Skip to content

Instantly share code, notes, and snippets.


Jeff Mealo jmealo

View GitHub Profile
View FCM_message_single_device_curl_command.txt
curl -i -H 'Content-type: application/json' -H 'Authorization: key=<your_server_key>' -XPOST -d '{
"registration_ids":["registration_ids", "of the", "target", "devices as array"],
"notification": {
"title":"Title of your notification",
"body":"content of your notification"
"data": {
"key1" : "value1",
"key2" : "value2",
"key3" : 23.56565,
jmealo /
Created Aug 15, 2017
Download CCD schools and load the CSV file into PostgreSQL with reasonable full text searching enabled
#!/bin/bash -e
apt-get install -y wget unzip recode
wget -nc
unzip -o
recode ISO-8859-15..UTF8 /tmp/
#EXPLAIN ANALYZE select sch_name, lea_name, ncessch, website, updated_status, charter_text, ts_rank(search, to_tsquery('simple', 'Michi:*')) AS rank FROM ccd_schools ORDER BY rank DESC LIMIT 100;
#EXPLAIN ANALYZE WITH results AS (select sch_name, lea_name, ncessch, website, updated_status, charter_text, search FROM ccd_schools WHERE search @@ to_tsquery('simple', 'Michi:*')) SELECT *, ts_rank(search, to_tsquery('simple', 'Michi:*')) AS rank FROM results ORDER BY rank DESC LIMIT 100;
jmealo /
Last active Jan 4, 2020 — forked from wojons/
OpenResty + LuaRocks + Nchan + Redis (with password, graph and bloom modules)
apt-get install -y libreadline-dev libncurses5-dev libpcre3-dev \
libssl-dev perl make build-essential git curl \
git clone /tmp/password
git clone /tmp/rebloom
git clone /tmp/redis-graph
jmealo / grade-wired-aq-test.js
Last active Feb 3, 2017
Pasting this into the JavaScript console will grade your AQ on Wired:
View grade-wired-aq-test.js
// This is an attempt at doing things the most obvious way with an
// emphasis on readability ... It's not clever but it's still not obvious
// what we're doing. It also requires you to know both javascript and
// CSS selectors
var addIfAgreed = [
2, 4, 5, 6, 7, 9, 12, 13, 16, 18, 19, 20, 21, 22, 23, 26, 33, 35, 39, 41,
42, 43, 45, 46
set -o errexit
# Set versions. Check for latest version and bundled version of nginx.
jmealo / prevent-double-credit-trigger.sql
Created Sep 28, 2016
Do not allow a student to open a completed sparkpoint in multiple sections to game pacing
View prevent-double-credit-trigger.sql
SET search_path = 'mta-staging';
CREATE OR REPLACE FUNCTION ssas_guard_double_completion()
RETURNS trigger AS
-- Do not create a new active sparkpoint record if the sparkpoint has already been completed in another section
PERFORM 1 FROM student_sparkpoint
WHERE sparkpoint_id = NEW.sparkpoint_id
AND student_id = NEW.student_id
jmealo / date-functions.js
Last active Sep 13, 2016
Functions for excluding specific dates and weekends from time calculations
View date-functions.js
const MS_IN_DAY = 86400000;
// Pretend this is the start/end time for a phase
var startDate = new Date("01/24/1989 08:30:23"),
endDate = new Date("01/31/1989 16:32:23"),
// This will be provided by the API -- extracted from a Google Calendar/iCal feed
daysOff = [
new Date("01/26/1989"),
new Date("01/27/1989")
View Google Drive


  • A folder is a file with the MIME type application/ and with no extension.
  • You can use the alias root to refer to the root folder anywhere a file ID is provided
  • To insert a file in a particular folder, specify the correct ID in the parents property of the file.
  • The parents property can be used when creating a folder as well to create a subfolder.
  • To add or remove parents for an exiting file, use the addParents and removeParents query parameters by calling PATCH${fileId}


  • When creating a batch of files, you can preallocate up to 1,000 UUIDs for use in create requests by calling GET${count}&space=drive This does not work when copying files.
  • All you need is the fileId to copy a file. It does not matter whether or not the document was created by a user of the destination Google Apps domain.
jmealo /
Last active Jun 20, 2019
How to safely allow arbitrary SQL queries in multi-tenant web applications

Can we use PostrgreSQL's row-level-security to enable arbitrary query execution security in secure multi-tenant web applications?

Can we break out and access another tenants information?

No, this is handled using schemas, ownership and roles (users). Using RLS does not impact leaking data between tenants. This allows us to give out SQL accounts that can run arbitrary queries without leaking data between tenants.

How can we protect against role or privileges escalation within a tenant?

Consider an application that has 3 user types (roles):

View refresh-materialized-views.sql
CREATE OR REPLACE FUNCTION refresh_materialized_views() RETURNS VOID
result integer;
EXECUTE (SELECT string_agg('REFRESH MATERIALIZED VIEW ' || oid::regclass::text, ';')
FROM pg_class
WHERE relkind = 'm');
You can’t perform that action at this time.