rails_vitals 0.3.0 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 85f8d6772f3f10badb2a598143172c1e11375eb017affe72007fe893e2f6d241
-  data.tar.gz: 072320c0d3826677abacc3d36cbfd22843be687a955e41c9f924cb07bba640f0
+  metadata.gz: 8fc3f44a23831df5f94973a04dfd928519ac7b14adf763147cc7b4d6e6ee2702
+  data.tar.gz: 39be2ad3de1a6569e42e5c22cea38a04db5c933910014de9c5963652c6a15451
 SHA512:
-  metadata.gz: d6648831e36ed7b41615af2636939d1f1dace58b270a311486820ee5d9e48581a5d617d590622855dbf6430dfdbc3ed1716721bb6d03f58e1af8dda8a2fcd969
-  data.tar.gz: 204fab1e081f960f358295b56f42666800867133c14eafdcc6074524694110a5de0cef994e65647f504ffea3d90aab42620b861ce1c00e3de31b32e929c40278
+  metadata.gz: f95974f80db2e2975a0b7ccd77aef6d0335a6c89202a31186b6631de09fb25938e0f0f5a2f55806c4cafd7d9b469ff589593a7805a4769cdff9eaaa08ef72e96
+  data.tar.gz: d5698c85c0a72ac0f5f44f8db1c16c8b6b51c9c3aa0533ea70e774005f87d2e323a06c903f192d646e70ad1efa204560e94cbdbe122e2f6522412d50fbfbcfab

data/README.md

@@ -61,6 +61,11 @@ Any `SELECT` query in Request Detail can be sent directly to PostgreSQL's `EXPLA
 
 ![EXPLAIN Visualizer](https://github.com/user-attachments/assets/e3547822-17ce-40e8-a468-714bbff01cd9)
 
+### 🧪 N+1 Fix Playground
+Try eager-loading fixes against your real app data before changing application code. Enter any ActiveRecord expression such as `Post.includes(:likes)`, optionally simulate association access to reproduce N+1 behavior, and RailsVitals runs it in a read-only sandbox with a 100-record cap and 2s timeout. Each run compares before vs. after score, query count, duration, and N+1 count, then shows the exact SQL fired with full Query DNA so you can verify that the fix actually batches queries.
+
+![Playground](https://github.com/user-attachments/assets/7df1bfbe-1576-4048-810d-465e52115d19)
+
 ### 🎭 Callback Map
 Every ActiveRecord callback (`before_save`, `after_create`, `before_validation`, etc.) is timed and grouped by model in the Request Detail view. Expensive callbacks surface immediately — including hidden side effects like callbacks that trigger additional queries.
 
@@ -149,6 +154,7 @@ Navigate to `/rails_vitals` to access the full admin interface.
 | N+1 Patterns | `/rails_vitals/n_plus_ones` | Cross-request N+1 aggregation with fix suggestions |
 | Association Map | `/rails_vitals/associations` | Live SVG model graph with N+1 and index annotations |
 | EXPLAIN Visualizer | `/rails_vitals/requests/:request_id/explain/:query_index` | Interactive PostgreSQL EXPLAIN ANALYZE tree with warnings and fix suggestions |
+| Playground | `/rails_vitals/playgrounds` | Read-only sandbox for testing eager-loading fixes against real app data |
 
 ---
 

data/app/assets/javascripts/rails_vitals/application.js

@@ -159,3 +159,32 @@ function badge(color, text) {
          'font-size:9px;padding:1px 5px;border-radius:3px;margin-left:4px;">' +
          text + '</span>';
 }
+
+// ─── playgrounds/index ───────────────────────────────────────────────────────
+(function () {
+  var form = document.getElementById('playground-form');
+  if (!form) return;
+
+  // Disable the run button on submit to prevent double-runs
+  form.addEventListener('submit', function () {
+    var btn = document.getElementById('run-btn');
+    if (btn) {
+      btn.disabled    = true;
+      btn.textContent = '⏳ Running...';
+    }
+  });
+
+  // Pre-fill expression textarea from ?expression= URL param (deep-link from N+1 page)
+  var params = new URLSearchParams(window.location.search);
+  var expr   = params.get('expression');
+  if (expr) {
+    var ta = document.querySelector("textarea[name='expression']");
+    if (ta) ta.value = decodeURIComponent(expr);
+  }
+}());
+
+function toggleAssocLabel(assoc, checked) {
+  var label = document.getElementById('label_' + assoc);
+  if (!label) return;
+  label.classList.toggle('assoc-tag-active', checked);
+}

