RubyGems - blazer - Versions diffs - 2.5.0 → 2.6.0 - Mend

blazer 2.5.0 → 2.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (47) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +7 -0
data/README.md +55 -9
data/app/assets/stylesheets/blazer/application.css +1 -0
data/app/assets/stylesheets/blazer/bootstrap-propshaft.css +10 -0
data/app/assets/stylesheets/blazer/bootstrap-sprockets.css.erb +10 -0
data/app/assets/stylesheets/blazer/{bootstrap.css.erb → bootstrap.css} +0 -6
data/app/controllers/blazer/base_controller.rb +45 -45
data/app/controllers/blazer/dashboards_controller.rb +4 -11
data/app/controllers/blazer/queries_controller.rb +28 -48
data/app/models/blazer/query.rb +8 -2
data/app/views/blazer/_variables.html.erb +5 -4
data/app/views/blazer/dashboards/_form.html.erb +1 -1
data/app/views/blazer/dashboards/show.html.erb +4 -4
data/app/views/blazer/queries/_caching.html.erb +1 -1
data/app/views/blazer/queries/_form.html.erb +3 -3
data/app/views/blazer/queries/run.html.erb +1 -1
data/app/views/blazer/queries/show.html.erb +12 -7
data/app/views/layouts/blazer/application.html.erb +7 -2
data/lib/blazer/adapters/athena_adapter.rb +51 -15
data/lib/blazer/adapters/base_adapter.rb +16 -1
data/lib/blazer/adapters/bigquery_adapter.rb +13 -2
data/lib/blazer/adapters/cassandra_adapter.rb +15 -4
data/lib/blazer/adapters/drill_adapter.rb +10 -0
data/lib/blazer/adapters/druid_adapter.rb +36 -1
data/lib/blazer/adapters/elasticsearch_adapter.rb +13 -2
data/lib/blazer/adapters/hive_adapter.rb +10 -0
data/lib/blazer/adapters/ignite_adapter.rb +12 -2
data/lib/blazer/adapters/influxdb_adapter.rb +22 -10
data/lib/blazer/adapters/mongodb_adapter.rb +4 -0
data/lib/blazer/adapters/neo4j_adapter.rb +17 -2
data/lib/blazer/adapters/opensearch_adapter.rb +4 -0
data/lib/blazer/adapters/presto_adapter.rb +9 -0
data/lib/blazer/adapters/salesforce_adapter.rb +5 -0
data/lib/blazer/adapters/snowflake_adapter.rb +9 -0
data/lib/blazer/adapters/soda_adapter.rb +9 -0
data/lib/blazer/adapters/spark_adapter.rb +5 -0
data/lib/blazer/adapters/sql_adapter.rb +30 -3
data/lib/blazer/data_source.rb +85 -5
data/lib/blazer/engine.rb +0 -4
data/lib/blazer/run_statement.rb +7 -3
data/lib/blazer/run_statement_job.rb +4 -2
data/lib/blazer/slack_notifier.rb +5 -2
data/lib/blazer/statement.rb +75 -0
data/lib/blazer/version.rb +1 -1
data/lib/blazer.rb +14 -6
metadata +7 -4

data/lib/blazer/adapters/salesforce_adapter.rb CHANGED Viewed

@@ -35,6 +35,11 @@ module Blazer
         "SELECT Id FROM {table} LIMIT 10"
       end
+      # https://developer.salesforce.com/docs/atlas.en-us.soql_sosl.meta/soql_sosl/sforce_api_calls_soql_select_quotedstringescapes.htm
+      def quoting
+        :backslash_escape
+      end
       protected
       def client

data/lib/blazer/adapters/snowflake_adapter.rb CHANGED Viewed

@@ -68,6 +68,15 @@ module Blazer
       def cancel(run_id)
         # todo
       end
+      # https://docs.snowflake.com/en/sql-reference/data-types-text.html#escape-sequences
+      def quoting
+        :backslash_escape
+      end
+      def parameter_binding
+        # TODO
+      end
     end
   end
 end

data/lib/blazer/adapters/soda_adapter.rb CHANGED Viewed

@@ -2,6 +2,10 @@ module Blazer
   module Adapters
     class SodaAdapter < BaseAdapter
       def run_statement(statement, comment)
+        require "json"
+        require "net/http"
+        require "uri"
         columns = []
         rows = []
         error = nil
@@ -91,6 +95,11 @@ module Blazer
       def tables
         ["all"]
       end
+      # https://dev.socrata.com/docs/datatypes/text.html
+      def quoting
+        :single_quote_escape
+      end
     end
   end
 end

