Upload
scott-smith
View
109
Download
1
Tags:
Embed Size (px)
DESCRIPTION
A presentation made to our Ruby users group. Intended to provoke/inspire discussion about unusual (sometimes obscure?) coding using some of the lesser-known Ruby syntax features. The code itself is taken from the Ruby gem at https://github.com/kickstarter/rack-attack If you have Deckset, contact me ([email protected]) and I will be glad to send you the "source code" for the presentation.
Citation preview
WeirdRuby
Scott Smith· https://github.com/oldfartdeveloper
· Twitter @ofd· Blog http://blog.scottnelsonsmith.com
Co-run· OC-Ruby· Ember-SC
Rack Attack· A Gem: rackattack
· Ruby expressions I've never seen before
Can you tell me what they mean?
Here goes!
Operator Methodwith arguments
module Rack class Attack class Check attr_reader :name, :block, :type def initialize(name, options = {}, block) @name, @block = name, block @type = options.fetch(:type, nil) end
# Wha'? What's this do? def [](req) block[req].tap {|match| if match req.env["rack.attack.matched"] = name req.env["rack.attack.match_type"] = type Rack::Attack.instrument(req) end } end
end endend
"or" and ","operators
· Precedences?· Parenthesis (or lack of them)
module Rack class Attack class Fail2Ban class << self def filter(discriminator, options)
# Wha? What's happening here? bantime = options[:bantime] or raise ArgumentError, "Must pass bantime option" findtime = options[:findtime] or raise ArgumentError, "Must pass findtime option" maxretry = options[:maxretry] or raise ArgumentError, "Must pass maxretry option"
...
Don' DoNuttin'
module Rack class Attack class Request < ::Rack::Request end endend
instance orclass var?
class Rack::Attack
...
class << self
# Wha? These instance or class accessors? attr_accessor :notifier, :blacklisted_response, :throttled_response
def whitelist(name, &block) self.whitelists[name] = Whitelist.new(name, block) end
...
# Wha? Is @whitelists an instance or class var? def whitelists; @whitelists ||= {}; end
...
end
...
Is itinstanceor classmethod?
Within Rack::Attack we have this instance method
def call(env) req = Rack::Attack::Request.new(env)
# Wha? Is #whitelisted? an instance or class method? if whitelisted?(req) @app.call(env) elsif blacklisted?(req) self.class.blacklisted_response[env] elsif throttled?(req) self.class.throttled_response[env] else tracked?(req) @app.call(env) end end
NudityIn a class but not in a method
class Rack::Attack
# Wha? throttle('req/ip', :limit => (ENV['RACKATTACK_LIMIT'].present? ? Integer(ENV['RACKATTACK_LIMIT']) : 300), :period => (ENV['RACKATTACK_PERIOD'].present? ? Integer(ENV['RACKATTACK_PERIOD']) : 1.minutes)) do |req| req.ip end
whitelist('from hedgeye office') do |req| if (whitelist_pattern = ENV['WHITELIST_IP_PATTERN']) && !whitelist_pattern.blank? Rails.logger.info("#{req.ip} =~ /#{whitelist_pattern}/ #=> #{req.ip =~ /#{whitelist_pattern}/}") req.ip =~ /#{whitelist_pattern}/ end end
# https://www.pivotaltracker.com/n/projects/414867/stories/76620326 blacklist('block bad user agent request from Chinese bot') do |req| offset = req.user_agent =~ /\WEasouSpider\W/ !offset.nil? && offset >= 0 end
self.throttled_response = lambda do |env| [ 503, # status {}, # headers ['']] # body end endend
SCORE7 out of 7 - godotherwise: mortalThanks for playing