def outdated_queries():
manager_status = redis_connection.hgetall('redash:status')
query_ids = json.loads(manager_status.get('query_ids', '[]'))
if query_ids:
outdated_queries = (models.db.session.query(
models.Query).outerjoin(models.QueryResult).filter(
models.Query.id.in_(query_ids)).order_by(
models.Query.created_at.desc()))
else:
outdated_queries = []
record_event(
current_org, current_user, {
'action': 'view',
'object_type': 'api_call',
'object_id': 'admin/outdated_queries',
'timestamp': int(time.time()),
})
return json_response(
dict(queries=[
q.to_dict(with_stats=True, with_last_modified_by=False)
for q in outdated_queries
],
updated_at=manager_status['last_refresh_at']))
def queries_rq_status():
record_event(current_org, current_user._get_current_object(), {
'action': 'list',
'object_type': 'rq_status'
})
return json_response(rq_status())
def run_query(query, parameters, data_source, query_id, max_age=0):
if data_source.paused:
if data_source.pause_reason:
message = "{} is paused ({}). Please try later.".format(
data_source.name, data_source.pause_reason)
else:
message = "{} is paused. Please try later.".format(
data_source.name)
return error_response(message)
try:
query.apply(parameters)
except (InvalidParameterError, QueryDetachedFromDataSourceError) as e:
abort(400, message=str(e))
if query.missing_params:
return error_response("Missing parameter value for: {}".format(
", ".join(query.missing_params)))
if max_age == 0:
query_result = None
else:
query_result = models.QueryResult.get_latest(data_source, query.text,
max_age)
record_event(
current_user.org,
current_user,
{
"action": "execute_query",
"cache": "hit" if query_result else "miss",
"object_id": data_source.id,
"object_type": "data_source",
"query": query.text,
"query_id": query_id,
"parameters": parameters,
},
)
if query_result:
return {
"query_result":
serialize_query_result(query_result, current_user.is_api_user())
}
else:
job = enqueue_query(
query.text,
data_source,
current_user.id,
current_user.is_api_user(),
metadata={
"Username":
repr(current_user)
if current_user.is_api_user() else current_user.email,
"Query ID":
query_id,
},
)
return serialize_job(job)
def queries_tasks():
global_limit = int(request.args.get('limit', 50))
waiting_limit = int(request.args.get('waiting_limit', global_limit))
progress_limit = int(request.args.get('progress_limit', global_limit))
done_limit = int(request.args.get('done_limit', global_limit))
waiting = QueryTaskTracker.all(QueryTaskTracker.WAITING_LIST,
limit=waiting_limit)
in_progress = QueryTaskTracker.all(QueryTaskTracker.IN_PROGRESS_LIST,
limit=progress_limit)
done = QueryTaskTracker.all(QueryTaskTracker.DONE_LIST, limit=done_limit)
record_event(
current_org, current_user, {
'action': 'view',
'object_type': 'api_call',
'object_id': 'admin/tasks',
'timestamp': int(time.time()),
})
response = {
'waiting': [t.data for t in waiting if t is not None],
'in_progress': [t.data for t in in_progress if t is not None],
'done': [t.data for t in done if t is not None]
}
return json_response(response)
def public_dashboard(token, org_slug=None):
# TODO: verify object is a dashboard?
if not isinstance(current_user, models.ApiUser):
api_key = models.ApiKey.get_by_api_key(token)
dashboard = api_key.object
else:
dashboard = current_user.object
user = {
'permissions': [],
'apiKey': current_user.id
}
headers = {
'Cache-Control': 'no-cache, no-store, max-age=0, must-revalidate'
}
record_event(current_org, current_user, {
'action': 'view',
'object_id': dashboard.id,
'object_type': 'dashboard',
'public': True,
'headless': 'embed' in request.args,
'referer': request.headers.get('Referer')
})
response = render_template("public.html",
headless='embed' in request.args,
user=json.dumps(user),
seed_data=json_dumps({
'dashboard': serializers.public_dashboard(dashboard)
}),
client_config=json.dumps(settings.COMMON_CLIENT_CONFIG))
return response, 200, headers
def outdated_queries():
manager_status = redis_connection.hgetall('redash:status')
query_ids = json_loads(manager_status.get('query_ids', '[]'))
if query_ids:
outdated_queries = (
models.Query.query.outerjoin(models.QueryResult)
.filter(models.Query.id.in_(query_ids))
.order_by(models.Query.created_at.desc())
)
else:
outdated_queries = []
record_event(current_org, current_user._get_current_object(), {
'action': 'list',
'object_type': 'outdated_queries',
})
updated_at = None
if manager_status and manager_status['last_refresh_at']:
updated_at = manager_status['last_refresh_at']
response = {
'queries': QuerySerializer(outdated_queries, with_stats=True, with_last_modified_by=False).serialize(),
'updated_at': updated_at,
}
return json_response(response)
def public_dashboard(token, org_slug=None):
# TODO: verify object is a dashboard?
if not isinstance(current_user, models.ApiUser):
api_key = get_object_or_404(models.ApiKey.get_by_api_key, token)
dashboard = api_key.object
else:
dashboard = current_user.object
user = {'permissions': [], 'apiKey': current_user.id}
headers = {
'Cache-Control': 'no-cache, no-store, max-age=0, must-revalidate'
}
record_event(
current_org, current_user, {
'action': 'view',
'object_id': dashboard.id,
'object_type': 'dashboard',
'public': True,
'headless': 'embed' in request.args,
'referer': request.headers.get('Referer')
})
response = render_template(
"public.html",
headless='embed' in request.args,
user=json.dumps(user),
seed_data=json_dumps(
{'dashboard': serializers.public_dashboard(dashboard)}),
client_config=json.dumps(settings.COMMON_CLIENT_CONFIG))
return response, 200, headers
def outdated_queries():
manager_status = redis_connection.hgetall("redash:status")
query_ids = json_loads(manager_status.get("query_ids", "[]"))
if query_ids:
outdated_queries = (models.Query.query.outerjoin(
models.QueryResult).filter(
models.Query.id.in_(query_ids)).order_by(
models.Query.created_at.desc()))
else:
outdated_queries = []
record_event(
current_org,
current_user._get_current_object(),
{
"action": "list",
"object_type": "outdated_queries",
},
)
response = {
"queries":
QuerySerializer(outdated_queries,
with_stats=True,
with_last_modified_by=False).serialize(),
"updated_at":
manager_status["last_refresh_at"],
}
return json_response(response)
def embed(query_id, visualization_id, org_slug=None):
query = models.Query.get_by_id_and_org(query_id, current_org)
require_access(query.groups, current_user, view_only)
vis = query.visualizations.where(
models.Visualization.id == visualization_id).first()
qr = {}
parameter_values = collect_parameters_from_request(request.args)
if vis is not None:
vis = vis.to_dict()
qr = query.latest_query_data
if settings.ALLOW_PARAMETERS_IN_EMBEDS == True and len(
parameter_values) > 0:
# run parameterized query
#
# WARNING: Note that the external query parameters
# are a potential risk of SQL injections.
#
max_age = int(request.args.get('maxAge', 0))
results = run_query_sync(query.data_source,
parameter_values,
query.query,
max_age=max_age)
if results is None:
abort(400, message="Unable to get results for this query")
else:
qr = {"data": json.loads(results)}
elif qr is None:
abort(400, message="No Results for this query")
else:
qr = qr.to_dict()
else:
abort(404, message="Visualization not found.")
record_event(
current_org, current_user, {
'action': 'view',
'object_id': visualization_id,
'object_type': 'visualization',
'query_id': query_id,
'embed': True,
'referer': request.headers.get('Referer')
})
client_config = {}
client_config.update(settings.COMMON_CLIENT_CONFIG)
qr = project(qr, ('data', 'id', 'retrieved_at'))
vis = project(vis, ('description', 'name', 'id', 'options', 'query',
'type', 'updated_at'))
vis['query'] = project(vis['query'],
('created_at', 'description', 'name', 'id',
'latest_query_data_id', 'name', 'updated_at'))
return render_template("embed.html",
client_config=json_dumps(client_config),
visualization=json_dumps(vis),
query_result=json_dumps(qr))
def queries_rq_status():
record_event(
current_org,
current_user._get_current_object(),
{"action": "list", "object_type": "rq_status"},
)
return json_response(rq_status())
def run_query(query, parameters, data_source, query_id, max_age=0):
if data_source.paused:
if data_source.pause_reason:
message = '{} is paused ({}). Please try later.'.format(
data_source.name, data_source.pause_reason)
else:
message = '{} is paused. Please try later.'.format(
data_source.name)
return error_response(message)
try:
query.apply(parameters)
except (InvalidParameterError, QueryDetachedFromDataSourceError) as e:
abort(400, message=e.message)
if query.missing_params:
return error_response(u'Missing parameter value for: {}'.format(
u", ".join(query.missing_params)))
if max_age == 0:
query_result = None
else:
query_result = models.QueryResult.get_latest(data_source, query.text,
max_age)
record_event(
current_user.org, current_user, {
'action': 'execute_query',
'cache': 'hit' if query_result else 'miss',
'object_id': data_source.id,
'object_type': 'data_source',
'query': query.text,
'query_id': query_id,
'parameters': parameters
})
if query_result:
return {
'query_result':
serialize_query_result(query_result, current_user.is_api_user())
}
else:
job = enqueue_query(
query.text,
data_source,
current_user.id,
current_user.is_api_user(),
metadata={
"Username":
repr(current_user)
if current_user.is_api_user() else current_user.email,
"Query ID":
query_id
})
return {'job': job.to_dict()}
def embed(query_id, visualization_id, org_slug=None):
record_event(current_org, current_user._get_current_object(), {
'action': 'view',
'object_id': visualization_id,
'object_type': 'visualization',
'query_id': query_id,
'embed': True,
'referer': request.headers.get('Referer')
})
return render_index()
def queries_tasks():
record_event(current_org, current_user._get_current_object(), {
'action': 'list',
'object_type': 'celery_tasks'
})
response = {
'tasks': celery_tasks(),
}
return json_response(response)
def embed(query_id, visualization_id, org_slug=None):
record_event(current_org, current_user._get_current_object(), {
'action': 'view',
'object_id': visualization_id,
'object_type': 'visualization',
'query_id': query_id,
'embed': True,
'referer': request.headers.get('Referer')
})
return render_index()
def queries_tasks():
record_event(current_org, current_user._get_current_object(), {
'action': 'list',
'object_type': 'celery_tasks'
})
response = {
'tasks': celery_tasks(),
}
return json_response(response)
def embed(query_id, visualization_id, org_slug=None):
query = models.Query.get_by_id_and_org(query_id, current_org)
require_access(query.groups, current_user, view_only)
vis = query.visualizations.where(models.Visualization.id == visualization_id).first()
qr = {}
parameter_values = collect_parameters_from_request(request.args)
if vis is not None:
vis = vis.to_dict()
qr = query.latest_query_data
logging.info("jonhere")
logging.info( settings.ALLOW_PARAMETERS_IN_EMBEDS)
if settings.ALLOW_PARAMETERS_IN_EMBEDS == True and len(parameter_values) > 0:
#abort(404,message="jlk")
# run parameterized query
#
# WARNING: Note that the external query parameters
# are a potential risk of SQL injections.
#
results = run_query_sync(query.data_source, parameter_values, query.query)
logging.info("jonhere2")
logging.info("results")
if results is None:
abort(400, message="Unable to get results for this query")
else:
qr = {"data": json.loads(results)}
elif qr is None:
abort(400, message="No Results for this query")
else:
qr = qr.to_dict()
else:
abort(404, message="Visualization not found.")
record_event(current_org, current_user, {
'action': 'view',
'object_id': visualization_id,
'object_type': 'visualization',
'query_id': query_id,
'embed': True,
'referer': request.headers.get('Referer')
})
client_config = {}
client_config.update(settings.COMMON_CLIENT_CONFIG)
qr = project(qr, ('data', 'id', 'retrieved_at'))
vis = project(vis, ('description', 'name', 'id', 'options', 'query', 'type', 'updated_at'))
vis['query'] = project(vis['query'], ('created_at', 'description', 'name', 'id', 'latest_query_data_id', 'name', 'updated_at'))
return render_template("embed.html",
client_config=json_dumps(client_config),
visualization=json_dumps(vis),
query_result=json_dumps(qr))
def embed(query_id, visualization_id, org_slug=None):
record_event(current_org, current_user, {
'action': 'view',
'object_id': visualization_id,
'object_type': 'visualization',
'query_id': query_id,
'embed': True,
'referer': request.headers.get('Referer')
})
full_path = safe_join(settings.STATIC_ASSETS_PATHS[-2], 'index.html')
return send_file(full_path, **dict(cache_timeout=0, conditional=True))
def queries_tasks():
record_event(
current_org,
current_user._get_current_object(),
{
"action": "list",
"object_type": "celery_tasks"
},
)
response = {"tasks": celery_tasks()}
return json_response(response)
def embed(query_id, visualization_id, org_slug=None):
if(type(current_user)==models.AnonymousUser):
print("@#anonymous user, not to record_events")
else:
record_event(current_org, current_user._get_current_object(), {
'action': 'view',
'object_id': visualization_id,
'object_type': 'visualization',
'query_id': query_id,
'embed': True,
'referer': request.headers.get('Referer')
})
return render_index()
def embed(query_id, visualization_id, org_slug=None):
record_event(
current_org, current_user, {
'action': 'view',
'object_id': visualization_id,
'object_type': 'visualization',
'query_id': query_id,
'embed': True,
'referer': request.headers.get('Referer')
})
full_path = safe_join(settings.STATIC_ASSETS_PATHS[-2], 'index.html')
return send_file(full_path, **dict(cache_timeout=0, conditional=True))
def embed(query_id, visualization_id, org_slug=None):
record_event(
current_org,
current_user._get_current_object(),
{
"action": "view",
"object_id": visualization_id,
"object_type": "visualization",
"query_id": query_id,
"embed": True,
"referer": request.headers.get("Referer"),
},
)
return render_index()
def public_dashboard(token, org_slug=None):
if current_user.is_api_user():
dashboard = current_user.object
else:
api_key = get_object_or_404(models.ApiKey.get_by_api_key, token)
dashboard = api_key.object
record_event(current_org, current_user, {
'action': 'view',
'object_id': dashboard.id,
'object_type': 'dashboard',
'public': True,
'headless': 'embed' in request.args,
'referer': request.headers.get('Referer')
})
return render_index()
def public_dashboard(token, org_slug=None):
if current_user.is_api_user():
dashboard = current_user.object
else:
api_key = get_object_or_404(models.ApiKey.get_by_api_key, token)
dashboard = api_key.object
record_event(current_org, current_user, {
'action': 'view',
'object_id': dashboard.id,
'object_type': 'dashboard',
'public': True,
'headless': 'embed' in request.args,
'referer': request.headers.get('Referer')
})
return render_index()
def embed_dashboard(dashboard_id, org_slug=None):
# check the application(current_user) has permissions to access this dashboard
if not models.ApplicationDashboard.check_dashboard_in_application(
current_user.id, dashboard_id):
abort(403, message="Can't access to this dashboard.")
ttl = current_org.get_setting("embed_api_access_token_ttl")
access_token = models.AccessToken().new(ttl)
record_event(
current_org,
current_user._get_current_object(),
{
"action": "view",
"object_id": dashboard_id,
"object_type": "dashboard",
"embed": True,
"referer": request.headers.get("Referer"),
},
)
return render_index(access_token=access_token)
def public_dashboard(token, org_slug=None):
if current_user.is_api_user():
dashboard = current_user.object
else:
api_key = get_object_or_404(models.ApiKey.get_by_api_key, token)
dashboard = api_key.object
record_event(
current_org,
current_user,
{
"action": "view",
"object_id": dashboard.id,
"object_type": "dashboard",
"public": True,
"headless": "embed" in request.args,
"referer": request.headers.get("Referer"),
},
)
return render_index()
def embed(query_id, visualization_id, org_slug=None):
query = models.Query.get_by_id_and_org(query_id, current_org)
require_access(query.groups, current_user, view_only)
vis = query.visualizations.where(
models.Visualization.id == visualization_id).first()
qr = {}
if vis is not None:
vis = vis.to_dict()
qr = query.latest_query_data
if qr is None:
abort(400, message="No Results for this query")
else:
qr = qr.to_dict()
else:
abort(404, message="Visualization not found.")