data/lib/blazer/adapters/spark_adapter.rb CHANGED Viewed

@@ -4,6 +4,11 @@ module Blazer
       def tables
         client.execute("SHOW TABLES").map { |r| r["tableName"] }
       end
+      # https://spark.apache.org/docs/latest/sql-ref-literals.html
+      def quoting
+        :backslash_escape
+      end
     end
   end
 end

data/lib/blazer/adapters/sql_adapter.rb CHANGED Viewed

@@ -15,7 +15,7 @@ module Blazer
           end
       end
-      def run_statement(statement, comment)
+      def run_statement(statement, comment, bind_params = [])
         columns = []
         rows = []
         error = nil
@@ -24,7 +24,8 @@ module Blazer
           in_transaction do
             set_timeout(data_source.timeout) if data_source.timeout
-            result = select_all("#{statement} /*#{comment}*/")
+            binds = bind_params.map { |v| ActiveRecord::Relation::QueryAttribute.new(nil, v, ActiveRecord::Type::Value.new) }
+            result = connection_model.connection.select_all("#{statement} /*#{comment}*/", nil, binds)
             columns = result.columns
             result.rows.each do |untyped_row|
               rows << (result.column_types.empty? ? untyped_row : columns.each_with_index.map { |c, i| untyped_row[i] && result.column_types[c] ? result.column_types[c].send(:cast_value, untyped_row[i]) : untyped_row[i] })
@@ -33,6 +34,7 @@ module Blazer
         rescue => e
           error = e.message.sub(/.+ERROR: /, "")
           error = Blazer::TIMEOUT_MESSAGE if Blazer::TIMEOUT_ERRORS.any? { |e| error.include?(e) }
+          error = Blazer::VARIABLE_MESSAGE if error.include?("syntax error at or near \"$") || error.include?("Incorrect syntax near '@") || error.include?("your MySQL server version for the right syntax to use near '?")
           reconnect if error.include?("PG::ConnectionBad")
         end
@@ -156,7 +158,7 @@ module Blazer
         # WITH not an optimization fence in Postgres 12+
         statement = <<~SQL
           WITH query AS (
-            #{statement}
+            {placeholder}
           ),
           cohorts AS (
             SELECT user_id, MIN(#{cohort_column}) AS cohort_time FROM query
@@ -183,6 +185,27 @@ module Blazer
         connection_model.send(:sanitize_sql_array, params)
       end
+      def quoting
+        ->(value) { connection_model.connection.quote(value) }
+      end
+      # Redshift adapter silently ignores binds
+      def parameter_binding
+        if postgresql? || sqlite?
+          :numeric
+        elsif mysql? && connection_model.connection.prepared_statements?
+          # Active Record silently ignores binds with MySQL when prepared statements are disabled
+          :positional
+        elsif sqlserver?
+          proc do |statement, variables|
+            variables.each_with_index do |(k, _), i|
+              statement = statement.gsub("{#{k}}", "@#{i} ")
+            end
+            [statement, variables.values]
+          end
+        end
+      end
       protected
       def select_all(statement, params = [])
@@ -207,6 +230,10 @@ module Blazer
         ["MySQL", "Mysql2", "Mysql2Spatial"].include?(adapter_name)
       end
+      def sqlite?
+        ["SQLite"].include?(adapter_name)
+      end
       def sqlserver?
         ["SQLServer", "tinytds", "mssql"].include?(adapter_name)
       end

