Commit Graph

9 Commits

Author SHA1 Message Date
Ted Johansson bc02d030b6
DEV: Add configurable rate limit for Data Explorer API query runs (#238)
Data Explorer can run arbitrary SQL queries which can be costly for us if over-used. Because of that we want to add the ability to rate limit the query run endpoint, in particular when requested programmatically using API.

This commit introduces a rate limit to the `QueryController#run` endpoint. It heavily leans on the existing `RateLimiter` implementation, and the ability of `ApplicationController` to turn rate limit exceptions into nicely formatted JSON responses.

The rate limit (per 10 seconds) can be configured through the global setting `max_data_explorer_api_reqs_per_10_seconds`, and defaults to 2.

Handling can be configured through `max_data_explorer_api_req_mode`, and can be set to warn, block, or both warn and block. We will default to warn for now and monitor the logs for a while.
2023-04-03 13:46:35 +08:00
Bianca Nenciu 206d937a78
DEV: Update plugin to match latest guidelines (#229)
This commit updates the plugin to the latest guidelines, as shown in
discourse-plugin-skeleton, which involves moving a lot of the code to
dedicated files, use proper namespaces, use the autoloader as much as
possible, etc.
2023-03-22 23:29:08 +02:00
David Taylor 148d6c32a3
DEV: Introduce syntax_tree for ruby formatting (#208) 2022-12-29 13:31:29 +01:00
Sam 2313237a95
FIX: better handling of edge cases (#187)
- Require query name is present
- Ensure all routes are treated by default as .json, so errors flow correctly
- Remove superflous save/cancel controls from group settings
- Remove group control when item is destroyed
- Disable editing of query when it is deleted

Co-authored-by: Osama Sayegh <asooomaasoooma90@gmail.com>
2022-11-18 07:09:50 +11:00
David Taylor 729e5a2add
DEV: Bump rubocop-discourse (#188)
* DEV: Bump rubocop-discourse

* Fix rubocop violations
2022-10-03 22:20:04 +02:00
Frank 16bb6a946c
FIX: Allow groups to access system queries (#185)
* FIX: allow groups to access system queries (without having to run the query once first)

Bug is: Trying to allow a group to access a system query results in a Discourse::NotFound unless the query is run first.

Cause:

 - System queries don't exist in the database by default
 - update calls set_query before action
 - set_query searches the database for the system query with Query.find_by(:id), which will not exist by default.
 - running system queries first fixes this because Query.find is overridden to include system queries (Queries.default) in its results, avoiding the Discourse::NotFound.

Solution: use the overridden Query.find in set_query to include system queries in the search, instead of Query.find_by(:id)

* Added test for fixing allowing groups to access system query.

* Fixed test formatting.
2022-08-19 00:14:07 +08:00
Jarek Radosz bac43572cb
DEV: Clean up some specs code (#161) 2022-02-01 21:38:24 +01:00
Osama Sayegh 8464d517b2
DEV: Improve tests (#155) 2022-01-21 07:15:23 +03:00
David Taylor 216dff3ed9
DEV: Improve logic for showing/hiding the reports tab in group screens (#107)
Previously this was adding an extra AJAX request to check if the group had any queries available. Now a boolean is included in the group serializer, so there is no need for the extra request.

Removing this ajax request will also stop other plugin JS integration tests from failing when the data-explorer plugin is installed.

This commit also fixes the HTML markup of the tab, so that it doesn't have a <ul> nested inside the existing <ul>. Also adds an icon for good measure.
2021-04-08 17:47:44 +01:00