record_event(
current_org, current_user, {
'action': 'view',
'object_id': visualization_id,
'object_type': 'visualization',
'query_id': query_id,
'embed': True,
'referer': request.headers.get('Referer')
})
client_config = {}
client_config.update(settings.COMMON_CLIENT_CONFIG)
qr = project(qr, ('data', 'id', 'retrieved_at'))
vis = project(vis, ('description', 'name', 'id', 'options', 'query',
'type', 'updated_at'))
vis['query'] = project(vis['query'],
('created_at', 'description', 'name', 'id',
'latest_query_data_id', 'name', 'updated_at'))
return render_template("embed.html",
client_config=json_dumps(client_config),
visualization=json_dumps(vis),
query_result=json_dumps(qr))
def outdated_queries():
manager_status = redis_connection.hgetall('redash:status')
query_ids = json_loads(manager_status.get('query_ids', '[]'))
if query_ids:
outdated_queries = (
models.Query.query.outerjoin(models.QueryResult)
.filter(models.Query.id.in_(query_ids))
.order_by(models.Query.created_at.desc())
)
else:
outdated_queries = []
record_event(current_org, current_user._get_current_object(), {
'action': 'list',
'object_type': 'outdated_queries',
})
response = {
'queries': QuerySerializer(outdated_queries, with_stats=True, with_last_modified_by=False).serialize(),
'updated_at': manager_status['last_refresh_at'],
}
return json_response(response)
def embed(query_id, visualization_id, org_slug=None):
# record_event
# 所有的请求相关信息都会被记录
# id org_id user_id action object_type created_at
# 1 1 1 login personal_homepage 05/10/18:11:50
# object_id additional_properties
# {"ip": "13.124.223.158",
# "user_agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36"}
record_event(current_org, current_user._get_current_object(), {
'action': 'view',
'object_id': visualization_id,
'object_type': 'visualization',
'query_id': query_id,
'embed': True,
'referer': request.headers.get('Referer')
# HTTP Referer是header的一部分,当浏览器向web服务器发送请求的时候,一般会带上Referer,告诉服务器我是从哪个页面链接过来的,服务器基此可以获得一些信息用于处理。
})
return render_index()
def queries_tasks():
record_event(current_org, current_user._get_current_object(), {
'action': 'list',
'object_id': 'admin/tasks',
'object_type': 'celery_tasks'
})
global_limit = int(request.args.get('limit', 50))
waiting_limit = int(request.args.get('waiting_limit', global_limit))
progress_limit = int(request.args.get('progress_limit', global_limit))
done_limit = int(request.args.get('done_limit', global_limit))
waiting = QueryTaskTracker.all(QueryTaskTracker.WAITING_LIST, limit=waiting_limit)
in_progress = QueryTaskTracker.all(QueryTaskTracker.IN_PROGRESS_LIST, limit=progress_limit)
done = QueryTaskTracker.all(QueryTaskTracker.DONE_LIST, limit=done_limit)
response = {
'waiting': [t.data for t in waiting if t is not None],
'in_progress': [t.data for t in in_progress if t is not None],
'done': [t.data for t in done if t is not None]
}
return json_response(response)
def embedjon(query_id, org_slug=None):
visualizations=1
query = models.Query.get_by_id_and_org(query_id, current_org)
require_access(query.groups, current_user, view_only)
qr = {}
parameter_values = collect_parameters_from_request(request.args)
qr = query.latest_query_data
if settings.ALLOW_PARAMETERS_IN_EMBEDS == True and len(parameter_values) > 0:
# run parameterized query
#
# WARNING: Note that the external query parameters
# are a potential risk of SQL injections.
#
results = run_query_sync(query.data_source, parameter_values, query.query)
if results is None:
abort(400, message="Unable to get results for this query")
else:
qr = {"data": json.loads(results)}
elif qr is None:
abort(400, message="No Results for this query")
else:
qr = qr.to_dict()
record_event(current_org, current_user, {
'action': 'embedjon',
'query_id': query_id,
'embed': True,
'referer': request.headers.get('Referer')
})
client_config = {}
client_config.update(settings.COMMON_CLIENT_CONFIG)
qr = project(qr, ('data', 'id', 'retrieved_at'))
return json_dumps(qr)
def embed(query_id, visualization_id, org_slug=None):
query = models.Query.get_by_id_and_org(query_id, current_org)
require_access(query.groups, current_user, view_only)
vis = query.visualizations.where(models.Visualization.id == visualization_id).first()
qr = {}
if vis is not None:
vis = vis.to_dict()
qr = query.latest_query_data
if qr is None:
abort(400, message="No Results for this query")
else:
qr = qr.to_dict()
else:
abort(404, message="Visualization not found.")
record_event(current_org, current_user, {
'action': 'view',
'object_id': visualization_id,
'object_type': 'visualization',
'query_id': query_id,
'embed': True,
'referer': request.headers.get('Referer')
})
client_config = {}
client_config.update(settings.COMMON_CLIENT_CONFIG)
qr = project(qr, ('data', 'id', 'retrieved_at'))
vis = project(vis, ('description', 'name', 'id', 'options', 'query', 'type', 'updated_at'))
vis['query'] = project(vis['query'], ('created_at', 'description', 'name', 'id', 'latest_query_data_id', 'name', 'updated_at'))
return render_template("embed.html",
client_config=json_dumps(client_config),
visualization=json_dumps(vis),
query_result=json_dumps(qr))