blazer 2.2.1 → 2.2.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: eedba409f17c85953be66d2b295f1857fb61de146d5c88288509440f419853e7
-  data.tar.gz: ad0f8f433ad5be3052eb0237f86121c6a59147b2e240fb2a41d68611e69d3022
+  metadata.gz: cfb774d21d8d5756c2fc273c2148542e26550452ea886adf92023c411b45200a
+  data.tar.gz: 8200979166341f38e0647fbb566f1fd8ead6895ea254a12ead4901e344d80f38
 SHA512:
-  metadata.gz: 8e4236c254472fb2bdc9a8cb107306d7263a11ade5b8f223cefc2363431f6f9ffeb7087d373a95823bf53112c9869871d132764232754898f8740c72ea01ceea
-  data.tar.gz: bb12b6473ef4702adea12a9847ef020e0f8277d9714816cbfc511262345bffbbc8aa5530a7310dd4a263f634a493286f446bc8c4db48428f6c396109b2dce474
+  metadata.gz: d6705d3dd2c27db9aeb36b9afd2e9a335d876f36865c5bbaade10f13cca80436ec3c31787231c16b591fd78481cdbb7f11df82de00417fd71d5005b1db038b11
+  data.tar.gz: 50c2230e80ad2a0e487197c8593a4c774a0f58304ed88b704860ce4550029202f677042a685b7457a57c67b6e660a82f4692ba529a5eabb41c17d2d1182c3fce

data/CHANGELOG.md

@@ -1,27 +1,51 @@
-## 2.2.1
+## 2.2.6 (2020-07-21)
+
+- Added experimental support for InfluxDB
+- Added support for forecasting week, month, quarter, and year with Prophet
+- Fixed forecasting link not showing up
+
+## 2.2.5 (2020-06-03)
+
+- Updated maps to fix deprecation error
+
+## 2.2.4 (2020-05-30)
+
+- Fixed error with new queries
+
+## 2.2.3 (2020-05-30)
+
+- Improved query parameter handling
+
+## 2.2.2 (2020-04-13)
+
+- Added experimental support for the Socrata Open Data API (SODA)
+- Added experimental Prophet forecasting
+- Fixed query search for non-ASCII characters
+
+## 2.2.1 (2019-10-08)
 
 - Added support for Sprockets 4
 - Improved Snowflake table preview
 - Fixed bug with refresh link not showing
 
-## 2.2.0
+## 2.2.0 (2019-07-12)
 
 - Added schema to table preview for Postgres and Redshift
 - Fixed bug with Slack notifications not sending
 - Dropped support for Rails 4.2
 
-## 2.1.0
+## 2.1.0 (2019-06-04)
 
 - Require latest Chartkick to prevent possible XSS - see [#245](https://github.com/ankane/blazer/issues/245)
 
-## 2.0.2
+## 2.0.2 (2019-05-26)
 
 - Added support for variable transformation for blind indexing
 - Added experimental support for Neo4j
 - Added experimental support for Salesforce
 - Fixed JavaScript sorting for numbers with commas
 
-## 2.0.1
+## 2.0.1 (2019-01-07)
 
 - Added favicon
 - Added search for checks and schema
@@ -32,7 +56,7 @@
 - Improved docs for new installs
 - Fixed error with canceling queries
 
-## 2.0.0
+## 2.0.0 (2019-01-03)
 
 - Added support for Slack
 - Added `async` option
@@ -45,68 +69,67 @@ Breaking changes
 
 - Dropped support for Rails < 4.2
 
-## 1.9.0
+## 1.9.0 (2018-06-17)
 
 - Prompt developers to check custom `before_action`
 - Better ordering on home page
 - Added support for Snowflake
 
-## 1.8.2
+## 1.8.2 (2018-02-22)
 
 - Added support for Cassandra
 - Fixes for Druid
-
-## 1.8.1
-
 - Added support for Amazon Athena
 - Added support for Druid
 - Fixed query cancellation
 
-## 1.8.0
+There was no 1.8.1 release.
+
+## 1.8.0 (2017-05-01)
 
 - Added support for Rails 5.1
 
-## 1.7.10
+## 1.7.10 (2017-04-03)
 
 - Added support for Google BigQuery
 - Require `drill-sergeant` gem for Apache Drill
 - Better handling of checks with variables
 
-## 1.7.9
+## 1.7.9 (2017-03-20)
 
 - Added beta support for Apache Drill
 - Added email validation for checks
 - Updated Chart.js to 2.5.0
 
-## 1.7.8
+## 1.7.8 (2017-02-06)
 
 - Added support for custom adapters
 - Fixed bug with scatter charts on dashboards
 - Fixed table preview for SQL Server
 - Fixed issue when `default_url_options` set
 
-## 1.7.7
+## 1.7.7 (2016-12-17)
 
 - Fixed preview error for MySQL
 - Fixed error with timeouts for MySQL
 
-## 1.7.6
+## 1.7.6 (2016-12-13)
 
 - Added scatter chart
 - Fixed issue with false values showing up blank
 - Fixed preview for table names with certain characters
 
-## 1.7.5
+## 1.7.5 (2016-11-22)
 
 - Fixed issue with check emails sometimes failing for default Rails 5 ActiveJob adapter
 - Fixed sorting for new dashboards
 
