QueryWise 0.2.0

data/app/services/slow_query_analyzer_service.rb

@@ -0,0 +1,225 @@
+class SlowQueryAnalyzerService
+  attr_reader :queries, :slow_threshold, :very_slow_threshold, :critical_threshold
+
+  def initialize(queries, slow_threshold: 200, very_slow_threshold: 1000, critical_threshold: 5000)
+    @queries = Array(queries)
+    @slow_threshold = slow_threshold
+    @very_slow_threshold = very_slow_threshold
+    @critical_threshold = critical_threshold
+  end
+
+  def self.analyze(queries, **options)
+    new(queries, **options).analyze
+  end
+
+  def analyze
+    slow_query_issues = []
+
+    queries.each do |query|
+      next unless query.duration_ms && query.duration_ms > slow_threshold
+
+      issue = analyze_slow_query(query)
+      slow_query_issues << issue if issue
+    end
+
+    slow_query_issues
+  end
+
+  private
+
+  def analyze_slow_query(query)
+    parser = SqlParserService.new(query.sql_query)
+    return nil unless parser.valid?
+
+    severity = calculate_severity(query.duration_ms)
+    complexity_issues = analyze_query_complexity(parser)
+    optimization_suggestions = generate_optimization_suggestions(parser, query, complexity_issues)
+
+    {
+      type: 'slow_query',
+      query_analysis: query,
+      duration_ms: query.duration_ms,
+      severity: severity,
+      table_name: parser.primary_table,
+      query_type: parser.query_type,
+      complexity_issues: complexity_issues,
+      suggestions: optimization_suggestions,
+      pattern_signature: parser.query_signature
+    }
+  end
+
+  def calculate_severity(duration_ms)
+    case duration_ms
+    when 0...slow_threshold
+      'normal'
+    when slow_threshold...very_slow_threshold
+      'slow'
+    when very_slow_threshold...critical_threshold
+      'very_slow'
+    else
+      'critical'
+    end
+  end
+
+  def analyze_query_complexity(parser)
+    issues = []
+
+    # Check for SELECT * queries
+    if parser.sql_query.match?(/SELECT\s+\*/i)
+      issues << {
+        type: 'select_star',
+        description: 'Using SELECT * can be inefficient',
+        impact: 'medium'
+      }
+    end
+
+    # Check for missing WHERE clause on large tables
+    if parser.query_type == 'SELECT' && parser.where_conditions.empty?
+      issues << {
+        type: 'no_where_clause',
+        description: 'Query without WHERE clause may scan entire table',
+        impact: 'high'
+      }
+    end
+
+    # Check for complex WHERE conditions
+    where_conditions = parser.where_conditions
+    if where_conditions.length > 5
+      issues << {
+        type: 'complex_where',
+        description: 'Query has many WHERE conditions which may be inefficient',
+        impact: 'medium'
+      }
+    end
+
+    # Check for function calls in WHERE clause
+    if parser.sql_query.match?(/WHERE.*\w+\(/i)
+      issues << {
+        type: 'function_in_where',
+        description: 'Function calls in WHERE clause prevent index usage',
+        impact: 'high'
+      }
+    end
+
+    # Check for LIKE with leading wildcard
+    if parser.sql_query.match?(/LIKE\s+['"]%/i)
+      issues << {
+        type: 'leading_wildcard_like',
+        description: 'LIKE with leading wildcard cannot use indexes efficiently',
+        impact: 'high'
+      }
+    end
+
+    # Check for OR conditions
+    if parser.sql_query.match?(/\bOR\b/i)
+      issues << {
+        type: 'or_conditions',
+        description: 'OR conditions can prevent efficient index usage',
+        impact: 'medium'
+      }
+    end
+
+    # Check for subqueries
+    if parser.sql_query.match?(/\(\s*SELECT/i)
+      issues << {
+        type: 'subquery',
+        description: 'Subqueries may be less efficient than JOINs',
+        impact: 'medium'
+      }
+    end
+
+    issues
+  end
