Merge pull request #531 from EverythingMe/feature/users_admin

Feature: users admin in the web interface

.env.example

@@ -1,9 +1,6 @@
-REDASH_CONNECTION_ADAPTER=pg
-REDASH_CONNECTION_STRING="dbname=data"
-REDASH_STATIC_ASSETS_PATH=../rd_ui/app/
-REDASH_GOOGLE_APPS_DOMAIN=
-REDASH_ADMINS=
-REDASH_WORKERS_COUNT=2
-REDASH_COOKIE_SECRET=
-REDASH_DATABASE_URL='postgresql://rd'
-REDASH_LOG_LEVEL = "INFO"
+export REDASH_STATIC_ASSETS_PATH="../rd_ui/app/"
+export REDASH_LOG_LEVEL="INFO"
+export REDASH_REDIS_URL=redis://localhost:6379/1
+export REDASH_DATABASE_URL="postgresql://redash"
+export REDASH_COOKIE_SECRET=veryverysecret
+export REDASH_GOOGLE_APPS_DOMAIN=

.gitignore

@@ -8,6 +8,7 @@ celerybeat-schedule*
 .#*
 \#*#
 *~
+_build
 
 # Vagrant related
 .vagrant

Makefile

@@ -13,11 +13,11 @@ deps:
 
 pack:
 	sed -ri "s/^__version__ = '([0-9.]*)'/__version__ = '$(FULL_VERSION)'/" redash/__init__.py
-	tar -zcv -f $(FILENAME) --exclude=".git*" --exclude="*.pyc" --exclude="*.pyo" --exclude="venv" --exclude="rd_ui/node_modules" --exclude="rd_ui/dist/bower_components" --exclude="rd_ui/app" *
+	tar -zcv -f $(FILENAME) --exclude="optipng*" --exclude=".git*" --exclude="*.pyc" --exclude="*.pyo" --exclude="venv" --exclude="rd_ui/node_modules" --exclude="rd_ui/dist/bower_components" --exclude="rd_ui/app" *
 
 upload:
 	python bin/release_manager.py $(CIRCLE_SHA1) $(BASE_VERSION) $(FILENAME)
 
 test:
-	nosetests --with-coverage --cover-package=redash tests/*.py
+	nosetests --with-coverage --cover-package=redash tests/
 	#cd rd_ui && grunt test

README.md

@@ -10,7 +10,8 @@
 Prior to **_re:dash_**, we tried to use traditional BI suites and discovered a set of bloated, technically challenged and slow tools/flows. What we were looking for was a more hacker'ish way to look at data, so we built one.
 
 **_re:dash_** was built to allow fast and easy access to billions of records, that we process and collect using Amazon Redshift ("petabyte scale data warehouse" that "speaks" PostgreSQL).
-Today **_re:dash_** has support for querying multiple databases, including: Redshift, Google BigQuery, PostgreSQL, MySQL, Graphite and custom scripts.
+Today **_re:dash_** has support for querying multiple databases, including: Redshift, Google BigQuery, PostgreSQL, MySQL, Graphite,
+Presto, Google Spreadsheets, Cloudera Impala, Hive and custom scripts.
 
 **_re:dash_** consists of two parts:
 

bin/test_multithreading.py

@@ -1,63 +0,0 @@
-"""
-Script to test concurrency (multithreading/multiprocess) issues with the workers. Use with caution.
-"""
-import json
-import atfork
-atfork.monkeypatch_os_fork_functions()
-import atfork.stdlib_fixer
-atfork.stdlib_fixer.fix_logging_module()
-
-import time
-from redash.data import worker
-from redash import models, data_manager, redis_connection
-
-if __name__ == '__main__':
-    models.create_db(True, False)
-
-    print "Creating data source..."
-    data_source = models.DataSource.create(name="Concurrency", type="pg", options="dbname=postgres")
-
-    print "Clear jobs/hashes:"
-    redis_connection.delete("jobs")
-    query_hashes = redis_connection.keys("query_hash_*")
-    if query_hashes:
-        redis_connection.delete(*query_hashes)
-
-    starting_query_results_count = models.QueryResult.select().count()
-    jobs_count = 5000
-    workers_count = 10
-
-    print "Creating jobs..."
-    for i in xrange(jobs_count):
-        query = "SELECT {}".format(i)
-        print "Inserting: {}".format(query)
-        data_manager.add_job(query=query, priority=worker.Job.LOW_PRIORITY,
-                             data_source=data_source)
-
-    print "Starting workers..."
-    workers = data_manager.start_workers(workers_count)
-
-    print "Waiting for jobs to be done..."
-    keep_waiting = True
-    while keep_waiting:
-        results_count = models.QueryResult.select().count() - starting_query_results_count
-        print "QueryResults: {}".format(results_count)
-        time.sleep(5)
-        if results_count == jobs_count:
-            print "Yay done..."
-            keep_waiting = False
-
-    data_manager.stop_workers()
-
-    qr_count = 0
-    for qr in models.QueryResult.select():
-        number = int(qr.query.split()[1])
-        data_number = json.loads(qr.data)['rows'][0].values()[0]
-
-        if number != data_number:
-            print "Oops? {} != {} ({})".format(number, data_number, qr.id)
-        qr_count += 1
-
-    print "Verified {} query results.".format(qr_count)
-
-    print "Done."

circle.yml

@@ -11,7 +11,7 @@ dependencies:
     - tar xvf optipng-0.7.5.tar.gz
     - cd optipng-0.7.5; ./configure; make; sudo checkinstall -y;
     - make deps
-    - pip install -r dev_requirements.txt
+    - pip install -r requirements_dev.txt
     - pip install -r requirements.txt
   cache_directories:
     - rd_ui/node_modules/

docs/Makefile

@@ -0,0 +1,192 @@
+# Makefile for Sphinx documentation
+#
+
+# You can set these variables from the command line.
+SPHINXOPTS    =
+SPHINXBUILD   = sphinx-build
+PAPER         =
+BUILDDIR      = _build
+
+# User-friendly check for sphinx-build
+ifeq ($(shell which $(SPHINXBUILD) >/dev/null 2>&1; echo $$?), 1)
+$(error The '$(SPHINXBUILD)' command was not found. Make sure you have Sphinx installed, then set the SPHINXBUILD environment variable to point to the full path of the '$(SPHINXBUILD)' executable. Alternatively you can add the directory with the executable to your PATH. If you don't have Sphinx installed, grab it from http://sphinx-doc.org/)
+endif
+
+# Internal variables.
+PAPEROPT_a4     = -D latex_paper_size=a4
+PAPEROPT_letter = -D latex_paper_size=letter
+ALLSPHINXOPTS   = -d $(BUILDDIR)/doctrees $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) .
+# the i18n builder cannot share the environment and doctrees with the others
+I18NSPHINXOPTS  = $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) .
+
+.PHONY: help clean html dirhtml singlehtml pickle json htmlhelp qthelp devhelp epub latex latexpdf text man changes linkcheck doctest coverage gettext
+
+help:
+	@echo "Please use \`make <target>' where <target> is one of"
+	@echo "  html       to make standalone HTML files"
+	@echo "  dirhtml    to make HTML files named index.html in directories"
+	@echo "  singlehtml to make a single large HTML file"
+	@echo "  pickle     to make pickle files"
+	@echo "  json       to make JSON files"
+	@echo "  htmlhelp   to make HTML files and a HTML help project"
+	@echo "  qthelp     to make HTML files and a qthelp project"
+	@echo "  applehelp  to make an Apple Help Book"
+	@echo "  devhelp    to make HTML files and a Devhelp project"
+	@echo "  epub       to make an epub"
+	@echo "  latex      to make LaTeX files, you can set PAPER=a4 or PAPER=letter"
+	@echo "  latexpdf   to make LaTeX files and run them through pdflatex"
+	@echo "  latexpdfja to make LaTeX files and run them through platex/dvipdfmx"
+	@echo "  text       to make text files"
+	@echo "  man        to make manual pages"
+	@echo "  texinfo    to make Texinfo files"
+	@echo "  info       to make Texinfo files and run them through makeinfo"
+	@echo "  gettext    to make PO message catalogs"
+	@echo "  changes    to make an overview of all changed/added/deprecated items"
+	@echo "  xml        to make Docutils-native XML files"
+	@echo "  pseudoxml  to make pseudoxml-XML files for display purposes"
+	@echo "  linkcheck  to check all external links for integrity"
+	@echo "  doctest    to run all doctests embedded in the documentation (if enabled)"
+	@echo "  coverage   to run coverage check of the documentation (if enabled)"
+
+clean:
+	rm -rf $(BUILDDIR)/*
+
+html:
+	$(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html
+	@echo
+	@echo "Build finished. The HTML pages are in $(BUILDDIR)/html."
+
+dirhtml:
+	$(SPHINXBUILD) -b dirhtml $(ALLSPHINXOPTS) $(BUILDDIR)/dirhtml
+	@echo
+	@echo "Build finished. The HTML pages are in $(BUILDDIR)/dirhtml."
+
+singlehtml:
+	$(SPHINXBUILD) -b singlehtml $(ALLSPHINXOPTS) $(BUILDDIR)/singlehtml
+	@echo
+	@echo "Build finished. The HTML page is in $(BUILDDIR)/singlehtml."
+
+pickle:
+	$(SPHINXBUILD) -b pickle $(ALLSPHINXOPTS) $(BUILDDIR)/pickle
+	@echo
+	@echo "Build finished; now you can process the pickle files."
+
+json:
+	$(SPHINXBUILD) -b json $(ALLSPHINXOPTS) $(BUILDDIR)/json
+	@echo
+	@echo "Build finished; now you can process the JSON files."
+
+htmlhelp:
+	$(SPHINXBUILD) -b htmlhelp $(ALLSPHINXOPTS) $(BUILDDIR)/htmlhelp
+	@echo
+	@echo "Build finished; now you can run HTML Help Workshop with the" \
+	      ".hhp project file in $(BUILDDIR)/htmlhelp."
+
+qthelp:
+	$(SPHINXBUILD) -b qthelp $(ALLSPHINXOPTS) $(BUILDDIR)/qthelp
+	@echo
+	@echo "Build finished; now you can run "qcollectiongenerator" with the" \
+	      ".qhcp project file in $(BUILDDIR)/qthelp, like this:"
+	@echo "# qcollectiongenerator $(BUILDDIR)/qthelp/redash.qhcp"
+	@echo "To view the help file:"
+	@echo "# assistant -collectionFile $(BUILDDIR)/qthelp/redash.qhc"
+
+applehelp:
+	$(SPHINXBUILD) -b applehelp $(ALLSPHINXOPTS) $(BUILDDIR)/applehelp
+	@echo
+	@echo "Build finished. The help book is in $(BUILDDIR)/applehelp."
+	@echo "N.B. You won't be able to view it unless you put it in" \
+	      "~/Library/Documentation/Help or install it in your application" \
+	      "bundle."
+
+devhelp:
+	$(SPHINXBUILD) -b devhelp $(ALLSPHINXOPTS) $(BUILDDIR)/devhelp
+	@echo
+	@echo "Build finished."
+	@echo "To view the help file:"
+	@echo "# mkdir -p $$HOME/.local/share/devhelp/redash"
+	@echo "# ln -s $(BUILDDIR)/devhelp $$HOME/.local/share/devhelp/redash"
+	@echo "# devhelp"
+
+epub:
+	$(SPHINXBUILD) -b epub $(ALLSPHINXOPTS) $(BUILDDIR)/epub
+	@echo
+	@echo "Build finished. The epub file is in $(BUILDDIR)/epub."
+
+latex:
+	$(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex
+	@echo
+	@echo "Build finished; the LaTeX files are in $(BUILDDIR)/latex."
+	@echo "Run \`make' in that directory to run these through (pdf)latex" \
+	      "(use \`make latexpdf' here to do that automatically)."
+
+latexpdf:
+	$(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex
+	@echo "Running LaTeX files through pdflatex..."
+	$(MAKE) -C $(BUILDDIR)/latex all-pdf
+	@echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex."
+
+latexpdfja:
+	$(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex
+	@echo "Running LaTeX files through platex and dvipdfmx..."
+	$(MAKE) -C $(BUILDDIR)/latex all-pdf-ja
+	@echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex."
+
+text:
+	$(SPHINXBUILD) -b text $(ALLSPHINXOPTS) $(BUILDDIR)/text
+	@echo
+	@echo "Build finished. The text files are in $(BUILDDIR)/text."
+
+man:
+	$(SPHINXBUILD) -b man $(ALLSPHINXOPTS) $(BUILDDIR)/man
+	@echo
+	@echo "Build finished. The manual pages are in $(BUILDDIR)/man."
+
+texinfo:
+	$(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo
+	@echo
+	@echo "Build finished. The Texinfo files are in $(BUILDDIR)/texinfo."
+	@echo "Run \`make' in that directory to run these through makeinfo" \
+	      "(use \`make info' here to do that automatically)."
+
+info:
+	$(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo
+	@echo "Running Texinfo files through makeinfo..."
+	make -C $(BUILDDIR)/texinfo info
+	@echo "makeinfo finished; the Info files are in $(BUILDDIR)/texinfo."
+
+gettext:
+	$(SPHINXBUILD) -b gettext $(I18NSPHINXOPTS) $(BUILDDIR)/locale
+	@echo
+	@echo "Build finished. The message catalogs are in $(BUILDDIR)/locale."
+
+changes:
+	$(SPHINXBUILD) -b changes $(ALLSPHINXOPTS) $(BUILDDIR)/changes
+	@echo
+	@echo "The overview file is in $(BUILDDIR)/changes."
+
+linkcheck:
+	$(SPHINXBUILD) -b linkcheck $(ALLSPHINXOPTS) $(BUILDDIR)/linkcheck
+	@echo
+	@echo "Link check complete; look for any errors in the above output " \
+	      "or in $(BUILDDIR)/linkcheck/output.txt."
+
+doctest:
+	$(SPHINXBUILD) -b doctest $(ALLSPHINXOPTS) $(BUILDDIR)/doctest
+	@echo "Testing of doctests in the sources finished, look at the " \
+	      "results in $(BUILDDIR)/doctest/output.txt."
+
+coverage:
+	$(SPHINXBUILD) -b coverage $(ALLSPHINXOPTS) $(BUILDDIR)/coverage
+	@echo "Testing of coverage in the sources finished, look at the " \
+	      "results in $(BUILDDIR)/coverage/python.txt."
+
+xml:
+	$(SPHINXBUILD) -b xml $(ALLSPHINXOPTS) $(BUILDDIR)/xml
+	@echo
+	@echo "Build finished. The XML files are in $(BUILDDIR)/xml."
+
+pseudoxml:
+	$(SPHINXBUILD) -b pseudoxml $(ALLSPHINXOPTS) $(BUILDDIR)/pseudoxml
+	@echo
+	@echo "Build finished. The pseudo-XML files are in $(BUILDDIR)/pseudoxml."

docs/conf.py

@@ -0,0 +1,111 @@
+# -*- coding: utf-8 -*-
+#
+# re:dash documentation build configuration file, created by
+# sphinx-quickstart on Mon Jul 20 22:40:24 2015.
+#
+# This file is execfile()d with the current directory set to its
+# containing dir.
+#
+# Note that not all possible configuration values are present in this
+# autogenerated file.
+#
+# All configuration values have a default; values that are commented out
+# serve to show the default.
+
+import sys
+import os
+import shlex
+
+# Add any Sphinx extension module names here, as strings. They can be
+# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
+# ones.
+extensions = []
+
+# The suffix(es) of source filenames.
+# You can specify multiple suffix as a list of string:
+# source_suffix = ['.rst', '.md']
+source_suffix = '.rst'
+
+# The master toctree document.
+master_doc = 'index'
+
+# General information about the project.
+project = u're:dash'
+copyright = u'2015, EverythingMe'
+author = u'EverythingMe'
+
+# The language for content autogenerated by Sphinx. Refer to documentation
+# for a list of supported languages.
+#
+# This is also used if you do content translation via gettext catalogs.
+# Usually you set "language" from the command line for these cases.
+language = None
+
+exclude_patterns = ['_build']
+
+# The name of the Pygments (syntax highlighting) style to use.
+pygments_style = 'sphinx'
+
+# If true, `todo` and `todoList` produce output, else they produce nothing.
+todo_include_todos = False
+
+# -- Options for HTML output ----------------------------------------------
+# The theme to use for HTML and HTML Help pages.  See the documentation for
+# a list of builtin themes.
+import sphinx_rtd_theme
+html_theme = "sphinx_rtd_theme"
+html_theme_path = [sphinx_rtd_theme.get_html_theme_path()]
+
+# The name for this set of Sphinx documents.  If None, it defaults to
+# "<project> v<release> documentation".
+#html_title = None
+
+# A shorter title for the navigation bar.  Default is the same as html_title.
+#html_short_title = None
+
+# The name of an image file (relative to this directory) to place at the top
+# of the sidebar.
+#html_logo = None
+
+# The name of an image file (within the static path) to use as favicon of the
+# docs.  This file should be a Windows icon file (.ico) being 16x16 or 32x32
+# pixels large.
+#html_favicon = None
+
+# Add any paths that contain custom static files (such as style sheets) here,
+# relative to this directory. They are copied after the builtin static files,
+# so a file named "default.css" will overwrite the builtin "default.css".
+html_static_path = ['_static']
+
+# If true, links to the reST sources are added to the pages.
+html_show_sourcelink = True
+
+# If true, "Created using Sphinx" is shown in the HTML footer. Default is True.
+html_show_sphinx = False
+
+# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True.
+html_show_copyright = False
+
+# Output file base name for HTML help builder.
+htmlhelp_basename = 'redashdoc'
+
+# -- Options for manual page output ---------------------------------------
+
+# One entry per manual page. List of tuples
+# (source start file, name, description, authors, manual section).
+man_pages = [
+    (master_doc, 'redash', u're:dash Documentation',
+     [author], 1)
+]
+
+# -- Options for Texinfo output -------------------------------------------
+
+# Grouping the document tree into Texinfo files. List of tuples
+# (source start file, target name, title, author,
+#  dir menu entry, description, category)
+texinfo_documents = [
+  (master_doc, 'redash', u're:dash Documentation',
+   author, 'redash', 'One line description of project.',
+   'Miscellaneous'),
+]
+

docs/datasources.rst

@@ -0,0 +1,181 @@
+Supported Data Sources
+######################
+
+re:dash supports several types of data sources, and if you set it up using the provided images, it should already have
+the needed dependencies to use them all. Starting from version 0.7 and newer, you can manage data sources from the UI
+by browsing to ``/data_sources`` on your instance.
+
+If one of the listed data source types isn't available when trying to create a new data source, make sure that:
+
+1. You installed required dependencies.
+2. If you've set custom value for the ``REDASH_ENABLED_QUERY_RUNNERS`` setting, it's included in the list.
+
+PostgreSQL / Redshift
+---------------------
+
+-  **Options**:
+
+   -  Database name (mandatory)
+   -  User
+   -  Password
+   -  Host
+   -  Port
+
+-  **Additional requirements**:
+
+   - None
+
+
+MySQL
+-----
+
+-  **Options**:
+
+   -  Database name (mandatory)
+   -  User
+   -  Password
+   -  Host
+   -  Port
+
+-  **Additional requirements**:
+
+   - ``MySQL-python`` python package
+
+
+Google BigQuery
+---------------
+
+-  **Options**:
+
+   -  Project ID (mandatory)
+   -  JSON key file, generated when creating a service account (see `instructions <https://developers.google.com/console/help/new/#serviceaccounts>`__).
+
+
+-  **Additional requirements**:
+
+   - ``google-api-python-client``, ``oauth2client`` and ``pyopenssl`` python packages (on Ubuntu it might require installing ``libffi-dev`` and ``libssl-dev`` as well).
+
+
+Graphite
+--------
+
+-  **Options**:
+
+   -  Url (mandatory)
+   -  User
+   -  Password
+   -  Verify SSL certificate
+
+
+MongoDB
+-------
+
+-  **Options**:
+
+   -  Connection String (mandatory)
+   -  Database name
+   -  Replica set name
+
+-  **Additional requirements**:
+
+   - ``pymongo`` python package.
+
+For information on how to write MongoDB queries, see :doc:`documentation </usage/mongodb_querying>`.
+
+
+ElasticSearch
+-------------
+
+...
+
+InfluxDB
+--------
+
+...
+
+Presto
+------
+
+-  **Options**:
+
+    - Host (mandatory)
+        - Address to a Presto coordinator.
+    - Port
+        - Port to a Presto coordinator. `8080` is the default port.
+    - Schema
+        - Default schema name of Presto. You can read other schemas by qualified name like `FROM myschema.table1`.
+    - Catalog
+        - Catalog (connector) name of Presto such as `hive-cdh4`, `hive-hadoop1`, etc.
+    - Username
+        - User name to connect to a Presto.
+
+-  **Additional requirements**:
+
+   - ``pyhive`` python package.
+
+Hive
+----
+
+...
+
+Impala
+------
+
+...
+
+URL
+---
+
+A URL based data source which requests URLs that return the :doc:`results JSON
+format </dev/results_format>`.
+
+Very useful in situations where you want to expose the data without
+connecting directly to the database.
+
+The query itself inside re:dash will simply contain the URL to be
+executed (i.e. http://myserver/path/myquery)
+
+-  **Options**:
+
+   -  Url - set this if you want to limit queries to certain base path.
+
+
+Google Spreadsheets
+-------------------
+
+-  **Options**:
+
+   -  JSON key file, generated when creating a service account (see `instructions <https://developers.google.com/console/help/new/#serviceaccounts>`__).
+
+-  **Additional requirements**:
+
+   -  ``gspread`` and ``oauth2client`` python packages.
+
+Notes:
+
+1. To be able to load the spreadsheet in re:dash - share your it with
+   your ServiceAccount's email (it can be found in the credentials json
+   file, for example
+   43242343247-fjdfakljr3r2@developer.gserviceaccount.com).
+2. The query format is "DOC\_UUID\|SHEET\_NUM" (for example
+   "kjsdfhkjh4rsEFSDFEWR232jkddsfh\|0")
+
+
+Python
+------
+
+**Execute other queries, manipulate and compute with Python code**
+
+This is a special query runner, that will execute provided Python code as the query. Useful for various scenarios such as
+merging data from different data sources, doing data transformation/manipulation that isn't trivial with SQL, merging
+with remote data or using data analysis libraries such as Pandas (see `example query <https://gist.github.com/arikfr/be7c2888520c44cf4f0f>`__).
+
+While the Python query runner uses a sandbox (RestrictedPython), it's not 100% secure and the security depends on the
+modules you allow to import. We recommend enabling the Python query runner only in a trusted environment (meaning: behind
+VPN and with users you trust).
+
+-  **Options**:
+
+   -  Allowed Modules in a comma separated list (optional). **NOTE:**
+      You MUST make sure these modules are installed on the machine
+      running the Celery workers.