-## 1.7.4
+## 1.7.4 (2016-11-06)
 
 - Removed extra dependencies added in 1.7.1
 - Fixed `send_failing_checks` for default Rails 5 ActiveJob adapter
 
-## 1.7.3
+## 1.7.3 (2016-11-01)
 
 - Fixed JavaScript errors
 - Fixed query cancel error
@@ -114,20 +137,20 @@ Breaking changes
 - Include sample data in email when bad data checks fail
 - Fixed deprecation warnings
 
-## 1.7.2
+## 1.7.2 (2016-10-30)
 
 - Cancel all queries on page nav
 - Prevent Ace from taking over find command
 - Added ability to use hashes for smart columns
 - Added ability to inherit smart variables and columns from other data sources
 
-## 1.7.1
+## 1.7.1 (2016-10-29)
 
 - Do not fork when enter key pressed
 - Use custom version of Chart.js to fix label overlap
 - Improved performance of home page
 
-## 1.7.0
+## 1.7.0 (2016-09-07)
 
 - Added ability to cancel queries on backend for Postgres and Redshift
 - Only run 3 queries at a time on dashboards
@@ -135,65 +158,65 @@ Breaking changes
 - Attempt to reconnect when connection issues
 - Fixed issues with caching
 
-## 1.6.2
+## 1.6.2 (2016-08-11)
 
 - Added basic query permissions
 - Added ability to use arrays and hashes for smart variables
 - Added cancel button for queries
 - Added `lat` and `lng` as map keys
 
-## 1.6.1
+## 1.6.1 (2016-07-30)
 
 - Added support for Presto [beta]
 - Added support for Elasticsearch timeouts
 - Fixed error in Rails 5
 
-## 1.6.0
+## 1.6.0 (2016-07-28)
 
 - Added support for MongoDB [beta]
 - Added support for Elasticsearch [beta]
 - Fixed deprecation warning in Rails 5
 
-## 1.5.1
+## 1.5.1 (2016-07-24)
 
 - Added anomaly detection for data less than 2 weeks
 - Added autolinking urls
 - Added support for images
 
-## 1.5.0
+## 1.5.0 (2016-06-29)
 
 - Added new bar chart format
 - Added anomaly detection checks
 - Added `async` option for polling
 
-## 1.4.0
+## 1.4.0 (2016-06-09)
 
 - Added `slow` cache mode
 - Fixed `BLAZER_DATABASE_URL required` error
 - Fixed issue with duplicate column names
 
-## 1.3.5
+## 1.3.5 (2016-05-11)
 
 - Fixed error with checks
 
-## 1.3.4
+## 1.3.4 (2016-05-11)
 
 - Fixed issue with missing queries
 
-## 1.3.3
+## 1.3.3 (2016-05-08)
 
 - Fixed error with Rails 4.1 and below
 
-## 1.3.2
+## 1.3.2 (2016-05-07)
 
 - Added support for Rails 5
 - Attempt to reconnect for checks
 
-## 1.3.1
+## 1.3.1 (2016-05-06)
 
 - Fixed migration error
 
-## 1.3.0
+## 1.3.0 (2016-05-06)
 
 - Added schedule for checks
 - Switched to Chart.js for charts
@@ -202,11 +225,11 @@ Breaking changes
 - Raise error when timeout not supported
 - Added creator to dashboards and checks
 
-## 1.2.1
+## 1.2.1 (2016-04-26)
 
 - Fixed checks
 
-## 1.2.0
+## 1.2.0 (2016-03-22)
 
 - Added non-editable queries
 - Added variable defaults
@@ -215,7 +238,7 @@ Breaking changes
 - Hide variables from commented out lines
 - Fixed regex as variable names
 
-## 1.1.1
+## 1.1.1 (2016-03-06)
 
 - Added `before_action` option
 - Added invert option for checks
@@ -224,7 +247,7 @@ Breaking changes
 - Fixed request URI too large
 - Prevent accidental backspace nav on query page
 
-## 1.1.0
+## 1.1.0 (2015-12-27)
 
 - Replaced pie charts with column charts
 - Fixed error with datepicker
@@ -232,55 +255,55 @@ Breaking changes
 - Added a notice when editing a query that is part of a dashboard
 - Added refresh for dashboards
 
-## 1.0.4
+## 1.0.4 (2015-11-04)
 
 - Added recently viewed queries and dashboards to home page
 - Fixed refresh when transform statement is used
 - Fixed error when no user model
 
-## 1.0.3
+## 1.0.3 (2015-10-18)
 
 - Added maps
 - Added support for Rails 4.0
 
-## 1.0.2
+## 1.0.2 (2015-10-11)
 
 - Fixed error when installing
 - Added `schemas` option
 
-## 1.0.1
+## 1.0.1 (2015-10-08)
 
 - Added comments to queries
 - Added `cache` option
 - Added `user_method` option
 - Added `use_transaction` option
 
-## 1.0.0
+## 1.0.0 (2015-10-04)
 
 - Added support for multiple data sources
 - Added dashboards
 - Added checks
 - Added support for Redshift
 
-## 0.0.8
+## 0.0.8 (2015-09-05)
 
 - Easier to edit queries with variables
 - Dynamically expand editor height as needed
 - No need for spaces in search
 
