RubyGems - blazer - Versions diffs - 2.5.0 → 2.6.0 - Mend

blazer 2.5.0 → 2.6.0

Files changed (47) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +7 -0
data/README.md +55 -9
data/app/assets/stylesheets/blazer/application.css +1 -0
data/app/assets/stylesheets/blazer/bootstrap-propshaft.css +10 -0
data/app/assets/stylesheets/blazer/bootstrap-sprockets.css.erb +10 -0
data/app/assets/stylesheets/blazer/{bootstrap.css.erb → bootstrap.css} +0 -6
data/app/controllers/blazer/base_controller.rb +45 -45
data/app/controllers/blazer/dashboards_controller.rb +4 -11
data/app/controllers/blazer/queries_controller.rb +28 -48
data/app/models/blazer/query.rb +8 -2
data/app/views/blazer/_variables.html.erb +5 -4
data/app/views/blazer/dashboards/_form.html.erb +1 -1
data/app/views/blazer/dashboards/show.html.erb +4 -4
data/app/views/blazer/queries/_caching.html.erb +1 -1
data/app/views/blazer/queries/_form.html.erb +3 -3
data/app/views/blazer/queries/run.html.erb +1 -1
data/app/views/blazer/queries/show.html.erb +12 -7
data/app/views/layouts/blazer/application.html.erb +7 -2
data/lib/blazer/adapters/athena_adapter.rb +51 -15
data/lib/blazer/adapters/base_adapter.rb +16 -1
data/lib/blazer/adapters/bigquery_adapter.rb +13 -2
data/lib/blazer/adapters/cassandra_adapter.rb +15 -4
data/lib/blazer/adapters/drill_adapter.rb +10 -0
data/lib/blazer/adapters/druid_adapter.rb +36 -1
data/lib/blazer/adapters/elasticsearch_adapter.rb +13 -2
data/lib/blazer/adapters/hive_adapter.rb +10 -0
data/lib/blazer/adapters/ignite_adapter.rb +12 -2
data/lib/blazer/adapters/influxdb_adapter.rb +22 -10
data/lib/blazer/adapters/mongodb_adapter.rb +4 -0
data/lib/blazer/adapters/neo4j_adapter.rb +17 -2
data/lib/blazer/adapters/opensearch_adapter.rb +4 -0
data/lib/blazer/adapters/presto_adapter.rb +9 -0
data/lib/blazer/adapters/salesforce_adapter.rb +5 -0
data/lib/blazer/adapters/snowflake_adapter.rb +9 -0
data/lib/blazer/adapters/soda_adapter.rb +9 -0
data/lib/blazer/adapters/spark_adapter.rb +5 -0
data/lib/blazer/adapters/sql_adapter.rb +30 -3
data/lib/blazer/data_source.rb +85 -5
data/lib/blazer/engine.rb +0 -4
data/lib/blazer/run_statement.rb +7 -3
data/lib/blazer/run_statement_job.rb +4 -2
data/lib/blazer/slack_notifier.rb +5 -2
data/lib/blazer/statement.rb +75 -0
data/lib/blazer/version.rb +1 -1
data/lib/blazer.rb +14 -6
metadata +7 -4

data/lib/blazer/adapters/salesforce_adapter.rb CHANGED Viewed

@@ -35,6 +35,11 @@ module Blazer
         "SELECT Id FROM {table} LIMIT 10"
       end
+      # https://developer.salesforce.com/docs/atlas.en-us.soql_sosl.meta/soql_sosl/sforce_api_calls_soql_select_quotedstringescapes.htm
+      def quoting
+        :backslash_escape
+      end
       protected
       def client

data/lib/blazer/adapters/snowflake_adapter.rb CHANGED Viewed

@@ -68,6 +68,15 @@ module Blazer
       def cancel(run_id)
         # todo
       end
+      # https://docs.snowflake.com/en/sql-reference/data-types-text.html#escape-sequences
+      def quoting
+        :backslash_escape
+      end
+      def parameter_binding
+        # TODO
+      end
     end
   end
 end

data/lib/blazer/adapters/soda_adapter.rb CHANGED Viewed

@@ -2,6 +2,10 @@ module Blazer
   module Adapters
     class SodaAdapter < BaseAdapter
       def run_statement(statement, comment)
+        require "json"
+        require "net/http"
+        require "uri"
         columns = []
         rows = []
         error = nil
@@ -91,6 +95,11 @@ module Blazer
       def tables
         ["all"]
       end
+      # https://dev.socrata.com/docs/datatypes/text.html
+      def quoting
+        :single_quote_escape
+      end
     end
   end
 end