docs/dev.rst

@@ -0,0 +1,11 @@
+Developer Information
+=====================
+
+.. toctree::
+    :maxdepth: 2
+    :glob:
+
+    dev/vagrant
+    dev/*
+
+

docs/dev/query_execution.rst

@@ -0,0 +1,94 @@
+Query Execution Model
+#####################
+
+Introduction
+============
+
+The first datasource which was used with re:dash was Redshift. Because
+we had billions of records in Redshift, and some queries were costly to
+re-run, from the get go there was the idea of caching query results in
+re:dash.
+
+This was to relieve stress from the Redshift cluster and also to improve
+user experience.
+
+How queries get executed and cached in re:dash?
+===============================================
+
+Server
+------
+
+To make sure each query is executed only once at any giving time, we
+translate the query to a ``query hash``, using the following code:
+
+.. code:: python
+
+    COMMENTS_REGEX = re.compile("/\*.*?\*/")
+
+    def gen_query_hash(sql):
+        sql = COMMENTS_REGEX.sub("", sql)
+        sql = "".join(sql.split()).lower()
+        return hashlib.md5(sql.encode('utf-8')).hexdigest()
+
+When query execution is done, the result gets stored to
+``query_results`` table. Also we check for all queries in the
+``queries`` table that have the same query hash and update their
+reference to the query result we just saved
+(`code <https://github.com/EverythingMe/redash/blob/master/redash/models.py#L235>`__).
+
+Client
+------
+
+The client (UI) will execute queries in two scenarios:
+
+1. (automatically) When opening a query page of a query that doesn't
+   have a result yet.
+2. (manually) When the user clicks on "Execute".
+
+In each case the client does a POST request to ``/api/query_results``
+with the following parameters: ``query`` (the query text),
+``data_source_id`` (data source to execute the query with) and ``ttl``.
+
+When loading a cached result, ``ttl`` will be the one set to the query
+(if it was set). This is a relic from previous versions, and I'm not
+sure if it's really used anymore, as usually we will fetch query result
+using its id.
+
+When loading a non cached result, ``ttl`` will be 0 which will "force"
+the server to execute the query.
+
+As a response to ``/api/query_results`` the server will send either the
+query results (in case of a cached query) or job id of the currently
+executing query. When job id received the client will start polling on
+this id, until a query result received (this is encapsulated in
+``Query`` and ``QueryResult`` services).
+
+Ideas on how to implement query parameters
+==========================================
+
+Client side only implementation
+-------------------------------
+
+(This was actually implemented in. See pull request `#363 <https://github.com/EverythingMe/redash/pull/363>`__ for details.)
+
+The basic idea of how to implement parametized queries is to treat the
+query as a template and merge it with parameters taken from query string
+or UI (or both).
+
+When the caching facility isn't required (with queries that return in a
+reasonable time frame) the implementation can be completly client side
+and the backend can be "blind" to the parameters - it just receives the
+final query to execute and returns result.
+
+As one improvement over this, we can let the UI/user specify the TTL
+value when making the request to ``/api/query_results``, in which case
+caching will be availble too, while not having to make the server aware
+of the parameters.
+
+Hybrid
+------
+
+Another option, will be to store the list of possible parameters for a
+query, with their default/optional values. In such case, the server can
+prefetch all the options and cache them to provide faster results to the
+client.

docs/dev/results_format.rst

@@ -0,0 +1,30 @@
+Data Source Results Format
+==========================
+
+All data sources in re:dash return the following results in JSON format:
+
+.. code:: javascript
+
+    {
+        "columns" : [
+            {
+               // Required: a unique identifier of the column name in this result
+               "name" : "COLUMN_NAME", 
+               // Required: friendly name of the column that will appear in the results
+               "friendly_name" : "FRIENDLY_NAME", 
+               // Optional: If not specified sort might not work well. 
+               // Supported types: integer, float, boolean, string (default), datetime (ISO-8601 text format)
+               "type" : "VALUE_TYPE" 
+            },
+            ...
+        ],
+        "rows" : [
+            {
+                // name is the column name as it appears in the columns above. 
+                // VALUE is a valid JSON value. For dates its an ISO-8601 string.
+                "name" : VALUE,
+                "name2" : VALUE2
+            },
+            ...
+        ]   
+    }

docs/dev/vagrant.rst

@@ -0,0 +1,50 @@
+Setting up development environment (using Vagrant)
+==================================================
+
+To simplify contribution there is a `Vagrant
+box <https://vagrantcloud.com/redash/boxes/dev>`__ available with all
+the needed software to run re:dash for development (use it only for
+development, for demo purposes there is
+`redash/demo <https://vagrantcloud.com/redash/boxes/demo>`__ box and the
+AWS/GCE images).
+
+To get started with this box:
+
+1.  Make sure you have recent version of
+    `Vagrant <https://www.vagrantup.com/>`__ installed.
+2.  Clone the re:dash repository:
+    ``git clone https://github.com/EverythingMe/redash.git``.
+3.  Change dir into the repository (``cd redash``) and run run
+    ``vagrant up``. This might take some time the first time you run it,
+    as it downloads the Vagrant virtual box.
+4.  Once Vagrant is ready, ssh into the instance (``vagrant ssh``), and
+    change dir to ``/opt/redash/current`` -- this is where your local
+    repository copy synced to.
+5.  Copy ``.env`` file into this directory (``cp ../.env ./``).
+6.  From ``/opt/redash/current/rd_ui`` run ``bower install`` to install
+    frontend packages. This can be done from your host machine as well,
+    if you have bower installed.
+7.  Go back to ``/opt/redash/current`` and install python dependencies
+    ``sudo pip install -r requirements.txt``
+8.  Apply migrations
+
+    ::
+
+        PYTHONPATH=. bin/run python migrations/0001_allow_delete_query.py
+        PYTHONPATH=. bin/run python migrations/0002_fix_timestamp_fields.py
+        PYTHONPATH=. bin/run python migrations/0003_update_data_source_config.py
+        PYTHONPATH=. bin/run python migrations/0004_allow_null_in_event_user.py
+        PYTHONPATH=. bin/run python migrations/0005_add_updated_at.py
+        PYTHONPATH=. bin/run python migrations/0006_queries_last_edit_by.py
+        PYTHONPATH=. bin/run python migrations/0007_add_schedule_to_queries.py
+        PYTHONPATH=. bin/run python migrations/0008_make_ds_name_unique.py
+        PYTHONPATH=. bin/run python migrations/0009_add_api_key_to_user.py
+        PYTHONPATH=. bin/run python migrations/0010_create_alerts.py
+        PYTHONPATH=. bin/run python migrations/0010_allow_deleting_datasources.py
+        PYTHONPATH=. bin/run python migrations/0011_migrate_bigquery_to_json.py
+        PYTHONPATH=. bin/run python migrations/0012_add_list_users_permission.py
+
+9.  Start the server and background workers with
+    ``bin/run honcho start -f Procfile.dev``.
+10. Now the server should be available on your host on port 9001 and you
+    can login with username admin and password admin.

docs/index.rst

@@ -0,0 +1,57 @@
+.. image:: http://redash.io/static/img/redash_logo.png
+   :width: 200px
+
+Open Source Data Collaboration and Visualization Platform
+===================================
+
+**re:dash** is our take on freeing the data within our company in a way that will better fit our culture and usage patterns.
+
+Prior to **re:dash**, we tried to use traditional BI suites and discovered a set of bloated, technically challenged and slow tools/flows. What we were looking for was a more hacker'ish way to look at data, so we built one.
+
+**re:dash** was built to allow fast and easy access to billions of records, that we process and collect using Amazon Redshift ("petabyte scale data warehouse" that "speaks" PostgreSQL).
+Today **_re:dash_** has support for querying multiple databases, including: Redshift, Google BigQuery,Google Spreadsheets, PostgreSQL, MySQL, Graphite and custom scripts.
+
+Features
+########
+
+1. **Query Editor**: think of `JS Fiddle`_ for SQL queries. It's your way to share data in the organization in an open way, by sharing both the dataset and the query that generated it. This way everyone can peer review not only the resulting dataset but also the process that generated it.
+2. **Visualizations**: once you have a dataset, you can create different visualizations out of it. Currently it supports charts, pivot table and cohorts.
+3. **Dashboards**: combine several visualizations into a single dashboard.
+
+Demo
+####
+
+.. figure:: https://raw.github.com/EverythingMe/redash/screenshots/screenshots.gif
+   :alt: Screenshots
+
+You can try out the demo instance: `http://demo.redash.io`_ (login with any Google account).
+
+.. _http://demo.redash.io: http://demo.redash.io
+.. _JS Fiddle: http://jsfiddle.net
+
+Getting Started
+###############
+
+:doc:`Setting up re:dash instance </setup>` (includes links to ready made AWS/GCE images).
+
+Getting Help
+############
+
+* Source: https://github.com/everythingme/redash
+* Issues: https://github.com/everythingme/redash/issues
+* Mailing List: https://groups.google.com/forum/#!forum/redash-users
+* Gitter (chat): https://gitter.im/EverythingMe/redash
+* Contact Arik, the maintainer directly: arik@everything.me.
+
+TOC
+###
+
+.. toctree::
+   :maxdepth: 2
+
+   setup
+   upgrade
+   datasources
+   usage
+   dev
+   misc

docs/misc.rst

@@ -0,0 +1,10 @@
+Miscellaneous
+=============
+
+.. toctree::
+    :maxdepth: 2
+    :glob:
+
+    misc/*
+
+

docs/misc/google_developers_project.rst

@@ -0,0 +1,50 @@
+How To: Create a Google Developers Project
+==========================================
+
+1. Go to the `Google Developers
+   Console <https://console.developers.google.com/>`__.
+2. Select a project, or create a new one by clicking Create Project:
+
+   1. In the Project name field, type in a name for your project.
+   2. In the Project ID field, optionally type in a project ID for your
+      project or use the one that the console has created for you. This
+      ID must be unique world-wide.
+   3. Click the **Create** button and wait for the project to be
+      created.
+   4. Click on the new project name in the list to start editing the
+      project.
+
+3. In the left sidebar, select the **APIs** item below "APIs & auth". A
+   list of Google web services appears.
+4. Find the **Google+ API** service and set its status to **ON**—notice
+   that this action moves the service to the top of the list.
+5. In the sidebar under "APIs & auth", select **Credentials** and in that screen choose the **OAuth consent screen** tab
+
+   -  Choose an Email Address and specify a Product Name.
+
+6. In the sidebar under "APIs & auth", select **Credentials**.
+7. Click **Add Credentials** button and choose **OAuth 20 Client ID**. 
+
+   -  In the **Application type** section of the dialog, select **Web
+      application**.
+   -  In the **Authorized JavaScript origins** field, enter the origin
+      for your app. You can enter multiple origins to use with multiple
+      re:dash instance. Wildcards are not allowed. In the example below,
+      we assume your re:dash instance address is *redash.example.com*:
+
+   ::
+
+       http://redash.example.com
+       https://redash.example.com
+
+   -  In the Authorized redirect URI field, enter the redirect URI
+      callback:
+
+   ::
+
+       http://redash.example.com/oauth/google_callback
+
+   -  Click the ``Create`` button.
+
+8. In the resulting **Client ID for web application** section, copy the
+   **Client ID** and **Client secret** to your ``.env`` file.

docs/misc/ssl.rst

@@ -0,0 +1,59 @@
+SSL (HTTPS) Setup
+=================
+
+If you used the provided images or the bootstrap script, to start using
+SSL with your instance you need to:
+
+1. Update the nginx config file (``/etc/nginx/sites-available/redash``)
+   with SSL configuration (see below an example). Make sure to upload
+   the certificate to the server, and set the paths correctly in the new
+   config.
+
+2. Open port 443 in your security group (if using AWS or GCE).
+
+.. code:: nginx
+
+    upstream redash_servers {
+      server 127.0.0.1:5000;
+    }
+
+    server {
+      listen 80;
+
+      # Allow accessing /ping without https. Useful when placing behind load balancer.
+      location /ping {
+        proxy_set_header Host $http_host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_pass       http://redash_servers;
+      }
+
+      location / {
+        # Enforce SSL.
+        return 301 https://$host$request_uri;
+      }
+    }
+
+    server {
+      listen 443 ssl;
+
+      # Make sure to set paths to your certificate .pem and .key files.
+      ssl on;
+      ssl_certificate /path-to/cert.pem; # or crt
+      ssl_certificate_key /path-to/cert.key;
+
+      access_log /var/log/nginx/redash.access.log;
+
+      gzip on;
+      gzip_types *;
+      gzip_proxied any;
+
+      location / {
+        proxy_set_header Host $http_host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_pass       http://redash_servers;
+        proxy_redirect   off;
+      }
+    }

docs/requirements.txt

@@ -0,0 +1,3 @@
+sphinx
+sphinx-autobuild
+sphinx_rtd_theme

docs/setup.rst

@@ -0,0 +1,142 @@
+Setting up re:dash instance
+###########################
+
+The `provisioning
+script <https://github.com/EverythingMe/redash/blob/master/setup/bootstrap.sh>`__
+works on Ubuntu 12.04, Ubuntu 14.04 and Debian Wheezy. This script
+installs all needed dependencies and creates basic setup.
+
+To ease the process, there are also images for AWS and Google Compute
+Cloud. These images created with the same provision script using Packer.
+
+Create an instance
+==================
+
+Google Compute Engine
+---------------------
+
+First, you need to add the images to your account:
+
+.. code:: bash
+
+    $ gcloud compute images create "redash-071-b1015" --source-uri gs://redash-images/redash.0.7.1.b1015.tar.gz
+
+Next you need to launch an instance using this image (n1-standard-1
+instance type is recommended). If you plan using re:dash with BigQuery,
+you can use a dedicated image which comes with BigQuery preconfigured
+(using instance permissions):
+
+.. code:: bash
+
+    $ gcloud compute images create "redash-071-b1015-bq" --source-uri gs://redash-images/redash.0.7.1.b1015-bq.tar.gz
+
+Note that you need to launch this instance with BigQuery access:
+
+.. code:: bash
+
+    $ gcloud compute instances create <your_instance_name> --image redash-071-b1015-bq --scopes storage-ro,bigquery
+
+(the same can be done from the web interface, just make sure to enable
+BigQuery access)
+
+Now proceed to `"Setup" <#setup>`__.
+
+AWS
+---
+
+Launch the instance with from the pre-baked AMI (for small deployments
+t2.micro should be enough):
+
+-  us-east-1: `ami-95e04efe <https://console.aws.amazon.com/ec2/home?region=us-east-1#LaunchInstanceWizard:ami=ami-95e04efe>`__
+-  us-west-2: `ami-01d8d331 <https://console.aws.amazon.com/ec2/home?region=us-west-2#LaunchInstanceWizard:ami=ami-01d8d331>`__
+-  us-west-1: `ami-b35ea1f7 <https://console.aws.amazon.com/ec2/home?region=us-west-1#LaunchInstanceWizard:ami=ami-b35ea1f7>`__
+-  eu-west-1: `ami-d46734a3 <https://console.aws.amazon.com/ec2/home?region=eu-west-1#LaunchInstanceWizard:ami=ami-d46734a3>`__
+-  eu-central-1: `ami-7e494e63 <https://console.aws.amazon.com/ec2/home?region=eu-central-1#LaunchInstanceWizard:ami=ami-7e494e63>`__
+-  ap-southeast-1: `ami-30343b62 <https://console.aws.amazon.com/ec2/home?region=ap-southeast-1#LaunchInstanceWizard:ami=ami-30343b62>`__
+-  ap-southeast-2: `ami-53357669 <https://console.aws.amazon.com/ec2/home?region=ap-southeast-2#LaunchInstanceWizard:ami=ami-53357669>`__
+-  ap-northeast-1: `ami-4253ea42 <https://console.aws.amazon.com/ec2/home?region=ap-northeast-1#LaunchInstanceWizard:ami=ami-4253ea42>`__
+-  sa-east-1: `ami-b170f9ac <https://console.aws.amazon.com/ec2/home?region=sa-east-1#LaunchInstanceWizard:ami=ami-b170f9ac>`__
+
+Now proceed to `"Setup" <#setup>`__.
+
+Other
+-----
+
+Download the provision script and run it on your machine. Note that:
+
+1. You need to run the script as root.
+2. It was tested only on Ubuntu 12.04, Ubuntu 14.04 and Debian Wheezy.
+3. It's designed to run on a "clean" machine. If you're running this script on a machine that is used for other purposes, you might want to tweak it to your needs (like removing the ``apt-get dist-upgrade`` call at the beginning of it).
+
+Setup
+=====
+
+Once you created the instance with either the image or the script, you
+should have a running re:dash instance with everything you need to get
+started. You can now login to it with the user "admin" (password:
+"admin"). But to make it useful, there are a few more steps that you
+need to manually do to complete the setup:
+
+First ssh to your instance and change directory to ``/opt/redash``. If
+you're using the GCE image, switch to root (``sudo su``).
+
+Users & Google Authentication setup
+-----------------------------------
+
+Most of the settings you need to edit are in the ``/opt/redash/.env``
+file.
+
+1. Update the cookie secret (important! otherwise anyone can sign new
+   cookies and impersonate users): change "veryverysecret" in the line:
+   ``export REDASH_COOKIE_SECRET=veryverysecret`` to something else (you
+   can use ``pwgen 32 -1`` to generate random string).
+
+2. By default we create an admin user with the password "admin". You
+   can change this password at: ``/users/me#password``.
+
+3. If you want to use Google OAuth to authenticate users, you need to
+   create a Google Developers project (see :doc:`instructions </misc/google_developers_project>`)
+   and then add the needed configuration in the ``.env`` file:
+
+.. code::
+
+   export REDASH_GOOGLE_CLIENT_ID=""
+   export REDASH_GOOGLE_CLIENT_SECRET=""
+   export REDASH_GOOGLE_APPS_DOMAIN=""
+
+
+
+``REDASH_GOOGLE_CLIENT_ID`` and ``REDASH_GOOGLE_CLIENT_SECRET`` are the values you get after registering with Google. ``READASH_GOOGLE_APPS_DOMAIN`` is used in case you want to limit access to single Google apps domain (*if you leave it empty anyone with a Google account can access your instance*).
+
+4. Restart the web server to apply the configuration changes:
+   ``sudo supervisorctl restart redash_server``.
+
+5. Once you have Google OAuth enabled, you can login using your Google
+   Apps account. If you want to grant admin permissions to some users,
+   you can do this by editing the user profile and enabling admin
+   permission for it.
+
+6. If you don't use Google OAuth or just need username/password logins,
+   you can create additional users at: ``/users/new``.
+
+Datasources
+-----------
+
+To make re:dash truly useful, you need to setup your data sources in it. Browse to ``/data_sources`` on your instance,
+to create new data source connection.
+
+See :doc:`documentation </datasources>` for the different options.
+Your instance comes ready with dependencies needed to setup supported sources.
+
+How to upgrade?
+---------------
+
+It's recommended to upgrade once in a while your re:dash instance to
+benefit from bug fixes and new features. See :doc:`here </upgrade>` for full upgrade
+instructions (including Fabric script).
+
+Notes
+=====
+
+-  If this is a production setup, you should enforce HTTPS and make sure
+   you set the cookie secret (see :doc:`instructions </misc/ssl>`).

docs/upgrade.rst

@@ -0,0 +1,36 @@
+How to Upgrade
+##############
+
+It's recommended to upgrade your re:dash instance once there are new
+releases, to benefit from new features and bug fixes. The upgrade
+process is relatively simple, and assuming you used one of the base
+images we provide, you can just use the
+`Fabric <http://www.fabfile.org/>`__ script provided here:
+https://gist.github.com/arikfr/440d1403b4aeb76ebaf8.
+
+How to run the Fabric script
+============================
+
+1. Install Fabric: ``pip install fabric requests`` (needed only once)
+2. Download the ``fabfile.py`` from the gist.
+3. Run the script:
+   ``fab -H{your re:dash host} -u{the ssh user for this host} -i{path to key file for passwordless login} deploy_latest_release`` 
+   
+   ``-i`` is optional and it is only needed in case you're using private-key based authentication (and didn't add the key file to your authentication agent or set its path in your SSH config).
+
+What the Fabric script does
+===========================
+
+Even if you didn't use the image, it's very likely you can reuse most of
+this script with small modifications. What this script does is:
+
+1. Find the URL of the latest release tarball (from `GitHub releases
+   page <github.com/everythingme/redash/releases>`__).
+2. Download it.
+3. Create new directory for this version (for example:
+   ``/opt/redash/redash.0.5.0.b685``).
+4. Unpack that (``tar -C {dir} -xvf {tarball path}``).
+5. Link ``/opt/redash/.env`` file into this directory.
+6. Apply any new migrations.
+7. Link ``/opt/redash/current`` to new version.
+8. Restart web server and celery workers.