-## 0.0.7
+## 0.0.7 (2015-07-23)
 
 - Fixed error when no `User` class
 - Fixed forking a query with variables
 - Set time zone after Rails initializes
 
-## 0.0.6
+## 0.0.6 (2015-06-18)
 
 - Added fork button
 - Fixed trending
 - Fixed time zones for date select
 
-## 0.0.5
+## 0.0.5 (2015-01-31)
 
 - Added support for Rails 4.2
 - Fixed error with `mysql2` adapter

data/README.md

@@ -4,9 +4,9 @@ Explore your data with SQL. Easily create charts and dashboards, and share them
 
 [Try it out](https://blazer.dokkuapp.com)
 
-[![Screenshot](https://blazer.dokkuapp.com/assets/screenshot-6ca3115a518b488026e48be83ba0d4c9.png)](https://blazer.dokkuapp.com)
+[![Screenshot](https://blazer.dokkuapp.com/assets/blazer-90fb6ce8ad25614c6f9c3b4619cbfbd66fa3d6567dac34d83df540f6688665f1.png)](https://blazer.dokkuapp.com)
 
-Blazer 2.0 was recently released! See [instructions for upgrading](#20).
+Blazer is also available as a [Docker image](https://github.com/ankane/blazer-docker).
 
 :tangerine: Battle-tested at [Instacart](https://www.instacart.com/opensource)
 
@@ -426,10 +426,30 @@ If you’re on Heroku, follow [these additional instructions](#anomaly-detection
 
 ## Forecasting
 
-Blazer has experimental support for forecasting through [Trend](https://trendapi.org/).
+Blazer has experimental support for two different forecasting methods.
+
+A forecast link will appear for queries that return 2 columns with types timestamp and numeric.
 
 [Example](https://blazer.dokkuapp.com/queries/18-forecast?forecast=t)
 
+### Prophet
+
+Add [prophet](https://github.com/ankane/prophet) to your Gemfile:
+
+```ruby
+gem 'prophet-rb', '>= 0.2.1'
+```
+
+And add to `config/blazer.yml`:
+
+```yml
+forecasting: prophet
+```
+
+### Trend
+
+[Trend](https://trendapi.org/) uses an external service.
+
 Add [trend](https://github.com/ankane/trend) to your Gemfile:
 
 ```ruby
@@ -442,8 +462,6 @@ And add to `config/blazer.yml`:
 forecasting: trend
 ```
 
-A forecast link will appear for queries that return 2 columns with types timestamp and numeric.
-
 ## Data Sources
 
 Blazer supports multiple data sources :tada:
@@ -473,13 +491,15 @@ data_sources:
 - [Elasticsearch](#elasticsearch)
 - [Google BigQuery](#google-bigquery)
 - [IBM DB2 and Informix](#ibm-db2-and-informix)
+- [InfluxDB](#influxdb)
 - [MongoDB](#mongodb-1)
 - [MySQL](#mysql-1)
-- [Neo4j](#neo4j-experimental)
+- [Neo4j](#neo4j)
 - [Oracle](#oracle)
 - [PostgreSQL](#postgresql-1)
 - [Presto](#presto)
-- [Salesforce](#salesforce-experimental)
+- [Salesforce](#salesforce)
+- [Socrata Open Data API (SODA)](#socrata-open-data-api-soda)
 - [Snowflake](#snowflake)
 - [SQLite](#sqlite)
 - [SQL Server](#sql-server)
@@ -508,7 +528,7 @@ data_sources:
 
 ### Amazon Redshift
 
-Add [activerecord4-redshift-adapter](https://github.com/aamine/activerecord4-redshift-adapter) or [activerecord5-redshift-adapter](https://github.com/ConsultingMD/activerecord5-redshift-adapter) to your Gemfile and set:
+Add [activerecord6-redshift-adapter](https://github.com/kwent/activerecord6-redshift-adapter) or [activerecord5-redshift-adapter](https://github.com/ConsultingMD/activerecord5-redshift-adapter) to your Gemfile and set:
 
 ```yml
 data_sources:
@@ -573,7 +593,28 @@ data_sources:
 
 ### IBM DB2 and Informix
 
-Use [ibm_db](https://github.com/ibmdb/ruby-ibmdb).
+Add [ibm_db](https://github.com/ibmdb/ruby-ibmdb) to your Gemfile and set:
+
+```yml
+data_sources:
+  my_source:
+    url: ibm-db://user:password@hostname:50000/database
+```
+
+### InfluxDB
+
+*Experimental*
+
+Add [influxdb](https://github.com/influxdata/influxdb-ruby) to your Gemfile and set:
+
+```yml
+data_sources:
+  my_source:
+    adapter: influxdb
+    url: http://user:password@hostname:8086/database
+```
+
+Supports [InfluxQL](https://docs.influxdata.com/influxdb/v1.8/query_language/explore-data/)
 
 ### MongoDB
 
@@ -595,7 +636,9 @@ data_sources:
     url: mysql2://user:password@hostname:3306/database
 ```
 
-### Neo4j [experimental]
+### Neo4j
+
+*Experimental*
 
 Add [neo4j-core](https://github.com/neo4jrb/neo4j-core) to your Gemfile and set:
 
@@ -608,11 +651,17 @@ data_sources:
 