+
+  def generate_optimization_suggestions(parser, query, complexity_issues)
+    suggestions = []
+
+    # Duration-based suggestions
+    if query.duration_ms > critical_threshold
+      suggestions << {
+        title: 'Critical Performance Issue',
+        description: "Query takes #{query.duration_ms}ms which is extremely slow",
+        priority: 'critical',
+        recommendation: 'Immediate optimization required - consider query rewrite, indexing, or caching'
+      }
+    elsif query.duration_ms > very_slow_threshold
+      suggestions << {
+        title: 'Very Slow Query',
+        description: "Query takes #{query.duration_ms}ms which significantly impacts performance",
+        priority: 'high',
+        recommendation: 'High priority optimization needed'
+      }
+    elsif query.duration_ms > slow_threshold
+      suggestions << {
+        title: 'Slow Query',
+        description: "Query takes #{query.duration_ms}ms which may impact user experience",
+        priority: 'medium',
+        recommendation: 'Consider optimization when possible'
+      }
+    end
+
+    # Complexity-based suggestions
+    complexity_issues.each do |issue|
+      case issue[:type]
+      when 'select_star'
+        suggestions << {
+          title: 'Avoid SELECT *',
+          description: 'SELECT * retrieves all columns, including unnecessary ones',
+          priority: 'medium',
+          recommendation: 'Specify only the columns you need: SELECT id, name, email FROM users',
+          sql_example: parser.sql_query.gsub(/SELECT\s+\*/i, 'SELECT id, name, created_at')
+        }
+      when 'no_where_clause'
+        suggestions << {
+          title: 'Add WHERE clause',
+          description: 'Queries without WHERE clauses scan entire tables',
+          priority: 'high',
+          recommendation: 'Add appropriate WHERE conditions to limit the result set',
+          sql_example: "#{parser.sql_query.chomp} WHERE created_at > '2023-01-01'"
+        }
+      when 'function_in_where'
+        suggestions << {
+          title: 'Avoid functions in WHERE clause',
+          description: 'Functions in WHERE prevent index usage',
+          priority: 'high',
+          recommendation: 'Move function calls out of WHERE or create functional indexes'
+        }
+      when 'leading_wildcard_like'
+        suggestions << {
+          title: 'Optimize LIKE patterns',
+          description: 'Leading wildcards in LIKE prevent index usage',
+          priority: 'high',
+          recommendation: 'Use full-text search or avoid leading wildcards when possible'
+        }
+      when 'or_conditions'
+        suggestions << {
+          title: 'Consider alternatives to OR',
+          description: 'OR conditions can prevent efficient index usage',
+          priority: 'medium',
+          recommendation: 'Consider using UNION or IN clauses instead of OR'
+        }
+      when 'subquery'
+        suggestions << {
+          title: 'Consider JOIN instead of subquery',
+          description: 'JOINs are often more efficient than subqueries',
+          priority: 'medium',
+          recommendation: 'Rewrite subqueries as JOINs when possible'
+        }
+      end
+    end
+
+    # Index suggestions based on WHERE conditions
+    where_columns = parser.where_columns
+    if where_columns.any?
+      suggestions << {
+        title: 'Consider adding indexes',
+        description: "Query filters on columns: #{where_columns.join(', ')}",
+        priority: 'medium',
+        recommendation: "Consider adding indexes on frequently queried columns",
+        sql_example: where_columns.map { |col| "CREATE INDEX idx_#{parser.primary_table}_#{col} ON #{parser.primary_table}(#{col});" }.join("\n")
+      }
+    end
+
+    suggestions
+  end
+end