docs/usage.rst

@@ -0,0 +1,11 @@
+Usage
+=====
+
+.. toctree::
+    :maxdepth: 2
+    :glob:
+
+    usage/maintenance.rst
+    usage/*
+
+

docs/usage/elasticsearch_querying.rst

@@ -0,0 +1,48 @@
+ElasticSearch: Querying
+#######################
+
+ElasticSearch currently supports only simple Lucene style queries (like
+Kibana but without the aggregation).
+
+Full blown JSON based ElasticSearch queries (including aggregations)
+will be added later.
+
+Simple query example:
+=====================
+
+-  Query the index named "twitter"
+-  Filter by "user:kimchy"
+-  Return the fields: "@timestamp", "tweet" and "user"
+-  Return up to 15 results
+-  Sort by @timestamp ascending
+
+.. code:: json
+
+    {
+        "index" : "twitter",
+        "query" : "user:kimchy",
+        "fields" : ["@timestamp", "tweet", "user"],
+        "size" : 15,
+        "sort" : "@timestamp:asc"
+    }
+
+Simple query on a logstash ElasticSearch instance:
+==================================================
+
+-  Query the index named "logstash-2015.04.\*" (in this case its all of
+   April 2015)
+-  Filter by type:events AND eventName:UserUpgrade AND channel:selfserve
+-  Return fields: "@timestamp", "userId", "channel", "utm\_source",
+   "utm\_medium", "utm\_campaign", "utm\_content"
+-  Return up to 250 results
+-  Sort by @timestamp ascending
+
+.. code:: json
+
+    {
+        "index" : "logstash-2015.04.*",
+        "query" : "type:events AND eventName:UserUpgrade AND channel:selfserve",
+        "fields" : ["@timestamp", "userId", "channel", "utm_source", "utm_medium", "utm_campaign", "utm_content"],
+        "size" : 250,
+        "sort" : "@timestamp:asc"
+    }

docs/usage/maintenance.rst

@@ -0,0 +1,94 @@
+Ongoing Maintanence and Basic Operations
+########################################
+
+Configuration and logs
+======================
+
+The supervisor config can be found in
+``/opt/redash/supervisord/supervisord.conf``.
+
+There you can see the names of its programs (``redash_celery``,
+``redash_server``) and the location of their logs.
+
+Restart
+=======
+
+Restarting the Web Server
+-------------------------
+
+``sudo supervisorctl stop redash_server``
+
+Restarting Celery Workers
+-------------------------
+
+``sudo supervisorctl restart redash_celery``
+
+Restarting Celery Workers & the Queries Queue
+---------------------------------------------
+
+In case you are handling a problem, and you need to stop the currently
+running queries and reset the queue, follow the steps below.
+
+1. Stop celery: ``sudo supervisorctl stop redash_celery`` (celery might
+   take some time to stop, if it's in the middle of running a query)
+
+2. Flush redis: ``redis-cli flushdb``
+
+3. Start celery: ``sudo supervisorctl start redash_celery``
+
+Changing the Number of Workers
+==============================
+
+By default, Celery will start a worker per CPU core. Because most of
+re:dash's tasks are IO bound, the real limit for number of workers you
+can use depends on the amount of memory your machine has. It's
+recommended to increase number of workers, to support more concurrent
+queries.
+
+1. Open the supervisord configuration file:
+   ``/opt/redash/supervisord/supervisord.conf``
+
+2. Edit the ``[program:redash_celery]`` section and add to the *command*
+   value, the param "-c" with the number of concurrent workers you need.
+
+3. Restart supervisord to apply new configuration:
+   ``sudo /etc/init.d/redash_supervisord restart``.
+
+DB
+==
+
+Show the Currently Configured Data Source
+-----------------------------------------
+
+This varies based on the redash version and personal preferences. You
+can do one of the following:
+
+Using the CLI
+~~~~~~~~~~~~~
+
+In ``/opt/redash/current``, run:
+``sudo -u redash bin/run ./manage.py ds list``
+
+Using the Admin
+~~~~~~~~~~~~~~~
+
+(available from version 0.6b797). Browse to ``/admin/datasource``
+
+View the Definition Directly in the DB
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+1. Open psql: ``sudo -u redash psql``
+
+2. Run the query: ``SELECT  * from data_sources;``
+
+Backup re:dash's DB:
+--------------------
+
+``sudo -u redash pg_dump > backup_filename.sql``
+
+Version
+=======
+
+See current version:
+
+``bin/run ./manage.py version``

docs/usage/mongodb_querying.rst

@@ -0,0 +1,74 @@
+MongoDB: Querying
+#################
+
+Simple query example:
+=====================
+
+.. code:: json
+
+     {
+         "collection" : "my_collection",
+         "query" : {
+             "date" : {
+                 "$gt" : "ISODate(\"2015-01-15 11:41\")",
+             },
+             "type" : 1
+         },
+         "fields" : {
+             "_id" : 1,
+             "name" : 2
+         },
+         "sort" : [
+            {
+                 "name" : "date",
+                 "direction" : -1
+            }
+         ]
+     }
+
+Live example on the demo instance:
+http://demo.redash.io/queries/394/source.
+
+Aggregation
+===========
+
+Uses a syntax similar to the one used in PyMongo, however to support the
+correct order of sorting, it uses a regular list for the "$sort"
+operation that converts into a SON (sorted dictionary) object before
+execution.
+
+Aggregation query example:
+
+.. code:: json
+
+     {
+         "collection" : "things",
+         "aggregate" : [
+             {
+                 "$unwind" : "$tags"
+             },
+             {
+                 "$group" : {
+                     "_id" : "$tags",
+                     "count" : { "$sum" : 1 }
+                 }
+             },
+             {
+                 "$sort" : [
+                     {
+                         "name" : "count",
+                         "direction" : -1
+                     },
+                     {
+                         "name" : "_id",
+                         "direction" : -1
+                     }
+                 ]
+             }
+         ]
+     }
+
+Live examples on the demo instance:
+
+1. http://demo.redash.io/queries/393/source
+2. http://demo.redash.io/queries/387/source

manage.py

@@ -43,12 +43,15 @@ def make_shell_context():
 @manager.command
 def check_settings():
     """Show the settings as re:dash sees them (useful for debugging)."""
-    from types import ModuleType
+    for name, item in settings.all_settings().iteritems():
+        print "{} = {}".format(name, item)
 
-    for name in dir(settings):
-        item = getattr(settings, name)
-        if not callable(item) and not name.startswith("__") and not isinstance(item, ModuleType):
-            print "{} = {}".format(name, item)
+@manager.command
+def send_test_mail():
+    from redash import mail
+    from flask_mail import Message
+
+    mail.send(Message(subject="Test Message from re:dash", recipients=[settings.MAIL_DEFAULT_SENDER], body="Test message."))
 
 
 if __name__ == '__main__':

migrations/0009_add_api_key_to_user.py

@@ -0,0 +1,27 @@
+from playhouse.migrate import PostgresqlMigrator, migrate
+
+from redash.models import db
+from redash import models
+
+if __name__ == '__main__':
+    db.connect_db()
+    migrator = PostgresqlMigrator(db.database)
+
+    with db.database.transaction():
+        column = models.User.api_key
+        column.null = True
+        migrate(
+            migrator.add_column('users', 'api_key', models.User.api_key),
+        )
+
+        for user in models.User.select():
+            user.save()
+
+        migrate(
+            migrator.add_not_null('users', 'api_key')
+        )
+
+    db.close_db(None)
+
+
+

migrations/0010_allow_deleting_datasources.py

@@ -0,0 +1,18 @@
+from playhouse.migrate import PostgresqlMigrator, migrate
+
+from redash.models import db
+
+if __name__ == '__main__':
+    db.connect_db()
+    migrator = PostgresqlMigrator(db.database)
+
+    with db.database.transaction():
+        migrate(
+            migrator.drop_not_null('queries', 'data_source_id'),
+        )
+
+    db.close_db(None)
+
+
+
+

migrations/0010_create_alerts.py

@@ -0,0 +1,8 @@
+from redash.models import db, Alert, AlertSubscription
+
+if __name__ == '__main__':
+    with db.database.transaction():
+       Alert.create_table()
+       AlertSubscription.create_table()
+
+    db.close_db(None)

migrations/0011_migrate_bigquery_to_json.py

@@ -0,0 +1,44 @@
+from base64 import b64encode
+import json
+from redash.models import DataSource
+
+
+def convert_p12_to_pem(p12file):
+    from OpenSSL import crypto
+    with open(p12file, 'rb') as f:
+        p12 = crypto.load_pkcs12(f.read(), "notasecret")
+
+    return crypto.dump_privatekey(crypto.FILETYPE_PEM, p12.get_privatekey())
+
+if __name__ == '__main__':
+
+    for ds in DataSource.all():
+
+        if ds.type == 'bigquery':
+            options = json.loads(ds.options)
+
+            if 'jsonKeyFile' in options:
+                continue
+
+            new_options = {
+                'projectId': options['projectId'],
+                'jsonKeyFile': b64encode(json.dumps({
+                    'client_email': options['serviceAccount'],
+                    'private_key': convert_p12_to_pem(options['privateKey'])
+                }))
+            }
+
+            ds.options = json.dumps(new_options)
+            ds.save()
+        elif ds.type == 'google_spreadsheets':
+            options = json.loads(ds.options)
+            if 'jsonKeyFile' in options:
+                continue
+
+            with open(options['credentialsFilePath']) as f:
+                new_options = {
+                    'jsonKeyFile': b64encode(f.read())
+                }
+
+            ds.options = json.dumps(new_options)
+            ds.save()

migrations/0012_add_list_users_permission.py

@@ -0,0 +1,6 @@
+from redash import models
+
+if __name__ == '__main__':
+    default_group = models.Group.get(models.Group.name=='default')
+    default_group.permissions.append('list_users')
+    default_group.save()

rd_ui/.jshintrc

@@ -19,6 +19,7 @@
   "trailing": true,
   "smarttabs": true,
   "globals": {
-    "angular": false
+    "angular": false,
+    "_": false
   }
 }

rd_ui/app/index.html

@@ -14,7 +14,6 @@
     <link rel="stylesheet" href="/bower_components/gridster/dist/jquery.gridster.css">
     <link rel="stylesheet" href="/bower_components/pivottable/dist/pivot.css">
     <link rel="stylesheet" href="/bower_components/cornelius/src/cornelius.css">
-    <link rel="stylesheet" href="/bower_components/select2/select2.css">
     <link rel="stylesheet" href="/bower_components/angular-ui-select/dist/select.css">
     <link rel="stylesheet" href="/bower_components/pace/themes/pace-theme-minimal.css">
     <link rel="stylesheet" href="/bower_components/font-awesome/css/font-awesome.css">
@@ -47,7 +46,7 @@
         <ul class="nav navbar-nav">
             <li class="active" ng-show="pageTitle"><a class="page-title" ng-bind="pageTitle"></a></li>
             <li class="dropdown" ng-show="groupedDashboards.length > 0 || otherDashboards.length > 0 || currentUser.hasPermission('create_dashboard')" dropdown>
-                <a href="#" class="dropdown-toggle" dropdown-toggle><span class="glyphicon glyphicon-th-large"></span> <b class="caret"></b></a>
+                <a href="#" class="dropdown-toggle" dropdown-toggle><span class="fa fa-tachometer"></span> <b class="caret"></b></a>
                 <ul class="dropdown-menu" dropdown-menu>
                     <span ng-repeat="(name, group) in groupedDashboards">
                         <li class="dropdown-submenu">
@@ -73,6 +72,9 @@
                     <li><a href="/queries">Queries</a></li>
                 </ul>
             </li>
+            <li>
+                <a href="/alerts">Alerts</a>
+            </li>
         </ul>
         <form class="navbar-form navbar-left" role="search" ng-submit="searchQueries()">
             <div class="form-group">
@@ -81,12 +83,34 @@
             <button type="submit" class="btn btn-default"><span class="glyphicon glyphicon-search"></span></button>
         </form>
         <ul class="nav navbar-nav navbar-right">
-            <p class="navbar-text avatar" ng-show="currentUser.id" ng-cloak>
-                <img ng-src="{{currentUser.gravatar_url}}" class="img-circle" alt="{{currentUser.name}}"/>
-                <a target="_self" href="/logout" id="logout" title="Logout">
-                    <span class="glyphicon glyphicon-log-out"></span>
-                </a>
-            </p>
+            <li ng-show="currentUser.hasPermission('admin')">
+                <a href="/data_sources" title="Data Sources"><i class="fa fa-database"></i></a>
+            </li>
+            <li ng-show="currentUser.hasPermission('list_users')">
+                <a href="/users" title="Users"><i class="fa fa-users"></i></a>
+            </li>
+            <li class="dropdown" dropdown>
+                <a href="#" class="dropdown-toggle" dropdown-toggle><span ng-bind="currentUser.name"></span> <span class="caret"></span></a>
+                <ul class="dropdown-menu" dropdown-menu>
+                    <li style="width:300px">
+                        <a ng-href="/users/{{currentUser.id}}">
+                            <div class="row">
+                                <div class="col-sm-2">
+                                    <img src="{{currentUser.gravatar_url}}" size="40px" class="img-circle"/>
+                                </div>
+                                <div class="col-sm-10">
+                                    <p><strong>{{currentUser.name}}</strong></p>
+                                </div>
+                            </div>
+                        </a>
+                    </li>
+                    <li class="divider">
+                    </li>
+                    <li>
+                        <a href="/logout">Log out</a>
+                    </li>
+                </ul>
+            </li>
         </ul>
     </div>
     {% endraw %}
@@ -125,11 +149,10 @@
 <script src="/bower_components/cornelius/src/cornelius.js"></script>
 <script src="/bower_components/mousetrap/mousetrap.js"></script>
 <script src="/bower_components/mousetrap/plugins/global-bind/mousetrap-global-bind.js"></script>
-<script src="/bower_components/select2/select2.js"></script>
-<script src="/bower_components/angular-ui-select2/src/select2.js"></script>
 <script src="/bower_components/angular-ui-select/dist/select.js"></script>
 <script src="/bower_components/underscore.string/lib/underscore.string.js"></script>
 <script src="/bower_components/marked/lib/marked.js"></script>
+<script src="/bower_components/angular-base64-upload/dist/angular-base64-upload.js"></script>
 <script src="/scripts/ng_highchart.js"></script>
 <script src="/scripts/ng_smart_table.js"></script>
 <script src="/bower_components/angular-ui-bootstrap-bower/ui-bootstrap-tpls.js"></script>
@@ -140,6 +163,7 @@
 <script src="/bower_components/canvg/StackBlur.js"></script>
 <script src="/bower_components/canvg/canvg.js"></script>
 <script src="/bower_components/leaflet/dist/leaflet.js"></script>
+<script src="/bower_components/angular-bootstrap-show-errors/src/showErrors.js"></script>
 <!-- endbuild -->
 
 <!-- build:js({.tmp,app}) /scripts/scripts.js -->
@@ -151,8 +175,10 @@
 <script src="/scripts/controllers/controllers.js"></script>
 <script src="/scripts/controllers/dashboard.js"></script>
 <script src="/scripts/controllers/admin_controllers.js"></script>
+<script src="/scripts/controllers/data_sources.js"></script>
 <script src="/scripts/controllers/query_view.js"></script>
 <script src="/scripts/controllers/query_source.js"></script>
+<script src="/scripts/controllers/users.js"></script>
 <script src="/scripts/visualizations/base.js"></script>
 <script src="/scripts/visualizations/chart.js"></script>
 <script src="/scripts/visualizations/cohort.js"></script>
@@ -162,8 +188,10 @@
 <script src="/scripts/visualizations/pivot.js"></script>
 <script src="/scripts/directives/directives.js"></script>
 <script src="/scripts/directives/query_directives.js"></script>
+<script src="/scripts/directives/data_source_directives.js"></script>
 <script src="/scripts/directives/dashboard_directives.js"></script>
 <script src="/scripts/filters.js"></script>
+<script src="/scripts/controllers/alerts.js"></script>
 <!-- endbuild -->
 
 <script>
@@ -178,7 +206,7 @@
 
     currentUser.hasPermission = function(permission) {
         return this.permissions.indexOf(permission) != -1;
-    }
+    };
 
     {{ analytics|safe }}
 </script>

rd_ui/app/login.html

@@ -13,6 +13,10 @@
     <link rel="stylesheet" href="/styles/redash.css">
     <link rel="stylesheet" href="/styles/login.css">
     <!-- endbuild -->
+
+    <link rel="icon" type="image/png" sizes="32x32" href="/images/favicon-32x32.png">
+    <link rel="icon" type="image/png" sizes="96x96" href="/images/favicon-96x96.png">
+    <link rel="icon" type="image/png" sizes="16x16" href="/images/favicon-16x16.png">
 </head>
 <body>
 
@@ -26,13 +30,20 @@
             <span class="icon-bar"></span>
             <span class="icon-bar"></span>
         </button>
-        <a class="navbar-brand" href="/"><strong>{{name}}</strong></a>
+        <a class="navbar-brand" href="/"><img src="/images/redash_icon_small.png"/></a>
     </div>
     </div>
 </nav>
 
 <div class="container">
     <div class="row">
+        {% with messages = get_flashed_messages() %}
+          {% if messages %}
+            {% for message in messages %}
+                <div class="alert alert-warning" role="alert">{{ message }}</div>
+            {% endfor %}
+          {% endif %}
+        {% endwith %}
 
         <div class="main">
             {% if show_google_openid %}
@@ -63,8 +74,8 @@
 
             <form role="form" method="post" name="login">
                 <div class="form-group">
-                    <label for="inputUsernameEmail">Username or email</label>
-                    <input type="text" class="form-control" id="inputUsernameEmail" name="username" value="{{username}}">
+                    <label for="inputEmail">Email</label>
+                    <input type="text" class="form-control" id="inputEmail" name="email" value="{{email}}">
                 </div>
                 <div class="form-group">
                     <!--<a class="pull-right" href="#">Forgot password?</a>-->

rd_ui/app/scripts/app.js

@@ -7,16 +7,17 @@ angular.module('redash', [
     'redash.renderers',
     'redash.visualization',
     'highchart',
-    'ui.select2',
     'angular-growl',
     'angularMoment',
     'ui.bootstrap',
     'smartTable.table',
     'ngResource',
     'ngRoute',
-    'ui.select'
-  ]).config(['$routeProvider', '$locationProvider', '$compileProvider', 'growlProvider',
-    function ($routeProvider, $locationProvider, $compileProvider, growlProvider) {
+    'ui.select',
+    'naif.base64',
+    'ui.bootstrap.showErrors'
+  ]).config(['$routeProvider', '$locationProvider', '$compileProvider', 'growlProvider', 'uiSelectConfig',
+    function ($routeProvider, $locationProvider, $compileProvider, growlProvider, uiSelectConfig) {
       if (featureFlags.clientSideMetrics) {
         Bucky.setOptions({
           host: '/api/metrics'
@@ -31,6 +32,8 @@ angular.module('redash', [
         return query.$promise;
       };
 
+      uiSelectConfig.theme = "bootstrap";
+
       $compileProvider.aHrefSanitizationWhitelist(/^\s*(https?|http|data):/);
       $locationProvider.html5Mode(true);
       growlProvider.globalTimeToLive(2000);
@@ -80,15 +83,44 @@ angular.module('redash', [
         templateUrl: '/views/admin_status.html',
         controller: 'AdminStatusCtrl'
       });
-      $routeProvider.when('/admin/workers', {
-        templateUrl: '/views/admin_workers.html',
-        controller: 'AdminWorkersCtrl'
+
+      $routeProvider.when('/alerts', {
+        templateUrl: '/views/alerts/list.html',
+        controller: 'AlertsCtrl'
+      });
+      $routeProvider.when('/alerts/:alertId', {
+        templateUrl: '/views/alerts/edit.html',
+        controller: 'AlertCtrl'
+      });
+
+      $routeProvider.when('/data_sources/:dataSourceId', {
+        templateUrl: '/views/data_sources/edit.html',
+        controller: 'DataSourceCtrl'
+      });
+      $routeProvider.when('/data_sources', {
+        templateUrl: '/views/data_sources/list.html',
+        controller: 'DataSourcesCtrl'
+      });
+
+      $routeProvider.when('/users/new', {
+        templateUrl: '/views/users/new.html',
+        controller: 'NewUserCtrl'
+      });
+      $routeProvider.when('/users/:userId', {
+        templateUrl: '/views/users/show.html',
+        reloadOnSearch: false,
+        controller: 'UserCtrl'
+      });
+      $routeProvider.when('/users', {
+        templateUrl: '/views/users/list.html',
+        controller: 'UsersCtrl'
       });
 
       $routeProvider.when('/', {
-        templateUrl: '/views/index.html',
-        controller: 'IndexCtrl'
+        templateUrl: '/views/personal.html',
+        controller: 'PersonalIndexCtrl'
       });
+
       $routeProvider.when('/personal', {
         templateUrl: '/views/personal.html',
         controller: 'PersonalIndexCtrl'

rd_ui/app/scripts/controllers/admin_controllers.js

@@ -17,7 +17,7 @@
     };
 
     refresh();
-  }
+  };
 
   angular.module('redash.admin_controllers', [])
          .controller('AdminStatusCtrl', ['$scope', 'Events', '$http', '$timeout', AdminStatusCtrl])

rd_ui/app/scripts/controllers/alerts.js

@@ -0,0 +1,174 @@
+(function() {
+
+  var AlertsCtrl = function($scope, Events, Alert) {
+    Events.record(currentUser, "view", "page", "alerts");
+    $scope.$parent.pageTitle = "Alerts";
+
+    $scope.alerts = []
+    Alert.query(function(alerts) {
+      var stateClass = {
+        'ok': 'label label-success',
+        'triggered': 'label label-danger',
+        'unknown': 'label label-warning'
+      };
+      _.each(alerts, function(alert) {
+        alert.class = stateClass[alert.state];
+      })
+      $scope.alerts = alerts;
+
+    });
+
+    $scope.gridConfig = {
+      isPaginationEnabled: true,
+      itemsByPage: 50,
+      maxSize: 8,
+    };
+
+
+    $scope.gridColumns = [
+      {
+        "label": "Name",
+        "map": "name",
+        "cellTemplate": '<a href="/alerts/{{dataRow.id}}">{{dataRow.name}}</a> (<a href="/queries/{{dataRow.query.id}}">query</a>)'
+      },
+      {
+        'label': 'Created By',
+        'map': 'user.name'
+      },
+      {
+        'label': 'State',
+        'cellTemplate': '<span ng-class="dataRow.class">{{dataRow.state | uppercase}}</span> since <span am-time-ago="dataRow.updated_at"></span>'
+      },
+      {
+        'label': 'Created At',
+        'cellTemplate': '<span am-time-ago="dataRow.created_at"></span>'
+      }
+    ];
+  };
+
+  var AlertCtrl = function($scope, $routeParams, $location, growl, Query, Events, Alert) {
+    $scope.$parent.pageTitle = "Alerts";
+
+    $scope.alertId = $routeParams.alertId;
+    if ($scope.alertId === "new") {
+      Events.record(currentUser, 'view', 'page', 'alerts/new');
+    } else {
+      Events.record(currentUser, 'view', 'alert', $scope.alertId);
+    }
+
+    $scope.onQuerySelected = function(item) {
+      $scope.selectedQuery = item;
+      item.getQueryResultPromise().then(function(result) {
+        $scope.queryResult = result;
+        $scope.alert.options.column = $scope.alert.options.column || result.getColumnNames()[0];
+      });
+    };
+
+    if ($scope.alertId === "new") {
+      $scope.alert = new Alert({options: {}});
+    } else {
+      $scope.alert = Alert.get({id: $scope.alertId}, function(alert) {
+        $scope.onQuerySelected(new Query($scope.alert.query));
+      });
+    }
+
+    $scope.ops = ['greater than', 'less than', 'equals'];
+    $scope.selectedQuery = null;
+
+    $scope.getDefaultName = function() {
+      if (!$scope.alert.query) {
+        return undefined;
+      }
+      return _.template("<%= query.name %>: <%= options.column %> <%= options.op %> <%= options.value %>", $scope.alert);
+    };
+
+    $scope.searchQueries = function (term) {
+      if (!term || term.length < 3) {
+        return;
+      }
+
+      Query.search({q: term}, function(results) {
+        $scope.queries = results;
+      });
+    };
+
+    $scope.saveChanges = function() {
+      if ($scope.alert.name === undefined || $scope.alert.name === '') {
+        $scope.alert.name = $scope.getDefaultName();
+      }
+
+      $scope.alert.$save(function(alert) {
+        growl.addSuccessMessage("Saved.");
+        if ($scope.alertId === "new") {
+           $location.path('/alerts/' + alert.id).replace();
+        }
+      }, function() {
+        growl.addErrorMessage("Failed saving alert.");
+      });
+    };
+  };
+
+  angular.module('redash.directives').directive('alertSubscribers', ['AlertSubscription', function (AlertSubscription) {
+    return {
+      restrict: 'E',
+      replace: true,
+      templateUrl: '/views/alerts/subscribers.html',
+      scope: {
+        'alertId': '='
+      },
+      controller: function ($scope) {
+        $scope.subscribers = AlertSubscription.query({alertId: $scope.alertId});
+      }
+    }
+  }]);
+
+  angular.module('redash.directives').directive('subscribeButton', ['AlertSubscription', 'growl', function (AlertSubscription, growl) {
+    return {
+      restrict: 'E',
+      replace: true,
+      template: '<button class="btn btn-default btn-xs" ng-click="toggleSubscription()"><i ng-class="class"></i></button>',
+      controller: function ($scope) {
+        var updateClass = function() {
+          if ($scope.subscription) {
+            $scope.class = "fa fa-eye-slash";
+          } else {
+            $scope.class = "fa fa-eye";
+          }
+        }
+
+        $scope.subscribers.$promise.then(function() {
+          $scope.subscription = _.find($scope.subscribers, function(subscription) {
+            return (subscription.user.email == currentUser.email);
+          });
+
+          updateClass();
+        });
+
+        $scope.toggleSubscription = function() {
+          if ($scope.subscription) {
+            $scope.subscription.$delete(function() {
+              $scope.subscribers = _.without($scope.subscribers, $scope.subscription);
+              $scope.subscription = undefined;
+              updateClass();
+            }, function() {
+              growl.addErrorMessage("Failed saving subscription.");
+            });
+          } else {
+            $scope.subscription = new AlertSubscription({alert_id: $scope.alertId});
+            $scope.subscription.$save(function() {
+              $scope.subscribers.push($scope.subscription);
+              updateClass();
+            }, function() {
+              growl.addErrorMessage("Unsubscription failed.");
+            });
+          }
+        }
+      }
+    }
+  }]);
+
+  angular.module('redash.controllers')
+    .controller('AlertsCtrl', ['$scope', 'Events', 'Alert', AlertsCtrl])
+    .controller('AlertCtrl', ['$scope', '$routeParams', '$location', 'growl', 'Query', 'Events', 'Alert', AlertCtrl])
+
+})();

rd_ui/app/scripts/controllers/controllers.js

@@ -23,7 +23,7 @@
       },
       {
         'label': 'Created By',
-        'map': 'user_name'
+        'map': 'user.name'
       },
       {
         'label': 'Created At',
@@ -45,7 +45,6 @@
     Query.search({q: $scope.term }, function(results) {
       $scope.queries = _.map(results, function(query) {
         query.created_at = moment(query.created_at);
-        query.user_name = query.user.name;
         return query;
       });
     });
@@ -93,7 +92,6 @@
       $scope.allQueries = _.map(queries, function (query) {
         query.created_at = moment(query.created_at);
         query.retrieved_at = moment(query.retrieved_at);
-        query.user_name = query.user.name;
         return query;
       });
 
