I'm currently writing a neat little application using Rails 3.0. It serves up web requests and provides a nice RESTful end point for me to rig up some fancy calls to via a JavaScript UI.
To compliment this web application, I have written a primitive NodeJS substrate to manage communications with mobile devices. Though this layer, mobile devices can invoke actions on the web application. This works fairly well, except when request_from_forgery gets in my way. I needed to get around this restriction, but I did not want to disable CSRF completely on the web application. In a nutshell, I wanted to check the CSRF tokens if the user is coming from any non-trusted source and ignore the tokens when coming from a trusted source.
Since the NodeJS is in my sphere of trust and has already authenticated any users that it is communicating with it, I created a non-standard header to communicate a signed identity to my web application. The web application verifies this identity and then invokes the method being called on behalf of that identity. However, since I supply no CSRF token the request failed. Ideally, if the identity sent in the header is valid (and signed by the NodeJS application) I want to also ignore the CSRF token. However, I want the CSRF token to be verified for any other request. Rails provides a mechanism to ignore the verification token per controller or method, but I want a much deeper level of control (per request).
Here's what I did. If the authentication token is valid, I modify the request to place it in the forgery whitelisted category. This means it will not verify any tokens and the request will proceed as if it does not require CSRF validation. To do this I redefined the forgery_whitelist? method on the request object. It more or less looked like this:
if custom_header.is_valid?
def request.forgery_whitelisted?; true; end
end
Well this seems pretty cool, http://codility.com
Although, it seems to just quiz you about basic asymptotic growth and does not seem to look at things like programming style etc. Still, I'm please my Ruby answer for the demo test got 100%, which, as the histogram shows... Not many people get. I suspect that the reason is, many people probably submit an O(n^2) answer, which fails for very large data sets. Here is what I submitted
And here is what I submitted:
def equi(arr)
lhs = 0
tmp = 0
rhs = arr.inject(0) { |a,b| a + b }
arr.each_index do |i|
lhs += tmp
rhs -= arr[i]
tmp = arr[i]
return i if lhs == rhs
end
return -1
end
And Here's the analysis it gave back to me:
| test |
time |
result |
example
Test from the task description
|
0.012 s. |
OK
|
extreme_empty
Empty array
|
0.020 s. |
OK
|
|
extreme_first
|
0.008 s. |
OK
|
extreme_large_numbers
Sequence with extremly large numbers testing arithmetic overflow.
|
0.020 s. |
OK
|
|
extreme_last
|
0.012 s. |
OK
|
|
extreme_single_zero
|
0.020 s. |
OK
|
extreme_sum_0
sequence with sum=0
|
0.020 s. |
OK
|
|
simple
|
0.016 s. |
OK
|
|
single_non_zero
|
0.012 s. |
OK
|
combinations_of_two
multiple runs, all combinations of {-1,0,1}^2
|
0.008 s. |
OK
|
combinations_of_three
multiple runs, all combinations of {-1,0,1}^3
|
0.012 s. |
OK
|
|
small_pyramid
|
0.072 s. |
OK
|
|
large_long_sequence_of_ones
|
13.349 s. |
OK
|
|
large_long_sequence_of_minus_ones
|
10.781 s. |
OK
|
|
medium_pyramid
|
4.336 s. |
OK
|
large_pyramid
Large performance test, O(n^2) solutions should fail.
|
21.369 s. |
OK
|
In the past I have played around with JRuby and accessing some of the Java framework from Ruby. Its fantastic and I have raved about it infront of my friends in the past. Microsoft as well now have a product called IronRuby which runs Ruby inside Microsofts Dynamic Language Runtime (DLR). IronRuby is a Ruby interpereter which runs in the DLR and as a byproduct gives Ruby access to the .NET framework (yay, power to the programmer!).
Read the rest of this entry »
Greg recently offered a challenge:
Python Golf. The idea, to create a parser for Apache's Common Log Format, to aggregate the amount of data sent to each IP address. The challenge being to do it with the least amount of characters. Soon after this challenge was issued,
Sam and
Greg were both convinced (before even talking to me) that I would attempt a Ruby solution. How could I dissapoint them?
.
I tried a number of things, however I eventually settled on this solution (63 chars):
m=Hash.new(0);STDIN.map{|l|m[l[/^\\S+/]]+=l[/\\d+\\s+$/].to_i};p m
A slightly longer version, with a slightly prettier printing can be accomplished with inject (78 chars):
STDIN.inject(Hash.new(0)){|m,l|m[l[/^\\S+/]]+=l[/\\d+\\s+$/].to_i;m}.each{|v|p v}
Not to brag, but the
winning Python entry was 121 characters. So the Ruby solution managed to be almost half this count!
Reading Steve's blog today I saw his post on
accessing the current functions name in python. This could end up being a useful thing to know if you are playing with some unfamiliar code and need this sort of information, or are doing something nasty. So without anymore fuss here's how to do the same thing in Ruby and JavaScript!
Read the rest of this entry »