data/app/assets/stylesheets/rails_vitals/application.css

@@ -276,6 +276,7 @@ tr:hover td { background: #1e2535; }
 
 /* ─── Component utilities ──────────────────────────────────────────────────── */
 .section-label {
+  display: block;
   color: #a0aec0;
   font-size: 11px;
   font-weight: bold;
@@ -353,3 +354,148 @@ tr:hover td { background: #1e2535; }
   margin-right: 4px;
   vertical-align: middle;
 }
+
+/* ─── Gap utilities ──────────────────────────────────────────────────────────── */
+.gap-4  { gap: 4px; }
+.gap-6  { gap: 6px; }
+.gap-8  { gap: 8px; }
+.gap-12 { gap: 12px; }
+.gap-16 { gap: 16px; }
+.gap-24 { gap: 24px; }
+
+/* ─── Grid utilities ─────────────────────────────────────────────────────────── */
+.grid-4 {
+  display: grid;
+  grid-template-columns: repeat(4, 1fr);
+  gap: 12px;
+  margin-bottom: 20px;
+}
+
+/* ─── Stat box variant (dark surface) ───────────────────────────────────────── */
+.stat-grid-box {
+  background: #2d3748;
+  border-radius: 6px;
+  padding: 16px;
+  text-align: center;
+}
+
+/* ─── Playground ─────────────────────────────────────────────────────────────── */
+.run-btn {
+  background: #2d6a2d;
+  border: 1px solid #68d391;
+  color: #68d391;
+  padding: 10px 24px;
+  border-radius: 6px;
+  font-size: 14px;
+  font-weight: bold;
+  cursor: pointer;
+  transition: background 0.15s;
+}
+.run-btn:hover    { background: #3a8a3a; }
+.run-btn:disabled { opacity: 0.5; cursor: not-allowed; }
+
+@keyframes fadeIn {
+  from { opacity: 0; transform: translateY(6px); }
+  to   { opacity: 1; transform: translateY(0); }
+}
+.result-fade { animation: fadeIn 0.3s ease forwards; }
+
+.playground-textarea {
+  width: 100%;
+  background: #1a202c;
+  border: 1px solid #4a5568;
+  color: #e2e8f0;
+  padding: 12px;
+  border-radius: 4px;
+  font-family: ui-monospace, monospace;
+  font-size: 13px;
+  resize: vertical;
+  box-sizing: border-box;
+}
+
+.assoc-tag {
+  display: flex;
+  align-items: center;
+  gap: 6px;
+  background: #2d3748;
+  border: 1px solid #4a5568;
+  border-radius: 4px;
+  padding: 6px 12px;
+  cursor: pointer;
+  font-size: 12px;
+  font-family: ui-monospace, monospace;
+  color: #e2e8f0;
+  transition: background 0.15s;
+}
+.assoc-tag-active {
+  background: #1a2d1a;
+  border-color: rgba(104, 211, 145, 0.4);
+}
+
+.assoc-pill {
+  background: #2d3748;
+  color: #a0aec0;
+  font-size: 10px;
+  font-family: ui-monospace, monospace;
+  padding: 2px 6px;
+  border-radius: 3px;
+}
+.assoc-pill-active {
+  background: #1a3a1a;
+  color: #68d391;
+  font-size: 10px;
+  font-family: ui-monospace, monospace;
+  padding: 2px 6px;
+  border-radius: 3px;
+}
+
+.compare-box {
+  background: #1a202c;
+  border-radius: 6px;
+  padding: 12px 16px;
+}
+.compare-box-after {
+  background: #1a2d1a;
+  border-radius: 6px;
+  padding: 12px 16px;
+}
+
+.compare-arrow { text-align: center; }
+.compare-delta {
+  font-size: 12px;
+  font-family: ui-monospace, monospace;
+  font-weight: bold;
+}
+
+.stat-value-22 {
+  font-size: 22px;
+  font-weight: bold;
+  font-family: ui-monospace, monospace;
+}
+
+.summary-line {
+  margin-top: 12px;
+  padding: 10px 16px;
+  background: #1a202c;
+  border-radius: 4px;
+  font-size: 13px;
+  font-family: ui-monospace, monospace;
+}
+
+.error-card {
+  background: #2d1515;
+  border: 1px solid rgba(252, 129, 129, 0.4);
+  border-radius: 6px;
+  padding: 16px;
+  color: #fc8181;
+  font-size: 13px;
+  margin-bottom: 20px;
+}
+
+.n1-alert {
+  background: #2d1515;
+  border: 1px solid rgba(252, 129, 129, 0.27);
+  border-radius: 6px;
+  padding: 12px 16px;
+  margin-bottom: 20px;
+}