data/lib/blazer/data_source.rb CHANGED Viewed

@@ -89,7 +89,19 @@ module Blazer
       Blazer.cache.delete(run_cache_key(run_id))
     end
+    def sub_variables(statement, vars)
+      statement = statement.dup
+      vars.each do |var, value|
+        # use block form to disable back-references
+        statement.gsub!("{#{var}}") { quote(value) }
+      end
+      statement
+    end
     def run_statement(statement, options = {})
+      statement = Statement.new(statement, self) if statement.is_a?(String)
+      statement.bind unless statement.bind_statement
       async = options[:async]
       result = nil
       if cache_mode != "off"
@@ -118,7 +130,7 @@ module Blazer
         if options[:run_id]
           comment << ",run_id:#{options[:run_id]}"
         end
-        result = run_statement_helper(statement, comment, async ? options[:run_id] : nil)
+        result = run_statement_helper(statement, comment, async ? options[:run_id] : nil, options)
       end
       result
@@ -133,13 +145,68 @@ module Blazer
     end
     def statement_cache_key(statement)
-      cache_key(["statement", id, Digest::MD5.hexdigest(statement.to_s.gsub("\r\n", "\n"))])
+      cache_key(["statement", id, Digest::MD5.hexdigest(statement.bind_statement.to_s.gsub("\r\n", "\n") + statement.bind_values.sort_by { |k, _| k }.to_json)])
     end
     def run_cache_key(run_id)
       cache_key(["run", run_id])
     end
+    def quote(value)
+      if quoting == :backslash_escape || quoting == :single_quote_escape
+        # only need to support types generated by process_vars
+        if value.is_a?(Integer) || value.is_a?(Float)
+          value.to_s
+        elsif value.nil?
+          "NULL"
+        else
+          value = value.to_formatted_s(:db) if value.is_a?(ActiveSupport::TimeWithZone)
+          if quoting == :backslash_escape
+            "'#{value.gsub("\\") { "\\\\" }.gsub("'") { "\\'" }}'"
+          else
+            "'#{value.gsub("'", "''")}'"
+          end
+        end
+      elsif quoting.respond_to?(:call)
+        quoting.call(value)
+      elsif quoting.nil?
+        raise Blazer::Error, "Quoting not specified"
+      else
+        raise Blazer::Error, "Unknown quoting"
+      end
+    end
+    def bind_params(statement, variables)
+      if parameter_binding == :positional
+        locations = []
+        variables.each do |k, v|
+          i = 0
+          while (idx = statement.index("{#{k}}", i))
+            locations << [v, idx]
+            i = idx + 1
+          end
+        end
+        variables.each do |k, v|
+          statement = statement.gsub("{#{k}}", "?")
+        end
+        [statement, locations.sort_by(&:last).map(&:first)]
+      elsif parameter_binding == :numeric
+        variables.each_with_index do |(k, v), i|
+          # add trailing space if followed by digit
+          # try to keep minimal to avoid fixing invalid queries like SELECT{var}
+          statement = statement.gsub(/#{Regexp.escape("{#{k}}")}(\d)/, "$#{i + 1} \\1").gsub("{#{k}}", "$#{i + 1}")
+        end
+        [statement, variables.values]
+      elsif parameter_binding.respond_to?(:call)
+        parameter_binding.call(statement, variables)
+      elsif parameter_binding.nil?
+        [sub_variables(statement, variables), []]
+      else
+        raise Blazer::Error, "Unknown bind parameters"
+      end
+    end
     protected
     def adapter_instance
@@ -157,9 +224,22 @@ module Blazer
       end
     end
-    def run_statement_helper(statement, comment, run_id)
+    def quoting
+      @quoting ||= adapter_instance.quoting
+    end
+    def parameter_binding
+      @parameter_binding ||= adapter_instance.parameter_binding
+    end
+    def run_statement_helper(statement, comment, run_id, options)
       start_time = Time.now
-      columns, rows, error = adapter_instance.run_statement(statement, comment)
+      columns, rows, error =
+        if adapter_instance.parameter_binding
+          adapter_instance.run_statement(statement.bind_statement, comment, statement.bind_values)
+        else
+          adapter_instance.run_statement(statement.bind_statement, comment)
+        end
       duration = Time.now - start_time
       cache_data = nil
@@ -168,7 +248,7 @@ module Blazer
         cache_data = Marshal.dump([columns, rows, error, cache ? Time.now : nil]) rescue nil
       end
-      if cache && cache_data && adapter_instance.cachable?(statement)
+      if cache && cache_data && adapter_instance.cachable?(statement.bind_statement)
         Blazer.cache.write(statement_cache_key(statement), cache_data, expires_in: cache_expires_in.to_f * 60)
       end

data/lib/blazer/engine.rb CHANGED Viewed

@@ -30,10 +30,6 @@ module Blazer
       Blazer.anomaly_checks = Blazer.settings["anomaly_checks"] || false
       Blazer.forecasting = Blazer.settings["forecasting"] || false
       Blazer.async = Blazer.settings["async"] || false
-      if Blazer.async
-        require "blazer/run_statement_job"
-      end
       Blazer.images = Blazer.settings["images"] || false
       Blazer.override_csp = Blazer.settings["override_csp"] || false
       Blazer.slack_oauth_token = Blazer.settings["slack_oauth_token"] || ENV["BLAZER_SLACK_OAUTH_TOKEN"]

