
+begin
+  require 'jeweler'
+  Jeweler::Tasks.new do |gemspec|
+    gemspec.name = "bartt-ssl_requirement"
+    gemspec.summary = "Allow controller actions to force SSL on specific parts of the site."
+    gemspec.description = "SSL requirement adds a declarative way of specifying that certain actions should only be allowed to run under SSL, and if they're accessed without it, they should be redirected."
+    gemspec.email = 'bart@thecodemill.biz'
+    gemspec.homepage = 'http://github.com/bartt/ssl_requirement'
+    gemspec.authors = ['RailsJedi', 'David Heinemeier Hansson', 'jcnetdev', 'bcurren', 'bmpercy','revo','nathany', 'bartt', 'Thorben Schröder']
+  end
+rescue LoadError
+  puts "Jeweler not available. Install it with: gem install jeweler"
+end
+
+Rake::TestTask.new(:test) do |t|
+  t.pattern = 'test/**/*_test.rb'
+  t.ruby_opts << '-rubygems'
+  t.libs << 'test'
+  t.verbose = true
+end

VERSION

@@ -0,0 +1 @@
+1.2.4

bartt-ssl_requirement.gemspec

@@ -0,0 +1,50 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{bartt-ssl_requirement}
+  s.version = "1.2.4"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["RailsJedi", "David Heinemeier Hansson", "jcnetdev", "bcurren", "bmpercy", "revo", "nathany", "bartt", "Thorben Schr\303\266der"]
+  s.date = %q{2011-01-05}
+  s.description = %q{SSL requirement adds a declarative way of specifying that certain actions should only be allowed to run under SSL, and if they're accessed without it, they should be redirected.}
+  s.email = %q{bart@thecodemill.biz}
+  s.extra_rdoc_files = [
+    "README"
+  ]
+  s.files = [
+    "README",
+    "Rakefile",
+    "VERSION",
+    "bartt-ssl_requirement.gemspec",
+    "init.rb",
+    "lib/ssl_requirement.rb",
+    "lib/url_for.rb",
+    "rails/init.rb",
+    "shoulda_macros/ssl_requirement_macros.rb",
+    "test/ssl_requirement_test.rb",
+    "test/url_for_test.rb"
+  ]
+  s.homepage = %q{http://github.com/bartt/ssl_requirement}
+  s.require_paths = ["lib"]
+  s.rubygems_version = %q{1.3.7}
+  s.summary = %q{Allow controller actions to force SSL on specific parts of the site.}
+  s.test_files = [
+    "test/ssl_requirement_test.rb",
+    "test/url_for_test.rb"
+  ]
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
+    else
+    end
+  else
+  end
+end
+

init.rb

@@ -0,0 +1,2 @@
+require File.dirname(__FILE__) + "/rails/init"
+