data/lib/blazer/adapters/spark_adapter.rb CHANGED Viewed

@@ -4,6 +4,11 @@ module Blazer
       def tables
         client.execute("SHOW TABLES").map { |r| r["tableName"] }
       end
+      # https://spark.apache.org/docs/latest/sql-ref-literals.html
+      def quoting
+        :backslash_escape
+      end
     end
   end
 end

data/lib/blazer/adapters/sql_adapter.rb CHANGED Viewed

@@ -15,7 +15,7 @@ module Blazer
           end
       end
-      def run_statement(statement, comment)
+      def run_statement(statement, comment, bind_params = [])
         columns = []
         rows = []
         error = nil
@@ -24,7 +24,8 @@ module Blazer
           in_transaction do
             set_timeout(data_source.timeout) if data_source.timeout
-            result = select_all("#{statement} /*#{comment}*/")
+            binds = bind_params.map { |v| ActiveRecord::Relation::QueryAttribute.new(nil, v, ActiveRecord::Type::Value.new) }
+            result = connection_model.connection.select_all("#{statement} /*#{comment}*/", nil, binds)
             columns = result.columns
             result.rows.each do |untyped_row|
               rows << (result.column_types.empty? ? untyped_row : columns.each_with_index.map { |c, i| untyped_row[i] && result.column_types[c] ? result.column_types[c].send(:cast_value, untyped_row[i]) : untyped_row[i] })
@@ -33,6 +34,7 @@ module Blazer
         rescue => e
           error = e.message.sub(/.+ERROR: /, "")
           error = Blazer::TIMEOUT_MESSAGE if Blazer::TIMEOUT_ERRORS.any? { |e| error.include?(e) }
+          error = Blazer::VARIABLE_MESSAGE if error.include?("syntax error at or near \"$") || error.include?("Incorrect syntax near '@") || error.include?("your MySQL server version for the right syntax to use near '?")
           reconnect if error.include?("PG::ConnectionBad")
         end
@@ -156,7 +158,7 @@ module Blazer
         # WITH not an optimization fence in Postgres 12+
         statement = <<~SQL
           WITH query AS (
-            #{statement}
+            {placeholder}
           ),
           cohorts AS (
             SELECT user_id, MIN(#{cohort_column}) AS cohort_time FROM query
@@ -183,6 +185,27 @@ module Blazer
         connection_model.send(:sanitize_sql_array, params)
       end
+      def quoting
+        ->(value) { connection_model.connection.quote(value) }
+      end
+      # Redshift adapter silently ignores binds
+      def parameter_binding
+        if postgresql? || sqlite?
+          :numeric
+        elsif mysql? && connection_model.connection.prepared_statements?
+          # Active Record silently ignores binds with MySQL when prepared statements are disabled
+          :positional
+        elsif sqlserver?
+          proc do |statement, variables|
+            variables.each_with_index do |(k, _), i|
+              statement = statement.gsub("{#{k}}", "@#{i} ")
+            end
+            [statement, variables.values]
+          end
+        end
+      end
       protected
       def select_all(statement, params = [])
@@ -207,6 +230,10 @@ module Blazer
         ["MySQL", "Mysql2", "Mysql2Spatial"].include?(adapter_name)
       end
+      def sqlite?
+        ["SQLite"].include?(adapter_name)
+      end
       def sqlserver?
         ["SQLServer", "tinytds", "mssql"].include?(adapter_name)
       end

