Skip to content

Instantly share code, notes, and snippets.

View cazzer's full-sized avatar
🦆

Caleb cazzer

🦆
48 followers · 53 following
View GitHub Profile
@cazzer
cazzer / machine.js
Last active April 15, 2020 21:47
Generated by XState Viz: https://xstate.js.org/viz
async function authorizeCharge() {
return true
}
const canAddCharge = (context) => {
return context.batteryLevel < context.batteryCapacity
}
const cantAddCharge = (context) => {
return context.batteryLevel === context.batteryCapacity
@cazzer
cazzer / thing-permission-policy-rls.sql
Created December 6, 2018 21:30
create role application_user;
grant all on all table in schema public to application_user;
create policy thing_owner
on things
as permissive
for all
to application_user
using (
exists(
@cazzer
cazzer / thing-permission-rls-trigger.sql
Created December 6, 2018 21:25
create or replace function insert_permission()
returns trigger
as $$
begin
insert into permissions (item_id, user_or_group_id, role) values (
new.id,
current_setting('user_id')::uuid[]
);
return new;
end
@cazzer
cazzer / postgraphile-lambda.js
Last active November 12, 2018 00:52
A Lambda which serves GraphQL requests using Postgraphile
import get from 'lodash/get'
import { graphql } from 'graphql'
import Pool from 'pg-pool'
import {
createPostGraphileSchema,
withPostGraphileContext
} from 'postgraphile'
import config from './config'
@cazzer
cazzer / rls-performance-view-view.sql
Last active August 2, 2018 05:25
create view items_view
with (security_barrier)
as
select items.*
from items
join permissions on item_id = items.id
and user_or_group_id =
any(regexp_split_to_array(current_setting('jwt.claims.roles'), ',')::uuid[]);
@cazzer
cazzer / rls-performance-table-policy.sql
Last active July 28, 2018 00:29
create policy item_owner
on items
as permissive
for all
to application_user
using (
items.public = true
or exists(
select item_id
from permissions
@cazzer
cazzer / rls-performance-table-table.sql
Last active August 2, 2018 05:59
create table if not exists users_and_groups (
id uuid default uuid_generate_v4() not null primary key,
name text not null
);
-- e.g. ('eac6...f6c9', 'alice') or ('0fdc...947f', 'E Corp')
create table if not exists items (
id uuid default uuid_generate_v4() not null primary key,
value text,
public boolean default false
@cazzer
cazzer / rls-performance-column-policy.sql
Last active August 2, 2018 05:12
create policy item_owner
on items
as permissive
for all
to application_user
using (
items.acl_read && regexp_split_to_array(current_setting('jwt.claims.roles'), ',')::uuid[]
or items.acl_write && regexp_split_to_array(current_setting('jwt.claims.roles'), ',')::uuid[]
)
with check (
@cazzer
cazzer / rls-performance-column-table.sql
Last active August 2, 2018 05:59
Table schema for the column version of RLS performant applications.
create table if not exists items (
id uuid default uuid_generate_v4() not null primary key,
value text,
acl_read uuid[] default array[]::uuid[],
acl_write uuid[] default array[]::uuid[]
);
-- e.g. ('f386...5e99', 'I row and therefore I am', {'eac6...f6c9'}, {'0fdc...947f'})
create index read_permissions_index on items using gin(acl_read);
create index write_permissions_index on items using gin(acl_write);
@cazzer
cazzer / no-alerts.js
Created October 17, 2017 19:37
Tamper Monkey no alerts script
// ==UserScript==
// @name No Alerts
// @namespace http://tampermonkey.net/
// @version 0.1
// @description try to take over the world!
// @author You
// @match *://*/*
// @grant none
// ==/UserScript==