 ### Oracle
 
-Use [activerecord-oracle_enhanced-adapter](https://github.com/rsim/oracle-enhanced).
+Add [activerecord-oracle_enhanced-adapter](https://github.com/rsim/oracle-enhanced) and [ruby-oci8](https://github.com/kubo/ruby-oci8) to your Gemfile and set:
+
+```yml
+data_sources:
+  my_source:
+    url: oracle-enhanced://user:password@hostname:1521/database
+```
 
 ### PostgreSQL
 
-Add [pg](https://bitbucket.org/ged/ruby-pg/wiki/Home) to your Gemfile (if it’s not there) and set:
+Add [pg](https://github.com/ged/ruby-pg) to your Gemfile (if it’s not there) and set:
 
 ```yml
 data_sources:
@@ -630,7 +679,9 @@ data_sources:
     url: presto://user@hostname:8080/catalog
 ```
 
-### Salesforce [experimental]
+### Salesforce
+
+*Experimental*
 
 Add [restforce](https://github.com/restforce/restforce) to your Gemfile and set:
 
@@ -653,6 +704,22 @@ SALESFORCE_API_VERSION="41.0"
 
 Supports [SOQL](https://developer.salesforce.com/docs/atlas.en-us.soql_sosl.meta/soql_sosl/sforce_api_calls_soql.htm)
 
+### Socrata Open Data API (SODA)
+
+*Experimental*
+
+Set:
+
+```yml
+data_sources:
+  my_source:
+    adapter: soda
+    url: https://soda.demo.socrata.com/resource/4tka-6guv.json
+    app_token: ...
+```
+
+Supports [SoQL](https://dev.socrata.com/docs/functions/)
+
 ### Snowflake
 
 First, install ODBC. For Homebrew, use:
@@ -671,7 +738,7 @@ For Heroku, use the [Apt buildpack](https://github.com/heroku/heroku-buildpack-a
 
 ```text
 unixodbc-dev
-https://sfc-repo.snowflakecomputing.com/odbc/linux/2.19.16/snowflake-odbc-2.19.16.x86_64.deb
+https://sfc-repo.snowflakecomputing.com/odbc/linux/2.21.5/snowflake-odbc-2.21.5.x86_64.deb
 ```
 
 > This installs the driver at `/app/.apt/usr/lib/snowflake/odbc/lib/libSnowflake.so`

data/app/controllers/blazer/base_controller.rb

@@ -86,8 +86,22 @@ module Blazer
         [smart_var, error]
       end
 
-      def variable_params
-        params.except(:controller, :action, :id, :host, :query, :dashboard, :query_id, :query_ids, :table_names, :authenticity_token, :utf8, :_method, :commit, :statement, :data_source, :name, :fork_query_id, :blazer, :run_id).permit!
+      # don't pass to url helpers
+      #
+      # some are dangerous when passed as symbols
+      # root_url({host: "evilsite.com"})
+      #
+      # certain ones (like host) only affect *_url and not *_path
+      #
+      # when permitted parameters are passed in Rails 6,
+      # they appear to be added as GET parameters
+      # root_url(params.permit(:host))
+      BLACKLISTED_KEYS = [:controller, :action, :id, :host, :query, :dashboard, :query_id, :query_ids, :table_names, :authenticity_token, :utf8, :_method, :commit, :statement, :data_source, :name, :fork_query_id, :blazer, :run_id, :script_name, :original_script_name]
+
+      # remove blacklisted keys from both params and permitted keys for better sleep
+      def variable_params(resource)
+        permitted_keys = resource.variables - BLACKLISTED_KEYS.map(&:to_s)
+        params.except(*BLACKLISTED_KEYS).permit(*permitted_keys)
       end
       helper_method :variable_params
 

data/app/controllers/blazer/dashboards_controller.rb

@@ -43,7 +43,7 @@ module Blazer
 
     def update
       if update_dashboard(@dashboard)
-        redirect_to dashboard_path(@dashboard, variable_params)
+        redirect_to dashboard_path(@dashboard, variable_params(@dashboard))
       else
         render_errors @dashboard
       end
@@ -62,7 +62,7 @@ module Blazer
         Blazer.transform_statement.call(data_source, statement) if Blazer.transform_statement
         data_source.clear_cache(statement)
       end
-      redirect_to dashboard_path(@dashboard, variable_params)
+      redirect_to dashboard_path(@dashboard, variable_params(@dashboard))
     end
 
     private

data/app/controllers/blazer/queries_controller.rb

@@ -45,7 +45,7 @@ module Blazer
       @query.creator = blazer_user if @query.respond_to?(:creator)
 
       if @query.save
-        redirect_to query_path(@query, variable_params)
+        redirect_to query_path(@query, variable_params(@query))
       else
         render_errors @query
       end
@@ -156,7 +156,7 @@ module Blazer
       process_vars(@statement, @query.data_source)
       Blazer.transform_statement.call(data_source, @statement) if Blazer.transform_statement
       data_source.clear_cache(@statement)
-      redirect_to query_path(@query, variable_params)
+      redirect_to query_path(@query, variable_params(@query))
     end
 