data/app/controllers/rails_vitals/playgrounds_controller.rb

@@ -0,0 +1,120 @@
+module RailsVitals
+  class PlaygroundsController < ApplicationController
+    def index
+      @default_query = default_query
+      @default_model = default_model_name
+      @available_assocs = associations_for_model(@default_model)
+      @prechecked_assocs = prechecked_associations
+    end
+
+    def create
+      expression = params[:expression].to_s.strip
+      clean_expr = clean_expression(expression)
+      access_associations = Array(params[:access_associations]).reject(&:blank?)
+
+      result = Playground::Sandbox.run(
+        expression,
+        access_associations: access_associations
+      )
+
+      model_name = Playground::Sandbox.extract_model_name(expression)
+      @available_assocs = associations_for_model(model_name)
+      @prechecked_assocs = access_associations
+
+      @expression = clean_expr
+      @result = result
+      @previous = session_previous
+      @query_dna = build_dna(result.queries)
+
+      session[:playground_previous] = serialize_result(result, clean_expr, access_associations)
+
+      render :index
+    end
+
+    private
+
+    def discover_models
+      Analyzers::AssociationMapper.discover_models.map(&:name)
+    end
+
+    def worst_n1_pattern
+      records = RailsVitals.store.all
+      return nil if records.empty?
+
+      Analyzers::NPlusOneAggregator.aggregate(records).first
+    end
+
+    def session_previous
+      raw = session[:playground_previous]
+      return nil unless raw
+
+      JSON.parse(raw, symbolize_names: true)
+    rescue
+      nil
+    end
+
+    def default_model_name
+      pattern = worst_n1_pattern
+      return discover_models.first unless pattern
+
+      pattern[:fix_suggestion]&.dig(:owner_model) || discover_models.first
+    end
+
+    def associations_for_model(model_name)
+      return [] unless model_name
+
+      Playground::Sandbox.associations_for(model_name)
+    end
+
+    def prechecked_associations
+      pattern = worst_n1_pattern
+      return [] unless pattern
+
+      # Pre-check the association from the worst N+1 pattern
+      table = pattern[:table]
+      return [] unless table
+
+      assoc_name = table  # table name is usually the association name
+      [ @available_assocs.find { |a| a == assoc_name || a == assoc_name.singularize } ].compact
+    end
+
+    def default_query
+      pattern = worst_n1_pattern
+      return "" unless pattern
+
+      fix = pattern[:fix_suggestion]&.dig(:code)
+      return "" unless fix
+
+      "# Worst N+1 detected in your app:\n# Fix: #{fix}\n\n#{fix.split('.').first}.all"
+    end
+
+    def serialize_result(result, expression, access_associations = [])
+      {
+        expression:         expression,
+        query_count:        result.query_count,
+        score:              result.score,
+        duration_ms:        result.duration_ms,
+        n1_count:           result.n1_patterns.size,
+        access_associations: access_associations,
+        error:              result.error
+      }.to_json
+    end
+
+    def clean_expression(expression)
+      expression
+        .lines
+        .reject { |l| l.strip.start_with?("#") }
+        .join
+        .strip
+    end
+
+    def build_dna(queries)
+      queries.map do |q|
+        {
+          query: q,
+          dna:   Analyzers::SqlTokenizer.tokenize(q[:sql], all_queries: queries)
+        }
+      end
+    end
+  end
+end

data/app/helpers/rails_vitals/application_helper.rb

@@ -87,5 +87,25 @@ module RailsVitals
       else                      COLOR_LIGHT_RED
       end
     end
+
+    # Returns a hex color for a DNA risk level symbol (:healthy, :neutral, :warning, :danger)
+    def risk_color(risk)
+      {
+        healthy: COLOR_LIGHT_GREEN,
+        neutral: COLOR_NEUTRAL,
+        warning: COLOR_ORANGE,
+        danger:  COLOR_LIGHT_RED
+      }[risk.to_sym] || COLOR_NEUTRAL
+    end
+
+    # Returns a readable hex text color for a numeric health score (0-100)
+    def score_text_color(score)
+      case score.to_i
+      when 90..100 then COLOR_LIGHT_GREEN
+      when 70..89  then "#4299e1"
+      when 50..69  then COLOR_ORANGE
+      else              COLOR_LIGHT_RED
+      end
+    end
   end
 end

data/app/views/layouts/rails_vitals/application.html.erb

@@ -20,6 +20,7 @@
     <%= link_to "Models", rails_vitals.models_path %>
     <%= link_to "N+1 Patterns", rails_vitals.n_plus_ones_path %>
     <%= link_to "Association Map", rails_vitals.associations_path %>
+    <%= link_to "Playground", rails_vitals.playgrounds_path %>
   </nav>
   <div class="container">
     <%= yield %>

data/app/views/rails_vitals/n_plus_ones/index.html.erb

@@ -15,6 +15,7 @@
           <th>Affected Endpoints</th>
           <th>Fix</th>
           <th></th>
+          <th></th>
         </tr>
       </thead>
       <tbody>
@@ -37,6 +38,13 @@
                     n_plus_one_path(pattern_id(p)),
                     class: "text-accent" %>
             </td>
+            <td>
+              <%= link_to "Try in Playground →",
+                    rails_vitals.playgrounds_path(
+                      expression: p[:fix_suggestion]&.dig(:code)
+                    ),
+                    class: "text-accent" %>
+            </td>
           </tr>
         <% end %>
       </tbody>