data/lib/blazer/run_statement.rb CHANGED Viewed

@@ -1,12 +1,16 @@
 module Blazer
   class RunStatement
-    def perform(data_source, statement, options = {})
+    def perform(statement, options = {})
       query = options[:query]
-      Blazer.transform_statement.call(data_source, statement) if Blazer.transform_statement
+      data_source = statement.data_source
+      statement.bind
       # audit
       if Blazer.audit
-        audit = Blazer::Audit.new(statement: statement)
+        audit_statement = statement.bind_statement
+        audit_statement += "\n\n#{statement.bind_values.to_json}" if statement.bind_values.any?
+        audit = Blazer::Audit.new(statement: audit_statement)
         audit.query = query
         audit.data_source = data_source.id
         audit.user = options[:user]

data/lib/blazer/run_statement_job.rb CHANGED Viewed

@@ -3,10 +3,12 @@ module Blazer
     self.queue_adapter = :async
     def perform(data_source_id, statement, options)
-      data_source = Blazer.data_sources[data_source_id]
+      statement = Blazer::Statement.new(statement, data_source_id)
+      statement.values = options.delete(:values)
+      data_source = statement.data_source
       begin
         ActiveRecord::Base.connection_pool.with_connection do
-          Blazer::RunStatement.new.perform(data_source, statement, options)
+          Blazer::RunStatement.new.perform(statement, options)
         end
       rescue Exception => e
         Blazer::Result.new(data_source, [], [], "Unknown error", nil, false)

data/lib/blazer/slack_notifier.rb CHANGED Viewed

@@ -67,15 +67,18 @@ module Blazer
       Blazer::Engine.routes.url_helpers.query_url(id, ActionMailer::Base.default_url_options)
     end
+    # TODO use return value
     def self.post(payload)
       if Blazer.slack_webhook_url.present?
-        post_api(Blazer.slack_webhook_url, payload, {})
+        response = post_api(Blazer.slack_webhook_url, payload, {})
+        response.is_a?(Net::HTTPSuccess) && response.body == "ok"
       else
         headers = {
           "Authorization" => "Bearer #{Blazer.slack_oauth_token}",
           "Content-type" => "application/json"
         }
-        post_api("https://slack.com/api/chat.postMessage", payload, headers)
+        response = post_api("https://slack.com/api/chat.postMessage", payload, headers)
+        response.is_a?(Net::HTTPSuccess) && (JSON.parse(response.body)["ok"] rescue false)
       end
     end

data/lib/blazer/statement.rb ADDED Viewed

@@ -0,0 +1,75 @@
+module Blazer
+  class Statement
+    attr_reader :statement, :data_source, :bind_statement, :bind_values
+    attr_accessor :values
+    def initialize(statement, data_source = nil)
+      @statement = statement
+      @data_source = data_source.is_a?(String) ? Blazer.data_sources[data_source] : data_source
+      @values = {}
+    end
+    def variables
+      @variables ||= Blazer.extract_vars(statement)
+    end
+    def add_values(var_params)
+      variables.each do |var|
+        value = var_params[var].presence
+        value = nil unless value.is_a?(String) # ignore arrays and hashes
+        if value
+          if ["start_time", "end_time"].include?(var)
+            value = value.to_s.gsub(" ", "+") # fix for Quip bug
+          end
+          if var.end_with?("_at")
+            begin
+              value = Blazer.time_zone.parse(value)
+            rescue
+              # do nothing
+            end
+          end
+          unless value.is_a?(ActiveSupport::TimeWithZone)
+            if value =~ /\A\d+\z/
+              value = value.to_i
+            elsif value =~ /\A\d+\.\d+\z/
+              value = value.to_f
+            end
+          end
+        end
+        value = Blazer.transform_variable.call(var, value) if Blazer.transform_variable
+        @values[var] = value
+      end
+    end
+    def cohort_analysis?
+      /\/\*\s*cohort analysis\s*\*\//i.match?(statement)
+    end
+    def apply_cohort_analysis(period:, days:)
+      @statement = data_source.cohort_analysis_statement(statement, period: period, days: days).sub("{placeholder}") { statement }
+    end
+    # should probably transform before cohort analysis
+    # but keep previous order for now
+    def transformed_statement
+      statement = self.statement.dup
+      Blazer.transform_statement.call(data_source, statement) if Blazer.transform_statement
+      statement
+    end
+    def bind
+      @bind_statement, @bind_values = data_source.bind_params(transformed_statement, values)
+    end
+    def display_statement
+      data_source.sub_variables(transformed_statement, values)
+    end
+    def clear_cache
+      bind if bind_statement.nil?
+      data_source.clear_cache(self)
+    end
+  end
+end