data/lib/blazer/data_source.rb CHANGED Viewed

@@ -89,7 +89,19 @@ module Blazer
       Blazer.cache.delete(run_cache_key(run_id))
     end
+    def sub_variables(statement, vars)
+      statement = statement.dup
+      vars.each do |var, value|
+        # use block form to disable back-references
+        statement.gsub!("{#{var}}") { quote(value) }
+      end
+      statement
+    end
     def run_statement(statement, options = {})
+      statement = Statement.new(statement, self) if statement.is_a?(String)
+      statement.bind unless statement.bind_statement
       async = options[:async]
       result = nil
       if cache_mode != "off"
@@ -118,7 +130,7 @@ module Blazer
         if options[:run_id]
           comment << ",run_id:#{options[:run_id]}"
         end
-        result = run_statement_helper(statement, comment, async ? options[:run_id] : nil)
+        result = run_statement_helper(statement, comment, async ? options[:run_id] : nil, options)
       end
       result
@@ -133,13 +145,68 @@ module Blazer
     end
     def statement_cache_key(statement)
-      cache_key(["statement", id, Digest::MD5.hexdigest(statement.to_s.gsub("\r\n", "\n"))])
+      cache_key(["statement", id, Digest::MD5.hexdigest(statement.bind_statement.to_s.gsub("\r\n", "\n") + statement.bind_values.sort_by { |k, _| k }.to_json)])
     end
     def run_cache_key(run_id)
       cache_key(["run", run_id])
     end
+    def quote(value)
+      if quoting == :backslash_escape || quoting == :single_quote_escape
+        # only need to support types generated by process_vars
+        if value.is_a?(Integer) || value.is_a?(Float)
+          value.to_s
+        elsif value.nil?
+          "NULL"
+        else
+          value = value.to_formatted_s(:db) if value.is_a?(ActiveSupport::TimeWithZone)
+          if quoting == :backslash_escape
+            "'#{value.gsub("\\") { "\\\\" }.gsub("'") { "\\'" }}'"
+          else
+            "'#{value.gsub("'", "''")}'"
+          end
+        end
+      elsif quoting.respond_to?(:call)
+        quoting.call(value)
+      elsif quoting.nil?
+        raise Blazer::Error, "Quoting not specified"
+      else
+        raise Blazer::Error, "Unknown quoting"
+      end
+    end
+    def bind_params(statement, variables)
+      if parameter_binding == :positional
+        locations = []
+        variables.each do |k, v|
+          i = 0
+          while (idx = statement.index("{#{k}}", i))
+            locations << [v, idx]
+            i = idx + 1
+          end
+        end
+        variables.each do |k, v|
+          statement = statement.gsub("{#{k}}", "?")
+        end
+        [statement, locations.sort_by(&:last).map(&:first)]
+      elsif parameter_binding == :numeric
+        variables.each_with_index do |(k, v), i|
+          # add trailing space if followed by digit
+          # try to keep minimal to avoid fixing invalid queries like SELECT{var}
+          statement = statement.gsub(/#{Regexp.escape("{#{k}}")}(\d)/, "$#{i + 1} \\1").gsub("{#{k}}", "$#{i + 1}")
+        end
+        [statement, variables.values]
+      elsif parameter_binding.respond_to?(:call)
+        parameter_binding.call(statement, variables)
+      elsif parameter_binding.nil?
+        [sub_variables(statement, variables), []]
+      else
+        raise Blazer::Error, "Unknown bind parameters"
+      end
+    end
     protected
     def adapter_instance
@@ -157,9 +224,22 @@ module Blazer
       end
     end
-    def run_statement_helper(statement, comment, run_id)
+    def quoting
+      @quoting ||= adapter_instance.quoting
+    end
+    def parameter_binding
+      @parameter_binding ||= adapter_instance.parameter_binding
+    end
+    def run_statement_helper(statement, comment, run_id, options)
       start_time = Time.now
-      columns, rows, error = adapter_instance.run_statement(statement, comment)
+      columns, rows, error =
+        if adapter_instance.parameter_binding
+          adapter_instance.run_statement(statement.bind_statement, comment, statement.bind_values)
+        else
+          adapter_instance.run_statement(statement.bind_statement, comment)
+        end
       duration = Time.now - start_time
       cache_data = nil
@@ -168,7 +248,7 @@ module Blazer
         cache_data = Marshal.dump([columns, rows, error, cache ? Time.now : nil]) rescue nil
       end
-      if cache && cache_data && adapter_instance.cachable?(statement)
+      if cache && cache_data && adapter_instance.cachable?(statement.bind_statement)
         Blazer.cache.write(statement_cache_key(statement), cache_data, expires_in: cache_expires_in.to_f * 60)
       end

data/lib/blazer/engine.rb CHANGED Viewed

@@ -30,10 +30,6 @@ module Blazer
       Blazer.anomaly_checks = Blazer.settings["anomaly_checks"] || false
       Blazer.forecasting = Blazer.settings["forecasting"] || false
       Blazer.async = Blazer.settings["async"] || false
-      if Blazer.async
-        require "blazer/run_statement_job"
-      end
       Blazer.images = Blazer.settings["images"] || false
       Blazer.override_csp = Blazer.settings["override_csp"] || false
       Blazer.slack_oauth_token = Blazer.settings["slack_oauth_token"] || ENV["BLAZER_SLACK_OAUTH_TOKEN"]