data/app/views/rails_vitals/playgrounds/index.html.erb

@@ -0,0 +1,289 @@
+<%# Header %>
+<div class="page-header">
+  <h2 class="page-heading mb-4">N+1 Fix Playground</h2>
+  <p class="page-subtitle">
+    Write any ActiveRecord query — see exactly what SQL fires against your real data.
+    <span class="text-grey">Read-only. Capped at 100 records.</span>
+  </p>
+</div>
+
+<%# Input form %>
+<div class="card mb-20">
+  <%= form_with url: rails_vitals.playgrounds_path,
+              method: :post,
+              local: true,
+              id: "playground-form" do |f| %>
+
+    <div class="mb-16">
+      <label class="section-label">Query</label>
+      <%= f.text_area :expression,
+            value:       params[:expression] || @default_query,
+            rows:        5,
+            placeholder: "Post.includes(:likes).where(published: true)",
+            class:       "playground-textarea" %>
+    </div>
+
+    <%# Association access — simulate iteration %>
+    <% if @available_assocs.any? %>
+      <div class="mb-16">
+        <div class="section-label">
+          Simulate access to associations
+          <span class="text-grey text-10 ml-6" style="font-weight:normal;text-transform:none;letter-spacing:normal;">
+            — checked associations will be loaded per record (triggers N+1 if not eager loaded)
+          </span>
+        </div>
+        <div class="flex flex-wrap gap-8">
+          <% @available_assocs.each do |assoc| %>
+            <% checked = @prechecked_assocs.include?(assoc) %>
+            <label class="assoc-tag <%= checked ? 'assoc-tag-active' : '' %>"
+                   id="label_<%= assoc %>">
+              <input
+                type="checkbox"
+                name="access_associations[]"
+                value="<%= assoc %>"
+                checked
+                style="accent-color:#68d391;"
+                onchange="toggleAssocLabel(<%= j(assoc).to_json %>, this.checked)"
+              >
+              :<%= assoc %>
+            </label>
+          <% end %>
+        </div>
+      </div>
+    <% end %>
+
+    <div class="text-grey text-sm mb-16">
+      ⚠ INSERT, UPDATE, DELETE, DROP are blocked.
+      Queries run against real data with a 100-record cap and 2s timeout.
+    </div>
+
+    <button type="submit" class="run-btn" id="run-btn">▶ Run</button>
+  <% end %>
+</div>
+
+<% if @result %>
+  <div class="result-fade">
+
+    <%# Error state %>
+    <% if @result.error %>
+      <div class="error-card">❌ <%= @result.error %></div>
+    <% else %>
+      <%# Before — older run %>
+      <div class="compare-box mb-16">
+        <div class="mini-label mb-6">← Before</div>
+        <div class="mono text-12 text-muted mb-8"><%= @previous[:expression] %></div>
+
+        <% if @previous[:access_associations]&.any? %>
+          <div class="flex flex-wrap gap-4 mb-8">
+            <% @previous[:access_associations].each do |a| %>
+              <span class="assoc-pill">:<%= a %></span>
+            <% end %>
+          </div>
+        <% end %>
+
+        <div class="flex gap-16">
+          <div>
+            <span class="stat-value-22" style="color:<%= score_text_color(@previous[:score].to_i) %>;"><%= @previous[:score] %></span>
+            <span class="text-grey text-sm">score</span>
+          </div>
+          <div>
+            <span class="stat-value-22 text-blue"><%= @previous[:query_count] %></span>
+            <span class="text-grey text-sm">queries</span>
+          </div>
+          <div>
+            <span class="stat-value-22" style="color:<%= @previous[:n1_count].to_i > 0 ? '#fc8181' : '#68d391' %>;"><%= @previous[:n1_count] %></span>
+            <span class="text-grey text-sm">N+1</span>
+          </div>
+          <div>
+            <span class="stat-value-22 text-muted"><%= @previous[:duration_ms] %>ms</span>
+            <span class="text-grey text-sm">duration</span>
+          </div>
+        </div>
+      </div>
+
+      <%# Arrow + delta %>
+      <%
+        score_delta = @result.score.to_i - @previous[:score].to_i
+        query_delta = @result.query_count - @previous[:query_count].to_i
+        improved    = score_delta > 0 || (score_delta == 0 && @result.n1_patterns.size < @previous[:n1_count].to_i)
+        worsened    = score_delta < 0 || (score_delta == 0 && @result.n1_patterns.size > @previous[:n1_count].to_i)
+        arrow_color = improved ? "#68d391" : worsened ? "#fc8181" : "#4a5568"
+      %>
+      <div class="compare-arrow mb-16">
+        <div class="text-24" style="color:<%= arrow_color %>;">→</div>
+        <% if score_delta != 0 %>
+          <div class="compare-delta" style="color:<%= arrow_color %>;">
+            <%= score_delta > 0 ? "+" : "" %><%= score_delta %>
+          </div>
+        <% end %>
+      </div>
+
+      <%# After — current run %>
+      <div class="compare-box-after" style="border:1px solid <%= arrow_color %>44;">
+        <div class="mini-label mb-6" style="color:<%= arrow_color %>;">After →</div>
+        <div class="mono text-12 text-muted mb-8"><%= @expression %></div>
+
+        <% if @prechecked_assocs&.any? %>
+          <div class="flex flex-wrap gap-4 mb-8">
+            <% @prechecked_assocs.each do |a| %>
+              <span class="assoc-pill-active">:<%= a %></span>
+            <% end %>
+          </div>
+        <% end %>
+
+        <div class="flex gap-16">
+          <div>
+            <span class="stat-value-22" style="color:<%= score_text_color(@result.score.to_i) %>;"><%= @result.score %></span>
+            <span class="text-grey text-sm">score</span>
+          </div>
+          <div>
+            <span class="stat-value-22 text-blue"><%= @result.query_count %></span>
+            <span class="text-grey text-sm">queries</span>
+          </div>
+          <div>
+            <span class="stat-value-22" style="color:<%= @result.n1_patterns.size > 0 ? '#fc8181' : '#68d391' %>;"><%= @result.n1_patterns.size %></span>
+            <span class="text-grey text-sm">N+1</span>
+          </div>
+          <div>