@@ -108,7 +106,7 @@
       },
       {
         'label': 'Created By',
-        'map': 'user_name'
+        'map': 'user.name'
       },
       {
         'label': 'Created At',
@@ -196,15 +194,6 @@
   var IndexCtrl = function ($scope, Events, Dashboard) {
     Events.record(currentUser, "view", "page", "homepage");
     $scope.$parent.pageTitle = "Home";
-
-    $scope.archiveDashboard = function (dashboard) {
-      if (confirm('Are you sure you want to delete "' + dashboard.name + '" dashboard?')) {
-        Events.record(currentUser, "archive", "dashboard", dashboard.id);
-        dashboard.$delete(function () {
-          $scope.$parent.reloadDashboards();
-        });
-      }
-    }
   };
 
   var PersonalIndexCtrl = function ($scope, Events, Dashboard, Query) {
@@ -213,15 +202,6 @@
 
     $scope.recentQueries = Query.recent();
     $scope.recentDashboards = Dashboard.recent();
-
-    $scope.archiveDashboard = function (dashboard) {
-      if (confirm('Are you sure you want to delete "' + dashboard.name + '" dashboard?')) {
-        Events.record(currentUser, "archive", "dashboard", dashboard.id);
-        dashboard.$delete(function () {
-          $scope.$parent.reloadDashboards();
-        });
-      }
-    }
   };
 
   angular.module('redash.controllers', [])

rd_ui/app/scripts/controllers/dashboard.js

@@ -94,6 +94,15 @@
       }
     };
 
+    $scope.archiveDashboard = function () {
+      if (confirm('Are you sure you want to archive the "' + $scope.dashboard.name + '" dashboard?')) {
+        Events.record(currentUser, "archive", "dashboard", $scope.dashboard.id);
+        $scope.dashboard.$delete(function () {
+          $scope.$parent.reloadDashboards();
+        });
+      }
+    }
+
     $scope.triggerRefresh = function() {
       $scope.refreshEnabled = !$scope.refreshEnabled;
 

rd_ui/app/scripts/controllers/data_sources.js

@@ -0,0 +1,47 @@
+(function () {
+  var DataSourcesCtrl = function ($scope, $location, growl, Events, DataSource) {
+    Events.record(currentUser, "view", "page", "admin/data_sources");
+    $scope.$parent.pageTitle = "Data Sources";
+
+    $scope.dataSources = DataSource.query();
+
+    $scope.openDataSource = function(datasource) {
+      $location.path('/data_sources/' + datasource.id);
+    };
+
+    $scope.deleteDataSource = function(event, datasource) {
+      event.stopPropagation();
+      Events.record(currentUser, "delete", "datasource", datasource.id);
+      datasource.$delete(function(resource) {
+        growl.addSuccessMessage("Data source deleted succesfully.");
+        this.$parent.dataSources = _.without(this.dataSources, resource);
+      }.bind(this), function(httpResponse) {
+        console.log("Failed to delete data source: ", httpResponse.status, httpResponse.statusText, httpResponse.data);
+        growl.addErrorMessage("Failed to delete data source.");
+      });
+    }
+  };
+
+  var DataSourceCtrl = function ($scope, $routeParams, $http, $location, Events, DataSource) {
+    Events.record(currentUser, "view", "page", "admin/data_source");
+    $scope.$parent.pageTitle = "Data Sources";
+
+    $scope.dataSourceId = $routeParams.dataSourceId;
+
+    if ($scope.dataSourceId == "new") {
+      $scope.dataSource = new DataSource({options: {}});
+    } else {
+      $scope.dataSource = DataSource.get({id: $routeParams.dataSourceId});
+    }
+
+    $scope.$watch('dataSource.id', function(id) {
+      if (id != $scope.dataSourceId && id !== undefined) {
+        $location.path('/data_sources/' + id).replace();
+      }
+    });
+  };
+
+  angular.module('redash.controllers')
+    .controller('DataSourcesCtrl', ['$scope', '$location', 'growl', 'Events', 'DataSource', DataSourcesCtrl])
+    .controller('DataSourceCtrl', ['$scope', '$routeParams', '$http', '$location', 'Events', 'DataSource', DataSourceCtrl])
+})();

rd_ui/app/scripts/controllers/query_source.js

@@ -17,7 +17,7 @@
         saveQuery = $scope.saveQuery;
 
     $scope.sourceMode = true;
-    $scope.canEdit = true;
+    $scope.canEdit = currentUser.canEdit($scope.query) || featureFlags.allowAllToEditQueries;
     $scope.isDirty = false;
 
     $scope.newVisualization = undefined;

rd_ui/app/scripts/controllers/query_view.js

@@ -15,6 +15,7 @@
         maxAge = -1;
       }
 
+      $scope.showLog = false;
       $scope.queryResult = $scope.query.getQueryResult(maxAge, parameters);
     }
 
@@ -48,15 +49,19 @@
     $scope.isQueryOwner = (currentUser.id === $scope.query.user.id) || currentUser.hasPermission('admin');
     $scope.canViewSource = currentUser.hasPermission('view_source');
 
-    $scope.dataSources = DataSource.get(function(dataSources) {
+    $scope.dataSources = DataSource.query(function(dataSources) {
       updateSchema();
-      $scope.query.data_source_id = $scope.query.data_source_id || dataSources[0].id;
-      $scope.dataSource = _.find(dataSources, function(ds) { return ds.id == $scope.query.data_source_id; });
+
+      if ($scope.query.isNew()) {
+        $scope.query.data_source_id = $scope.query.data_source_id || dataSources[0].id;
+        $scope.dataSource = _.find(dataSources, function(ds) { return ds.id == $scope.query.data_source_id; });
+      }
     });
 
     // in view mode, latest dataset is always visible
     // source mode changes this behavior
     $scope.showDataset = true;
+    $scope.showLog = false;
 
     $scope.lockButton = function(lock) {
       $scope.queryExecuting = lock;
@@ -99,6 +104,9 @@
     };
 
     $scope.executeQuery = function() {
+      if (!$scope.query.query) {
+        return;
+      }
       getQueryResult(0);
       $scope.lockButton(true);
       $scope.cancelling = false;
@@ -110,21 +118,21 @@
       $scope.queryResult.cancelExecution();
       Events.record(currentUser, 'cancel_execute', 'query', $scope.query.id);
     };
-    
+
     $scope.archiveQuery = function(options, data) {
       if (data) {
         data.id = $scope.query.id;
       } else {
         data = $scope.query;
       }
-      
+
       $scope.isDirty = false;
-      
+
       options = _.extend({}, {
         successMessage: 'Query archived',
         errorMessage: 'Query could not be archived'
       }, options);
-      
+
       return Query.delete({id: data.id}, function() {
         $scope.query.is_archived = true;
         $scope.query.schedule = null;
@@ -197,6 +205,10 @@
       if (status === 'done' || status === 'failed') {
         $scope.lockButton(false);
       }
+
+      if ($scope.queryResult.getLog() != null) {
+          $scope.showLog = true;
+      }
     });
 
     $scope.openScheduleForm = function() {

rd_ui/app/scripts/controllers/users.js

@@ -0,0 +1,160 @@
+(function () {
+  var UsersCtrl = function ($scope, $location, growl, Events, User) {
+    Events.record(currentUser, "view", "page", "users");
+    $scope.$parent.pageTitle = "Users";
+
+    $scope.gridConfig = {
+      isPaginationEnabled: true,
+      itemsByPage: 50,
+      maxSize: 8,
+    };
+
+    $scope.gridColumns = [
+      {
+        "label": "",
+        "map": "gravatar_url",
+        "cellTemplate": '<img src="{{dataRow.gravatar_url}}" height="40px"/>'
+      },
+      {
+        "label": "Name",
+        "map": "name",
+        "cellTemplate": '<a href="/users/{{dataRow.id}}">{{dataRow.name}}</a>'
+      },
+      {
+        'label': 'Joined',
+        'cellTemplate': '<span am-time-ago="dataRow.created_at"></span>'
+      }
+    ];
+
+    $scope.users = [];
+    User.query(function(users) {
+      $scope.users = users;
+    });
+  };
+
+  var UserCtrl = function ($scope, $routeParams, $http, $location, growl, Events, User) {
+    $scope.$parent.pageTitle = "Users";
+
+    $scope.userId = $routeParams.userId;
+
+    if ($scope.userId === 'me') {
+      $scope.userId = currentUser.id;
+    }
+    Events.record(currentUser, "view", "user", $scope.userId);
+    $scope.canEdit = currentUser.hasPermission("admin") || currentUser.id === parseInt($scope.userId);
+    $scope.showSettings =  false;
+    $scope.showPasswordSettings = false;
+
+    $scope.selectTab = function(tab) {
+      _.each($scope.tabs, function(v, k) {
+        $scope.tabs[k] = (k === tab);
+      });
+    };
+
+    $scope.setTab = function(tab) {
+      $location.hash(tab);
+    }
+
+    $scope.tabs = {
+      profile: false,
+      apiKey: false,
+      settings: false,
+      password: false
+    };
+
+    $scope.selectTab($location.hash() || 'profile');
+
+    $scope.user = User.get({id: $scope.userId}, function(user) {
+      if (user.auth_type == 'password') {
+        $scope.showSettings = $scope.canEdit;
+        $scope.showPasswordSettings = $scope.canEdit;
+      }
+    });
+
+    $scope.password = {
+      current: '',
+      new: '',
+      newRepeat: ''
+    };
+
+    $scope.savePassword = function(form) {
+      $scope.$broadcast('show-errors-check-validity');
+
+      if (!form.$valid) {
+        return;
+      }
+
+      var data = {
+        id: $scope.user.id,
+        password: $scope.password.new,
+        old_password: $scope.password.current
+      };
+
+      User.save(data, function() {
+        growl.addSuccessMessage("Password Saved.")
+        $scope.password = {
+          current: '',
+          new: '',
+          newRepeat: ''
+        };
+      }, function(error) {
+        var message = error.data.message || "Failed saving password.";
+        growl.addErrorMessage(message);
+      });
+    };
+
+    $scope.updateUser = function(form) {
+      $scope.$broadcast('show-errors-check-validity');
+
+      if (!form.$valid) {
+        return;
+      }
+
+      var data = {
+        id: $scope.user.id,
+        name: $scope.user.name,
+        email: $scope.user.email
+      };
+
+      if ($scope.user.admin === true && $scope.user.groups.indexOf("admin") === -1) {
+        data.groups = $scope.user.groups.concat("admin");
+      } else if ($scope.user.admin === false && $scope.user.groups.indexOf("admin") !== -1) {
+        data.groups = _.without($scope.user.groups, "admin");
+      }
+
+      User.save(data, function(user) {
+        growl.addSuccessMessage("Saved.")
+        $scope.user = user;
+      }, function(error) {
+        var message = error.data.message || "Failed saving.";
+        growl.addErrorMessage(message);
+      });
+    };
+  };
+
+  var NewUserCtrl = function ($scope, $location, growl, Events, User) {
+    Events.record(currentUser, "view", "page", "users/new");
+
+    $scope.user = new User({});
+    $scope.saveUser = function() {
+      $scope.$broadcast('show-errors-check-validity');
+
+      if (!$scope.userForm.$valid) {
+        return;
+      }
+
+      $scope.user.$save(function(user) {
+        growl.addSuccessMessage("Saved.")
+        $location.path('/users/' + user.id).replace();
+      }, function(error) {
+        var message = error.data.message || "Failed saving.";
+        growl.addErrorMessage(message);
+      });
+    }
+  };
+
+  angular.module('redash.controllers')
+    .controller('UsersCtrl', ['$scope', '$location', 'growl', 'Events', 'User', UsersCtrl])
+    .controller('UserCtrl', ['$scope', '$routeParams', '$http', '$location', 'growl', 'Events', 'User', UserCtrl])
+    .controller('NewUserCtrl', ['$scope', '$location', 'growl', 'Events', 'User', NewUserCtrl])
+})();

rd_ui/app/scripts/directives/data_source_directives.js

@@ -0,0 +1,76 @@
+(function () {
+  'use strict';
+
+  var directives = angular.module('redash.directives');
+
+  // Angular strips data- from the directive, so data-source-form becomes sourceForm...
+  directives.directive('sourceForm', ['$http', 'growl', function ($http, growl) {
+    return {
+      restrict: 'E',
+      replace: true,
+      templateUrl: '/views/data_sources/form.html',
+      scope: {
+        'dataSource': '='
+      },
+      link: function ($scope) {
+        var setType = function(types) {
+          if ($scope.dataSource.type === undefined) {
+            $scope.dataSource.type = types[0].type;
+            return types[0];
+          }
+
+          $scope.type = _.find(types, function (t) {
+            return t.type == $scope.dataSource.type;
+          });
+        };
+
+        $scope.files = {};
+
+        $scope.$watchCollection('files', function() {
+          _.each($scope.files, function(v, k) {
+            if (v) {
+              $scope.dataSource.options[k] = v.base64;
+            }
+          });
+        });
+
+        $http.get('/api/data_sources/types').success(function (types) {
+          setType(types);
+
+          $scope.dataSourceTypes = types;
+
+          _.each(types, function (type) {
+            _.each(type.configuration_schema.properties, function (prop, name) {
+              if (name == 'password' || name == 'passwd') {
+                prop.type = 'password';
+              }
+
+              if (_.string.endsWith(name, "File")) {
+                prop.type = 'file';
+              }
+
+              prop.required = _.contains(type.configuration_schema.required, name);
+            });
+          });
+        });
+
+        $scope.$watch('dataSource.type', function(current, prev) {
+          if (prev !== current) {
+            if (prev !== undefined) {
+              $scope.dataSource.options = {};
+            }
+            setType($scope.dataSourceTypes);
+          }
+        });
+
+        $scope.saveChanges = function() {
+          $scope.dataSource.$save(function() {
+            growl.addSuccessMessage("Saved.");
+          }, function() {
+            growl.addErrorMessage("Failed saving.");
+          });
+        }
+      }
+    }
+  }]);
+})();

rd_ui/app/scripts/directives/directives.js

@@ -247,4 +247,38 @@
       };
     }]
   );
+
+  directives.directive('compareTo', function () {
+    return {
+      require: "ngModel",
+      scope: {
+        otherModelValue: "=compareTo"
+      },
+      link: function (scope, element, attributes, ngModel) {
+        var validate = function(value) {
+          ngModel.$setValidity("compareTo", value === scope.otherModelValue);
+        };
+
+        scope.$watch("otherModelValue", function() {
+          validate(ngModel.$modelValue);
+        });
+
+        ngModel.$parsers.push(function(value) {
+          validate(value);
+          return value;
+        });
+      }
+    };
+  });
+
+  directives.directive('inputErrors', function () {
+    return {
+      restrict: "E",
+      templateUrl: "/views/directives/input_errors.html",
+      replace: true,
+      scope: {
+        errors: "="
+      }
+    };
+  });
 })();

rd_ui/app/scripts/ng_highchart.js

@@ -145,7 +145,7 @@
 
                 if (!hasTotalsAlready) {
                     this.addSeries({
-                      data: _.values(data),
+                      data: _.sortBy(_.values(data), 'x'),
                       type: 'line',
                       name: 'Total'
                     }, false)

rd_ui/app/scripts/services/resources.js

@@ -1,4 +1,28 @@
 (function () {
+  function QueryResultError(errorMessage) {
+    this.errorMessage = errorMessage;
+  }
+
+  QueryResultError.prototype.getError = function() {
+    return this.errorMessage;
+  };
+
+  QueryResultError.prototype.getStatus = function() {
+    return 'failed';
+  };
+
+  QueryResultError.prototype.getData = function() {
+    return null;
+  };
+
+  QueryResultError.prototype.getLog = function() {
+    return null;
+  };
+
+  QueryResultError.prototype.getChartData = function() {
+    return null;
+  };
+
   var QueryResult = function ($resource, $timeout, $q) {
     var QueryResultResource = $resource('/api/query_results/:id', {id: '@id'}, {'post': {'method': 'POST'}});
     var Job = $resource('/api/jobs/:id', {id: '@id'});
@@ -44,7 +68,7 @@
       } else {
         this.status = undefined;
       }
-    }
+    };
 
     function QueryResult(props) {
       this.deferred = $q.defer();
@@ -95,6 +119,14 @@
       return this.job.error;
     }
 
+    QueryResult.prototype.getLog = function() {
+        if (!this.query_result.data  || !this.query_result.data.log || this.query_result.data.log.length == 0) {
+            return null;
+        }
+
+        return this.query_result.data.log;
+    }
+
     QueryResult.prototype.getUpdatedAt = function () {
       return this.query_result.retrieved_at || this.job.updated_at * 1000.0 || this.updatedAt;
     }
@@ -166,8 +198,8 @@
         var yValues = {};
 
         _.each(row, function (value, definition) {
-          var name = definition.split("::")[0];
-          var type = definition.split("::")[1];
+          var name = definition.split("::")[0] || definition.split("__")[0];
+          var type = definition.split("::")[1] || definition.split("__")[0];
           if (mapping) {
             type = mapping[definition];
           }
@@ -192,7 +224,7 @@
             seriesName = String(value);
           }
 
-          if (type == 'multi-filter') {
+          if (type == 'multiFilter' || type == 'multi-filter') {
             seriesName = String(value);
           }
         });
@@ -240,7 +272,16 @@
     }
 
     QueryResult.prototype.getColumnNameWithoutType = function (column) {
-      var parts = column.split('::');
+      var typeSplit;
+      if (column.indexOf("::") != -1) {
+        typeSplit = "::";
+      } else if (column.indexOf("__" != -1)) {
+        typeSplit = "__";
+      } else {
+        return column;
+      }
+
+      var parts = column.split(typeSplit);
       if (parts[0] == "" && parts.length == 2) {
         return parts[1];
       }
@@ -281,16 +322,16 @@
 
     QueryResult.prototype.prepareFilters = function () {
       var filters = [];
-      var filterTypes = ['filter', 'multi-filter'];
+      var filterTypes = ['filter', 'multi-filter', 'multiFilter'];
       _.each(this.getColumnNames(), function (col) {
-        var type = col.split('::')[1]
+        var type = col.split('::')[1] || col.split('__')[1];
         if (_.contains(filterTypes, type)) {
           // filter found
           var filter = {
             name: col,
             friendlyName: this.getColumnFriendlyName(col),
             values: [],
-            multiple: (type=='multi-filter')
+            multiple: (type=='multiFilter') || (type=='multi-filter')
           }
           filters.push(filter);
         }
@@ -406,20 +447,23 @@
       return '/queries/' + this.id + '/source';
     };
 
+    Query.prototype.isNew = function() {
+      return this.id === undefined;
+    };
+
     Query.prototype.hasDailySchedule = function() {
       return (this.schedule && this.schedule.match(/\d\d:\d\d/) !== null);
-    }
+    };
 
     Query.prototype.scheduleInLocalTime = function() {
       var parts = this.schedule.split(':');
       return moment.utc().hour(parts[0]).minute(parts[1]).local().format('HH:mm');
-    }
+    };
 