data/app/services/sql_parser_service.rb

@@ -0,0 +1,352 @@
+class SqlParserService
+  attr_reader :sql_query, :parsed_query, :parse_tree
+
+  def initialize(sql_query)
+    @sql_query = sql_query.strip
+    @parsed_query = nil
+    @parse_tree = nil
+    parse_query
+  end
+
+  def self.parse(sql_query)
+    new(sql_query)
+  end
+
+  # Extract the main table being queried
+  def primary_table
+    return nil unless parsed_query
+
+    case query_type.downcase
+    when 'select'
+      extract_from_table
+    when 'insert'
+      extract_insert_table
+    when 'update'
+      extract_update_table
+    when 'delete'
+      extract_delete_table
+    else
+      nil
+    end
+  end
+
+  # Get all tables referenced in the query
+  def all_tables
+    return [] unless parsed_query
+
+    tables = []
+    
+    # Extract from FROM clauses
+    tables.concat(extract_from_tables)
+    
+    # Extract from JOIN clauses
+    tables.concat(extract_join_tables)
+    
+    # Extract from subqueries
+    tables.concat(extract_subquery_tables)
+    
+    tables.uniq.compact
+  end
+
+  # Extract WHERE clause conditions
+  def where_conditions
+    return [] unless parsed_query
+
+    conditions = []
+    stmt = first_statement
+
+    if stmt&.select_stmt&.where_clause
+      extract_where_conditions_recursive(stmt.select_stmt.where_clause, conditions)
+    elsif stmt&.update_stmt&.where_clause
+      extract_where_conditions_recursive(stmt.update_stmt.where_clause, conditions)
+    elsif stmt&.delete_stmt&.where_clause
+      extract_where_conditions_recursive(stmt.delete_stmt.where_clause, conditions)
+    end
+
+    conditions
+  end
+
+  # Extract columns used in WHERE clauses
+  def where_columns
+    where_conditions.map { |condition| condition[:column] }.compact.uniq
+  end
+
+  # Extract JOIN conditions
+  def join_conditions
+    return [] unless parsed_query
+
+    joins = []
+    extract_join_conditions_recursive(parse_tree, joins)
+    joins
+  end
+
+  # Determine query type (SELECT, INSERT, UPDATE, DELETE)
+  def query_type
+    return nil unless parsed_query
+
+    stmt = first_statement
+    return nil unless stmt
+
+    if stmt.select_stmt
+      'SELECT'
+    elsif stmt.insert_stmt
+      'INSERT'
+    elsif stmt.update_stmt
+      'UPDATE'
+    elsif stmt.delete_stmt
+      'DELETE'
+    else
+      'UNKNOWN'
+    end
+  end
+
+  # Check if query has potential for N+1 pattern
+  def potential_n_plus_one?
+    return false unless query_type == 'SELECT'
+
+    # Look for single-row lookups by ID or foreign key
+    where_conditions.any? do |condition|
+      column = condition[:column]
+      next false unless column
+
+      # Match patterns like: id, user_id, posts.id, table.column_id
+      id_pattern = column.match?(/\bid\b|_id$/i)
+
+      id_pattern &&
+      condition[:operator] == '=' &&
+      (condition[:value_type] == 'param' || condition[:value_type] == 'integer')
+    end
+  end
+
+  # Extract ORDER BY columns
+  def order_by_columns
+    return [] unless parsed_query && query_type == 'SELECT'
+
+    columns = []
+
+    # Use regex to extract ORDER BY columns
+    if sql_query.match?(/ORDER\s+BY/i)
+      # Extract everything after ORDER BY
+      order_part = sql_query.split(/ORDER\s+BY/i)[1]
+      return [] unless order_part
+
+      # Remove everything after LIMIT, OFFSET, or end of string
+      order_clause = order_part.split(/\s+(?:LIMIT|OFFSET|;)/i)[0].strip
+
+      # Split by comma and extract column names
+      order_clause.split(',').each do |item|
+        # Remove ASC/DESC and whitespace, extract column name
+        column = item.strip.gsub(/\s+(ASC|DESC)\s*$/i, '').strip
+        # Handle table.column format
+        column = column.split('.').last if column.include?('.')
+        # Remove any remaining whitespace or quotes
+        column = column.gsub(/["`']/, '').strip
+        columns << column unless column.empty?
+      end
+    end
+
+    columns.uniq
+  end
+
+  # Check if query uses indexes (basic heuristic)
+  def likely_uses_index?
+    # Simple heuristic: queries with WHERE on id columns likely use indexes
+    where_columns.any? { |col| col.match?(/(_id|\.id)$/i) }
+  end
+
+  # Generate a normalized query signature for similarity detection
+  def query_signature
+    normalized = sql_query.gsub(/\$\d+/, '?')             # Replace parameter placeholders first
+                          .gsub(/\b\d+\b/, '?')           # Replace numbers
+                          .gsub(/'[^']*'/, '?')           # Replace string literals
+                          .gsub(/\s+/, ' ')               # Normalize whitespace
+                          .strip
+                          .downcase
+
+    Digest::SHA256.hexdigest(normalized)