+            <span class="stat-value-22 text-muted"><%= @result.duration_ms %>ms</span>
+            <span class="text-grey text-sm">duration</span>
+          </div>
+        </div>
+      </div>
+
+    <%# Summary line %>
+    <%
+      improved   = score_delta > 0 || (score_delta == 0 && @result.n1_patterns.size < @previous[:n1_count].to_i)
+      worsened   = score_delta < 0 || (score_delta == 0 && @result.n1_patterns.size > @previous[:n1_count].to_i)
+      icon       = improved ? "✅" : worsened ? "❌" : "—"
+      line_color = improved ? "#68d391" : worsened ? "#fc8181" : "#a0aec0"
+    %>
+    <div class="summary-line" style="color:<%= line_color %>;">
+      <%= icon %>
+      Score: <%= @previous[:score] %> → <%= @result.score %>
+      (<%= score_delta >= 0 ? "+" : "" %><%= score_delta %> pts) ·
+      Queries: <%= @previous[:query_count] %> → <%= @result.query_count %>
+      (<%= query_delta >= 0 ? "+" : "" %><%= query_delta %>) ·
+      N+1: <%= @previous[:n1_count] %> → <%= @result.n1_patterns.size %>
+    </div>
+
+    <%# Result stats grid %>
+    <%
+      r_stats = [
+        { label: "Queries Fired", value: @result.query_count,
+          color: @result.query_count > 25 ? "#fc8181" : @result.query_count > 10 ? "#f6ad55" : "#68d391" },
+        { label: "Score",         value: @result.score,
+          color: score_text_color(@result.score.to_i) },
+        { label: "N+1 Patterns",  value: @result.n1_patterns.size,
+          color: @result.n1_patterns.any? ? "#fc8181" : "#68d391" },
+        { label: "Duration",      value: "#{@result.duration_ms}ms",
+          color: "#a0aec0" }
+      ]
+    %>
+    <div class="grid-4">
+      <% r_stats.each do |s| %>
+        <div class="stat-grid-box">
+          <div class="stat-value-xl bold mono" style="color:<%= s[:color] %>;"><%= s[:value] %></div>
+          <div class="text-muted text-sm mt-4"><%= s[:label] %></div>
+        </div>
+      <% end %>
+    </div>
+
+    <%# N+1 detected %>
+    <% if @result.n1_patterns.any? %>
+      <div class="n1-alert">
+        <div class="text-danger text-12 bold mb-8">
+          N+1 Patterns Detected (<%= @result.n1_patterns.size %>)
+        </div>
+        <% @result.n1_patterns.each do |p| %>
+          <div class="mono text-sm text-danger mb-4">
+            <%= p[:count] %>× — <%= truncate(p[:pattern], length: 100) %>
+          </div>
+        <% end %>
+      </div>
+    <% end %>
+
+    <%# Queries + DNA %>
+    <div class="card">
+      <div class="card-title">
+        Queries Fired
+        <span class="card-title-description">click any row to expand Query DNA</span>
+      </div>
+
+      <% if @query_dna.empty? %>
+        <div class="text-grey" style="font-size:13px;padding:8px 0;">
+          No queries fired — the relation was not loaded or returned no results.
+        </div>
+      <% else %>
+        <table>
+          <thead>
+            <tr>
+              <th>#</th>
+              <th>SQL</th>
+              <th>Time</th>
+              <th>Complexity</th>
+              <th>Risk</th>
+            </tr>
+          </thead>
+          <tbody>
+            <% @query_dna.each_with_index do |item, i| %>
+              <% q      = item[:query] %>
+              <% dna    = item[:dna] %>
+              <% dna_id = "pg_dna_#{i}" %>
+
+              <tr onclick="toggleDna(<%= dna_id.to_json %>)" class="cursor-pointer">
+                <td class="text-muted"><%= i + 1 %></td>
+                <td class="truncate mono text-sm text-primary" style="max-width:400px;"><%= q[:sql] %></td>
+                <td style="color:<%= time_heat_color(q[:duration_ms]) %>;"><%= q[:duration_ms] %>ms</td>
+                <td>
+                  <span style="color:<%= dna.complexity_label[:color] %>;" class="text-12">
+                    <%= dna.complexity_label[:label] %>
+                    <span class="text-muted text-10">(<%= dna.complexity %>/10)</span>
+                  </span>
+                </td>
+                <td>
+                  <span class="text-12 text-upper" style="color:<%= risk_color(dna.risk) %>;">
+                    <%= dna.risk %>
+                  </span>
+                </td>
+              </tr>
+
+              <%# DNA expansion panel %>
+              <tr id="<%= dna_id %>" class="d-none">
+                <td colspan="5" style="padding:0;">
+                  <div class="dna-panel">
+                    <pre class="code-block mb-12"><%= q[:sql] %></pre>
+
+                    <div class="flex flex-wrap gap-6 mb-12">
+                      <% dna.tokens.each do |token| %>
+                        <span onclick="toggleCard(<%= "card_#{dna_id}_#{token[:type]}".to_json %>);event.stopPropagation();"
+                              style="background:<%= token[:color] %>22;color:<%= token[:color] %>;border:1px solid <%= token[:color] %>66;padding:3px 10px;border-radius:4px;font-size:12px;font-family:monospace;cursor:pointer;">
+                          <%= token[:label] %>
+                        </span>
+                      <% end %>
+                    </div>
+
+                    <% dna.tokens.each do |token| %>
+                      <div id="card_<%= dna_id %>_<%= token[:type] %>" class="d-none mb-8">
+                        <div style="background:#2d3748;border-left:3px solid <%= token[:color] %>;border-radius:4px;padding:12px 16px;">
+                          <div class="mono bold text-sm mb-6" style="color:<%= token[:color] %>;">
+                            💡 <%= token[:label] %>
+                          </div>
+                          <div class="text-primary line-relaxed" style="font-size:13px;">
+                            <%= token[:explanation] %>
+                          </div>
+                        </div>
+                      </div>
+                    <% end %>
+                  </div>
+                </td>
+              </tr>
+            <% end %>
+          </tbody>
+        </table>
+      <% end %>
+    </div>
+
+    <% end %><%# closes if @result.error %>
+  </div><%# closes .result-fade in the error case %>
+<% end %>