data/lib/blazer/run_statement.rb CHANGED Viewed

@@ -1,12 +1,16 @@
 module Blazer
   class RunStatement
-    def perform(data_source, statement, options = {})
+    def perform(statement, options = {})
       query = options[:query]
-      Blazer.transform_statement.call(data_source, statement) if Blazer.transform_statement
+      data_source = statement.data_source
+      statement.bind
       # audit
       if Blazer.audit
-        audit = Blazer::Audit.new(statement: statement)
+        audit_statement = statement.bind_statement
+        audit_statement += "\n\n#{statement.bind_values.to_json}" if statement.bind_values.any?
+        audit = Blazer::Audit.new(statement: audit_statement)
         audit.query = query
         audit.data_source = data_source.id
         audit.user = options[:user]

data/lib/blazer/run_statement_job.rb CHANGED Viewed

@@ -3,10 +3,12 @@ module Blazer
     self.queue_adapter = :async
     def perform(data_source_id, statement, options)
-      data_source = Blazer.data_sources[data_source_id]
+      statement = Blazer::Statement.new(statement, data_source_id)
+      statement.values = options.delete(:values)
+      data_source = statement.data_source
       begin
         ActiveRecord::Base.connection_pool.with_connection do
-          Blazer::RunStatement.new.perform(data_source, statement, options)
+          Blazer::RunStatement.new.perform(statement, options)
         end
       rescue Exception => e
         Blazer::Result.new(data_source, [], [], "Unknown error", nil, false)

data/lib/blazer/slack_notifier.rb CHANGED Viewed

@@ -67,15 +67,18 @@ module Blazer
       Blazer::Engine.routes.url_helpers.query_url(id, ActionMailer::Base.default_url_options)
     end
+    # TODO use return value
     def self.post(payload)
       if Blazer.slack_webhook_url.present?
-        post_api(Blazer.slack_webhook_url, payload, {})
+        response = post_api(Blazer.slack_webhook_url, payload, {})
+        response.is_a?(Net::HTTPSuccess) && response.body == "ok"
       else
         headers = {
           "Authorization" => "Bearer #{Blazer.slack_oauth_token}",
           "Content-type" => "application/json"
         }
-        post_api("https://slack.com/api/chat.postMessage", payload, headers)
+        response = post_api("https://slack.com/api/chat.postMessage", payload, headers)
+        response.is_a?(Net::HTTPSuccess) && (JSON.parse(response.body)["ok"] rescue false)
       end
     end

data/lib/blazer/statement.rb ADDED Viewed

@@ -0,0 +1,75 @@
+module Blazer
+  class Statement
+    attr_reader :statement, :data_source, :bind_statement, :bind_values
+    attr_accessor :values
+    def initialize(statement, data_source = nil)
+      @statement = statement
+      @data_source = data_source.is_a?(String) ? Blazer.data_sources[data_source] : data_source
+      @values = {}
+    end
+    def variables
+      @variables ||= Blazer.extract_vars(statement)
+    end
+    def add_values(var_params)
+      variables.each do |var|
+        value = var_params[var].presence
+        value = nil unless value.is_a?(String) # ignore arrays and hashes
+        if value
+          if ["start_time", "end_time"].include?(var)
+            value = value.to_s.gsub(" ", "+") # fix for Quip bug
+          end
+          if var.end_with?("_at")
+            begin
+              value = Blazer.time_zone.parse(value)
+            rescue
+              # do nothing
+            end
+          end
+          unless value.is_a?(ActiveSupport::TimeWithZone)
+            if value =~ /\A\d+\z/
+              value = value.to_i
+            elsif value =~ /\A\d+\.\d+\z/
+              value = value.to_f
+            end
+          end
+        end
+        value = Blazer.transform_variable.call(var, value) if Blazer.transform_variable
+        @values[var] = value
+      end
+    end
+    def cohort_analysis?
+      /\/\*\s*cohort analysis\s*\*\//i.match?(statement)
+    end
+    def apply_cohort_analysis(period:, days:)
+      @statement = data_source.cohort_analysis_statement(statement, period: period, days: days).sub("{placeholder}") { statement }
+    end
+    # should probably transform before cohort analysis
+    # but keep previous order for now
+    def transformed_statement
+      statement = self.statement.dup
+      Blazer.transform_statement.call(data_source, statement) if Blazer.transform_statement
+      statement
+    end
+    def bind
+      @bind_statement, @bind_values = data_source.bind_params(transformed_statement, values)
+    end
+    def display_statement
+      data_source.sub_variables(transformed_statement, values)
+    end
+    def clear_cache
+      bind if bind_statement.nil?
+      data_source.clear_cache(self)
+    end
+  end
+end