+  end
+
+  # Check if query is valid
+  def valid?
+    !parsed_query.nil?
+  end
+
+  # Get parsing errors
+  def errors
+    @errors ||= []
+  end
+
+  private
+
+  def first_statement
+    return nil unless parsed_query&.tree&.stmts&.first
+    parsed_query.tree.stmts.first.stmt
+  end
+
+  def parse_query
+    begin
+      @parsed_query = PgQuery.parse(sql_query)
+      @parse_tree = @parsed_query
+      @errors = []
+    rescue PgQuery::ParseError => e
+      @errors = [e.message]
+      @parsed_query = nil
+      @parse_tree = nil
+    rescue => e
+      @errors = ["Unexpected parsing error: #{e.message}"]
+      @parsed_query = nil
+      @parse_tree = nil
+    end
+  end
+
+  def extract_from_table
+    stmt = first_statement
+    return nil unless stmt&.select_stmt&.from_clause&.first
+
+    range_var = stmt.select_stmt.from_clause.first.range_var
+    range_var&.relname
+  end
+
+  def extract_insert_table
+    stmt = first_statement
+    stmt&.insert_stmt&.relation&.relname
+  end
+
+  def extract_update_table
+    stmt = first_statement
+    stmt&.update_stmt&.relation&.relname
+  end
+
+  def extract_delete_table
+    stmt = first_statement
+    stmt&.delete_stmt&.relation&.relname
+  end
+
+  def extract_from_tables
+    tables = []
+    stmt = first_statement
+    return tables unless stmt&.select_stmt&.from_clause
+
+    stmt.select_stmt.from_clause.each do |item|
+      if item.range_var
+        tables << item.range_var.relname
+      end
+    end
+
+    tables
+  end
+
+  def extract_join_tables
+    # This would need more complex parsing for JOIN clauses
+    # For now, return empty array - can be enhanced
+    []
+  end
+
+  def extract_subquery_tables
+    # This would need recursive parsing for subqueries
+    # For now, return empty array - can be enhanced
+    []
+  end
+
+  def extract_where_conditions_recursive(node, conditions)
+    return unless node
+
+    if node.respond_to?(:a_expr) && node.a_expr
+      condition = parse_a_expr(node.a_expr)
+      conditions << condition if condition
+    elsif node.respond_to?(:bool_expr) && node.bool_expr
+      # Handle AND/OR expressions
+      node.bool_expr.args&.each do |arg|
+        extract_where_conditions_recursive(arg, conditions)
+      end
+    end
+
+    # Recursively search through the node structure
+    if node.respond_to?(:each)
+      node.each do |item|
+        extract_where_conditions_recursive(item, conditions)
+      end
+    elsif node.class.name.start_with?('PgQuery::')
+      # For PgQuery objects, iterate through their attributes
+      node.instance_variables.each do |var|
+        value = node.instance_variable_get(var)
+        extract_where_conditions_recursive(value, conditions)
+      end
+    end
+  end
+
+  def parse_a_expr(expr)
+    return nil unless expr.kind == :AEXPR_OP
+
+    left = expr.lexpr
+    right = expr.rexpr
+    operator = expr.name&.first&.string&.sval
+
+    column = extract_column_ref(left)
+    value_info = extract_value_info(right)
+
+    {
+      column: column,
+      operator: operator,
+      value: value_info[:value],
+      value_type: value_info[:type]
+    }
+  end
+
+  def extract_column_ref(node)
+    return nil unless node&.column_ref
+
+    fields = node.column_ref.fields
+    return nil unless fields
+
+    # Handle table.column or just column
+    if fields.length == 2
+      table = fields[0]&.string&.sval
+      column = fields[1]&.string&.sval
+      "#{table}.#{column}"
+    elsif fields.length == 1
+      fields[0]&.string&.sval
+    end
+  end
+
+  def extract_value_info(node)
+    if node&.a_const
+      const = node.a_const
+      if const.isnull
+        { value: nil, type: 'null' }
+      elsif const.ival
+        { value: const.ival.ival, type: 'integer' }
+      elsif const.sval
+        { value: const.sval.sval, type: 'string' }
+      elsif const.boolval
+        { value: const.boolval.boolval, type: 'boolean' }
+      else
+        { value: const.to_s, type: 'unknown' }
+      end
+    elsif node&.param_ref
+      { value: "$#{node.param_ref.number}", type: 'param' }
+    else
+      { value: node.to_s, type: 'expression' }
+    end
+  end
+
+  def extract_join_conditions_recursive(node, joins)
+    # Implementation for JOIN condition extraction
+    # This is complex and would need detailed parsing
+    # For now, placeholder
+  end
+
+  def extract_order_by_recursive(node, columns)
+    return unless node
+
+    stmt = first_statement
+    return unless stmt&.select_stmt&.sort_clause
+
+    stmt.select_stmt.sort_clause.each do |sort_item|
+      if sort_item.node&.column_ref
+        column_ref = extract_column_ref(sort_item.node)
+        columns << column_ref if column_ref
+      end
+    end
+  end
+end