data/app/views/rails_vitals/requests/show.html.erb

@@ -12,7 +12,7 @@
     </div>
   </div>
   <div class="text-right">
-    <span class="badge badge-<%= @record.color %>" style="font-size:13px;padding:4px 14px;">
+    <span class="<%= "badge badge-#{@record.color}" %>" style="font-size:13px;padding:4px 14px;">
       <%= @record.label %>
     </span>
     <div class="text-muted text-sm mt-6"><%= @record.recorded_at.strftime("%Y-%m-%d %H:%M:%S") %></div>

data/config/routes.rb

@@ -5,6 +5,7 @@ RailsVitals::Engine.routes.draw do
   resources :models, only: [ :index ]
   resources :n_plus_ones, only: [ :index, :show ]
   resources :associations, only: [ :index ]
+  resources :playgrounds, only: [ :index, :create ]
   get "heatmap", to: "heatmap#index", as: :heatmap
   get "requests/:request_id/explain/:query_index", to: "explains#show", as: :explain
 end

data/lib/rails_vitals/notifications/subscriber.rb

@@ -6,6 +6,20 @@ module RailsVitals
         attach_action_controller_subscriber
       end
 
+      # Skip Rails internal queries — schema lookups, explain, etc.
+      def self.internal_query?(sql)
+        sql =~ /\A\s*(SCHEMA|EXPLAIN|PRAGMA|BEGIN|COMMIT|ROLLBACK|SAVEPOINT|RELEASE)/i ||
+        sql.include?("pg_class") ||
+        sql.include?("pg_attribute") ||
+        sql.include?("pg_type") ||
+        sql.include?("t.typname") ||
+        sql.include?("t.oid") ||
+        sql.include?("information_schema") ||
+        sql.include?("pg_namespace") ||
+        sql.include?("SHOW search_path") ||
+        sql.include?("SHOW max_identifier_length")
+      end
+
       private_class_method def self.attach_sql_subscriber
         ActiveSupport::Notifications.subscribe("sql.active_record") do |event|
           next unless RailsVitals.config.enabled
@@ -32,20 +46,6 @@ module RailsVitals
         end
       end
 
-      # Skip Rails internal queries — schema lookups, explain, etc.
-      private_class_method def self.internal_query?(sql)
-        sql =~ /\A\s*(SCHEMA|EXPLAIN|PRAGMA|BEGIN|COMMIT|ROLLBACK|SAVEPOINT|RELEASE)/i ||
-        sql.include?("pg_class") ||
-        sql.include?("pg_attribute") ||
-        sql.include?("pg_type") ||
-        sql.include?("t.typname") ||
-        sql.include?("t.oid") ||
-        sql.include?("information_schema") ||
-        sql.include?("pg_namespace") ||
-        sql.include?("SHOW search_path") ||
-        sql.include?("SHOW max_identifier_length")
-      end
-
       private_class_method def self.rails_vitals_request?
         Thread.current[:rails_vitals_own_request]
       end

data/lib/rails_vitals/playground/sandbox.rb

@@ -0,0 +1,222 @@
+module RailsVitals
+  module Playground
+    class Sandbox
+      ALLOWED_METHODS = %w[
+        all where select limit offset order group
+        includes preload eager_load joins left_joins
+        find find_by first last count sum average
+        pluck distinct having references unscoped
+      ].freeze
+
+      BLOCKED_PATTERNS = [
+        /\b(insert|update|delete|destroy|drop|truncate|create|alter)\b/i,
+        /\.save/i, /\.save!/i, /\.update/i, /\.delete/i,
+        /\.destroy/i, /`/
+      ].freeze
+
+      DEFAULT_LIMIT = 100
+
+      Result = Struct.new(
+        :queries, :query_count, :duration_ms,
+        :error, :model_name, :record_count,
+        :score, :n1_patterns,
+        keyword_init: true
+      )
+
+      def self.run(expression, access_associations: [])
+        return blocked_result("No expression provided") if expression.blank?
+
+        BLOCKED_PATTERNS.each do |pattern|
+          return blocked_result(
+            "Expression contains blocked operation. " \
+            "The Playground is read-only — no writes permitted."
+          ) if expression.match?(pattern)
+        end
+
+        model_name = extract_model_name(expression)
+        return blocked_result(
+          "Could not detect model from expression. " \
+          "Start your query with a model name e.g. Post.includes(:likes)"
+        ) unless model_name
+
+        model = safe_constantize(model_name)
+        return blocked_result(
+          "Unknown model: #{model_name}. " \
+          "Available models: #{available_models.join(', ')}"
+        ) unless model
+
+        queries = []
+        start_time = Process.clock_gettime(Process::CLOCK_MONOTONIC)
+
+        subscriber = ActiveSupport::Notifications.subscribe("sql.active_record") do |*, payload|
+          next if RailsVitals::Notifications::Subscriber.internal_query?(payload[:sql])
+          queries << {
+            sql: payload[:sql],
+            duration_ms: (payload[:duration].to_f / 1000).round(3)
+          }
+        end
+
+        begin
+          Timeout.timeout(2) do
+            relation = build_relation(expression, model)
+            relation = apply_limit(relation)
+            records  = relation.load
+
+            # Simulate association access — triggers N+1 if not eager loaded
+            if access_associations.any?
+              records.each do |record|
+                access_associations.each do |assoc|
+                  next unless record.class.reflect_on_association(assoc.to_sym)
+                  assoc_value = record.public_send(assoc)
+                  # Force load if it's a relation
+                  assoc_value.load if assoc_value.respond_to?(:load)
+                end
+              end
+            end
+          end
+        rescue Timeout::Error
+          return blocked_result("Query timed out after 2 seconds.")
+        rescue => e
+          return blocked_result("Execution error: #{e.message}")
+        ensure
+          ActiveSupport::Notifications.unsubscribe(subscriber)
+        end
+
+        duration_ms = ((Process.clock_gettime(Process::CLOCK_MONOTONIC) - start_time) * 1000).round(2)
+        n1_patterns = detect_n1(queries)
+        score = project_score(queries.size, n1_patterns.size)
+
+        Result.new(
+          queries: queries,
+          query_count: queries.size,
+          duration_ms: duration_ms,
+          error: nil,
+          model_name: model_name,
+          record_count: DEFAULT_LIMIT,
+          score: score,
+          n1_patterns: n1_patterns
+        )
+      rescue => e
+        blocked_result("Unexpected error: #{e.message}")
+      end
+
+      def self.associations_for(model_name)
+        model = safe_constantize(model_name)
+        return [] unless model
+
+        model.reflect_on_all_associations.map { |r| r.name.to_s }.sort
+      rescue
+        []
+      end
+
+      def self.extract_model_name(expression)
+        # Strip comments first
+        clean = expression.gsub(/#[^\n]*/, "").strip
+        # First word before a dot or whitespace — must look like a constant (CamelCase)
+        match = clean.match(/\A([A-Z][A-Za-z0-9]*)/)
+        match ? match[1] : nil
+      end
+
+      private
+
+      def self.safe_constantize(name)
+        return nil unless name.match?(/\A[A-Z][A-Za-z0-9:]*\z/)
+
+        klass = name.constantize
+        return nil unless klass < ActiveRecord::Base
+
+        klass
+      rescue NameError
+        nil
+      end
+
+      def self.build_relation(expression, model)
+        # Parse "Post.includes(:likes).where(published: true).limit(10)"
+        # Strip the model name prefix if present
+        chain_str = expression
+          .sub(/\A#{Regexp.escape(model.name)}\s*\.?\s*/, "")
+          .strip
+
+        return model.all if chain_str.blank?
+
+        # Build the chain by safe eval within a controlled binding
+        # Only the model constant is exposed, no access to app globals
+        sandbox_binding = build_binding(model)
+        relation = eval(chain_str, sandbox_binding) # rubocop:disable Security/Eval
+
+        unless relation.is_a?(ActiveRecord::Relation)
+          raise "Expression must return an ActiveRecord::Relation"
+        end
+
+        relation
+      end
+
+      def self.build_binding(model)
+        # Create a minimal binding with only the model exposed
+        ctx = Object.new
+        ctx.define_singleton_method(:relation) { model.all }
+        ctx.instance_eval { binding }
+      end
+
+      def self.apply_limit(relation)
+        # Only apply default limit if no limit already set
+        if relation.limit_value.nil?
+          relation.limit(DEFAULT_LIMIT)
+        else
+          relation
+        end
+      end
+
+      def self.detect_n1(queries)
+        normalized = queries.map do |q|
+          q[:sql]
+            .gsub(/\b\d+\b/, "?")
+            .gsub(/'[^']*'/, "?")
+            .gsub(/\bIN\s*\([^)]+\)/, "IN (?)")
+            .downcase.strip
+        end
+
+        normalized
+          .tally
+          .select { |_, count| count > 1 }
+          .map { |sql, count| { pattern: sql, count: count } }
+      end
+
+      def self.project_score(query_count, n1_count)
+        config = RailsVitals.config
+        query_score = score_queries(query_count, config)
+        n1_score = score_n1(n1_count)
+        (query_score * 0.40 + n1_score * 0.60).round
+      end
+
+      def self.score_queries(count, config)
+        return 100 if count <= config.query_warn_threshold
+        return 0   if count >= config.query_critical_threshold
+
+        range = config.query_critical_threshold - config.query_warn_threshold
+        (100 - ((count - config.query_warn_threshold).to_f / range * 100)).round
+      end
+
+      def self.score_n1(count)
+        [ 100 - (count * 25), 0 ].max
+      end
+
+      def self.blocked_result(message)
+        Result.new(
+          queries: [], query_count: 0, duration_ms: 0,
+          error: message, model_name: nil, record_count: 0,
+          score: nil, n1_patterns: []
+        )
+      end
+
+      def self.available_models
+        ActiveRecord::Base.descendants
+          .reject(&:abstract_class?)
+          .reject { |m| m.name&.start_with?("RailsVitals") }
+          .select { |m| m.table_exists? rescue false }
+          .map(&:name)
+          .sort
+      end
+    end
+  end
+end