data/lib/blazer/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Blazer
-  VERSION = "2.5.0"
+  VERSION = "2.6.0"
 end

data/lib/blazer.rb CHANGED Viewed

@@ -1,14 +1,18 @@
 # dependencies
-require "csv"
-require "yaml"
 require "chartkick"
 require "safely/core"
+# stdlib
+require "csv"
+require "json"
+require "yaml"
 # modules
 require "blazer/version"
 require "blazer/data_source"
 require "blazer/result"
 require "blazer/run_statement"
+require "blazer/statement"
 # adapters
 require "blazer/adapters/base_adapter"
@@ -43,6 +47,8 @@ module Blazer
   autoload :CheckMailer, "blazer/check_mailer"
   # net/http optional
   autoload :SlackNotifier, "blazer/slack_notifier"
+  # activejob optional
+  autoload :RunStatementJob, "blazer/run_statement_job"
   class << self
     attr_accessor :audit
@@ -76,6 +82,7 @@ module Blazer
   self.images = false
   self.override_csp = false
+  VARIABLE_MESSAGE = "Variable cannot be used in this position"
   TIMEOUT_MESSAGE = "Query timed out :("
   TIMEOUT_ERRORS = [
     "canceling statement due to statement timeout", # postgres
@@ -128,6 +135,7 @@ module Blazer
     end
   end
+  # TODO move to Statement and remove in 3.0.0
   def self.extract_vars(statement)
     # strip commented out lines
     # and regex {1} or {1,2}
@@ -148,9 +156,8 @@ module Blazer
     ActiveSupport::Notifications.instrument("run_check.blazer", check_id: check.id, query_id: check.query.id, state_was: check.state) do |instrument|
       # try 3 times on timeout errors
-      data_source = data_sources[check.query.data_source]
-      statement = check.query.statement
-      Blazer.transform_statement.call(data_source, statement) if Blazer.transform_statement
+      statement = check.query.statement_object
+      data_source = statement.data_source
       while tries <= 3
         result = data_source.run_statement(statement, refresh_cache: true, check: check, query: check.query)
@@ -178,7 +185,8 @@ module Blazer
       # TODO use proper logfmt
       Rails.logger.info "[blazer check] query=#{check.query.name} state=#{check.state} rows=#{result.rows.try(:size)} error=#{result.error}"
-      instrument[:statement] = statement
+      # should be no variables
+      instrument[:statement] = statement.bind_statement
       instrument[:data_source] = data_source
       instrument[:state] = check.state
       instrument[:rows] = result.rows.try(:size)

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: blazer
 version: !ruby/object:Gem::Version
-  version: 2.5.0
+  version: 2.6.0
 platform: ruby
 authors:
 - Andrew Kane
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-01-05 00:00:00.000000000 Z
+date: 2022-04-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -109,7 +109,9 @@ files:
 - app/assets/javascripts/blazer/stupidtable.js
 - app/assets/javascripts/blazer/vue.js
 - app/assets/stylesheets/blazer/application.css
-- app/assets/stylesheets/blazer/bootstrap.css.erb
+- app/assets/stylesheets/blazer/bootstrap-propshaft.css
+- app/assets/stylesheets/blazer/bootstrap-sprockets.css.erb
+- app/assets/stylesheets/blazer/bootstrap.css
 - app/assets/stylesheets/blazer/daterangepicker.css
 - app/assets/stylesheets/blazer/github.css
 - app/assets/stylesheets/blazer/selectize.css
@@ -184,6 +186,7 @@ files:
 - lib/blazer/run_statement.rb
 - lib/blazer/run_statement_job.rb
 - lib/blazer/slack_notifier.rb
+- lib/blazer/statement.rb
 - lib/blazer/version.rb
 - lib/generators/blazer/install_generator.rb
 - lib/generators/blazer/templates/config.yml.tt
@@ -226,7 +229,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.32
+rubygems_version: 3.3.7
 signing_key:
 specification_version: 4
 summary: Explore your data with SQL. Easily create charts and dashboards, and share