     Query.prototype.getQueryResult = function (maxAge, parameters) {
-//      if (ttl == undefined) {
-//        ttl = this.ttl;
-//      }
-
+      if (!this.query) {
+        return;
+      }
       var queryText = this.query;
 
       var queryParameters = this.getParameters();
@@ -454,6 +498,8 @@
         }
       } else if (this.data_source_id) {
         this.queryResult = QueryResult.get(this.data_source_id, queryText, maxAge, this.id);
+      } else {
+        return new QueryResultError("Please select data source to run this query.");
       }
 
       return this.queryResult;
@@ -490,14 +536,68 @@
 
   var DataSource = function ($resource) {
     var actions = {
-      'get': {'method': 'GET', 'cache': true, 'isArray': true},
+      'get': {'method': 'GET', 'cache': false, 'isArray': false},
+      'query': {'method': 'GET', 'cache': false, 'isArray': true},
       'getSchema': {'method': 'GET', 'cache': true, 'isArray': true, 'url': '/api/data_sources/:id/schema'}
     };
 
     var DataSourceResource = $resource('/api/data_sources/:id', {id: '@id'}, actions);
 
     return DataSourceResource;
-  }
+  };
+
+  var User = function ($resource, $http) {
+    var transformSingle = function(user) {
+      if (user.groups !== undefined) {
+        user.admin = user.groups.indexOf("admin") != -1;
+      }
+    };
+
+    var transform = $http.defaults.transformResponse.concat(function(data, headers) {
+      if (_.isArray(data)) {
+        _.each(data, transformSingle);
+      } else {
+        transformSingle(data);
+      }
+      return data;
+    });
+
+    var actions = {
+      'get': {method: 'GET', transformResponse: transform},
+      'save': {method: 'POST', transformResponse: transform},
+      'query': {method: 'GET', isArray: true, transformResponse: transform},
+      'delete': {method: 'DELETE', transformResponse: transform}
+    };
+
+    var UserResource = $resource('/api/users/:id', {id: '@id'}, actions);
+
+    return UserResource;
+  };
+
+  var AlertSubscription = function ($resource) {
+    var resource = $resource('/api/alerts/:alertId/subscriptions/:userId', {alertId: '@alert_id', userId: '@user.id'});
+    return resource;
+  };
+
+  var Alert = function ($resource, $http) {
+    var actions = {
+      save: {
+        method: 'POST',
+        transformRequest: [function(data) {
+          var newData = _.extend({}, data);
+          if (newData.query_id === undefined) {
+            newData.query_id = newData.query.id;
+            delete newData.query;
+          }
+
+          return newData;
+        }].concat($http.defaults.transformRequest)
+      }
+    };
+    var resource = $resource('/api/alerts/:id', {id: '@id'}, actions);
+
+    return resource;
+  };
 
   var Widget = function ($resource, Query) {
     var WidgetResource = $resource('/api/widgets/:id', {id: '@id'});
@@ -524,5 +624,8 @@
       .factory('QueryResult', ['$resource', '$timeout', '$q', QueryResult])
       .factory('Query', ['$resource', 'QueryResult', 'DataSource', Query])
       .factory('DataSource', ['$resource', DataSource])
-      .factory('Widget', ['$resource', 'Query', Widget]);
+      .factory('Alert', ['$resource', '$http', Alert])
+      .factory('AlertSubscription', ['$resource', AlertSubscription])
+      .factory('Widget', ['$resource', 'Query', Widget])
+      .factory('User', ['$resource', '$http', User]);
 })();

rd_ui/app/scripts/visualizations/base.js

@@ -84,10 +84,6 @@
       template: '<filters></filters>\n' + Visualization.renderVisualizationsTemplate,
       replace: false,
       link: function (scope) {
-        scope.select2Options = {
-          width: '50%'
-        };
-
         scope.$watch('queryResult && queryResult.getFilters()', function (filters) {
           if (filters) {
             scope.filters = filters;

rd_ui/app/scripts/visualizations/cohort.js

@@ -26,7 +26,10 @@
                     if ($scope.queryResult.getData() == null) {
 
                     } else {
-                        var sortedData = _.sortBy($scope.queryResult.getData(), "date");
+                        var sortedData = _.sortBy($scope.queryResult.getData(),function(r) {
+                          return r['date'] + r['day_number']  ;
+                        });
+                        
                         var grouped = _.groupBy(sortedData, "date");
                         var maxColumns = _.reduce(grouped, function(memo, data){ 
                             return (data.length > memo)? data.length : memo;

rd_ui/app/styles/redash.css

@@ -18,6 +18,10 @@ a.navbar-brand {
     margin-left: 0px !important;
 }
 
+.navbar .fa {
+    font-size: 18px;
+}
+
 a.navbar-brand img {
     height: 40px;
 }
@@ -100,6 +104,28 @@ a.navbar-brand img {
     text-decoration: underline;
 }
 
+.list-group-item.clickable {
+    cursor: pointer;
+}
+
+.list-group-item.clickable:focus,
+.list-group-item.clickable:hover {
+    background-color: #f5f5f5;
+}
+
+.form-group.required .control-label:after {
+   content:"*";
+   color:red;
+}
+
+.form-group .help-block.error {
+  display: none;
+}
+
+.form-group.has-error .help-block.error {
+  display: block;
+}
+
 /* angular-growl */
 .growl {
     position: fixed;
@@ -128,6 +154,23 @@ a.navbar-brand img {
 
 }
 
+/* Visualization Filters */
+
+.filters-container {
+    display: flex;
+    flex-wrap: wrap;
+}
+
+.filter {
+    width: 33%;
+    padding-left: 5px;
+    padding-bottom: 5px;
+}
+
+.filter > div {
+    width: 100%;
+}
+
 /* Gridster */
 
 .gridster ul {
@@ -170,6 +213,14 @@ li.widget:hover {
     overflow-x: auto;
 }
 
+/* Support for Font-Awesome in btn-xs */
+
+.btn-xs > .fa {
+    font-size: 14px;
+    top: 1px;
+    position: relative;
+}
+
 /* Because of ng-repeat we add span between the .dropdown-menu element and the li element, so we had
 to add those CSS styles here. */
 
@@ -330,6 +381,11 @@ div.table-name {
     cursor: pointer;
 }
 
+.blankslate {
+    text-align: center;
+    padding: 30px;
+}
+
 /*
 bootstrap's hidden-xs class adds display:block when not hidden
 use this class when you need to keep the original display value
@@ -339,3 +395,7 @@ use this class when you need to keep the original display value
         display: none !important;
     }
 }
+
+.log-container {
+    margin-bottom: 50px;
+}

rd_ui/app/views/alerts/edit.html

@@ -0,0 +1,58 @@
+<div class="container">
+    <ol class="breadcrumb">
+        <li><a href="/alerts">Alerts</a></li>
+        <li class="active">{{alert.name || getDefaultName() || "New"}}</li>
+    </ol>
+    <div class="row">
+        <div class="col-md-8">
+            <form name="alertForm" ng-submit="saveChanges()" class="form">
+                <div class="form-group">
+                    <label>Query</label>
+                    <ui-select ng-model="alert.query" reset-search-input="false" on-select="onQuerySelected($item)">
+                        <ui-select-match placeholder="Search a query by name">{{$select.selected.name}}</ui-select-match>
+                        <ui-select-choices repeat="q in queries"
+                                           refresh="searchQueries($select.search)"
+                                           refresh-delay="0">
+                            <div ng-bind-html="q.name | highlight: $select.search | trustAsHtml"></div>
+                        </ui-select-choices>
+                    </ui-select>
+                </div>
+
+                <div class="form-group" ng-show="selectedQuery">
+                    <label>Name</label>
+                    <input type="string" placeholder="{{getDefaultName()}}" class="form-control" ng-model="alert.name">
+                </div>
+
+                <div ng-show="queryResult" class="form-horizontal">
+                    <div class="form-group">
+                        <label class="control-label col-md-2">Value column</label>
+                        <div class="col-md-4">
+                            <select ng-options="name for name in queryResult.getColumnNames()" ng-model="alert.options.column" class="form-control"></select>
+                        </div>
+                        <label class="control-label col-md-2">Value</label>
+                        <div class="col-md-4">
+                            <p class="form-control-static">{{queryResult.getData()[0][alert.options.column]}}</p>
+                        </div>
+                    </div>
+                    <div class="form-group">
+                        <label class="control-label col-md-2">Op</label>
+                        <div class="col-md-4">
+                            <select ng-options="name for name in ops" ng-model="alert.options.op" class="form-control"></select>
+                        </div>
+                        <label class="control-label col-md-2">Reference</label>
+                        <div class="col-md-4">
+                            <input type="number" class="form-control" ng-model="alert.options.value" placeholder="reference value" required/>
+                        </div>
+                    </div>
+                </div>
+
+                <div class="form-group">
+                    <button class="btn btn-primary" ng-disabled="!alertForm.$valid">Save</button>
+                </div>
+            </form>
+        </div>
+        <div class="col-md-4" ng-if="alert.id">
+            <alert-subscribers alert-id="alert.id"></alert-subscribers>
+        </div>
+    </div>
+</div>

rd_ui/app/views/alerts/list.html

@@ -0,0 +1,16 @@
+<div class="container">
+    <ol class="breadcrumb">
+        <li class="active">Alerts</li>
+    </ol>
+    <div class="row">
+        <div class="col-md-12">
+            <p>
+                <a href="/alerts/new" class="btn btn-default"><i class="fa fa-plus"></i> New Alert</a>
+            </p>
+
+            <smart-table rows="alerts" columns="gridColumns"
+                         config="gridConfig"
+                         class="table table-condensed table-hover"></smart-table>
+        </div>
+    </div>
+</div>

rd_ui/app/views/alerts/subscribers.html

@@ -0,0 +1,4 @@
+<div>
+    <strong>Subscribers</strong> <subscribe-button alert-id="alertId" subscribers="subscribers"></subscribe-button><br/>
+    <img ng-src="{{s.user.gravatar_url}}" class="img-circle" alt="{{s.user.name}}" ng-repeat="s in subscribers"/>
+</div>

rd_ui/app/views/dashboard.html

@@ -2,17 +2,21 @@
 <edit-dashboard-form dashboard="dashboard" id="edit_dashboard_dialog"></edit-dashboard-form>
 
 <div class="container">
+    <p class="alert alert-warning" ng-if="dashboard.is_archived">This dashboard is archived and won't appear in the dashboards list or search results.</p>
     <h2 id="dashboard_title">
         {{dashboard.name}}
 
+        <span ng-if="!dashboard.is_archived">
             <button type="button" class="btn btn-default btn-xs" ng-class="{active: refreshEnabled}" tooltip="Enable/Disable Auto Refresh" ng-click="triggerRefresh()"><span class="glyphicon glyphicon-refresh"></span></button>
-            <span ng-show="dashboard.canEdit()">
+            <div class="btn-group" role="group" ng-show="dashboard.canEdit()">
                 <button type="button" class="btn btn-default btn-xs" data-toggle="modal" href="#edit_dashboard_dialog" tooltip="Edit Dashboard (Name/Layout)"><span
                         class="glyphicon glyphicon-cog"></span></button>
                 <button type="button" class="btn btn-default btn-xs" data-toggle="modal"
                         href="#add_query_dialog" tooltip="Add Widget (Chart/Table)"><span class="glyphicon glyphicon-plus"></span>
                 </button>
-            </span>
+                <butotn class="btn btn-danger btn-xs" ng-click="archiveDashboard()" ng-if="!dashboard.is_archived" tooltip="Archive"><i class="fa fa-archive"></i></butotn>
+            </div>
+        </span>
     </h2>
     <filters ng-if="dashboard.dashboard_filters_enabled"></filters>
 </div>

rd_ui/app/views/data_sources/edit.html

@@ -0,0 +1,11 @@
+<div class="container">
+    <ol class="breadcrumb">
+        <li><a href="/data_sources">Data Sources</a></li>
+        <li class="active">{{dataSource.name || "New"}}</li>
+    </ol>
+    <div class="row">
+        <div class="col-md-8">
+            <data-source-form data-data-source="dataSource" />
+        </div>
+    </div>
+</div>

rd_ui/app/views/data_sources/form.html

@@ -0,0 +1,20 @@
+<form name="dataSourceForm" ng-submit="saveChanges()">
+    <div class="form-group">
+        <label for="dataSourceName">Name</label>
+        <input type="string" class="form-control" name="dataSourceName" ng-model="dataSource.name" required>
+    </div>
+    <div class="form-group">
+        <label for="type">Type</label>
+        <select name="type" class="form-control" ng-options="type.type as type.name for type in dataSourceTypes" ng-model="dataSource.type"></select>
+    </div>
+    <div class="form-group" ng-class='{"has-error": !inner.input.$valid}' ng-form="inner" ng-repeat="(name, input) in type.configuration_schema.properties">
+        <label>{{input.title || name | capitalize}}</label>
+        <input name="input" type="{{input.type}}" class="form-control" ng-model="dataSource.options[name]" ng-required="input.required"
+                ng-if="input.type !== 'file'" accesskey="tab">
+
+        <input name="input" type="file" class="form-control" ng-model="files[name]" ng-required="input.required"
+               base-sixty-four-input
+               ng-if="input.type === 'file'">
+    </div>
+    <button class="btn btn-primary" ng-disabled="!dataSourceForm.$valid">Save</button>
+</form>

rd_ui/app/views/data_sources/list.html

@@ -0,0 +1,18 @@
+<div class="container">
+    <ol class="breadcrumb">
+        <li class="active">Data Sources</li>
+    </ol>
+    <div class="row">
+        <div class="col-md-4">
+            <div class="list-group">
+                <div class="list-group-item clickable" ng-repeat="dataSource in dataSources" ng-click="openDataSource(dataSource)">
+                    <i class="fa fa-database"></i> {{dataSource.name}}
+                    <button class="btn btn-xs btn-danger pull-right" ng-click="deleteDataSource($event, dataSource)">Delete</button>
+                </div>
+                <a ng-href="/data_sources/new" class="list-group-item">
+                    <i class="fa fa-plus"></i> Add Data Source
+                </a>
+            </div>
+        </div>
+    </div>
+</div>

rd_ui/app/views/directives/input_errors.html

@@ -0,0 +1,5 @@
+<div>
+    <span class="help-block error" ng-if="errors.required">This field is required.</span>
+    <span class="help-block error" ng-if="errors.minlength">This field is too short.</span>
+    <span class="help-block error" ng-if="errors.email">This needs to be a valid email.</span>
+</div>

rd_ui/app/views/personal.html

@@ -1,14 +1,20 @@
 <div class="container">
+    <div class="row">
+        <p>
+            <a href="/queries/new" class="btn btn-default">New Query</a>
+            <button ng-show="currentUser.hasPermission('create_dashboard')" type="button" class="btn btn-default" data-toggle="modal" href="#new_dashboard_dialog">New Dashboard</button>
+            <a href="/alerts/new" class="btn btn-default">New Alert</a>
+        </p>
+    </div>
+
     <div class="row">
         <div class="list-group col-md-6">
             <div class="list-group-item active">
                 Recent Dashboards
-                <button ng-show="currentUser.hasPermission('create_dashboard')" type="button" class="btn btn-sm btn-link" data-toggle="modal" href="#new_dashboard_dialog" tooltip="New Dashboard"><span class="glyphicon glyphicon-plus-sign"></span></button>
-            </div>
-            <div class="list-group-item" ng-repeat="dashboard in recentDashboards" >
-                <button type="button" class="close delete-button" aria-hidden="true" ng-show="dashboard.canEdit()" ng-click="archiveDashboard(dashboard)" tooltip="Delete Dashboard">&times;</button>
-                <a ng-href="/dashboard/{{dashboard.slug}}">{{dashboard.name}}</a>
             </div>
+            <a ng-href="/dashboard/{{dashboard.slug}}" class="list-group-item" ng-repeat="dashboard in recentDashboards">
+                {{dashboard.name}}
+            </a>
         </div>
 
         <div class="list-group col-md-6">

rd_ui/app/views/query.html

@@ -138,7 +138,7 @@
             </p>
 
             <p>
-                <span class="glyphicon glyphicon-hdd"></span>
+                <i class="fa fa-database"></i>
                 <span class="text-muted">Data Source</span>
                 <select ng-disabled="!isQueryOwner" ng-model="query.data_source_id" ng-change="updateDataSource()" ng-options="ds.id as ds.name for ds in dataSources"></select>
             </p>
@@ -192,6 +192,16 @@
             </div>
             <div class="alert alert-danger" ng-show="queryResult.getError()">Error running query: <strong>{{queryResult.getError()}}</strong></div>
 
+            <div class="row log-container" ng-show="showLog">
+                <span ng-show="showLog">Log Information:</span>
+                <table>
+                  <tbody>
+                    <tr ng-repeat="l in queryResult.getLog()">
+                      <td>{{l}}</td>
+                    </tr>
+                  </tbody>
+                </table>
+            </div>
             <!-- tabs and data -->
             <div ng-show="showDataset">
                 <div class="row">

rd_ui/app/views/users/list.html

@@ -0,0 +1,16 @@
+<div class="container">
+    <ol class="breadcrumb">
+        <li class="active">Users</li>
+    </ol>
+    <div class="row">
+        <div class="col-md-12">
+            <p ng-if="currentUser.hasPermission('admin')">
+                <a href="/users/new" class="btn btn-default"><i class="fa fa-plus"></i> New User</a>
+            </p>
+
+            <smart-table rows="users" columns="gridColumns"
+                         config="gridConfig"
+                         class="table table-condensed table-hover"></smart-table>
+        </div>
+    </div>
+</div>

rd_ui/app/views/users/new.html

@@ -0,0 +1,32 @@
+<div class="container">
+    <ol class="breadcrumb">
+        <li><a href="/users">Users</a></li>
+        <li class="active">New</li>
+    </ol>
+
+    <form class="form" name="userForm" ng-submit="saveUser()" novalidate>
+        <div class="form-group required" show-errors>
+            <label class="control-label">Name</label>
+            <input type="text" name="name" class="form-control" ng-model="user.name" required/>
+            <input-errors name="Name" errors="userForm.name.$error"/>
+        </div>
+        <div class="form-group required" show-errors>
+            <label class="control-label">Email</label>
+            <input name="email" type="email" class="form-control" ng-model="user.email" required/>
+            <input-errors name="Email" errors="userForm.email.$error"/>
+        </div>
+        <div class="form-group required" show-errors>
+            <label class="control-label">Password</label>
+            <input class="form-control" type="password" name="password" ng-model="user.password" ng-minlength="6" required/>
+            <input-errors name="Password" errors="userForm.password.$error"/>
+        </div>
+        <div class="form-group required" show-errors>
+            <label class="control-label">Repeat Password</label>
+            <input class="form-control" type="password" name="passwordRepeat" ng-model="user.passwordRepeat" compare-to="user.password"/>
+            <span class="help-block error" ng-if="userForm.passwordRepeat.$error.compareTo">Passwords don't match.</span>
+        </div>
+        <div class="form-group">
+            <button class="btn btn-primary">Save</button>
+        </div>
+    </form>
+</div>

rd_ui/app/views/users/show.html

@@ -0,0 +1,76 @@
+<div class="container">
+    <ol class="breadcrumb">
+        <li ng-if="currentUser.hasPermission('list_users')"><a href="/users">Users</a></li>
+        <li ng-if="!currentUser.hasPermission('list_users')">Users</li>
+        <li class="active">{{user.name}}</li>
+    </ol>
+
+    <tabset>
+        <tab heading="Profile" active="tabs['profile']" select="setTab('profile')">
+            <p>
+                <img src="{{user.gravatar_url}}"/>
+            </p>
+
+            <p>
+                <strong>{{user.name}}</strong>
+            </p>
+
+            <p>
+                {{user.email}}
+            </p>
+        </tab>
+        <tab heading="API Key" ng-if="user.api_key" active="tabs['apiKey']" select="setTab('apiKey')">
+            API Key:
+            <input type="text" value="{{user.api_key}}" size="44" readonly/>
+        </tab>
+        <tab heading="Settings" ng-if="showSettings || currentUser.hasPermission('admin')" active="tabs['settings']" select="setTab('settings')">
+            <div class="col-md-6">
+                <form class="form" name="userSettingsForm" ng-submit="updateUser(userSettingsForm)" novalidate>
+                    <div class="form-group required" ng-if="showSettings" show-errors>
+                        <label class="control-label">Name</label>
+                        <input name="name" type="text" class="form-control" ng-model="user.name" required/>
+                        <input-errors errors="userSettingsForm.name.$error"/>
+                    </div>
+                    <div class="form-group required" ng-if="showSettings" show-errors>
+                        <label class="control-label">Email</label>
+                        <input name="email" type="email" class="form-control" ng-model="user.email" required/>
+                        <input-errors errors="userSettingsForm.email.$error"/>
+                    </div>
+                    <div class="checkbox" ng-if="currentUser.hasPermission('admin')">
+                        <label>
+                            <input type="checkbox" ng-model="user.admin"> Admin
+                        </label>
+                    </div>
+                    <div class="form-gruup">
+                        <button class="btn btn-primary">Save</button>
+                    </div>
+                </form>
+            </div>
+        </tab>
+        <tab heading="Password" ng-if="showPasswordSettings" active="tabs['password']" select="setTab('password')">
+            <div class="col-md-6">
+                <form class="form" name="userPasswordForm" ng-submit="savePassword(userPasswordForm)" novalidate>
+                    <div class="form-group required" show-errors>
+                        <label class="control-label">Current Password</label>
+                        <input name="currentPassword" class="form-control" type="password" ng-model="password.current" required/>
+                        <input-errors name="Password" errors="userPasswordForm.currentPassword.$error"/>
+                    </div>
+                    <div class="form-group required" show-errors>
+                        <label class="control-label">New Password</label>
+                        <input name="newPassword" class="form-control" type="password" ng-model="password.new" ng-minlength="6" required/>
+                        <input-errors name="Password" errors="userPasswordForm.newPassword.$error"/>
+                    </div>
+                    <div class="form-group required" show-errors>
+                        <label class="control-label">Repeat New Password</label>
+                        <input name="passwordRepeat" class="form-control" type="password" ng-model="password.newRepeat" compare-to="password.new"/>
+                        <span class="help-block error" ng-if="userPasswordForm.passwordRepeat.$error.compareTo">Passwords don't match.</span>
+                    </div>
+                    <div class="form-group">
+                        <button class="btn btn-primary">Save</button>
+                    </div>
+                </form>
+            </div>
+        </tab>
+    </tabset>
+
+</div>

rd_ui/app/views/visualizations/filters.html

@@ -1,8 +1,17 @@
-<div class="well well-sm" ng-show="filters">
-    <div ng-repeat="filter in filters">
-        {{filter.friendlyName}}:
-        <select ui-select2='select2Options' ng-model="filter.current" ng-multiple="{{filter.multiple}}">
-            <option ng-repeat="value in filter.values" value="{{value}}">{{value}}</option>
-        </select>
+<div class="well well-sm filters-container" ng-show="filters">
+    <div class="filter" ng-repeat="filter in filters">
+        <ui-select ng-model="filter.current" ng-if="!filter.multiple">
+           <ui-select-match placeholder="Select value for {{filter.friendlyName}}...">{{filter.friendlyName}}: {{$select.selected}}</ui-select-match>
+           <ui-select-choices repeat="value in filter.values | filter: $select.search track by $index">
+               {{value}}
+           </ui-select-choices>
+        </ui-select>
+
+        <ui-select ng-model="filter.current" multiple ng-if="filter.multiple">
+            <ui-select-match placeholder="Select value for {{filter.friendlyName}}...">{{filter.friendlyName}}: {{$item}}</ui-select-match>
+            <ui-select-choices repeat="value in filter.values | filter: $select.search track by $index">
+                {{value}}
+            </ui-select-choices>
+        </ui-select>
     </div>
 </div>

rd_ui/bower.json

@@ -19,18 +19,19 @@
     "cornelius": "https://github.com/restorando/cornelius.git",
     "gridster": "0.2.0",
     "mousetrap": "~1.4.6",
-    "angular-ui-select2": "~0.0.5",
     "jquery-ui": "~1.10.4",
     "underscore.string": "~2.3.3",
     "marked": "~0.3.2",
     "bucky": "~0.2.6",
     "pace": "~0.5.1",
-    "angular-ui-select": "0.8.2",
     "font-awesome": "~4.2.0",
     "mustache": "~1.0.0",
     "canvg": "gabelerner/canvg",
     "angular-ui-bootstrap-bower": "~0.12.1",
-    "leaflet":"~0.7.3"
+    "leaflet": "~0.7.3",
+    "angular-base64-upload": "~0.1.11",
+    "angular-ui-select": "0.8.2",
+    "angular-bootstrap-show-errors": "~2.3.0"
   },
   "devDependencies": {
     "angular-mocks": "1.2.18",

rd_ui/package.json

@@ -36,6 +36,7 @@
     "node": ">=0.10.0"
   },
   "scripts": {
-    "test": "grunt test"
+    "test": "grunt test",
+    "bower": "bower"
   }
 }

redash/__init__.py

@@ -2,11 +2,12 @@ import logging
 import urlparse
 import redis
 from statsd import StatsClient
+from flask_mail import Mail
 
 from redash import settings
 from redash.query_runner import import_query_runners
 
