rails_vitals 0.6.2 → 0.6.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/controllers/rails_vitals/mcp_controller.rb +3 -2
- data/lib/rails_vitals/analyzers/explain_analyzer.rb +3 -4
- data/lib/rails_vitals/configuration.rb +7 -1
- data/lib/rails_vitals/engine.rb +4 -1
- data/lib/rails_vitals/playground/sandbox.rb +8 -1
- data/lib/rails_vitals/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a4479577c80975bad32203d017cff00cf4070589c6059424b393796bb5f4b7a2
|
|
4
|
+
data.tar.gz: e96412a5354e3e79ae97e4957a8e4c96372ffabb705fb8cb52251bb9348a4d9d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9d7f670412fc9caaf74d8310161f246eb5d7f2d20a433a9eae01fa10350602afcfabbddb89048920b54a136001d0aaee0338c642ca6826dff3a8a99f133ee175
|
|
7
|
+
data.tar.gz: b46385277f03c958362eff854389098c921f6b7bdaf490ddbb41212c255a14c60c3c48c45c7a10fd290361dbd58d9a8619865c154b2a020b7daeb6bc342e9b66
|
|
@@ -13,11 +13,12 @@ module RailsVitals
|
|
|
13
13
|
private
|
|
14
14
|
|
|
15
15
|
def verify_environment
|
|
16
|
-
|
|
16
|
+
unless RailsVitals.config.permitted_environment?
|
|
17
17
|
render json: ResponseBuilder.error(
|
|
18
18
|
nil,
|
|
19
19
|
ResponseBuilder::AUTH_ERROR,
|
|
20
|
-
"RailsVitals MCP is not available in
|
|
20
|
+
"RailsVitals MCP is not available in this environment. " \
|
|
21
|
+
"Permitted: #{RailsVitals::Configuration::PERMITTED_ENVIRONMENTS.join(', ')}"
|
|
21
22
|
), status: :forbidden
|
|
22
23
|
end
|
|
23
24
|
end
|
|
@@ -1,8 +1,6 @@
|
|
|
1
1
|
module RailsVitals
|
|
2
2
|
module Analyzers
|
|
3
3
|
class ExplainAnalyzer
|
|
4
|
-
SUPPORTED_ENVIRONMENTS = %w[development test].freeze
|
|
5
|
-
|
|
6
4
|
COLOR_DANGER = "#fc8181"
|
|
7
5
|
COLOR_HEALTHY = "#68d391"
|
|
8
6
|
COLOR_WARNING = "#f6ad55"
|
|
@@ -225,7 +223,7 @@ module RailsVitals
|
|
|
225
223
|
private
|
|
226
224
|
|
|
227
225
|
def self.supported_environment?
|
|
228
|
-
|
|
226
|
+
RailsVitals.config&.permitted_environment? || false
|
|
229
227
|
end
|
|
230
228
|
|
|
231
229
|
def self.select_query?(sql)
|
|
@@ -393,7 +391,8 @@ module RailsVitals
|
|
|
393
391
|
|
|
394
392
|
def self.unsupported_env
|
|
395
393
|
Result.new(
|
|
396
|
-
error: "EXPLAIN is only available in
|
|
394
|
+
error: "EXPLAIN is only available in permitted environments: " \
|
|
395
|
+
"#{RailsVitals::Configuration::PERMITTED_ENVIRONMENTS.join(', ')}.",
|
|
397
396
|
sql: nil, plan: nil, warnings: [], suggestions: [],
|
|
398
397
|
total_cost: nil, actual_time_ms: nil, rows_examined: nil
|
|
399
398
|
)
|
|
@@ -15,8 +15,10 @@ module RailsVitals
|
|
|
15
15
|
:mcp_max_log_size,
|
|
16
16
|
:mcp_slow_query_threshold_ms
|
|
17
17
|
|
|
18
|
+
PERMITTED_ENVIRONMENTS = %w[development test].freeze
|
|
19
|
+
|
|
18
20
|
def initialize
|
|
19
|
-
@enabled = defined?(Rails) &&
|
|
21
|
+
@enabled = defined?(Rails) && permitted_environment?
|
|
20
22
|
@store_size = 200
|
|
21
23
|
@store_enabled = true
|
|
22
24
|
@auth = :none
|
|
@@ -33,5 +35,9 @@ module RailsVitals
|
|
|
33
35
|
@mcp_max_log_size = 100
|
|
34
36
|
@mcp_slow_query_threshold_ms = 100
|
|
35
37
|
end
|
|
38
|
+
|
|
39
|
+
def permitted_environment?
|
|
40
|
+
PERMITTED_ENVIRONMENTS.include?(Rails.env.to_s)
|
|
41
|
+
end
|
|
36
42
|
end
|
|
37
43
|
end
|
data/lib/rails_vitals/engine.rb
CHANGED
|
@@ -16,7 +16,10 @@ module RailsVitals
|
|
|
16
16
|
|
|
17
17
|
initializer "rails_vitals.mcp" do
|
|
18
18
|
if RailsVitals.config.mcp_enabled
|
|
19
|
-
|
|
19
|
+
unless RailsVitals.config.permitted_environment?
|
|
20
|
+
raise "RailsVitals MCP cannot run in #{Rails.env} environment. " \
|
|
21
|
+
"Permitted: #{RailsVitals::Configuration::PERMITTED_ENVIRONMENTS.join(', ')}"
|
|
22
|
+
end
|
|
20
23
|
|
|
21
24
|
require "rails_vitals/mcp/auth"
|
|
22
25
|
require "rails_vitals/mcp/response_builder"
|
|
@@ -4,7 +4,14 @@ module RailsVitals
|
|
|
4
4
|
BLOCKED_PATTERNS = [
|
|
5
5
|
/\b(insert|update|delete|destroy|drop|truncate|create|alter)\b/i,
|
|
6
6
|
/\.save/i, /\.save!/i, /\.update/i, /\.delete/i,
|
|
7
|
-
/\.destroy/i,
|
|
7
|
+
/\.destroy/i, /`/,
|
|
8
|
+
/\.connection\b/i, /\.execute\b/i, /\.exec\b/i,
|
|
9
|
+
/\.send\b/i, /\.public_send\b/i, /\.__send__\b/i,
|
|
10
|
+
/\.send_data\b/i, /\.open\b/i,
|
|
11
|
+
/\.instance_eval\b/i, /\.class_eval\b/i, /\.module_eval\b/i,
|
|
12
|
+
/\.define_method\b/i, /\.method_missing\b/i,
|
|
13
|
+
/\bsystem\b/i, /\beval\b/i, /\bfork\b/i, /\bspawn\b/i,
|
|
14
|
+
/\bIO\b/i, /\bFile\b/i, /\bThread\b/i, /\bProcess\b/i
|
|
8
15
|
].freeze
|
|
9
16
|
|
|
10
17
|
SAFE_EXPRESSION_PATTERN = /\A[a-zA-Z0-9_\.\s\(\),:\[\]{}'"!?=<>|&*+\-\/\\%]+\z/
|
data/lib/rails_vitals/version.rb
CHANGED