data/lib/rails_vitals/version.rb

@@ -1,3 +1,3 @@
 module RailsVitals
-  VERSION = "0.3.0"
+  VERSION = "0.4.0"
 end

data/lib/rails_vitals.rb

@@ -13,6 +13,7 @@ require "rails_vitals/scorers/base_scorer"
 require "rails_vitals/scorers/query_scorer"
 require "rails_vitals/scorers/n_plus_one_scorer"
 require "rails_vitals/scorers/composite_scorer"
+require "rails_vitals/playground/sandbox"
 require "rails_vitals/panel_renderer"
 require "rails_vitals/middleware/panel_injector"
 require "rails_vitals/engine"

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rails_vitals
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.4.0
 platform: ruby
 authors:
 - David Sanchez
@@ -47,6 +47,7 @@ files:
 - app/controllers/rails_vitals/heatmap_controller.rb
 - app/controllers/rails_vitals/models_controller.rb
 - app/controllers/rails_vitals/n_plus_ones_controller.rb
+- app/controllers/rails_vitals/playgrounds_controller.rb
 - app/controllers/rails_vitals/requests_controller.rb
 - app/helpers/rails_vitals/application_helper.rb
 - app/jobs/rails_vitals/application_job.rb
@@ -61,6 +62,7 @@ files:
 - app/views/rails_vitals/models/index.html.erb
 - app/views/rails_vitals/n_plus_ones/index.html.erb
 - app/views/rails_vitals/n_plus_ones/show.html.erb
+- app/views/rails_vitals/playgrounds/index.html.erb
 - app/views/rails_vitals/requests/index.html.erb
 - app/views/rails_vitals/requests/show.html.erb
 - config/routes.rb
@@ -76,6 +78,7 @@ files:
 - lib/rails_vitals/middleware/panel_injector.rb
 - lib/rails_vitals/notifications/subscriber.rb
 - lib/rails_vitals/panel_renderer.rb
+- lib/rails_vitals/playground/sandbox.rb
 - lib/rails_vitals/request_record.rb
 - lib/rails_vitals/scorers/base_scorer.rb
 - lib/rails_vitals/scorers/composite_scorer.rb