-__version__ = '0.6.2'
+__version__ = '0.8.0'
 
 
 def setup_logging():
@@ -32,6 +33,8 @@ def create_redis_connection():
 
 setup_logging()
 redis_connection = create_redis_connection()
+mail = Mail()
+mail.init_mail(settings.all_settings())
 statsd_client = StatsClient(host=settings.STATSD_HOST, port=settings.STATSD_PORT, prefix=settings.STATSD_PREFIX)
 
 import_query_runners(settings.QUERY_RUNNERS)

redash/admin.py

@@ -8,7 +8,6 @@ from wtforms import fields
 from wtforms.widgets import TextInput
 
 from redash import models
-from redash import query_runner
 from redash.permissions import require_permission
 
 
@@ -39,21 +38,12 @@ class JSONTextAreaField(fields.TextAreaField):
         else:
             self.data = ''
 
-class PasswordHashField(fields.PasswordField):
-    def _value(self):
-        return u''
-
-    def process_formdata(self, valuelist):
-        if valuelist:
-            self.data = models.pwd_context.encrypt(valuelist[0])
-        else:
-            self.data = u''
-
 
 class PgModelConverter(CustomModelConverter):
     def __init__(self, view, additional=None):
         additional = {ArrayField: self.handle_array_field,
-                      DateTimeTZField: self.handle_datetime_tz_field}
+                      DateTimeTZField: self.handle_datetime_tz_field,
+                      }
         super(PgModelConverter, self).__init__(view, additional)
         self.view = view
 
@@ -66,6 +56,7 @@ class PgModelConverter(CustomModelConverter):
 
 
 class BaseModelView(ModelView):
+    column_display_pk = True
     model_form_converter = PgModelConverter
 
     @require_permission('admin')
@@ -73,44 +64,24 @@ class BaseModelView(ModelView):
         return True
 
 
-class UserModelView(BaseModelView):
-    column_searchable_list = ('name', 'email')
-    form_excluded_columns = ('created_at', 'updated_at')
-    column_exclude_list = ('password_hash',)
-
-    form_overrides = dict(password_hash=PasswordHashField)
-    form_args = {
-        'password_hash': {'label': 'Password'}
-    }
+class QueryResultModelView(BaseModelView):
+    column_exclude_list = ('data',)
 
 
-def query_runner_type_formatter(view, context, model, name):
-    qr = query_runner.query_runners.get(model.type, None)
-    if qr:
-        return qr.name()
-
-    return model.type
+class QueryModelView(BaseModelView):
+    column_exclude_list = ('latest_query_data',)
 
 
-class DataSourceModelView(BaseModelView):
-    form_overrides = dict(type=fields.SelectField, options=JSONTextAreaField)
-    form_args = dict(type={
-        'choices': [(k, r.name()) for k, r in query_runner.query_runners.iteritems()]
-    })
-    column_formatters = dict(type=query_runner_type_formatter)
-    column_filters = ('type',)
+class DashboardModelView(BaseModelView):
+    column_searchable_list = ('name', 'slug')
 
 
 def init_admin(app):
-    admin = Admin(app, name='re:dash admin')
+    admin = Admin(app, name='re:dash admin', template_mode='bootstrap3')
 
-    views = {
-        models.User: UserModelView(models.User),
-        models.DataSource: DataSourceModelView(models.DataSource)
-    }
+    admin.add_view(QueryModelView(models.Query))
+    admin.add_view(QueryResultModelView(models.QueryResult))
+    admin.add_view(DashboardModelView(models.Dashboard))
 
-    for m in models.all_models:
-        if m in views:
-            admin.add_view(views[m])
-        else:
-            admin.add_view(BaseModelView(m))
+    for m in (models.Visualization, models.Widget, models.ActivityLog, models.Group, models.Event):
+        admin.add_view(BaseModelView(m))

redash/authentication.py

@@ -1,13 +1,13 @@
-import functools
 import hashlib
 import hmac
 import time
 import logging
 
-from flask import request, make_response, redirect, url_for
-from flask.ext.login import LoginManager, login_user, current_user, logout_user
+from flask.ext.login import LoginManager
+from flask.ext.login import user_logged_in
 
 from redash import models, settings, google_oauth, saml_auth
+from redash.tasks import record_event
 
 login_manager = LoginManager()
 logger = logging.getLogger('authentication')
@@ -23,78 +23,85 @@ def sign(key, path, expires):
     return h.hexdigest()
 
 
-class Authentication(object):
-    def verify_authentication(self):
-        return False
-
-    def required(self, fn):
-        @functools.wraps(fn)
-        def decorated(*args, **kwargs):
-            if current_user.is_authenticated() or self.verify_authentication():
-                return fn(*args, **kwargs)
-
-            return make_response(redirect(url_for("login", next=request.url)))
-
-        return decorated
+@login_manager.user_loader
+def load_user(user_id):
+    return models.User.get_by_id(user_id)
 
 
-class ApiKeyAuthentication(Authentication):
-    def verify_authentication(self):
-        api_key = request.args.get('api_key')
-        query_id = request.view_args.get('query_id', None)
+def hmac_load_user_from_request(request):
+    signature = request.args.get('signature')
+    expires = float(request.args.get('expires') or 0)
+    query_id = request.view_args.get('query_id', None)
+    user_id = request.args.get('user_id', None)
 
-        if query_id and api_key:
-            query = models.Query.get(models.Query.id == query_id)
+    # TODO: 3600 should be a setting
+    if signature and time.time() < expires <= time.time() + 3600:
+        if user_id:
+            user = models.User.get_by_id(user_id)
+            calculated_signature = sign(user.api_key, request.path, expires)
 
-            if query.api_key and api_key == query.api_key:
-                login_user(models.ApiUser(query.api_key), remember=False)
-                return True
+            if user.api_key and signature == calculated_signature:
+                return user
 
-        return False
-
-
-class HMACAuthentication(Authentication):
-    def verify_authentication(self):
-        signature = request.args.get('signature')
-        expires = float(request.args.get('expires') or 0)
-        query_id = request.view_args.get('query_id', None)
-
-        # TODO: 3600 should be a setting
-        if signature and query_id and time.time() < expires <= time.time() + 3600:
+        if query_id:
             query = models.Query.get(models.Query.id == query_id)
             calculated_signature = sign(query.api_key, request.path, expires)
 
             if query.api_key and signature == calculated_signature:
-                login_user(models.ApiUser(query.api_key), remember=False)
-                return True
+                return models.ApiUser(query.api_key)
 
-        return False
+    return None
 
-
-@login_manager.user_loader
-def load_user(user_id):
-    # If the user was previously logged in as api user, the user_id will be the api key and will raise an exception as
-    # it can't be casted to int.
-    if isinstance(user_id, basestring) and not user_id.isdigit():
+def get_user_from_api_key(api_key, query_id):
+    if not api_key:
         return None
 
-    return models.User.select().where(models.User.id == user_id).first()
+    user = None
+    try:
+        user = models.User.get_by_api_key(api_key)
+    except models.User.DoesNotExist:
+        if query_id:
+            query = models.Query.get_by_id(query_id)
+            if query and query.api_key == api_key:
+                user = models.ApiUser(api_key)
+
+    return user
+
+def api_key_load_user_from_request(request):
+    api_key = request.args.get('api_key', None)
+    query_id = request.view_args.get('query_id', None)
+
+    user = get_user_from_api_key(api_key, query_id)
+    return user
+
+
+def log_user_logged_in(app, user):
+    event = {
+        'user_id': user.id,
+        'action': 'login',
+        'object_type': 'redash',
+        'timestamp': int(time.time()),
+    }
+
+    record_event.delay(event)
 
 
 def setup_authentication(app):
     login_manager.init_app(app)
     login_manager.anonymous_user = models.AnonymousUser
+    login_manager.login_view = 'login'
     app.secret_key = settings.COOKIE_SECRET
     app.register_blueprint(google_oauth.blueprint)
     app.register_blueprint(saml_auth.blueprint)
 
+    user_logged_in.connect(log_user_logged_in)
+
     if settings.AUTH_TYPE == 'hmac':
-        auth = HMACAuthentication()
+        login_manager.request_loader(hmac_load_user_from_request)
     elif settings.AUTH_TYPE == 'api_key':
-        auth = ApiKeyAuthentication()
+        login_manager.request_loader(api_key_load_user_from_request)
     else:
         logger.warning("Unknown authentication type ({}). Using default (HMAC).".format(settings.AUTH_TYPE))
-        auth = HMACAuthentication()
+        login_manager.request_loader(hmac_load_user_from_request)
 
-    return auth
 

redash/cache.py

@@ -1,5 +0,0 @@
-ONE_YEAR = 60 * 60 * 24 * 365.25
-
-headers = {
-  'Cache-Control': 'max-age=%d' % ONE_YEAR
-}

redash/controllers.py

@@ -1,562 +0,0 @@
-"""
-Flask-restful based API implementation for re:dash.
-
-Currently the Flask server is used to serve the static assets (and the Angular.js app),
-but this is only due to configuration issues and temporary.
-"""
-import csv
-import hashlib
-import json
-import cStringIO
-import time
-import logging
-
-from flask import render_template, send_from_directory, make_response, request, jsonify, redirect, \
-    session, url_for, current_app
-from flask.ext.restful import Resource, abort
-from flask_login import current_user, login_user, logout_user
-import sqlparse
-
-from redash import redis_connection, statsd_client, models, settings, utils, __version__
-from redash.wsgi import app, auth, api
-from redash.tasks import QueryTask, record_event
-from redash.cache import headers as cache_headers
-from redash.permissions import require_permission
-from redash.query_runner import query_runners, validate_configuration
-from redash.monitor import get_status
-
-
-@app.route('/ping', methods=['GET'])
-def ping():
-    return 'PONG.'
-
-
-@app.route('/admin/<anything>')
-@app.route('/dashboard/<anything>')
-@app.route('/queries')
-@app.route('/queries/<query_id>')
-@app.route('/queries/<query_id>/<anything>')
-@app.route('/personal')
-@app.route('/')
-@auth.required
-def index(**kwargs):
-    email_md5 = hashlib.md5(current_user.email.lower()).hexdigest()
-    gravatar_url = "https://www.gravatar.com/avatar/%s?s=40" % email_md5
-
-    user = {
-        'gravatar_url': gravatar_url,
-        'id': current_user.id,
-        'name': current_user.name,
-        'email': current_user.email,
-        'groups': current_user.groups,
-        'permissions': current_user.permissions
-    }
-
-    features = {
-        'clientSideMetrics': settings.CLIENT_SIDE_METRICS
-    }
-
-    return render_template("index.html", user=json.dumps(user), name=settings.NAME,
-                           features=json.dumps(features),
-                           analytics=settings.ANALYTICS)
-
-
-@app.route('/login', methods=['GET', 'POST'])
-def login():
-    if current_user.is_authenticated():
-        return redirect(request.args.get('next') or '/')
-
-    if not settings.PASSWORD_LOGIN_ENABLED:
-        if settings.SAML_LOGIN_ENABLED:
-            return redirect(url_for("saml_auth.sp_initiated", next=request.args.get('next')))
-        else:
-            return redirect(url_for("google_oauth.authorize", next=request.args.get('next')))
-
-
-    if request.method == 'POST':
-        user = models.User.select().where(models.User.email == request.form['username']).first()
-        if user and user.verify_password(request.form['password']):
-            remember = ('remember' in request.form)
-            login_user(user, remember=remember)
-            return redirect(request.args.get('next') or '/')
-
-    return render_template("login.html",
-                           name=settings.NAME,
-                           analytics=settings.ANALYTICS,
-                           next=request.args.get('next'),
-                           username=request.form.get('username', ''),
-                           show_google_openid=settings.GOOGLE_OAUTH_ENABLED,
-                           show_saml_login=settings.SAML_LOGIN_ENABLED)
-
-@app.route('/logout')
-def logout():
-    logout_user()
-    session.pop('openid', None)
-
-    return redirect('/login')
-
-@app.route('/status.json')
-@auth.required
-@require_permission('admin')
-def status_api():
-    status = get_status()
-
-    return jsonify(status)
-
-
-@app.route('/api/queries/format', methods=['POST'])
-@auth.required
-def format_sql_query():
-    arguments = request.get_json(force=True)
-    query = arguments.get("query", "")
-
-    return sqlparse.format(query, reindent=True, keyword_case='upper')
-
-
-@app.route('/queries/new', methods=['POST'])
-@auth.required
-def create_query_route():
-    query = request.form.get('query', None)
-    data_source_id = request.form.get('data_source_id', None)
-
-    if query is None or data_source_id is None:
-        abort(400)
-
-    query = models.Query.create(name="New Query",
-                                query=query,
-                                data_source=data_source_id,
-                                user=current_user._get_current_object(),
-                                schedule=None)
-
-    return redirect('/queries/{}'.format(query.id), 303)
-
-
-class BaseResource(Resource):
-    decorators = [auth.required]
-
-    def __init__(self, *args, **kwargs):
-        super(BaseResource, self).__init__(*args, **kwargs)
-        self._user = None
-
-    @property
-    def current_user(self):
-        return current_user._get_current_object()
-
-    def dispatch_request(self, *args, **kwargs):
-        with statsd_client.timer('requests.{}.{}'.format(request.endpoint, request.method.lower())):
-            response = super(BaseResource, self).dispatch_request(*args, **kwargs)
-        return response
-
-
-class EventAPI(BaseResource):
-    def post(self):
-        events_list = request.get_json(force=True)
-        for event in events_list:
-            record_event.delay(event)
-
-
-api.add_resource(EventAPI, '/api/events', endpoint='events')
-
-
-class MetricsAPI(BaseResource):
-    def post(self):
-        for stat_line in request.data.split():
-            stat, value = stat_line.split(':')
-            statsd_client._send_stat('client.{}'.format(stat), value, 1)
-
-        return "OK."
-
-api.add_resource(MetricsAPI, '/api/metrics/v1/send', endpoint='metrics')
-
-
-class DataSourceTypeListAPI(BaseResource):
-    @require_permission("admin")
-    def get(self):
-        return [q.to_dict() for q in query_runners.values()]
-
-api.add_resource(DataSourceTypeListAPI, '/api/data_sources/types', endpoint='data_source_types')
-
-
-class DataSourceListAPI(BaseResource):
-    def get(self):
-        data_sources = [ds.to_dict() for ds in models.DataSource.all()]
-        return data_sources
-
-    @require_permission("admin")
-    def post(self):
-        req = request.get_json(True)
-        required_fields = ('options', 'name', 'type')
-        for f in required_fields:
-            if f not in req:
-                abort(400)
-
-        if not validate_configuration(req['type'], req['options']):
-            abort(400)
-
-        datasource = models.DataSource.create(name=req['name'], type=req['type'], options=req['options'])
-
-        return datasource.to_dict()
-
-api.add_resource(DataSourceListAPI, '/api/data_sources', endpoint='data_sources')
-
-
-class DataSourceSchemaAPI(BaseResource):
-    def get(self, data_source_id):
-        data_source = models.DataSource.get_by_id(data_source_id)
-        schema = data_source.get_schema()
-
-        return schema
-
-api.add_resource(DataSourceSchemaAPI, '/api/data_sources/<data_source_id>/schema')
-
-class DashboardRecentAPI(BaseResource):
-    def get(self):
-        return [d.to_dict() for d in models.Dashboard.recent(current_user.id).limit(20)]
-
-
-class DashboardListAPI(BaseResource):
-    def get(self):
-        dashboards = [d.to_dict() for d in
-                      models.Dashboard.select().where(models.Dashboard.is_archived==False)]
-
-        return dashboards
-
-    @require_permission('create_dashboard')
-    def post(self):
-        dashboard_properties = request.get_json(force=True)
-        dashboard = models.Dashboard(name=dashboard_properties['name'],
-                                     user=self.current_user,
-                                     layout='[]')
-        dashboard.save()
-        return dashboard.to_dict()
-
-
-class DashboardAPI(BaseResource):
-    def get(self, dashboard_slug=None):
-        try:
-            dashboard = models.Dashboard.get_by_slug(dashboard_slug)
-        except models.Dashboard.DoesNotExist:
-            abort(404)
-
-        return dashboard.to_dict(with_widgets=True)
-
-    @require_permission('edit_dashboard')
-    def post(self, dashboard_slug):
-        dashboard_properties = request.get_json(force=True)
-        # TODO: either convert all requests to use slugs or ids
-        dashboard = models.Dashboard.get_by_id(dashboard_slug)
-        dashboard.layout = dashboard_properties['layout']
-        dashboard.name = dashboard_properties['name']
-        dashboard.save()
-
-        return dashboard.to_dict(with_widgets=True)
-
-    @require_permission('edit_dashboard')
-    def delete(self, dashboard_slug):
-        dashboard = models.Dashboard.get_by_slug(dashboard_slug)
-        dashboard.is_archived = True
-        dashboard.save()
-
-api.add_resource(DashboardListAPI, '/api/dashboards', endpoint='dashboards')
-api.add_resource(DashboardRecentAPI, '/api/dashboards/recent', endpoint='recent_dashboards')
-api.add_resource(DashboardAPI, '/api/dashboards/<dashboard_slug>', endpoint='dashboard')
-
-
-class WidgetListAPI(BaseResource):
-    @require_permission('edit_dashboard')
-    def post(self):
-        widget_properties = request.get_json(force=True)
-        widget_properties['options'] = json.dumps(widget_properties['options'])
-        widget_properties.pop('id', None)
-        widget_properties['dashboard'] = widget_properties.pop('dashboard_id')
-        widget_properties['visualization'] = widget_properties.pop('visualization_id')
-        widget = models.Widget(**widget_properties)
-        widget.save()
-
-        layout = json.loads(widget.dashboard.layout)
-        new_row = True
-
-        if len(layout) == 0 or widget.width == 2:
-            layout.append([widget.id])
-        elif len(layout[-1]) == 1:
-            neighbour_widget = models.Widget.get(models.Widget.id == layout[-1][0])
-            if neighbour_widget.width == 1:
-                layout[-1].append(widget.id)
-                new_row = False
-            else:
-                layout.append([widget.id])
-        else:
-            layout.append([widget.id])
-
-        widget.dashboard.layout = json.dumps(layout)
-        widget.dashboard.save()
-
-        return {'widget': widget.to_dict(), 'layout': layout, 'new_row': new_row}
-
-
-class WidgetAPI(BaseResource):
-    @require_permission('edit_dashboard')
-    def delete(self, widget_id):
-        widget = models.Widget.get(models.Widget.id == widget_id)
-        widget.delete_instance()
-
-api.add_resource(WidgetListAPI, '/api/widgets', endpoint='widgets')
-api.add_resource(WidgetAPI, '/api/widgets/<int:widget_id>', endpoint='widget')
-
-
-class QuerySearchAPI(BaseResource):
-    @require_permission('view_query')
-    def get(self):
-        term = request.args.get('q', '')
-
-        return [q.to_dict() for q in models.Query.search(term)]
-
-
-class QueryRecentAPI(BaseResource):
-    @require_permission('view_query')
-    def get(self):
-        return [q.to_dict() for q in models.Query.recent(current_user.id).limit(20)]
-
-
-class QueryListAPI(BaseResource):
-    @require_permission('create_query')
-    def post(self):
-        query_def = request.get_json(force=True)
-        for field in ['id', 'created_at', 'api_key', 'visualizations', 'latest_query_data', 'last_modified_by']:
-            query_def.pop(field, None)
-
-        query_def['user'] = self.current_user
-        query_def['data_source'] = query_def.pop('data_source_id')
-        query = models.Query(**query_def)
-        query.save()
-
-        return query.to_dict()
-
-    @require_permission('view_query')
-    def get(self):
-        return [q.to_dict(with_stats=True) for q in models.Query.all_queries()]
-
-
-class QueryAPI(BaseResource):
-    @require_permission('edit_query')
-    def post(self, query_id):
-        query = models.Query.get_by_id(query_id)
-        
-        query_def = request.get_json(force=True)
-        for field in ['id', 'created_at', 'api_key', 'visualizations', 'latest_query_data', 'user', 'last_modified_by']:
-            query_def.pop(field, None)
-
-        if 'latest_query_data_id' in query_def:
-            query_def['latest_query_data'] = query_def.pop('latest_query_data_id')
-
-        if 'data_source_id' in query_def:
-            query_def['data_source'] = query_def.pop('data_source_id')
-
-        query_def['last_modified_by'] = self.current_user
-
-        # TODO: use #save() with #dirty_fields.
-        models.Query.update_instance(query_id, **query_def)
-
-        query = models.Query.get_by_id(query_id)
-
-        return query.to_dict(with_visualizations=True)
-
-    @require_permission('view_query')
-    def get(self, query_id):
-        q = models.Query.get(models.Query.id == query_id)
-        if q:
-            return q.to_dict(with_visualizations=True)
-        else:
-            abort(404, message="Query not found.")
-
-    # TODO: move to resource of its own? (POST /queries/{id}/archive)
-    def delete(self, query_id):
-        q = models.Query.get(models.Query.id == query_id)
-
-        if q:
-            if q.user.id == self.current_user.id or self.current_user.has_permission('admin'):
-                q.archive()
-            else:
-                abort(403)
-        else:
-            abort(404, message="Query not found.")
-
-api.add_resource(QuerySearchAPI, '/api/queries/search', endpoint='queries_search')
-api.add_resource(QueryRecentAPI, '/api/queries/recent', endpoint='recent_queries')
-api.add_resource(QueryListAPI, '/api/queries', endpoint='queries')
-api.add_resource(QueryAPI, '/api/queries/<query_id>', endpoint='query')
-
-
-class VisualizationListAPI(BaseResource):
-    @require_permission('edit_query')
-    def post(self):
-        kwargs = request.get_json(force=True)
-        kwargs['options'] = json.dumps(kwargs['options'])
-        kwargs['query'] = kwargs.pop('query_id')
-        
-        vis = models.Visualization(**kwargs)
-        vis.save()
-
-        return vis.to_dict(with_query=False)
-
-
-class VisualizationAPI(BaseResource):
-    @require_permission('edit_query')
-    def post(self, visualization_id):
-        kwargs = request.get_json(force=True)
-        if 'options' in kwargs:
-            kwargs['options'] = json.dumps(kwargs['options'])
-        kwargs.pop('id', None)
-        kwargs.pop('query_id', None)
-
-        update = models.Visualization.update(**kwargs).where(models.Visualization.id == visualization_id)
-        update.execute()
-
-        vis = models.Visualization.get_by_id(visualization_id)
-
-        return vis.to_dict(with_query=False)
-
-    @require_permission('edit_query')
-    def delete(self, visualization_id):
-        vis = models.Visualization.get(models.Visualization.id == visualization_id)
-        vis.delete_instance()
-
-api.add_resource(VisualizationListAPI, '/api/visualizations', endpoint='visualizations')
-api.add_resource(VisualizationAPI, '/api/visualizations/<visualization_id>', endpoint='visualization')
-
-
-class QueryResultListAPI(BaseResource):
-    @require_permission('execute_query')
-    def post(self):
-        params = request.get_json(force=True)
-
-        if settings.FEATURE_TABLES_PERMISSIONS:
-            metadata = utils.SQLMetaData(params['query'])
-
-            if metadata.has_non_select_dml_statements or metadata.has_ddl_statements:
-                return {
-                    'job': {
-                        'error': 'Only SELECT statements are allowed'
-                    }
-                }
-
-            if len(metadata.used_tables - current_user.allowed_tables) > 0 and '*' not in current_user.allowed_tables:
-                logging.warning('Permission denied for user %s to table %s', self.current_user.name, metadata.used_tables)
-                return {
-                    'job': {
-                        'error': 'Access denied for table(s): %s' % (metadata.used_tables)
-                    }
-                }
-
-        models.ActivityLog(
-            user=self.current_user,
-            type=models.ActivityLog.QUERY_EXECUTION,
-            activity=params['query']
-        ).save()
-
-        max_age = int(params.get('max_age', -1))
-
-        if max_age == 0:
-            query_result = None
-        else:
-            query_result = models.QueryResult.get_latest(params['data_source_id'], params['query'], max_age)
-
-        if query_result:
-            return {'query_result': query_result.to_dict()}
-        else:
-            data_source = models.DataSource.get_by_id(params['data_source_id'])
-            query_id = params.get('query_id', 'adhoc')
-            job = QueryTask.add_task(params['query'], data_source, metadata={"Username": self.current_user.name, "Query ID": query_id})
-            return {'job': job.to_dict()}
-
-
-class QueryResultAPI(BaseResource):
-    @staticmethod
-    def csv_response(query_result):
-        s = cStringIO.StringIO()
-
-        query_data = json.loads(query_result.data)
-        writer = csv.DictWriter(s, fieldnames=[col['name'] for col in query_data['columns']])
-        writer.writer = utils.UnicodeWriter(s)
-        writer.writeheader()
-        for row in query_data['rows']:
-            writer.writerow(row)
-
-        headers = {'Content-Type': "text/csv; charset=UTF-8"}
-        headers.update(cache_headers)
-        return make_response(s.getvalue(), 200, headers)
-
-    @require_permission('view_query')
-    def get(self, query_id=None, query_result_id=None, filetype='json'):
-        if query_result_id is None and query_id is not None:
-            query = models.Query.get(models.Query.id == query_id)
-            if query:
-                query_result_id = query._data['latest_query_data']
-
-        if query_result_id:
-            query_result = models.QueryResult.get_by_id(query_result_id)
-
-        if query_result:
-            if isinstance(self.current_user, models.ApiUser):
-                event = {
-                    'user_id': None,
-                    'action': 'api_get',
-                    'timestamp': int(time.time()),
-                    'api_key': self.current_user.id,
-                    'file_type': filetype
-                }
-
-                if query_id:
-                    event['object_type'] = 'query'
-                    event['object_id'] = query_id
-                else:
-                    event['object_type'] = 'query_result'
-                    event['object_id'] = query_result_id
-
-                record_event.delay(event)
-
-            if filetype == 'json':
-                data = json.dumps({'query_result': query_result.to_dict()}, cls=utils.JSONEncoder)
-                return make_response(data, 200, cache_headers)
-            else:
-                return self.csv_response(query_result)
-
-        else:
-            abort(404)
-
-
-api.add_resource(QueryResultListAPI, '/api/query_results', endpoint='query_results')
-api.add_resource(QueryResultAPI,
-                 '/api/query_results/<query_result_id>',
-                 '/api/queries/<query_id>/results.<filetype>',
-                 '/api/queries/<query_id>/results/<query_result_id>.<filetype>',
-                 endpoint='query_result')
-
-
-class JobAPI(BaseResource):
-    def get(self, job_id):
-        # TODO: if finished, include the query result
-        job = QueryTask(job_id=job_id)
-        return {'job': job.to_dict()}
-
-    def delete(self, job_id):
-        job = QueryTask(job_id=job_id)
-        job.cancel()
-
-api.add_resource(JobAPI, '/api/jobs/<job_id>', endpoint='job')
-
-@app.route('/<path:filename>')
-def send_static(filename):
-    if current_app.debug:
-        cache_timeout = 0
-    else:
-        cache_timeout = None
-
-    return send_from_directory(settings.STATIC_ASSETS_PATH, filename, cache_timeout=cache_timeout)
-
-
-if __name__ == '__main__':
-    app.run(debug=True)
-
-
-

redash/google_oauth.py

@@ -1,25 +1,25 @@
 import logging
 from flask.ext.login import login_user
 import requests
-from flask import redirect, url_for, Blueprint
+from flask import redirect, url_for, Blueprint, flash
 from flask_oauth import OAuth
 from redash import models, settings
 
 logger = logging.getLogger('google_oauth')
 oauth = OAuth()
 
-request_token_params = {'scope': 'https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile', 'response_type': 'code'}
 
-if settings.GOOGLE_APPS_DOMAIN:
-    request_token_params['hd'] = settings.GOOGLE_APPS_DOMAIN
-else:
+if not settings.GOOGLE_APPS_DOMAIN:
     logger.warning("No Google Apps domain defined, all Google accounts allowed.")
 
 google = oauth.remote_app('google',
                           base_url='https://www.google.com/accounts/',
                           authorize_url='https://accounts.google.com/o/oauth2/auth',
                           request_token_url=None,
-                          request_token_params=request_token_params,
+                          request_token_params={
+                              'scope': 'https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile',
+                              'response_type': 'code'
+                          },
                           access_token_url='https://accounts.google.com/o/oauth2/token',
                           access_token_method='POST',
                           access_token_params={'grant_type': 'authorization_code'},
@@ -31,7 +31,7 @@ blueprint = Blueprint('google_oauth', __name__)
 
 
 def get_user_profile(access_token):
-    headers = {'Authorization': 'OAuth '+access_token}
+    headers = {'Authorization': 'OAuth {}'.format(access_token)}
     response = requests.get('https://www.googleapis.com/oauth2/v1/userinfo', headers=headers)
 
     if response.status_code == 401:
@@ -41,9 +41,17 @@ def get_user_profile(access_token):
     return response.json()
 
 
+def verify_profile(profile):
+    if not settings.GOOGLE_APPS_DOMAIN:
+        return True
+
+    domain = profile['email'].split('@')[-1]
+    return domain in settings.GOOGLE_APPS_DOMAIN
+
+
 def create_and_login_user(name, email):
     try:
-        user_object = models.User.get(models.User.email == email)
+        user_object = models.User.get_by_email(email)
         if user_object.name != name:
             logger.debug("Updating user name (%r -> %r)", user_object.name, name)
             user_object.name = name
@@ -70,10 +78,17 @@ def authorized(resp):
 
     if access_token is None:
         logger.warning("Access token missing in call back request.")
+        flash("Validation error. Please retry.")
         return redirect(url_for('login'))
 
     profile = get_user_profile(access_token)
     if profile is None:
+        flash("Validation error. Please retry.")
+        return redirect(url_for('login'))
+
+    if not verify_profile(profile):
+        logger.warning("User tried to login with unauthorized domain name: %s", profile['email'])
+        flash("Your Google Apps domain name isn't allowed.")
         return redirect(url_for('login'))
 
     create_and_login_user(profile['name'], profile['email'])

redash/handlers/__init__.py

@@ -0,0 +1,24 @@
+from flask import jsonify
+from flask_login import login_required
+
+from redash.wsgi import app
+from redash.permissions import require_permission
+from redash.monitor import get_status
+
+
+@app.route('/ping', methods=['GET'])
+def ping():
+    return 'PONG.'
+
+
+@app.route('/status.json')
+@login_required
+@require_permission('admin')
+def status_api():
+    status = get_status()
+
+    return jsonify(status)
+
+
+from redash.handlers import alerts, authentication, base, dashboards, data_sources, events, queries, query_results, \
+    static, users, visualizations, widgets

redash/handlers/alerts.py

@@ -0,0 +1,105 @@
+import time
+
+from flask import request
+from funcy import project
+
+from redash import models
+from redash.wsgi import api
+from redash.tasks import record_event
+from redash.handlers.base import BaseResource, require_fields
+
+
+class AlertAPI(BaseResource):
+    def get(self, alert_id):
+        alert = models.Alert.get_by_id(alert_id)
+        return alert.to_dict()
+
+    def post(self, alert_id):
+        req = request.get_json(True)
+        params = project(req, ('options', 'name', 'query_id'))
+        alert = models.Alert.get_by_id(alert_id)
+        if 'query_id' in params:
+            params['query'] = params.pop('query_id')
+
+        alert.update_instance(**params)
+
+        record_event.delay({
+            'user_id': self.current_user.id,
+            'action': 'edit',
+            'timestamp': int(time.time()),
+            'object_id': alert.id,
+            'object_type': 'alert'
+        })
+
+        return alert.to_dict()
+
+
+class AlertListAPI(BaseResource):
+    def post(self):
+        req = request.get_json(True)
+        require_fields(req, ('options', 'name', 'query_id'))
+
+        alert = models.Alert.create(
+            name=req['name'],
+            query=req['query_id'],
+            user=self.current_user,
+            options=req['options']
+        )
+
+        record_event.delay({
+            'user_id': self.current_user.id,
+            'action': 'create',
+            'timestamp': int(time.time()),
+            'object_id': alert.id,
+            'object_type': 'alert'
+        })
+
+        # TODO: should be in model?
+        models.AlertSubscription.create(alert=alert, user=self.current_user)
+
+        record_event.delay({
+            'user_id': self.current_user.id,
+            'action': 'subscribe',
+            'timestamp': int(time.time()),
+            'object_id': alert.id,
+            'object_type': 'alert'
+        })
+
+        return alert.to_dict()
+
+    def get(self):
+        return [alert.to_dict() for alert in models.Alert.all()]
+
+
+class AlertSubscriptionListResource(BaseResource):
+    def post(self, alert_id):
+        subscription = models.AlertSubscription.create(alert=alert_id, user=self.current_user)
+        record_event.delay({
+            'user_id': self.current_user.id,
+            'action': 'subscribe',
+            'timestamp': int(time.time()),
+            'object_id': alert_id,
+            'object_type': 'alert'
+        })
+        return subscription.to_dict()
+
+    def get(self, alert_id):
+        subscriptions = models.AlertSubscription.all(alert_id)
+        return [s.to_dict() for s in subscriptions]
+
+
+class AlertSubscriptionResource(BaseResource):
+    def delete(self, alert_id, subscriber_id):
+        models.AlertSubscription.unsubscribe(alert_id, subscriber_id)
+        record_event.delay({
+            'user_id': self.current_user.id,
+            'action': 'unsubscribe',
+            'timestamp': int(time.time()),
+            'object_id': alert_id,
+            'object_type': 'alert'
+        })
+
+api.add_resource(AlertAPI, '/api/alerts/<alert_id>', endpoint='alert')
+api.add_resource(AlertSubscriptionListResource, '/api/alerts/<alert_id>/subscriptions', endpoint='alert_subscriptions')
+api.add_resource(AlertSubscriptionResource, '/api/alerts/<alert_id>/subscriptions/<subscriber_id>', endpoint='alert_subscription')
+api.add_resource(AlertListAPI, '/api/alerts', endpoint='alerts')

redash/handlers/authentication.py

@@ -0,0 +1,44 @@
+from flask import render_template, request, redirect, session, url_for, flash
+from flask_login import current_user, login_user, logout_user
+
+from redash import models, settings
+from redash.wsgi import app
+
+
+@app.route('/login', methods=['GET', 'POST'])
+def login():
+    if current_user.is_authenticated():
+        return redirect(request.args.get('next') or '/')
+
+    if not settings.PASSWORD_LOGIN_ENABLED:
+        if settings.SAML_LOGIN_ENABLED:
+            return redirect(url_for("saml_auth.sp_initiated", next=request.args.get('next')))
+        else:
+            return redirect(url_for("google_oauth.authorize", next=request.args.get('next')))
+
+    if request.method == 'POST':
+        try:
+            user = models.User.get_by_email(request.form['email'])
+            if user and user.verify_password(request.form['password']):
+                remember = ('remember' in request.form)
+                login_user(user, remember=remember)
+                return redirect(request.args.get('next') or '/')
+            else:
+                flash("Wrong email or password.")
+        except models.User.DoesNotExist:
+            flash("Wrong email or password.")
+
+    return render_template("login.html",
+                           name=settings.NAME,
+                           analytics=settings.ANALYTICS,
+                           next=request.args.get('next'),
+                           username=request.form.get('username', ''),
+                           show_google_openid=settings.GOOGLE_OAUTH_ENABLED,
+                           show_saml_login=settings.SAML_LOGIN_ENABLED)
+
+@app.route('/logout')
+def logout():
+    logout_user()
+    session.pop('openid', None)
+
+    return redirect('/login')

redash/handlers/base.py

@@ -0,0 +1,29 @@
+from flask import request
+from flask.ext.restful import Resource, abort
+from flask_login import current_user, login_required
+
+from redash import statsd_client
+
+
+class BaseResource(Resource):
+    decorators = [login_required]
+
+    def __init__(self, *args, **kwargs):
+        super(BaseResource, self).__init__(*args, **kwargs)
+        self._user = None
+
+    @property
+    def current_user(self):
+        return current_user._get_current_object()
+
+    def dispatch_request(self, *args, **kwargs):
+        with statsd_client.timer('requests.{}.{}'.format(request.endpoint, request.method.lower())):
+            response = super(BaseResource, self).dispatch_request(*args, **kwargs)
+        return response
+
+
+def require_fields(req, fields):
+    for f in fields:
+        if f not in req:
+            abort(400)
+

redash/handlers/dashboards.py

@@ -0,0 +1,73 @@
+from flask import request
+from flask.ext.restful import abort
+from flask_login import current_user
+
+from funcy import distinct
+from itertools import chain
+
+from redash import models
+from redash.wsgi import api
+from redash.permissions import require_permission
+from redash.handlers.base import BaseResource
+
+
+class DashboardRecentAPI(BaseResource):
+    def get(self):
+        recent = [d.to_dict() for d in models.Dashboard.recent(current_user.id)]
+
+        global_recent = []
+        if len(recent) < 10:
+            global_recent = [d.to_dict() for d in models.Dashboard.recent()]
+
+        return distinct(chain(recent, global_recent), key=lambda d: d['id'])
+
+
+class DashboardListAPI(BaseResource):
+    def get(self):
+        dashboards = [d.to_dict() for d in
+                      models.Dashboard.select().where(models.Dashboard.is_archived==False)]
+
+        return dashboards
+
+    @require_permission('create_dashboard')
+    def post(self):
+        dashboard_properties = request.get_json(force=True)
+        dashboard = models.Dashboard(name=dashboard_properties['name'],
+                                     user=self.current_user,
+                                     layout='[]')
+        dashboard.save()
+        return dashboard.to_dict()
+
+
+class DashboardAPI(BaseResource):
+    def get(self, dashboard_slug=None):
+        try:
+            dashboard = models.Dashboard.get_by_slug(dashboard_slug)
+        except models.Dashboard.DoesNotExist:
+            abort(404)
+
+        return dashboard.to_dict(with_widgets=True)
+
+    @require_permission('edit_dashboard')
+    def post(self, dashboard_slug):
+        dashboard_properties = request.get_json(force=True)
+        # TODO: either convert all requests to use slugs or ids
+        dashboard = models.Dashboard.get_by_id(dashboard_slug)
+        dashboard.layout = dashboard_properties['layout']
+        dashboard.name = dashboard_properties['name']
+        dashboard.save()
+
+        return dashboard.to_dict(with_widgets=True)
+
+    @require_permission('edit_dashboard')
+    def delete(self, dashboard_slug):
+        dashboard = models.Dashboard.get_by_slug(dashboard_slug)
+        dashboard.is_archived = True
+        dashboard.save()
+
+        return dashboard.to_dict(with_widgets=True)
+
+api.add_resource(DashboardListAPI, '/api/dashboards', endpoint='dashboards')
+api.add_resource(DashboardRecentAPI, '/api/dashboards/recent', endpoint='recent_dashboards')
+api.add_resource(DashboardAPI, '/api/dashboards/<dashboard_slug>', endpoint='dashboard')
+

redash/handlers/data_sources.py

@@ -0,0 +1,80 @@
+import json
+
+from flask import make_response, request
+from flask.ext.restful import abort
+
+from redash import models
+from redash.wsgi import api
+from redash.permissions import require_permission
+from redash.query_runner import query_runners, validate_configuration
+from redash.handlers.base import BaseResource
+
+
+class DataSourceTypeListAPI(BaseResource):
+    @require_permission("admin")
+    def get(self):
+        return [q.to_dict() for q in query_runners.values()]
+
+api.add_resource(DataSourceTypeListAPI, '/api/data_sources/types', endpoint='data_source_types')
+
+
+class DataSourceAPI(BaseResource):
+    @require_permission('admin')
+    def get(self, data_source_id):
+        data_source = models.DataSource.get_by_id(data_source_id)
+        return data_source.to_dict(all=True)
+
+    @require_permission('admin')
+    def post(self, data_source_id):
+        data_source = models.DataSource.get_by_id(data_source_id)
+        req = request.get_json(True)
+        if not validate_configuration(req['type'], req['options']):
+            abort(400)
+
+        data_source.name = req['name']
+        data_source.options = json.dumps(req['options'])
+
+        data_source.save()
+
+        return data_source.to_dict(all=True)
+
+    @require_permission('admin')
+    def delete(self, data_source_id):
+        data_source = models.DataSource.get_by_id(data_source_id)
+        data_source.delete_instance(recursive=True)
+
+        return make_response('', 204)
+
+
+class DataSourceListAPI(BaseResource):
+    def get(self):
+        data_sources = [ds.to_dict() for ds in models.DataSource.all()]
+        return data_sources
+
+    @require_permission("admin")
+    def post(self):
+        req = request.get_json(True)
+        required_fields = ('options', 'name', 'type')
+        for f in required_fields:
+            if f not in req:
+                abort(400)
+
+        if not validate_configuration(req['type'], req['options']):
+            abort(400)
+
+        datasource = models.DataSource.create(name=req['name'], type=req['type'], options=json.dumps(req['options']))
+
+        return datasource.to_dict(all=True)
+
+api.add_resource(DataSourceListAPI, '/api/data_sources', endpoint='data_sources')
+api.add_resource(DataSourceAPI, '/api/data_sources/<data_source_id>', endpoint='data_source')
+
+
+class DataSourceSchemaAPI(BaseResource):
+    def get(self, data_source_id):
+        data_source = models.DataSource.get_by_id(data_source_id)
+        schema = data_source.get_schema()
+
+        return schema
+
+api.add_resource(DataSourceSchemaAPI, '/api/data_sources/<data_source_id>/schema')

redash/handlers/events.py

@@ -0,0 +1,27 @@
+from flask import request
+
+from redash import statsd_client
+from redash.wsgi import api
+from redash.tasks import record_event
+from redash.handlers.base import BaseResource
+
+
+class EventAPI(BaseResource):
+    def post(self):
+        events_list = request.get_json(force=True)
+        for event in events_list:
+            record_event.delay(event)
+
+
+api.add_resource(EventAPI, '/api/events', endpoint='events')
+
+
+class MetricsAPI(BaseResource):
+    def post(self):
+        for stat_line in request.data.split():
+            stat, value = stat_line.split(':')
+            statsd_client._send_stat('client.{}'.format(stat), value, 1)
+
+        return "OK."
+
+api.add_resource(MetricsAPI, '/api/metrics/v1/send', endpoint='metrics')

