Commit Graph

16 Commits

Author SHA1 Message Date
Ted Johansson bc02d030b6
DEV: Add configurable rate limit for Data Explorer API query runs (#238)
Data Explorer can run arbitrary SQL queries which can be costly for us if over-used. Because of that we want to add the ability to rate limit the query run endpoint, in particular when requested programmatically using API.

This commit introduces a rate limit to the `QueryController#run` endpoint. It heavily leans on the existing `RateLimiter` implementation, and the ability of `ApplicationController` to turn rate limit exceptions into nicely formatted JSON responses.

The rate limit (per 10 seconds) can be configured through the global setting `max_data_explorer_api_reqs_per_10_seconds`, and defaults to 2.

Handling can be configured through `max_data_explorer_api_req_mode`, and can be set to warn, block, or both warn and block. We will default to warn for now and monitor the logs for a while.
2023-04-03 13:46:35 +08:00
Bianca Nenciu 206d937a78
DEV: Update plugin to match latest guidelines (#229)
This commit updates the plugin to the latest guidelines, as shown in
discourse-plugin-skeleton, which involves moving a lot of the code to
dedicated files, use proper namespaces, use the autoloader as much as
possible, etc.
2023-03-22 23:29:08 +02:00
Bianca Nenciu 0f6b30c2d8
Revert "DEV: Update plugin to match latest guidelines (#227)" (#228)
This reverts commit 9210cf6fa2.
2023-02-23 19:10:46 +02:00
Bianca Nenciu 9210cf6fa2
DEV: Update plugin to match latest guidelines (#227)
- Define extension modules
- Use different files instead of plugin.rb
- Make sure plugin is disabled according to the setting
2023-02-23 15:29:13 +02:00
David Taylor 148d6c32a3
DEV: Introduce syntax_tree for ruby formatting (#208) 2022-12-29 13:31:29 +01:00
Sam 2313237a95
FIX: better handling of edge cases (#187)
- Require query name is present
- Ensure all routes are treated by default as .json, so errors flow correctly
- Remove superflous save/cancel controls from group settings
- Remove group control when item is destroyed
- Disable editing of query when it is deleted

Co-authored-by: Osama Sayegh <asooomaasoooma90@gmail.com>
2022-11-18 07:09:50 +11:00
Frank 16bb6a946c
FIX: Allow groups to access system queries (#185)
* FIX: allow groups to access system queries (without having to run the query once first)

Bug is: Trying to allow a group to access a system query results in a Discourse::NotFound unless the query is run first.

Cause:

 - System queries don't exist in the database by default
 - update calls set_query before action
 - set_query searches the database for the system query with Query.find_by(:id), which will not exist by default.
 - running system queries first fixes this because Query.find is overridden to include system queries (Queries.default) in its results, avoiding the Discourse::NotFound.

Solution: use the overridden Query.find in set_query to include system queries in the search, instead of Query.find_by(:id)

* Added test for fixing allowing groups to access system query.

* Fixed test formatting.
2022-08-19 00:14:07 +08:00
Frank 45b6e7eb4f
FEATURE: Bookmarkable QueryGroups. (#177)
Adds the ability for non-Admin users to bookmark Queries from inside Group > Reports > Query view.
2022-06-14 23:07:02 +08:00
Osama Sayegh 8464d517b2
DEV: Improve tests (#155) 2022-01-21 07:15:23 +03:00
Osama Sayegh ea66bcdc75
FEATURE: Add an API scope for running queries (#154) 2022-01-21 07:15:04 +03:00
Martin Brennan 70b973ea9a
FEATURE: Move query limit to hidden site setting (#153)
Previously the `QUERY_RESULT_DEFAULT_LIMIT` const was used
to limit the number of query results. This commit adds the
`data_explorer_query_result_limit` site setting which defaults
to 1000 and has a max of 10000 which matches the const
`QUERY_RESULT_MAX_LIMIT`.
2022-01-19 12:27:21 +10:00
David Taylor 216dff3ed9
DEV: Improve logic for showing/hiding the reports tab in group screens (#107)
Previously this was adding an extra AJAX request to check if the group had any queries available. Now a boolean is included in the group serializer, so there is no need for the extra request.

Removing this ajax request will also stop other plugin JS integration tests from failing when the data-explorer plugin is installed.

This commit also fixes the HTML markup of the tab, so that it doesn't have a <ul> nested inside the existing <ul>. Also adds an icon for good measure.
2021-04-08 17:47:44 +01:00
Andrew Prigorshnev 9d86b8b653
FIX: Show badge names in query results (#92)
* FIX: Show badge names in query results
2021-02-12 10:01:16 +01:00
Arpit Jalan f70c95271a
FEATURE: destroy old hidden queries (#82)
This commit adds a scheduled job to hard delete queries that are hidden and

- were last run more than 7 days ago
- were updated more than 7 days ago
2020-11-25 22:09:05 +05:30
Guo Xiang Tan 79e8596332
Make rubocop happy. 2020-08-27 09:19:59 +08:00
Krzysztof Kotlarek fe0806eb2a
FEATURE: introduce data-explorer tables (#61)
Instead of using `PluginStoreRow` we should use plugin-specific models like `DataExplorer::Query` and `DataExplorer::QueryGroup`
2020-08-27 10:29:57 +10:00