Skip to content

Instantly share code, notes, and snippets.

View tnightingale's full-sized avatar

Tom Nightingale tnightingale

  • Test Double
  • Vancouver, Canada
View GitHub Profile
Task states
Not in my list
addToList -> In my list
In my list
markDone -> Done
removeFromList -> Not in my list
Done
markNotDone -> In my list
# act like vim
setw -g mode-keys vi
bind-key h select-pane -L
bind-key j select-pane -D
bind-key k select-pane -U
bind-key l select-pane -R
bind-key -r J resize-pane -D 5
bind-key -r K resize-pane -U 5
bind-key -r H resize-pane -L 5
bind-key -r L resize-pane -R 5

LDAP plugin for Nadine (312Main)

Requirements

  1. Users may use their username or any of their registered email addresses as an account identifier (UID) when logging in.
  2. Users may use the same credentials to log into Nadine (Django) or LDAP / LDAP-supporting systems (WiFi, shared network drives, etc)
  3. Needs to be an optional plugin for Nadine (only some deployments will make use of it).

Django + LDAP integration options

Unfortunately the Django + LDAP integration story is pretty scattered & fragmented. I suspect this is in-part due to LDAP's amorphous / "anything to anyone" nature.

Below are what I see as the main contenders for our integration and a brief summary of how I see us implementing it:

[django-python3-ldap]

@tnightingale
tnightingale / 20170911-ayura-code-review.md
Last active September 11, 2017 20:24
Ayura code review by Affinity Bridge

Ayura code review by Affinity Bridge

Issues

  • Vulnerable to [SQL Injection] ([sql-vuln example 1], [sql-vuln example 2]). A request to a specially-crafted URL can cause arbitrary (and possibly destructive) changes to the database.
  • [Cross-site Scripting/XSS] vulnerabilities ([cross-site scripting example 1]). Interpolating variables directly into HTML can create cross-site-scripting vulnerabilities, particularly if the values of those variables come from the database or user-generated content (malicious data could be inserted via an
<link rel="stylesheet" href="https://unpkg.com/leaflet@1.2.0/dist/leaflet.css"
integrity="sha512-M2wvCLH6DSRazYeZRIm1JnYyh22purTM+FDB5CsyxtQJYeKq83arPe5wgbNmcFXGqiSH2XR8dT/fJISVA1r/zQ=="
crossorigin=""/>
<style>
html, body {
margin: 0;
}
#mapid {
height: 100vh;
width: 100vw;
Array
(
[Terms skipped] => Array
(
[420] => Afyon
[492] => Aksu - Antalya
[864] => Aksu - Isparta
[619] => Altınyayla - Burdur
[1324] => Altınyayla - Sivas
[1158] => Aydıncık - Mersin
$public_fields['organization'] = array(
'callback' => function (DataInterpreterInterface $data) {
return $data->getWrapper()->og_group_ref->label();
}
);
$public_fields['organizationLogo'] = array(
'callback' => function (DataInterpreterInterface $data) {
$style = 'small_logo';
$logo_field = $data->getWrapper()->og_group_ref->field_logo->value();
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.

Keybase proof

I hereby claim:

  • I am tnightingale on github.
  • I am tnightingale (https://keybase.io/tnightingale) on keybase.
  • I have a public key ASAtU0DB4blFBnhVLZJm_6odnBy8fNm-R8NkNplwHv1JWQo

To claim this, I am signing this object: