Class: PgReports::DashboardController

Inherits:

ActionController::Base

• Object
• ActionController::Base
• PgReports::DashboardController

Defined in:

app/controllers/pg_reports/dashboard_controller.rb

Instance Method Summary

• #create_migration ⇒ Object
• #download ⇒ Object
• #download_query_monitor ⇒ Object
• #enable_pg_stat_statements ⇒ Object
• #execute_query ⇒ Object
• #explain_analyze ⇒ Object
• #index ⇒ Object
• #live_metrics ⇒ Object
• #load_query_history ⇒ Object
• #query_monitor_feed ⇒ Object
• #query_monitor_status ⇒ Object
• #reset_statistics ⇒ Object
• #run ⇒ Object
• #send_to_telegram ⇒ Object
• #show ⇒ Object
• #start_query_monitoring ⇒ Object
• #stop_query_monitoring ⇒ Object
• #switch_database ⇒ Object

  POST /switch_database Persists the chosen database in session and redirects back.

• #switch_target ⇒ Object

  POST /switch_target Persists the chosen target in session, clears the database choice (each target has its own list of databases), and redirects back.

Instance Method Details

#create_migration ⇒ Object

# File 'app/controllers/pg_reports/dashboard_controller.rb', line 375

def create_migration
  unless PgReports.config.allow_migration_creation
    render json: {
      success: false,
      error: I18n.t("pg_reports.ui.errors.migration_dev_only")
    }, status: :forbidden
    return
  end

  file_name = params[:file_name]
  code = params[:code]

  if file_name.blank? || code.blank?
    render json: {success: false, error: I18n.t("pg_reports.ui.errors.filename_code_required")}, status: :unprocessable_entity
    return
  end

  # Sanitize file name
  safe_file_name = file_name.gsub(/[^a-z0-9_.]/, "")
  unless safe_file_name.match?(/\A\d{14}_\w+\.rb\z/)
    render json: {success: false, error: I18n.t("pg_reports.ui.errors.invalid_filename_format")}, status: :unprocessable_entity
    return
  end

  # Find migrations directory
  migrations_path = Rails.root.join("db", "migrate")
  unless migrations_path.exist?
    render json: {success: false, error: I18n.t("pg_reports.ui.errors.migrations_dir_not_found")}, status: :unprocessable_entity
    return
  end

  file_path = migrations_path.join(safe_file_name)
  File.write(file_path, code)

  render json: {success: true, file_path: file_path.to_s, message: I18n.t("pg_reports.ui.success.migration_created")}
rescue => e
  render json: {success: false, error: e.message}, status: :unprocessable_entity
end

#download ⇒ Object

# File 'app/controllers/pg_reports/dashboard_controller.rb', line 197

def download
  category = params[:category].to_sym
  report_key = params[:report].to_sym
  format_type = params[:format] || "txt"

  report = execute_report(category, report_key)
  filename = "#{report.title.parameterize}-#{Time.current.strftime("%Y%m%d-%H%M%S")}"

  case format_type
  when "csv"
    send_data report.to_csv,
      filename: "#{filename}.csv",
      type: "text/csv; charset=utf-8",
      disposition: "attachment"
  when "json"
    send_data report.to_a.to_json,
      filename: "#{filename}.json",
      type: "application/json; charset=utf-8",
      disposition: "attachment"
  else
    send_data report.to_text,
      filename: "#{filename}.txt",
      type: "text/plain; charset=utf-8",
      disposition: "attachment"
  end
rescue => e
  render json: {success: false, error: e.message}, status: :unprocessable_entity
end

#download_query_monitor ⇒ Object

# File 'app/controllers/pg_reports/dashboard_controller.rb', line 499

def download_query_monitor
  monitor = PgReports::QueryMonitor.instance

  # Allow download even when monitoring is stopped, as long as there are queries
  queries = monitor.queries
  if queries.empty?
    render json: {success: false, error: "No queries to download"}, status: :unprocessable_entity
    return
  end

  format_type = params[:format] || "txt"
  filename = "query-monitor-#{Time.current.strftime("%Y%m%d-%H%M%S")}"

  case format_type
  when "csv"
    csv_data = generate_query_monitor_csv(queries)
    send_data csv_data,
      filename: "#{filename}.csv",
      type: "text/csv; charset=utf-8",
      disposition: "attachment"
  when "json"
    send_data queries.to_json,
      filename: "#{filename}.json",
      type: "application/json; charset=utf-8",
      disposition: "attachment"
  else
    text_data = generate_query_monitor_text(queries)
    send_data text_data,
      filename: "#{filename}.txt",
      type: "text/plain; charset=utf-8",
      disposition: "attachment"
  end
rescue => e
  render json: {success: false, error: e.message}, status: :unprocessable_entity
end

#enable_pg_stat_statements ⇒ Object

# File 'app/controllers/pg_reports/dashboard_controller.rb', line 60

def enable_pg_stat_statements
  result = PgReports.enable_pg_stat_statements!
  render json: result
end

#execute_query ⇒ Object

# File 'app/controllers/pg_reports/dashboard_controller.rb', line 297

def execute_query
  query_hash = params[:query_hash]
  query_params = params[:params] || {}

  if query_hash.blank?
    render json: {success: false, error: I18n.t("pg_reports.ui.errors.query_hash_required")}, status: :unprocessable_entity
    return
  end

  # Security: Check if raw query execution is allowed
  unless PgReports.config.allow_raw_query_execution
    render json: {
      success: false,
      error: I18n.t("pg_reports.ui.errors.query_execution_disabled")
    }, status: :forbidden
    return
  end

  # Security: Retrieve and validate query by hash
  begin
    query = retrieve_query_by_hash(query_hash)

    if query.nil?
      render json: {success: false, error: I18n.t("pg_reports.ui.errors.query_not_found_expired")}, status: :not_found
      return
    end
  rescue SecurityError => e
    render json: {success: false, error: "#{I18n.t("pg_reports.ui.errors.security_violation_prefix")} #{e.message}"}, status: :forbidden
    return
  end

  # Substitute parameters if provided
  final_query = substitute_params(query, query_params)

  # Check for remaining unsubstituted parameters
  if final_query.match?(/\$\d+/)
    render json: {
      success: false,
      error: I18n.t("pg_reports.ui.errors.missing_parameter_values")
    }, status: :unprocessable_entity
    return
  end

  # Execute with LIMIT to prevent huge result sets
  limited_query = add_limit_if_missing(final_query, 100)

  start_time = Process.clock_gettime(Process::CLOCK_MONOTONIC)
  result = ActiveRecord::Base.connection.execute(limited_query)
  end_time = Process.clock_gettime(Process::CLOCK_MONOTONIC)
  execution_time = ((end_time - start_time) * 1000).round(2)

  rows = result.to_a
  columns = rows.first&.keys || []

  # Check if we need to get total count
  total_count = rows.size
  truncated = false

  if rows.size >= 100
    # Check if there are more rows
    count_result = ActiveRecord::Base.connection.execute("SELECT COUNT(*) FROM (#{final_query}) AS count_query")
    total_count = count_result.first["count"].to_i
    truncated = total_count > 100
  end

  render json: {
    success: true,
    columns: columns,
    rows: rows,
    count: rows.size,
    total_count: total_count,
    truncated: truncated,
    execution_time: execution_time
  }
rescue => e
  render json: {success: false, error: e.message}, status: :unprocessable_entity
end

#explain_analyze ⇒ Object

# File 'app/controllers/pg_reports/dashboard_controller.rb', line 226

def explain_analyze
  query_hash = params[:query_hash]
  query_params = params[:params] || {}

  if query_hash.blank?
    render json: {success: false, error: I18n.t("pg_reports.ui.errors.query_hash_required")}, status: :unprocessable_entity
    return
  end

  # Security: Check if raw query execution is allowed
  unless PgReports.config.allow_raw_query_execution
    render json: {
      success: false,
      error: I18n.t("pg_reports.ui.errors.query_execution_disabled")
    }, status: :forbidden
    return
  end

  # Security: Retrieve and validate query by hash
  begin
    query = retrieve_query_by_hash(query_hash)

    if query.nil?
      render json: {success: false, error: I18n.t("pg_reports.ui.errors.query_not_found_expired")}, status: :not_found
      return
    end
  rescue SecurityError => e
    render json: {success: false, error: "#{I18n.t("pg_reports.ui.errors.security_violation_prefix")} #{e.message}"}, status: :forbidden
    return
  end

  # Check for trigger variables (NEW, OLD) which are only available in trigger context
  if query.match?(/\b(NEW|OLD)\./i)
    render json: {
      success: false,
      error: I18n.t("pg_reports.ui.errors.trigger_variables_not_allowed")
    }, status: :unprocessable_entity
    return
  end

  # Substitute parameters if provided
  final_query = substitute_params(query, query_params)

  # Check for remaining unsubstituted parameters
  if final_query.match?(/\$\d+/)
    render json: {
      success: false,
      error: I18n.t("pg_reports.ui.errors.missing_parameter_values")
    }, status: :unprocessable_entity
    return
  end

  result = ActiveRecord::Base.connection.execute("EXPLAIN (ANALYZE, BUFFERS, FORMAT TEXT) #{final_query}")
  explain_output = result.map { |r| r["QUERY PLAN"] }.join("\n")

  # Analyze the EXPLAIN output
  analyzer = ExplainAnalyzer.new(explain_output)
  analysis = analyzer.to_h

  render json: {
    success: true,
    explain: explain_output,
    stats: analysis[:stats],
    annotated_lines: analysis[:annotated_lines],
    problems: analysis[:problems],
    summary: analysis[:summary]
  }
rescue => e
  render json: {success: false, error: e.message}, status: :unprocessable_entity
end

#index ⇒ Object

# File 'app/controllers/pg_reports/dashboard_controller.rb', line 21

def index
  @pg_stat_status = PgReports.pg_stat_statements_status
  @current_database = PgReports.system.current_database
end

#live_metrics ⇒ Object

# File 'app/controllers/pg_reports/dashboard_controller.rb', line 72

def live_metrics
  threshold = params[:long_query_threshold]&.to_i || 60

  # Check if we have access to required statistics
  begin
    data = Modules::System.live_metrics(long_query_threshold: threshold)

    # Validate that we got actual data
    if data[:connections][:total].nil? && data[:transactions][:total].nil?
      render json: {
        success: false,
        error: I18n.t("pg_reports.ui.errors.fetch_metrics_check_perms"),
        available: false
      }, status: :service_unavailable
      return
    end

    render json: {
      success: true,
      metrics: data,
      timestamp: Time.current.to_i,
      available: true
    }
  rescue PG::InsufficientPrivilege
    render json: {
      success: false,
      error: I18n.t("pg_reports.ui.errors.insufficient_database_perms"),
      available: false
    }, status: :forbidden
  rescue => e
    render json: {
      success: false,
      error: e.message,
      available: false
    }, status: :unprocessable_entity
  end
end

#load_query_history ⇒ Object

# File 'app/controllers/pg_reports/dashboard_controller.rb', line 482

def load_query_history
  monitor = PgReports::QueryMonitor.instance

  limit = params[:limit]&.to_i || 50
  session_id = params[:session_id]

  queries = monitor.load_from_log(limit: limit, session_id: session_id)

  render json: {
    success: true,
    queries: queries,
    timestamp: Time.current.to_i
  }
rescue => e
  render json: {success: false, error: e.message}, status: :unprocessable_entity
end

#query_monitor_feed ⇒ Object

# File 'app/controllers/pg_reports/dashboard_controller.rb', line 459

def query_monitor_feed
  monitor = PgReports::QueryMonitor.instance

  unless monitor.enabled
    Rails.logger.warn("PgReports: query_monitor_feed called but monitoring not active. Instance: #{monitor.object_id}, enabled: #{monitor.enabled}, session_id: #{monitor.session_id}")
    render json: {success: false, message: "Monitoring not active"}
    return
  end

  limit = params[:limit]&.to_i || 50
  session_id = params[:session_id]

  queries = monitor.queries(limit: limit, session_id: session_id)

  render json: {
    success: true,
    queries: queries,
    timestamp: Time.current.to_i
  }
rescue => e
  render json: {success: false, error: e.message}, status: :unprocessable_entity
end

#query_monitor_status ⇒ Object

# File 'app/controllers/pg_reports/dashboard_controller.rb', line 445

def query_monitor_status
  monitor = PgReports::QueryMonitor.instance
  status = monitor.status

  render json: {
    success: true,
    enabled: status[:enabled],
    session_id: status[:session_id],
    query_count: status[:query_count]
  }
rescue => e
  render json: {success: false, error: e.message}, status: :unprocessable_entity
end

#reset_statistics ⇒ Object

# File 'app/controllers/pg_reports/dashboard_controller.rb', line 65

def reset_statistics
  PgReports.reset_statistics!
  render json: {success: true, message: I18n.t("pg_reports.ui.success.statistics_reset")}
rescue => e
  render json: {success: false, error: e.message}, status: :unprocessable_entity
end

#run ⇒ Object

# File 'app/controllers/pg_reports/dashboard_controller.rb', line 140

def run
  category = params[:category].to_sym
  report_key = params[:report].to_sym

  # Extract filter parameters from request
  filter_params = extract_filter_params

  report = execute_report(category, report_key, **filter_params)
  thresholds = Dashboard::ReportsRegistry.thresholds(report_key)
  problem_fields = Dashboard::ReportsRegistry.problem_fields(report_key)
  problem_explanations = load_problem_explanations(category, report_key)