     def update
@@ -168,7 +168,7 @@ module Blazer
         @query.errors.add(:base, "Sorry, permission denied")
       end
       if @query.errors.empty? && @query.update(query_params)
-        redirect_to query_path(@query, variable_params)
+        redirect_to query_path(@query, variable_params(@query))
       else
         render_errors @query
       end
@@ -176,7 +176,7 @@ module Blazer
 
     def destroy
       @query.destroy if @query.editable?(blazer_user)
-      redirect_to root_url
+      redirect_to root_path
     end
 
     def tables
@@ -249,7 +249,9 @@ module Blazer
                 r[lat_index] && r[lon_index]
               end.map do |r|
                 {
-                  title: r.each_with_index.map{ |v, i| i == lat_index || i == lon_index ? nil : "<strong>#{@columns[i]}:</strong> #{v}" }.compact.join("<br />").truncate(140),
+                  # Mapbox.js does sanitization with https://github.com/mapbox/sanitize-caja
+                  # but we should do it here as well
+                  title: r.each_with_index.map { |v, i| i == lat_index || i == lon_index ? nil : "<strong>#{ERB::Util.html_escape(@columns[i])}:</strong> #{ERB::Util.html_escape(v)}" }.compact.join("<br />").truncate(140),
                   latitude: r[lat_index],
                   longitude: r[lon_index]
                 }

data/app/helpers/blazer/base_helper.rb

@@ -14,7 +14,7 @@ module Blazer
     def blazer_format_value(key, value)
       if value.is_a?(Numeric) && !key.to_s.end_with?("id") && !key.to_s.start_with?("id")
         number_with_delimiter(value)
-      elsif value =~ BLAZER_URL_REGEX
+      elsif value.is_a?(String) && value =~ BLAZER_URL_REGEX
         # see if image or link
         if Blazer.images && (key.include?("image") || BLAZER_IMAGE_EXT.include?(value.split(".").last.split("?").first.try(:downcase)))
           link_to value, target: "_blank" do

data/app/mailers/blazer/slack_notifier.rb

@@ -60,6 +60,9 @@ module Blazer
       ActionController::Base.helpers.pluralize(*args)
     end
 
+    # checks shouldn't have variables, but in any case,
+    # avoid passing variable params to url helpers
+    # (known unsafe parameters are removed, but blacklist isn't ideal)
     def self.query_url(id)
       Blazer::Engine.routes.url_helpers.query_url(id, ActionMailer::Base.default_url_options)
     end

data/app/models/blazer/dashboard.rb

@@ -6,6 +6,10 @@ module Blazer
 
     validates :name, presence: true
 
+    def variables
+      queries.flat_map { |q| q.variables }.uniq
+    end
+
     def to_param
       [id, name.gsub("'", "").parameterize].join("-")
     end

data/app/views/blazer/check_mailer/failing_checks.html.erb

@@ -1,5 +1,6 @@
 <ul>
   <% @checks.each do |check| %>
+    <%# check queries shouldn't have variables, but in any case, don't pass them to url helpers %>
     <li><%= link_to check.query.name, query_url(check.query_id) %> <%= check.state %></li>
   <% end %>
 </ul>

data/app/views/blazer/check_mailer/state_change.html.erb

@@ -2,6 +2,7 @@
   <head>
   </head>
   <body style="font-family: 'Helvetica Neue', Arial, Helvetica; font-size: 14px; color: #333;">
+    <%# check queries shouldn't have variables, but in any case, don't pass them to url helpers %>
     <p><%= link_to "View", query_url(@check.query_id) %></p>
     <% if @error %>
       <p><%= @error %></p>

data/app/views/blazer/dashboards/_form.html.erb

@@ -1,4 +1,4 @@
-<%= form_for @dashboard, url: (@dashboard.persisted? ? dashboard_path(@dashboard, variable_params) : dashboards_path(variable_params)), html: {id: "app", class: "small-form"} do |f| %>
+<%= form_for @dashboard, url: (@dashboard.persisted? ? dashboard_path(@dashboard, variable_params(@dashboard)) : dashboards_path(variable_params(@dashboard))), html: {id: "app", class: "small-form"} do |f| %>
   <% if @dashboard.errors.any? %>
     <div class="alert alert-danger"><%= @dashboard.errors.full_messages.first %></div>
   <% end %>

data/app/views/blazer/dashboards/show.html.erb

@@ -10,7 +10,7 @@
         </h3>
       </div>
       <div class="col-sm-3 text-right">
-        <%= link_to "Edit", edit_dashboard_path(@dashboard, variable_params), class: "btn btn-info" %>
+        <%= link_to "Edit", edit_dashboard_path(@dashboard, variable_params(@dashboard)), class: "btn btn-info" %>
       </div>
     </div>
   </div>
@@ -21,7 +21,7 @@
 <% if @data_sources.any? { |ds| ds.cache_mode != "off" } %>
   <p class="text-muted" style="float: right;">
     Some queries may be cached
-    <%= link_to "Refresh", refresh_dashboard_path(@dashboard, variable_params), method: :post %>
+    <%= link_to "Refresh", refresh_dashboard_path(@dashboard, variable_params(@dashboard)), method: :post %>
   </p>
 <% end %>
 
