If you’ve ever tried to concatenating two or more querysets from different models (i.e. combined = queryset1 | queryset2), you’ve hit this lovely error:
Cannot combine queries on two different base models.
The solution to this is to use itertools.
This allows you to not only combine the querysets into a single iterable, but it also allows you to sort the entire set by a shared field such as the date created:
I’m currently building out a metrics dashboard and I wanted to incorporate Google Analytics data along with my own data. Google maintains a Python client so I figured this would be easy. Grab some OAuth 2 keys and away we go.
Sadly that’s not the case. It took a bit of digging and piecing together numerous articles and blog posts to get everything working.
So here’s how to do it…
1) First you’ll need to login to the Google Developers Console and create a new project. If you’ve already got a project to use, you can skip this step.
2) Next, activate the Google Analytics API for your project.
3) Then create your credentials by creating a new service account.
4) When you create the credentials, you will automatically download a P12 key file (.p12). Save this with your Python application as you’ll be using it shortly.
5) The next step is SUPER important – even though you’ve created API credentials, you still need to give them permission to access your Google Analytics account. Follow the steps outlined here to add a new user to your Google Analytics account, using the email address generated as part of the service account above.
6) Now that we’ve got all of that set up, we’re ready to move over to Python. First step is to install the requirements:
7) Since we’re going to use the P12 key, we’ll also need to install pyOpenSSL:
8) Finally, it’s time for the code…
Benedict Evans wrote a great post on Apple Pay and asked the question – what’s next?
Well here’s a guess (pulled from these tweets)…
1/12
I haven’t seen Apple Pay website integration discussed much yet
2/12
So here’s a guess as to how it will work…
3/12
At the beginning of a site’s checkout flow (i.e. before filling out any forms), you’ll click the Pay button
4/12
The site will ping Apple via the API which will in turn ping your iOS device (similar to 2-factor auth)
5/12
You’ll select the card to pay with and use your thumb to approve
6/12
The site will then receive a payment token to charge the order to
7/12
Ideally the site could then pull your billing / shipping info from Apple to skip those forms as well
8/12
The only step remaining will be to hit the checkout button (perhaps you tap your thumb a second time to confirm)
9/12
Simple, clean and no more credit cards online
10/12
Bonus – an obvious extension is to use the same system for 2-factor auth
11/12
Rather than enter the code shown in Google Authenticator or Authy, just press your finger
12/12
Which begs the question, could you even remove the password requirement?
I’ve got an important demo coming up in a few weeks (more on that at a later date) and like any good presenter, I’m going to assume that things won’t work. WiFi will be slow or non-existant (maybe I won’t upgrade to Yosemite just yet), my local web server will mysteriously stop responding and I’ll drop my laptop on the way there.
So at a minimum I’ll need two computers prepped with a site that will run 100% correctly without an internet connection. A backup screencap of the demo is probably a good idea as well.
For the majority of the application, running offline won’t be an issue – point the config files at a local database, turn off the CDN, etc. But there’s one resource that is strictly web-based – Adobe’s Typekit. As of this writing they only provide CDN access to the fonts so you can’t simply download the font files and use them.
Presenting without the fonts is not an option so either I purchase the actual font files for a few hundred bucks or I figure out how to hack Typekit.
Obviously I’m going with option two so here we go…
If you’ve used Typekit before, you’ll be familiar with the following snippet they provide to add fonts to your site.
This JavaScript file is responsible for loading the CSS that contains the font data from Typekit’s CDN (the URL is set in line 9 – “f”:”//use.typekit.net…”). So the first thing to do is download this file and save it locally.
The next step is to grab the CSS file that’s specified in the JavaScript file (the use.typekit.net address in line 9).
UPDATE: It appears that Typekit has changed the way the CSS file is loaded. You’ll need to use a tool such as Chrome’s network inspector to retrieve the full URL to the file. It will look something like this:
Now we’ve got the two files necessary to render the fonts, but we need to do a couple things before they’ll actually work.
First we need to update the HTML snippet to point to our local JS file.
Next edit the JS file so that it points to the local version of the CSS file (specifically, set the following to your local path – “f”:”/offline/fonts/”).
The important thing to note here is that I haven’t pointed directly to the CSS file (i.e. “f”:”/offline/fonts.css”). Unfortunately the JS file adds a slash to that URL based on some regex which prevents it from loading (i.e. /offline/fonts.css/).
So rather than figure out what to edit in the JS, I simply set up a new view in Django to serve the file at a path with a slash at the end (i.e. “f”:”/offline/fonts/”).
With that in place, I can now run the site completely offline without depending on Typekit’s CDN for font delivery.
And one last note, don’t forget to set Typekit to allow your local domain as explained here.
I ran into a situation today where I needed to have a master EC2 instance sync its files to an array of other EC2 instances. Using SSH and rsync makes this trivial except for one thing, how to connect using the PEM file instead of a username / password combo.
The trick is to pass the PEM file to SSH using the rave parameter:
Other than everything works the same as typical rsync.
As of this morning the version of Xcode in the Mac App Store is still 6.0.1 and the Xcode downloads page in the developer center says available shortly.
But if you’ve upgraded to Yosemite and are using a package manager such as Homebrew, you’re required to have 6.1. So now what?
Simply head over to the main downloads page in the developer center and grab both Xcode 6.1 and the command line tools.
There’s a very nasty vulnerability in Bash that allows code execution via remote attackers:
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution.
To test if you’re vulnerable, simply execute this:
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
If the output includes the word “vulnerable,” then your system is vulnerable.
Amazon will be doing a massive restart of all EC2 instances this weekend (starting Friday and running through Sunday) to patch all affected systems. Managed services including RDS, ElastiCache, and RedShift will also be affected.
Instance types that will NOT be impacted:
AWS plans to stage the reboot process so that each region will have only one AZ patched each day. Additionally, AWS states that it will not patch instances in multiple regions at the same time within the same AWS account.
More info here:
https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271
https://alas.aws.amazon.com/ALAS-2014-418.html
Google has announced that they are sunsetting SHA-1 (as used in certificate signatures for HTTPS) with Chrome 39 in November 2014. SHA-1 root certificates are not affected by this plan.
Most providers are offering free upgrades to SHA-2 certificates so be sure to contact yours to see if you qualify.
More info can be found on Google’s security blog.
By default Amazon’s S3 doesn’t set any Cache Control headers. Even worse, the only way to set them via their S3 management console is file-by-file.
Not exactly scalable.
Until they give us a quick and easy way to do this, here’s a simple Python script using Boto (thanks to Blackpawn).
Note that the script iterates over every object in your buckets, so if you have a ton of objects, it may not be the solution for you.