data/lib/blazer/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Blazer
-  VERSION = "2.5.0"
+  VERSION = "2.6.0"
 end

data/lib/blazer.rb CHANGED Viewed

@@ -1,14 +1,18 @@
 # dependencies
-require "csv"
-require "yaml"
 require "chartkick"
 require "safely/core"
+# stdlib
+require "csv"
+require "json"
+require "yaml"
 # modules
 require "blazer/version"
 require "blazer/data_source"
 require "blazer/result"
 require "blazer/run_statement"
+require "blazer/statement"
 # adapters
 require "blazer/adapters/base_adapter"
@@ -43,6 +47,8 @@ module Blazer
   autoload :CheckMailer, "blazer/check_mailer"
   # net/http optional
   autoload :SlackNotifier, "blazer/slack_notifier"
+  # activejob optional
+  autoload :RunStatementJob, "blazer/run_statement_job"
   class << self
     attr_accessor :audit
@@ -76,6 +82,7 @@ module Blazer
   self.images = false
   self.override_csp = false
+  VARIABLE_MESSAGE = "Variable cannot be used in this position"
   TIMEOUT_MESSAGE = "Query timed out :("
   TIMEOUT_ERRORS = [
     "canceling statement due to statement timeout", # postgres
@@ -128,6 +135,7 @@ module Blazer
     end
   end
+  # TODO move to Statement and remove in 3.0.0
   def self.extract_vars(statement)
     # strip commented out lines
     # and regex {1} or {1,2}
@@ -148,9 +156,8 @@ module Blazer
     ActiveSupport::Notifications.instrument("run_check.blazer", check_id: check.id, query_id: check.query.id, state_was: check.state) do |instrument|
       # try 3 times on timeout errors
-      data_source = data_sources[check.query.data_source]
-      statement = check.query.statement
-      Blazer.transform_statement.call(data_source, statement) if Blazer.transform_statement
+      statement = check.query.statement_object
+      data_source = statement.data_source
       while tries <= 3
         result = data_source.run_statement(statement, refresh_cache: true, check: check, query: check.query)
@@ -178,7 +185,8 @@ module Blazer
       # TODO use proper logfmt
       Rails.logger.info "[blazer check] query=#{check.query.name} state=#{check.state} rows=#{result.rows.try(:size)} error=#{result.error}"
-      instrument[:statement] = statement
+      # should be no variables
+      instrument[:statement] = statement.bind_statement
       instrument[:data_source] = data_source
       instrument[:state] = check.state
       instrument[:rows] = result.rows.try(:size)

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: blazer
 version: !ruby/object:Gem::Version
-  version: 2.5.0
+  version: 2.6.0
 platform: ruby
 authors:
 - Andrew Kane
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-01-05 00:00:00.000000000 Z
+date: 2022-04-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -109,7 +109,9 @@ files:
 - app/assets/javascripts/blazer/stupidtable.js
 - app/assets/javascripts/blazer/vue.js
 - app/assets/stylesheets/blazer/application.css
-- app/assets/stylesheets/blazer/bootstrap.css.erb
+- app/assets/stylesheets/blazer/bootstrap-propshaft.css
+- app/assets/stylesheets/blazer/bootstrap-sprockets.css.erb
+- app/assets/stylesheets/blazer/bootstrap.css
 - app/assets/stylesheets/blazer/daterangepicker.css
 - app/assets/stylesheets/blazer/github.css
 - app/assets/stylesheets/blazer/selectize.css
@@ -184,6 +186,7 @@ files:
 - lib/blazer/run_statement.rb
 - lib/blazer/run_statement_job.rb
 - lib/blazer/slack_notifier.rb
+- lib/blazer/statement.rb
 - lib/blazer/version.rb
 - lib/generators/blazer/install_generator.rb
 - lib/generators/blazer/templates/config.yml.tt
@@ -226,7 +229,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.32
+rubygems_version: 3.3.7
 signing_key:
 specification_version: 4
 summary: Explore your data with SQL. Easily create charts and dashboards, and share