@@ -33,7 +33,7 @@
 
 <% @queries.each_with_index do |query, i| %>
   <div class="chart-container">
-    <h4><%= link_to query.friendly_name, query_path(query, variable_params), target: "_blank" %></h4>
+    <h4><%= link_to query.friendly_name, query_path(query, variable_params(query)), target: "_blank" %></h4>
     <div id="chart-<%= i %>" class="chart">
       <p class="text-muted">Loading...</p>
     </div>

data/app/views/blazer/queries/_form.html.erb

@@ -3,7 +3,7 @@
 <% end %>
 
 <div id="app" v-cloak>
-  <%= form_for @query, url: (@query.persisted? ? query_path(@query, variable_params) : queries_path(variable_params)), html: {autocomplete: "off"} do |f| %>
+  <%= form_for @query, url: (@query.persisted? ? query_path(@query, variable_params(@query)) : queries_path(variable_params(@query))), html: {autocomplete: "off"} do |f| %>
     <div class="row">
       <div id="statement-box" class="col-xs-8">
         <div class= "form-group">
@@ -67,7 +67,7 @@
 </div>
 
 <script>
-  <%= blazer_js_var "params", variable_params %>
+  <%= blazer_js_var "params", variable_params(@query) %>
   <%= blazer_js_var "previewStatement", Hash[Blazer.data_sources.map { |k, v| [k, (v.preview_statement rescue "")] }] %>
 
   var app = new Vue({

data/app/views/blazer/queries/home.html.erb

@@ -71,7 +71,7 @@
   }
 
   var prepareQuery = function (str) {
-    return str.toLowerCase().replace(/\W+/g, "")
+    return str.toLowerCase()
   }
 
   var app = new Vue({

data/app/views/blazer/queries/run.html.erb

@@ -20,7 +20,7 @@
         <% end %>
 
         <% if @query && params[:query_id] %>
-          <%= link_to "Refresh", refresh_query_path(@query, variable_params), method: :post %>
+          <%= link_to "Refresh", refresh_query_path(@query, variable_params(@query)), method: :post %>
         <% end %>
       </p>
     <% end %>
@@ -36,7 +36,7 @@
 
       <% if @query && @result.forecastable? && !params[:forecast] %>
         &middot;
-        <%= link_to "Forecast", query_path(@query, {forecast: "t"}.merge(variable_params)) %>
+        <%= link_to "Forecast", query_path(@query, {forecast: "t"}.merge(variable_params(@query))) %>
       <% end %>
     </p>
   <% end %>
@@ -80,7 +80,8 @@
         <%= blazer_js_var "mapboxAccessToken", Blazer.mapbox_access_token %>
         <%= blazer_js_var "markers", @markers %>
         L.mapbox.accessToken = mapboxAccessToken;
-        var map = L.mapbox.map('map', 'ankane.ioo8nki0');
+        var map = L.mapbox.map('map')
+          .addLayer(L.mapbox.styleLayer('mapbox://styles/mapbox/streets-v11'));
         var featureLayer = L.mapbox.featureLayer().addTo(map);
         var geojson = [];
         for (var i = 0; i < markers.length; i++) {

data/app/views/blazer/queries/show.html.erb

@@ -10,8 +10,8 @@
         </h3>
       </div>
       <div class="col-sm-3 text-right">
-        <%= link_to "Edit", edit_query_path(@query, variable_params), class: "btn btn-default", disabled: !@query.editable?(blazer_user) %>
-        <%= link_to "Fork", new_query_path(variable_params.merge(fork_query_id: @query.id, data_source: @query.data_source, name: @query.name)), class: "btn btn-info" %>
+        <%= link_to "Edit", edit_query_path(@query, variable_params(@query)), class: "btn btn-default", disabled: !@query.editable?(blazer_user) %>
+        <%= link_to "Fork", new_query_path(variable_params(@query).merge(fork_query_id: @query.id, data_source: @query.data_source, name: @query.name)), class: "btn btn-info" %>
 
         <% if !@error && @success %>
           <%= button_to "Download", run_queries_path(query_id: @query.id, format: "csv", forecast: params[:forecast]), params: {statement: @statement}, class: "btn btn-primary" %>
@@ -56,7 +56,9 @@
       $("#results").addClass("query-error").html(message)
     }
 
-    <%= blazer_js_var "data", variable_params.merge(statement: @statement, query_id: @query.id, data_source: @query.data_source) %>
+    <% data = variable_params(@query).merge(statement: @statement, query_id: @query.id, data_source: @query.data_source) %>
+    <% data.merge!(forecast: "t") if params[:forecast] %>
+    <%= blazer_js_var "data", data %>
 
