Skip to content

Instantly share code, notes, and snippets.

Avatar

Jeff Mealo jmealo

View GitHub Profile
View FCM_message_single_device_curl_command.txt
curl -i -H 'Content-type: application/json' -H 'Authorization: key=<your_server_key>' -XPOST https://fcm.googleapis.com/fcm/send -d '{
"registration_ids":["registration_ids", "of the", "target", "devices as array"],
"notification": {
"title":"Title of your notification",
"body":"content of your notification"
},
"data": {
"key1" : "value1",
"key2" : "value2",
"key3" : 23.56565,
@jmealo
jmealo / ccd_schools_to_sql.sh
Created Aug 15, 2017
Download CCD schools and load the CSV file into PostgreSQL with reasonable full text searching enabled
View ccd_schools_to_sql.sh
#!/bin/bash -e
apt-get install -y wget unzip recode
wget -nc https://nces.ed.gov/ccd/Data/zip/ccd_sch_029_1516_txt_prel_tab.zip
unzip -o ccd_sch_029_1516_txt_prel_tab.zip
recode ISO-8859-15..UTF8 /tmp/ccd_sch_029_1516_txt_prel.tab
#EXPLAIN ANALYZE select sch_name, lea_name, ncessch, website, updated_status, charter_text, ts_rank(search, to_tsquery('simple', 'Michi:*')) AS rank FROM ccd_schools ORDER BY rank DESC LIMIT 100;
#EXPLAIN ANALYZE WITH results AS (select sch_name, lea_name, ncessch, website, updated_status, charter_text, search FROM ccd_schools WHERE search @@ to_tsquery('simple', 'Michi:*')) SELECT *, ts_rank(search, to_tsquery('simple', 'Michi:*')) AS rank FROM results ORDER BY rank DESC LIMIT 100;
@jmealo
jmealo / openresty-nchan-redis-luarocks.sh
Last active Jan 4, 2020 — forked from wojons/openresty-luarocks.sh
OpenResty + LuaRocks + Nchan + Redis (with password, graph and bloom modules)
View openresty-nchan-redis-luarocks.sh
#!/bin/sh
apt-get install -y libreadline-dev libncurses5-dev libpcre3-dev \
libssl-dev perl make build-essential git curl \
unzip
git clone https://github.com/RedisLabsModules/password.git /tmp/password
git clone https://github.com/RedisLabsModules/rebloom.git /tmp/rebloom
git clone https://github.com/RedisLabsModules/redis-graph.git /tmp/redis-graph
@jmealo
jmealo / grade-wired-aq-test.js
Last active Feb 3, 2017
Pasting this into the JavaScript console will grade your AQ on Wired: https://www.wired.com/2001/12/aqtest/
View grade-wired-aq-test.js
// This is an attempt at doing things the most obvious way with an
// emphasis on readability ... It's not clever but it's still not obvious
// what we're doing. It also requires you to know both javascript and
// CSS selectors
var addIfAgreed = [
2, 4, 5, 6, 7, 9, 12, 13, 16, 18, 19, 20, 21, 22, 23, 26, 33, 35, 39, 41,
42, 43, 45, 46
]
View openresty-http2-pagespeed-install.sh
#!/bin/bash
set -o errexit
clear
# Set versions. Check http://openresty.org for latest version and bundled version of nginx.
OPENRESTY_VERSION=1.11.2.2
NGINX_VERSION=1.11.2
OPENSSL_VERSION=1.1.0c
NPS_VERSION=1.11.33.4
@jmealo
jmealo / prevent-double-credit-trigger.sql
Created Sep 28, 2016
Do not allow a student to open a completed sparkpoint in multiple sections to game pacing
View prevent-double-credit-trigger.sql
SET search_path = 'mta-staging';
CREATE OR REPLACE FUNCTION ssas_guard_double_completion()
RETURNS trigger AS
$$
BEGIN
-- Do not create a new active sparkpoint record if the sparkpoint has already been completed in another section
PERFORM 1 FROM student_sparkpoint
WHERE sparkpoint_id = NEW.sparkpoint_id
AND student_id = NEW.student_id
@jmealo
jmealo / date-functions.js
Last active Sep 13, 2016
Functions for excluding specific dates and weekends from time calculations
View date-functions.js
const MS_IN_DAY = 86400000;
// Pretend this is the start/end time for a phase
var startDate = new Date("01/24/1989 08:30:23"),
endDate = new Date("01/31/1989 16:32:23"),
// This will be provided by the API -- extracted from a Google Calendar/iCal feed
daysOff = [
new Date("01/26/1989"),
new Date("01/27/1989")
View Google Drive Notes.md

Folders

  • A folder is a file with the MIME type application/vnd.google-apps.folder and with no extension.
  • You can use the alias root to refer to the root folder anywhere a file ID is provided
  • To insert a file in a particular folder, specify the correct ID in the parents property of the file.
  • The parents property can be used when creating a folder as well to create a subfolder.
  • To add or remove parents for an exiting file, use the addParents and removeParents query parameters by calling PATCH https://www.googleapis.com/drive/v3/files/${fileId}

Files

  • When creating a batch of files, you can preallocate up to 1,000 UUIDs for use in create requests by calling GET https://www.googleapis.com/drive/v3/files/generateIds?count=${count}&space=drive This does not work when copying files.
  • All you need is the fileId to copy a file. It does not matter whether or not the document was created by a user of the destination Google Apps domain.
@jmealo
jmealo / rls-security-multi-tennant.md
Last active Jun 20, 2019
How to safely allow arbitrary SQL queries in multi-tenant web applications
View rls-security-multi-tennant.md

Can we use PostrgreSQL's row-level-security to enable arbitrary query execution security in secure multi-tenant web applications?

Can we break out and access another tenants information?

No, this is handled using schemas, ownership and roles (users). Using RLS does not impact leaking data between tenants. This allows us to give out SQL accounts that can run arbitrary queries without leaking data between tenants.

How can we protect against role or privileges escalation within a tenant?

Consider an application that has 3 user types (roles):

View refresh-materialized-views.sql
CREATE OR REPLACE FUNCTION refresh_materialized_views() RETURNS VOID
AS
$body$
DECLARE
result integer;
BEGIN
EXECUTE (SELECT string_agg('REFRESH MATERIALIZED VIEW ' || oid::regclass::text, ';')
FROM pg_class
WHERE relkind = 'm');
RETURN;
You can’t perform that action at this time.