module AuthorizationFu 
  module InstanceMethods 
    def viewable_by?(viewer) 
      true 
    end 
    def creatable_by?(creator) 
      true 
    end 
    def editable_by?(editor) 
      true 
    end 
    def destroyable_by?(destroyer) 
      true 
    end 
  end 
end 

ActiveRecord::Base.send(:include, AuthorizationFu::InstanceMethods)

-----------------------------------------------------------------------

def rescue_action(e)    
  case e    
  when SecurityTransgression      
    respond_to do |format|        
      format.xml { head :forbidden }
      format.html { render :file => "#{RAILS_ROOT}/public/403.html", :status => :forbidden }   
    end    
  else      
    super(e)    
  end  
end

-------------------------------------------------------------------------

def test_should_be_valid_with_valid_attributes 
  assert_valid Post.new(:title => 'Test Post', :body => 'Test body.') 
end 

def test_should_be_invalid_without_a_title 
  assert !Post.new(:title => nil, :body => 'Test body.').valid? 
end 

def test_should_be_invalid_without_a_body
  assert !Post.new(:title => 'Test Post', :body => nil).valid? 
end 

---------------------------------------------------------------------------

private 
  def new_post(params = {})
    Post.new({:title => 'Test Post', :body =>   'Test body.'}.merge(params)) 
  end 

-----------------------------------------------------------------

def assert_invalid(record, message=nil)
  full_msg = build_message(message, "<?> is valid.", record) 
  assert_block(full_msg) { !record.valid? } 
end

---------------------------------------------------------------------

<% salt = Digest::SHA256.hexdigest('salt') %>
<% pass = Digest::SHA256.hexdigest("--#{salt}--password--")%> 

matz: 
  name: Yukihiro Matsumoto 
  email: matz@ruby-lang.org 
  salt: <%= salt %> 
  crypted_password: <%= pass %> 

why: 
  name: Why the Lucky Stiff 
  email: why@whytheluckystiff.net
  salt: <%= salt %> 
  crypted_password: <%= pass %>

----------------------------------------------------------------------