     runQuery(data, showRun, showError)
   </script>

data/app/views/layouts/blazer/application.html.erb

@@ -11,8 +11,8 @@
       <%= blazer_js_var "rootPath", root_path %>
     </script>
     <% if blazer_maps? %>
-      <%= stylesheet_link_tag "https://api.mapbox.com/mapbox.js/v3.1.1/mapbox.css", integrity: "sha384-o8tecBIfqi9yU5yYK2Ne/9A9hlOGFV9MBvCpmemvJH1XxqOe6h8Bl4mLxMi6PgjG", crossorigin: "anonymous" %>
-      <%= javascript_include_tag "https://api.mapbox.com/mapbox.js/v3.1.1/mapbox.js", integrity: "sha384-j81LqvtvYigFzGSUgAoFijpvoq4yGoCJSOXI9DFaUEpenR029MBE3E/X5Gr+WdO0", crossorigin: "anonymous" %>
+      <%= stylesheet_link_tag "https://api.mapbox.com/mapbox.js/v3.3.1/mapbox.css", integrity: "sha384-vxzdEt+wZRPNQbhChjmiaFMLWg86IGuq1NGDehJHsD2mphYkxXll/eSs16WWi6Dq", crossorigin: "anonymous" %>
+      <%= javascript_include_tag "https://api.mapbox.com/mapbox.js/v3.3.1/mapbox.js", integrity: "sha384-CTBEiDLiZJ8gkAQ3fYGoeiRp81/ecNiBkGz11jXFALOZ6++rbnqmdo6OImkmr1MO", crossorigin: "anonymous" %>
     <% end %>
     <%= csrf_meta_tags %>
   </head>

data/lib/blazer.rb

@@ -18,10 +18,12 @@ require "blazer/adapters/cassandra_adapter"
 require "blazer/adapters/drill_adapter"
 require "blazer/adapters/druid_adapter"
 require "blazer/adapters/elasticsearch_adapter"
+require "blazer/adapters/influxdb_adapter"
 require "blazer/adapters/mongodb_adapter"
 require "blazer/adapters/neo4j_adapter"
 require "blazer/adapters/presto_adapter"
 require "blazer/adapters/salesforce_adapter"
+require "blazer/adapters/soda_adapter"
 require "blazer/adapters/sql_adapter"
 require "blazer/adapters/snowflake_adapter"
 
@@ -118,7 +120,7 @@ module Blazer
   def self.extract_vars(statement)
     # strip commented out lines
     # and regex {1} or {1,2}
-    statement.gsub(/\-\-.+/, "").gsub(/\/\*.+\*\//m, "").scan(/\{\w*?\}/i).map { |v| v[1...-1] }.reject { |v| /\A\d+(\,\d+)?\z/.match(v) || v.empty? }.uniq
+    statement.to_s.gsub(/\-\-.+/, "").gsub(/\/\*.+\*\//m, "").scan(/\{\w*?\}/i).map { |v| v[1...-1] }.reject { |v| /\A\d+(\,\d+)?\z/.match(v) || v.empty? }.uniq
   end
 
   def self.run_checks(schedule: nil)
@@ -219,9 +221,11 @@ Blazer.register_adapter "cassandra", Blazer::Adapters::CassandraAdapter
 Blazer.register_adapter "drill", Blazer::Adapters::DrillAdapter
 Blazer.register_adapter "druid", Blazer::Adapters::DruidAdapter
 Blazer.register_adapter "elasticsearch", Blazer::Adapters::ElasticsearchAdapter
+Blazer.register_adapter "influxdb", Blazer::Adapters::InfluxdbAdapter
 Blazer.register_adapter "neo4j", Blazer::Adapters::Neo4jAdapter
 Blazer.register_adapter "presto", Blazer::Adapters::PrestoAdapter
 Blazer.register_adapter "mongodb", Blazer::Adapters::MongodbAdapter
 Blazer.register_adapter "salesforce", Blazer::Adapters::SalesforceAdapter
+Blazer.register_adapter "soda", Blazer::Adapters::SodaAdapter
 Blazer.register_adapter "sql", Blazer::Adapters::SqlAdapter
 Blazer.register_adapter "snowflake", Blazer::Adapters::SnowflakeAdapter

data/lib/blazer/adapters/influxdb_adapter.rb

@@ -0,0 +1,45 @@
+module Blazer
+  module Adapters
+    class InfluxdbAdapter < BaseAdapter
+      def run_statement(statement, comment)
+        columns = []
+        rows = []
+        error = nil
+
+        begin
+          result = client.query(statement, denormalize: false).first
+          columns = result["columns"]
+          rows = result["values"]
+
+          # parse time columns
+          # current approach isn't ideal, but result doesn't include types
+          # another approach would be to check the format
+          time_index = columns.index("time")
+          if time_index
+            rows.each do |row|
+              row[time_index] = Time.parse(row[time_index]) if row[time_index]
+            end
+          end
+        rescue => e
+          error = e.message
+        end
+
+        [columns, rows, error]
+      end
+
+      def tables
+        client.list_series
+      end
+
+      def preview_statement
+        "SELECT * FROM {table} LIMIT 10"
+      end
+
+      protected
+
+      def client
+        @client ||= InfluxDB::Client.new(url: settings["url"])
+      end
+    end
+  end
+end