  # Add query hashes for security
  data_with_hashes = report.data.first(100).map do |row|
    row_hash = row.dup

    # If this row contains a query column, store it with a hash
    if row_hash.key?("query") && row_hash["query"].present?
      query_hash = store_query_with_hash(row_hash["query"])
      row_hash["query_hash"] = query_hash
    end

    row_hash
  end

  render json: {
    success: true,
    title: report.title,
    columns: report.columns,
    data: data_with_hashes,
    total: report.size,
    generated_at: report.generated_at.strftime("%Y-%m-%d %H:%M:%S"),
    thresholds: thresholds,
    problem_fields: problem_fields,
    problem_explanations: problem_explanations
  }
rescue => e
  render json: {success: false, error: e.message}, status: :unprocessable_entity
end

#send_to_telegram ⇒ Object

# File 'app/controllers/pg_reports/dashboard_controller.rb', line 180

def send_to_telegram
  category = params[:category].to_sym
  report_key = params[:report].to_sym

  report = execute_report(category, report_key)

  if report.size > 50
    report.send_to_telegram_as_file
  else
    report.send_to_telegram
  end

  render json: {success: true, message: I18n.t("pg_reports.ui.success.telegram_sent")}
rescue => e
  render json: {success: false, error: e.message}, status: :unprocessable_entity
end

#show ⇒ Object

# File 'app/controllers/pg_reports/dashboard_controller.rb', line 110

def show
  @category = params[:category].to_sym
  @report_key = params[:report].to_sym
  @report_info = Dashboard::ReportsRegistry.find(@category, @report_key)

  if @report_info.nil?
    redirect_to root_path, alert: I18n.t("pg_reports.ui.errors.report_not_found")
    return
  end

  reason = category_disabled_reason(@category)
  if reason
    redirect_to root_path, alert: reason
    return
  end

  # Get documentation for the report
  @documentation = Dashboard::ReportsRegistry.documentation(@report_key)
  @thresholds = Dashboard::ReportsRegistry.thresholds(@report_key)
  @problem_fields = Dashboard::ReportsRegistry.problem_fields(@report_key)

  # Load filter parameters from YAML
  @report_filters = load_report_filters(@category, @report_key)

  @report = execute_report(@category, @report_key)
rescue => e
  @error = e.message
  @report = nil
end

#start_query_monitoring ⇒ Object

# File 'app/controllers/pg_reports/dashboard_controller.rb', line 414

def start_query_monitoring
  monitor = PgReports::QueryMonitor.instance
  Rails.logger.info("PgReports: start_query_monitoring called. Instance: #{monitor.object_id}")

  result = monitor.start
  Rails.logger.info("PgReports: start result: #{result.inspect}")

  if result[:success]
    render json: result
  else
    render json: result, status: :unprocessable_entity
  end
rescue => e
  Rails.logger.error("PgReports: start_query_monitoring error: #{e.message}\n#{e.backtrace.first(5).join("\n")}")
  render json: {success: false, error: e.message}, status: :unprocessable_entity
end

#stop_query_monitoring ⇒ Object

# File 'app/controllers/pg_reports/dashboard_controller.rb', line 431

def stop_query_monitoring
  monitor = PgReports::QueryMonitor.instance

  result = monitor.stop

  if result[:success]
    render json: result
  else
    render json: result, status: :unprocessable_entity
  end
rescue => e
  render json: {success: false, error: e.message}, status: :unprocessable_entity
end

#switch_database ⇒ Object

POST /switch_database Persists the chosen database in session and redirects back. The actual connection switch happens on the next request via #within_selected_database.

# File 'app/controllers/pg_reports/dashboard_controller.rb', line 29

def switch_database
  requested = params[:database].to_s

  if requested.empty?
    session.delete(:pg_reports_database)
  elsif valid_database?(requested)
    session[:pg_reports_database] = requested
  end

  redirect_back fallback_location: root_path
end

#switch_target ⇒ Object

POST /switch_target Persists the chosen target in session, clears the database choice (each target has its own list of databases), and redirects back.

# File 'app/controllers/pg_reports/dashboard_controller.rb', line 44

def switch_target
  requested = params[:target].to_s

  if requested.empty?
    session.delete(:pg_reports_target)
    session.delete(:pg_reports_database)
  elsif PgReports.connection_registry.target?(requested)
    session[:pg_reports_target] = requested
    # Database list is target-specific; reset so the next request picks the
    # new target's default rather than carrying a stale name.
    session.delete(:pg_reports_database)
  end

  redirect_back fallback_location: root_path
end