Ruby on Rails
Assert Request (Version #1)

The assert_request plugin provides an easy way to make sure that your rails actions are only called with the method, protocol, and parameters that you expect.

This can save a considerable amount of error-checking code, uncover hidden bugs, and prevent security holes.

Here is a fairly complex assert_request declaration that illustrates some of its capabilities:

assert_request do |r|
  r.method :post, :put
  r.protocol :https
  r.params.must_have :id
  r.params.must_have :person do |person|
    person.must_have :name
    person.may_have :age, :height
  end
  r.params.must_have :fido do |fido|
    fido.is_a Dog
  end
  r.params.may_have User do |user|
    user.must_not_have :admin, :password
  end
end

Please see the project home page for complete documentation:

http://validaterequest.rubyforge.org/

Install the plugin by running the following command in your rails application‘s directory:

ruby script/plugin install svn://rubyforge.org//var/svn/validaterequest/plugins/assert_request

That‘s it. You‘re ready to add calls to assert_request to your actions.