data/lib/blazer/adapters/soda_adapter.rb

@@ -0,0 +1,96 @@
+module Blazer
+  module Adapters
+    class SodaAdapter < BaseAdapter
+      def run_statement(statement, comment)
+        columns = []
+        rows = []
+        error = nil
+
+        # remove comments manually
+        statement = statement.gsub(/--.+/, "")
+        # only supports single line /* */ comments
+        # regex not perfect, but should be good enough
+        statement = statement.gsub(/\/\*.+\*\//, "")
+
+        # remove trailing semicolon
+        statement = statement.sub(/;\s*\z/, "")
+
+        # remove whitespace
+        statement = statement.squish
+
+        uri = URI(settings["url"])
+        uri.query = URI.encode_www_form("$query" => statement)
+
+        req = Net::HTTP::Get.new(uri)
+        req["X-App-Token"] = settings["app_token"] if settings["app_token"]
+
+        options = {
+          use_ssl: uri.scheme == "https",
+          open_timeout: 3,
+          read_timeout: 30
+        }
+
+        begin
+          # use Net::HTTP instead of soda-ruby for types and better error messages
+          res = Net::HTTP.start(uri.hostname, uri.port, options) do |http|
+            http.request(req)
+          end
+
+          if res.is_a?(Net::HTTPSuccess)
+            body = JSON.parse(res.body)
+
+            columns = JSON.parse(res["x-soda2-fields"])
+            column_types = columns.zip(JSON.parse(res["x-soda2-types"])).to_h
+
+            columns.reject! { |f| f.start_with?(":@") }
+            # rows can be missing some keys in JSON, so need to map by column
+            rows = body.map { |r| columns.map { |c| r[c] } }
+
+            columns.each_with_index do |column, i|
+              # nothing to do for boolean
+              case column_types[column]
+              when "number"
+                # check if likely an integer column
+                if rows.all? { |r| r[i].to_i == r[i].to_f }
+                  rows.each do |row|
+                    row[i] = row[i].to_i
+                  end
+                else
+                  rows.each do |row|
+                    row[i] = row[i].to_f
+                  end
+                end
+              when "floating_timestamp"
+                # check if likely a date column
+                if rows.all? { |r| r[i].end_with?("T00:00:00.000") }
+                  rows.each do |row|
+                    row[i] = Date.parse(row[i])
+                  end
+                else
+                  utc = ActiveSupport::TimeZone["Etc/UTC"]
+                  rows.each do |row|
+                    row[i] = utc.parse(row[i])
+                  end
+                end
+              end
+            end
+          else
+            error = JSON.parse(res.body)["message"] rescue "Bad response: #{res.code}"
+          end
+        rescue => e
+          error = e.message
+        end
+
+        [columns, rows, error]
+      end
+
+      def preview_statement
+        "SELECT * LIMIT 10"
+      end
+
+      def tables
+        ["all"]
+      end
+    end
+  end
+end

data/lib/blazer/result.rb

@@ -85,11 +85,26 @@ module Blazer
       @forecastable ||= Blazer.forecasting && column_types == ["time", "numeric"] && @rows.size >= 10
     end
 
+    # TODO cache it?
+    # don't want to put result data (even hashed version)
+    # into cache without developer opt-in
     def forecast
-      # TODO cache it?
-      # don't want to put result data (even hashed version)
-      # into cache without developer opt-in
-      forecast = Trend.forecast(Hash[@rows], count: 30)
+      count = (@rows.size * 0.25).round.clamp(30, 365)
+
+      case Blazer.forecasting
+      when "prophet"
+        require "prophet"
+        forecast = Prophet.forecast(@rows.to_h, count: count)
+      else
+        require "trend"
+        forecast = Trend.forecast(@rows.to_h, count: count)
+      end
+
+      # round integers
+      if @rows[0][1].is_a?(Integer)
+        forecast = forecast.map { |k, v| [k, v.round] }.to_h
+      end
+
       @rows.each do |row|
         row[2] = nil
       end

data/lib/blazer/version.rb

@@ -1,3 +1,3 @@
 module Blazer
-  VERSION = "2.2.1"
+  VERSION = "2.2.6"
 end

data/lib/generators/blazer/templates/config.yml.tt

@@ -67,7 +67,7 @@ check_schedules:
 
 # enable forecasting
 # note: with trend, time series are sent to https://trendapi.org
-# forecasting: trend
+# forecasting: trend / prophet
 
 # enable map
 # mapbox_access_token: <%%= ENV["MAPBOX_ACCESS_TOKEN"] %>

data/lib/generators/blazer/templates/install.rb.tt

@@ -19,7 +19,7 @@ class <%= migration_class_name %> < ActiveRecord::Migration<%= migration_version
 
     create_table :blazer_dashboards do |t|
       t.references :creator
-      t.text :name
+      t.string :name
       t.timestamps null: false
     end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: blazer
 version: !ruby/object:Gem::Version
-  version: 2.2.1
+  version: 2.2.6
 platform: ruby
 authors:
 - Andrew Kane
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-10-09 00:00:00.000000000 Z
+date: 2020-07-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -185,11 +185,13 @@ files:
 - lib/blazer/adapters/drill_adapter.rb
 - lib/blazer/adapters/druid_adapter.rb
 - lib/blazer/adapters/elasticsearch_adapter.rb
+- lib/blazer/adapters/influxdb_adapter.rb
 - lib/blazer/adapters/mongodb_adapter.rb
 - lib/blazer/adapters/neo4j_adapter.rb
 - lib/blazer/adapters/presto_adapter.rb
 - lib/blazer/adapters/salesforce_adapter.rb
 - lib/blazer/adapters/snowflake_adapter.rb
+- lib/blazer/adapters/soda_adapter.rb
 - lib/blazer/adapters/sql_adapter.rb
 - lib/blazer/data_source.rb
 - lib/blazer/detect_anomalies.R
@@ -221,7 +223,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: Explore your data with SQL. Easily create charts and dashboards, and share