data/app/validators/query_data_validator.rb

@@ -0,0 +1,96 @@
+class QueryDataValidator
+  include ActiveModel::Validations
+  
+  attr_accessor :sql, :duration_ms
+  
+  validates :sql, presence: { message: "SQL query is required" }
+  validates :sql, length: { 
+    minimum: 10, 
+    maximum: 10000, 
+    message: "SQL query must be between 10 and 10,000 characters" 
+  }
+  validates :duration_ms, numericality: { 
+    greater_than_or_equal_to: 0, 
+    less_than: 3600000,  # 1 hour max
+    message: "Duration must be between 0 and 3,600,000 milliseconds"
+  }, allow_nil: true
+  
+  def initialize(query_data)
+    @sql = query_data[:sql] || query_data['sql']
+    @duration_ms = query_data[:duration_ms] || query_data['duration_ms']
+  end
+  
+  def self.validate_queries(queries_data)
+    errors = []
+
+    unless queries_data.is_a?(Array)
+      return ["Queries must be an array"]
+    end
+
+    if queries_data.empty?
+      return ["At least one query is required"]
+    end
+
+    if queries_data.length > 100
+      return ["Maximum 100 queries allowed per request"]
+    end
+    
+    queries_data.each_with_index do |query_data, index|
+      validator = new(query_data)
+      unless validator.valid?
+        validator.errors.messages.each do |attribute, messages|
+          messages.each do |message|
+            errors << "Query #{index + 1}: #{message}"
+          end
+        end
+      end
+      
+      # Additional SQL validation
+      sql = query_data[:sql] || query_data['sql']
+      if sql.present?
+        sql_errors = validate_sql_content(sql, index + 1)
+        errors.concat(sql_errors)
+      end
+    end
+    
+    errors
+  end
+  
+  private
+  
+  def self.validate_sql_content(sql, index)
+    errors = []
+    
+    # Check for dangerous SQL patterns
+    dangerous_patterns = [
+      /\bDROP\s+/i,
+      /\bDELETE\s+FROM\s+(?!.*WHERE)/i,  # DELETE without WHERE
+      /\bTRUNCATE\s+/i,
+      /\bALTER\s+/i,
+      /\bCREATE\s+/i,
+      /\bINSERT\s+INTO\s+(?!.*VALUES)/i,  # INSERT without VALUES
+      /\bUPDATE\s+(?!.*WHERE)/i,  # UPDATE without WHERE
+      /\bGRANT\s+/i,
+      /\bREVOKE\s+/i
+    ]
+    
+    dangerous_patterns.each do |pattern|
+      if sql.match?(pattern)
+        errors << "Query #{index}: Contains potentially dangerous SQL pattern"
+        break
+      end
+    end
+    
+    # Check for basic SQL structure
+    unless sql.match?(/\b(SELECT|INSERT|UPDATE|DELETE)\b/i)
+      errors << "Query #{index}: Must be a valid SQL statement (SELECT, INSERT, UPDATE, or DELETE)"
+    end
+    
+    # Check for excessive complexity
+    if sql.scan(/\bSELECT\b/i).length > 5
+      errors << "Query #{index}: Query appears to be too complex (too many subqueries)"
+    end
+    
+    errors
+  end
+end

data/app/views/layouts/mailer.html.erb

@@ -0,0 +1,13 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+    <style>
+      /* Email styles need to be inline */
+    </style>
+  </head>
+
+  <body>
+    <%= yield %>
+  </body>
+</html>

data/app/views/layouts/mailer.text.erb

@@ -0,0 +1 @@
+<%= yield %>