redash/handlers/queries.py

@@ -0,0 +1,128 @@
+from flask import request, redirect
+from flask.ext.restful import abort
+from flask_login import current_user, login_required
+import sqlparse
+
+from funcy import distinct
+from itertools import chain
+
+from redash import models
+from redash.wsgi import app, api
+from redash.permissions import require_permission
+from redash.handlers.base import BaseResource
+
+
+@app.route('/api/queries/format', methods=['POST'])
+@login_required
+def format_sql_query():
+    arguments = request.get_json(force=True)
+    query = arguments.get("query", "")
+
+    return sqlparse.format(query, reindent=True, keyword_case='upper')
+
+
+@app.route('/queries/new', methods=['POST'])
+@login_required
+def create_query_route():
+    query = request.form.get('query', None)
+    data_source_id = request.form.get('data_source_id', None)
+
+    if query is None or data_source_id is None:
+        abort(400)
+
+    query = models.Query.create(name="New Query",
+                                query=query,
+                                data_source=data_source_id,
+                                user=current_user._get_current_object(),
+                                schedule=None)
+
+    return redirect('/queries/{}'.format(query.id), 303)
+
+
+class QuerySearchAPI(BaseResource):
+    @require_permission('view_query')
+    def get(self):
+        term = request.args.get('q', '')
+
+        return [q.to_dict() for q in models.Query.search(term)]
+
+
+class QueryRecentAPI(BaseResource):
+    @require_permission('view_query')
+    def get(self):
+        recent = [d.to_dict() for d in models.Query.recent(current_user.id)]
+
+        global_recent = []
+        if len(recent) < 10:
+            global_recent = [d.to_dict() for d in models.Query.recent()]
+
+        return distinct(chain(recent, global_recent), key=lambda d: d['id'])
+
+
+class QueryListAPI(BaseResource):
+    @require_permission('create_query')
+    def post(self):
+        query_def = request.get_json(force=True)
+        for field in ['id', 'created_at', 'api_key', 'visualizations', 'latest_query_data', 'last_modified_by']:
+            query_def.pop(field, None)
+
+        query_def['user'] = self.current_user
+        query_def['data_source'] = query_def.pop('data_source_id')
+        query = models.Query(**query_def)
+        query.save()
+
+        return query.to_dict()
+
+    @require_permission('view_query')
+    def get(self):
+        return [q.to_dict(with_stats=True) for q in models.Query.all_queries()]
+
+
+class QueryAPI(BaseResource):
+    @require_permission('edit_query')
+    def post(self, query_id):
+        query = models.Query.get_by_id(query_id)
+
+        query_def = request.get_json(force=True)
+        for field in ['id', 'created_at', 'api_key', 'visualizations', 'latest_query_data', 'user', 'last_modified_by']:
+            query_def.pop(field, None)
+
+        if 'latest_query_data_id' in query_def:
+            query_def['latest_query_data'] = query_def.pop('latest_query_data_id')
+
+        if 'data_source_id' in query_def:
+            query_def['data_source'] = query_def.pop('data_source_id')
+
+        query_def['last_modified_by'] = self.current_user
+
+        # TODO: use #save() with #dirty_fields.
+        models.Query.update_instance(query_id, **query_def)
+
+        query = models.Query.get_by_id(query_id)
+
+        return query.to_dict(with_visualizations=True)
+
+    @require_permission('view_query')
+    def get(self, query_id):
+        q = models.Query.get(models.Query.id == query_id)
+        if q:
+            return q.to_dict(with_visualizations=True)
+        else:
+            abort(404, message="Query not found.")
+
+    # TODO: move to resource of its own? (POST /queries/{id}/archive)
+    def delete(self, query_id):
+        q = models.Query.get(models.Query.id == query_id)
+
+        if q:
+            if q.user.id == self.current_user.id or self.current_user.has_permission('admin'):
+                q.archive()
+            else:
+                abort(403)
+        else:
+            abort(404, message="Query not found.")
+
+api.add_resource(QuerySearchAPI, '/api/queries/search', endpoint='queries_search')
+api.add_resource(QueryRecentAPI, '/api/queries/recent', endpoint='recent_queries')
+api.add_resource(QueryListAPI, '/api/queries', endpoint='queries')
+api.add_resource(QueryAPI, '/api/queries/<query_id>', endpoint='query')

redash/handlers/query_results.py

@@ -0,0 +1,171 @@
+import csv
+import json
+import cStringIO
+import time
+import logging
+
+from flask import make_response, request
+from flask.ext.restful import abort
+from flask_login import current_user
+
+from redash import models, settings, utils
+from redash.wsgi import api
+from redash.tasks import QueryTask, record_event
+from redash.permissions import require_permission
+from redash.handlers.base import BaseResource
+
+
+class QueryResultListAPI(BaseResource):
+    @require_permission('execute_query')
+    def post(self):
+        params = request.get_json(force=True)
+
+        if settings.FEATURE_TABLES_PERMISSIONS:
+            metadata = utils.SQLMetaData(params['query'])
+
+            if metadata.has_non_select_dml_statements or metadata.has_ddl_statements:
+                return {
+                    'job': {
+                        'error': 'Only SELECT statements are allowed'
+                    }
+                }
+
+            if len(metadata.used_tables - current_user.allowed_tables) > 0 and '*' not in current_user.allowed_tables:
+                logging.warning('Permission denied for user %s to table %s', self.current_user.name, metadata.used_tables)
+                return {
+                    'job': {
+                        'error': 'Access denied for table(s): %s' % (metadata.used_tables)
+                    }
+                }
+
+        models.ActivityLog(
+            user=self.current_user,
+            type=models.ActivityLog.QUERY_EXECUTION,
+            activity=params['query']
+        ).save()
+
+        max_age = int(params.get('max_age', -1))
+
+        if max_age == 0:
+            query_result = None
+        else:
+            query_result = models.QueryResult.get_latest(params['data_source_id'], params['query'], max_age)
+
+        if query_result:
+            return {'query_result': query_result.to_dict()}
+        else:
+            data_source = models.DataSource.get_by_id(params['data_source_id'])
+            query_id = params.get('query_id', 'adhoc')
+            job = QueryTask.add_task(params['query'], data_source, metadata={"Username": self.current_user.name, "Query ID": query_id})
+            return {'job': job.to_dict()}
+
+
+ONE_YEAR = 60 * 60 * 24 * 365.25
+
+cache_headers = {
+    'Cache-Control': 'max-age=%d' % ONE_YEAR
+}
+
+class QueryResultAPI(BaseResource):
+    @staticmethod
+    def csv_response(query_result):
+        s = cStringIO.StringIO()
+
+        query_data = json.loads(query_result.data)
+        writer = csv.DictWriter(s, fieldnames=[col['name'] for col in query_data['columns']])
+        writer.writer = utils.UnicodeWriter(s)
+        writer.writeheader()
+        for row in query_data['rows']:
+            writer.writerow(row)
+
+        headers = {'Content-Type': "text/csv; charset=UTF-8"}
+        headers.update(cache_headers)
+        return make_response(s.getvalue(), 200, headers)
+
+    @staticmethod
+    def add_cors_headers(headers):
+        if 'Origin' in request.headers:
+            origin = request.headers['Origin']
+
+            if origin in settings.ACCESS_CONTROL_ALLOW_ORIGIN:
+                headers['Access-Control-Allow-Origin'] = origin
+                headers['Access-Control-Allow-Credentials'] = str(settings.ACCESS_CONTROL_ALLOW_CREDENTIALS).lower()
+
+    @require_permission('view_query')
+    def options(self, query_id=None, query_result_id=None, filetype='json'):
+        headers = {}
+        self.add_cors_headers(headers)
+
+        if settings.ACCESS_CONTROL_REQUEST_METHOD:
+            headers['Access-Control-Request-Method'] = settings.ACCESS_CONTROL_REQUEST_METHOD
+
+        if settings.ACCESS_CONTROL_ALLOW_HEADERS:
+            headers['Access-Control-Allow-Headers'] = settings.ACCESS_CONTROL_ALLOW_HEADERS
+
+        return make_response("", 200, headers)
+
+    @require_permission('view_query')
+    def get(self, query_id=None, query_result_id=None, filetype='json'):
+        if query_result_id is None and query_id is not None:
+            query = models.Query.get(models.Query.id == query_id)
+            if query:
+                query_result_id = query._data['latest_query_data']
+
+        if query_result_id:
+            query_result = models.QueryResult.get_by_id(query_result_id)
+
+        if query_result:
+            if isinstance(self.current_user, models.ApiUser):
+                event = {
+                    'user_id': None,
+                    'action': 'api_get',
+                    'timestamp': int(time.time()),
+                    'api_key': self.current_user.id,
+                    'file_type': filetype
+                }
+
+                if query_id:
+                    event['object_type'] = 'query'
+                    event['object_id'] = query_id
+                else:
+                    event['object_type'] = 'query_result'
+                    event['object_id'] = query_result_id
+
+                record_event.delay(event)
+
+            headers = {}
+
+            if len(settings.ACCESS_CONTROL_ALLOW_ORIGIN) > 0:
+                self.add_cors_headers(headers)
+
+            if filetype == 'json':
+                data = json.dumps({'query_result': query_result.to_dict()}, cls=utils.JSONEncoder)
+                headers.update(cache_headers)
+                return make_response(data, 200, headers)
+            else:
+                return self.csv_response(query_result)
+
+        else:
+            abort(404)
+
+
+api.add_resource(QueryResultListAPI, '/api/query_results', endpoint='query_results')
+api.add_resource(QueryResultAPI,
+                 '/api/query_results/<query_result_id>',
+                 '/api/queries/<query_id>/results.<filetype>',
+                 '/api/queries/<query_id>/results/<query_result_id>.<filetype>',
+                 endpoint='query_result')
+
+
+class JobAPI(BaseResource):
+    def get(self, job_id):
+        # TODO: if finished, include the query result
+        job = QueryTask(job_id=job_id)
+        return {'job': job.to_dict()}
+
+    def delete(self, job_id):
+        job = QueryTask(job_id=job_id)
+        job.cancel()
+
+api.add_resource(JobAPI, '/api/jobs/<job_id>', endpoint='job')
+

redash/handlers/static.py

@@ -0,0 +1,55 @@
+import hashlib
+import json
+
+from flask import render_template, send_from_directory, current_app
+from flask_login import current_user, login_required
+
+from redash import settings
+from redash.wsgi import app
+
+
+@app.route('/admin/<anything>/<whatever>')
+@app.route('/admin/<anything>')
+@app.route('/dashboard/<anything>')
+@app.route('/alerts')
+@app.route('/alerts/<pk>')
+@app.route('/queries')
+@app.route('/data_sources')
+@app.route('/data_sources/<pk>')
+@app.route('/users')
+@app.route('/users/<pk>')
+@app.route('/queries/<query_id>')
+@app.route('/queries/<query_id>/<anything>')
+@app.route('/personal')
+@app.route('/')
+@login_required
+def index(**kwargs):
+    email_md5 = hashlib.md5(current_user.email.lower()).hexdigest()
+    gravatar_url = "https://www.gravatar.com/avatar/%s?s=40" % email_md5
+
+    user = {
+        'gravatar_url': gravatar_url,
+        'id': current_user.id,
+        'name': current_user.name,
+        'email': current_user.email,
+        'groups': current_user.groups,
+        'permissions': current_user.permissions
+    }
+
+    features = {
+        'clientSideMetrics': False# settings.CLIENT_SIDE_METRICS
+    }
+
+    return render_template("index.html", user=json.dumps(user), name=settings.NAME,
+                           features=json.dumps(features),
+                           analytics=settings.ANALYTICS)
+
+
+@app.route('/<path:filename>')
+def send_static(filename):
+    if current_app.debug:
+        cache_timeout = 0
+    else:
+        cache_timeout = None
+
+    return send_from_directory(settings.STATIC_ASSETS_PATH, filename, cache_timeout=cache_timeout)

redash/handlers/users.py

@@ -0,0 +1,100 @@
+import time
+from flask import request
+from flask.ext.restful import abort
+from funcy import project
+from peewee import IntegrityError
+
+from redash import models
+from redash.wsgi import api
+from redash.tasks import record_event
+from redash.permissions import require_permission, require_admin_or_owner, is_admin_or_owner, \
+    require_permission_or_owner
+from redash.handlers.base import BaseResource, require_fields
+
+
+class UserListResource(BaseResource):
+    @require_permission('list_users')
+    def get(self):
+        return [u.to_dict() for u in models.User.select()]
+
+    @require_permission('admin')
+    def post(self):
+        # TODO: send invite.
+        req = request.get_json(force=True)
+        require_fields(req, ('name', 'email', 'password'))
+
+        user = models.User(name=req['name'], email=req['email'])
+        user.hash_password(req['password'])
+        try:
+            user.save()
+        except IntegrityError as e:
+            if "email" in e.message:
+                abort(400, message='Email already taken.')
+
+            abort(500)
+
+        record_event.delay({
+            'user_id': self.current_user.id,
+            'action': 'create',
+            'timestamp': int(time.time()),
+            'object_id': user.id,
+            'object_type': 'user'
+        })
+
+        return user.to_dict()
+
+
+class UserResource(BaseResource):
+    def get(self, user_id):
+        require_permission_or_owner('list_users', user_id)
+        user = models.User.get_by_id(user_id)
+        
+        return user.to_dict(with_api_key=is_admin_or_owner(user_id))
+
+    def post(self, user_id):
+        require_admin_or_owner(user_id)
+        user = models.User.get_by_id(user_id)
+
+        req = request.get_json(True)
+
+        params = project(req, ('email', 'name', 'password', 'old_password', 'groups'))
+
+        if 'password' in params and 'old_password' not in params:
+            abort(403, message="Must provide current password to update password.")
+
+        if 'old_password' in params and not user.verify_password(params['old_password']):
+            abort(403, message="Incorrect current password.")
+
+        if 'password' in params:
+            user.hash_password(params.pop('password'))
+            params.pop('old_password')
+
+        if 'groups' in params and not self.current_user.has_permission('admin'):
+            abort(403, message="Must be admin to change groups membership.")
+
+        try:
+            user.update_instance(**params)
+        except IntegrityError as e:
+            if "email" in e.message:
+                message = "Email already taken."
+            else:
+                message = "Error updating record"
+
+            abort(400, message=message)
+
+        record_event.delay({
+            'user_id': self.current_user.id,
+            'action': 'edit',
+            'timestamp': int(time.time()),
+            'object_id': user.id,
+            'object_type': 'user',
+            'updated_fields': params.keys()
+        })
+
+        return user.to_dict(with_api_key=is_admin_or_owner(user_id))
+
+
+api.add_resource(UserListResource, '/api/users', endpoint='users')
+api.add_resource(UserResource, '/api/users/<user_id>', endpoint='user')
+
+

redash/handlers/visualizations.py

@@ -0,0 +1,45 @@
+import json
+from flask import request
+
+from redash import models
+from redash.wsgi import api
+from redash.permissions import require_permission
+from redash.handlers.base import BaseResource
+
+
+class VisualizationListAPI(BaseResource):
+    @require_permission('edit_query')
+    def post(self):
+        kwargs = request.get_json(force=True)
+        kwargs['options'] = json.dumps(kwargs['options'])
+        kwargs['query'] = kwargs.pop('query_id')
+
+        vis = models.Visualization(**kwargs)
+        vis.save()
+
+        return vis.to_dict(with_query=False)
+
+
+class VisualizationAPI(BaseResource):
+    @require_permission('edit_query')
+    def post(self, visualization_id):
+        kwargs = request.get_json(force=True)
+        if 'options' in kwargs:
+            kwargs['options'] = json.dumps(kwargs['options'])
+        kwargs.pop('id', None)
+        kwargs.pop('query_id', None)
+
+        update = models.Visualization.update(**kwargs).where(models.Visualization.id == visualization_id)
+        update.execute()
+
+        vis = models.Visualization.get_by_id(visualization_id)
+
+        return vis.to_dict(with_query=False)
+
+    @require_permission('edit_query')
+    def delete(self, visualization_id):
+        vis = models.Visualization.get(models.Visualization.id == visualization_id)
+        vis.delete_instance()
+
+api.add_resource(VisualizationListAPI, '/api/visualizations', endpoint='visualizations')
+api.add_resource(VisualizationAPI, '/api/visualizations/<visualization_id>', endpoint='visualization')

redash/handlers/widgets.py

@@ -0,0 +1,50 @@
+import json
+
+from flask import request
+
+from redash import models
+from redash.wsgi import api
+from redash.permissions import require_permission
+from redash.handlers.base import BaseResource
+
+
+class WidgetListAPI(BaseResource):
+    @require_permission('edit_dashboard')
+    def post(self):
+        widget_properties = request.get_json(force=True)
+        widget_properties['options'] = json.dumps(widget_properties['options'])
+        widget_properties.pop('id', None)
+        widget_properties['dashboard'] = widget_properties.pop('dashboard_id')
+        widget_properties['visualization'] = widget_properties.pop('visualization_id')
+        widget = models.Widget(**widget_properties)
+        widget.save()
+
+        layout = json.loads(widget.dashboard.layout)
+        new_row = True
+
+        if len(layout) == 0 or widget.width == 2:
+            layout.append([widget.id])
+        elif len(layout[-1]) == 1:
+            neighbour_widget = models.Widget.get(models.Widget.id == layout[-1][0])
+            if neighbour_widget.width == 1:
+                layout[-1].append(widget.id)
+                new_row = False
+            else:
+                layout.append([widget.id])
+        else:
+            layout.append([widget.id])
+
+        widget.dashboard.layout = json.dumps(layout)
+        widget.dashboard.save()
+
+        return {'widget': widget.to_dict(), 'layout': layout, 'new_row': new_row}
+
+
+class WidgetAPI(BaseResource):
+    @require_permission('edit_dashboard')
+    def delete(self, widget_id):
+        widget = models.Widget.get(models.Widget.id == widget_id)
+        widget.delete_instance()
+
+api.add_resource(WidgetListAPI, '/api/widgets', endpoint='widgets')
+api.add_resource(WidgetAPI, '/api/widgets/<int:widget_id>', endpoint='widget')

redash/import_export.py

@@ -7,6 +7,7 @@ from flask.ext.script import Manager
 
 logger = logging.getLogger()
 
+
 class Importer(object):
     def __init__(self, object_mapping=None, data_source=None):
         if object_mapping is None:
@@ -146,6 +147,7 @@ def get_data_source():
 
     return data_source
 
+
 @import_manager.command
 def query(mapping_filename, query_filename, user_id):
     user = models.User.get_by_id(user_id)

redash/models.py

@@ -11,10 +11,10 @@ import peewee
 from passlib.apps import custom_app_context as pwd_context
 from playhouse.postgres_ext import ArrayField, DateTimeTZField, PostgresqlExtDatabase
 from flask.ext.login import UserMixin, AnonymousUserMixin
-import psycopg2
 
 from redash import utils, settings, redis_connection
 from redash.query_runner import get_query_runner
+from utils import generate_token
 
 
 class Database(object):
@@ -76,6 +76,17 @@ class BaseModel(peewee.Model):
         super(BaseModel, self).save(*args, **kwargs)
         self.post_save(created)
 
+    def update_instance(self, **kwargs):
+        for k, v in kwargs.items():
+            # setattr(model_instance, field_name, field_obj.python_value(value))
+            setattr(self, k, v)
+
+        dirty_fields = self.dirty_fields
+        if hasattr(self, 'updated_at'):
+            dirty_fields = dirty_fields + [self.__class__.updated_at]
+
+        self.save(only=dirty_fields)
+
 
 class ModelTimestampsMixin(BaseModel):
     updated_at = DateTimeTZField(default=datetime.datetime.now)
@@ -120,7 +131,7 @@ class ApiUser(UserMixin, PermissionsCheckMixin):
 
 class Group(BaseModel):
     DEFAULT_PERMISSIONS = ['create_dashboard', 'create_query', 'edit_dashboard', 'edit_query',
-                           'view_query', 'view_source', 'execute_query']
+                           'view_query', 'view_source', 'execute_query', 'list_users']
 
     id = peewee.PrimaryKeyField()
     name = peewee.CharField(max_length=100)
@@ -152,23 +163,47 @@ class User(ModelTimestampsMixin, BaseModel, UserMixin, PermissionsCheckMixin):
     email = peewee.CharField(max_length=320, index=True, unique=True)
     password_hash = peewee.CharField(max_length=128, null=True)
     groups = ArrayField(peewee.CharField, default=DEFAULT_GROUPS)
+    api_key = peewee.CharField(max_length=40, unique=True)
 
     class Meta:
         db_table = 'users'
 
-    def to_dict(self):
-        return {
+    def to_dict(self, with_api_key=False):
+        d = {
             'id': self.id,
             'name': self.name,
             'email': self.email,
+            'gravatar_url': self.gravatar_url,
+            'groups': self.groups,
             'updated_at': self.updated_at,
             'created_at': self.created_at
         }
 
+        if self.password_hash is None:
+            d['auth_type'] = 'external'
+        else:
+            d['auth_type'] = 'password'
+
+        if with_api_key:
+            d['api_key'] = self.api_key
+
+        return d
+
     def __init__(self, *args, **kwargs):
         super(User, self).__init__(*args, **kwargs)
         self._allowed_tables = None
 
+    def pre_save(self, created):
+        super(User, self).pre_save(created)
+
+        if not self.api_key:
+            self.api_key = generate_token(40)
+
+    @property
+    def gravatar_url(self):
+        email_md5 = hashlib.md5(self.email.lower()).hexdigest()
+        return "https://www.gravatar.com/avatar/%s?s=40" % email_md5
+
     @property
     def permissions(self):
         # TODO: this should be cached.
@@ -188,8 +223,12 @@ class User(ModelTimestampsMixin, BaseModel, UserMixin, PermissionsCheckMixin):
     def get_by_email(cls, email):
         return cls.get(cls.email == email)
 
+    @classmethod
+    def get_by_api_key(cls, api_key):
+        return cls.get(cls.api_key == api_key)
+
     def __unicode__(self):
-        return '%r, %r' % (self.name, self.email)
+        return u'%s (%s)' % (self.name, self.email)
 
     def hash_password(self, password):
         self.password_hash = pwd_context.encrypt(password)
@@ -235,14 +274,24 @@ class DataSource(BaseModel):
     class Meta:
         db_table = 'data_sources'
 
-    def to_dict(self):
-        return {
+    def to_dict(self, all=False):
+        d = {
             'id': self.id,
             'name': self.name,
             'type': self.type,
             'syntax': self.query_runner.syntax
         }
 
+        if all:
+            d['options'] = json.loads(self.options)
+            d['queue_name'] = self.queue_name
+            d['scheduled_queue_name'] = self.scheduled_queue_name
+
+        return d
+
+    def __unicode__(self):
+        return self.name
+
     def get_schema(self, refresh=False):
         key = "data_source:schema:{}".format(self.id)
 
@@ -269,6 +318,14 @@ class DataSource(BaseModel):
         return cls.select().order_by(cls.id.asc())
 
 
+class JSONField(peewee.TextField):
+    def db_value(self, value):
+        return json.dumps(value)
+
+    def python_value(self, value):
+        return json.loads(value)
+
+
 class QueryResult(BaseModel):
     id = peewee.PrimaryKeyField()
     data_source = peewee.ForeignKeyField(DataSource)
@@ -326,13 +383,17 @@ class QueryResult(BaseModel):
 
         logging.info("Inserted query (%s) data; id=%s", query_hash, query_result.id)
 
-        updated_count = Query.update(latest_query_data=query_result).\
-            where(Query.query_hash==query_hash, Query.data_source==data_source_id).\
-            execute()
+        sql = "UPDATE queries SET latest_query_data_id = %s WHERE query_hash = %s AND data_source_id = %s RETURNING id"
+        query_ids = [row[0] for row in db.database.execute_sql(sql, params=(query_result.id, query_hash, data_source_id))]
 
-        logging.info("Updated %s queries with result (%s).", updated_count, query_hash)
+        # TODO: when peewee with update & returning support is released, we can get back to using this code:
+        # updated_count = Query.update(latest_query_data=query_result).\
+        #     where(Query.query_hash==query_hash, Query.data_source==data_source_id).\
+        #     execute()
 
-        return query_result
+        logging.info("Updated %s queries with result (%s).", len(query_ids), query_hash)
+
+        return query_result, query_ids
 
     def __unicode__(self):
         return u"%d | %s | %s" % (self.id, self.query_hash, self.retrieved_at)
@@ -361,7 +422,7 @@ def should_schedule_next(previous_iteration, now, schedule):
 
 class Query(ModelTimestampsMixin, BaseModel):
     id = peewee.PrimaryKeyField()
-    data_source = peewee.ForeignKeyField(DataSource)
+    data_source = peewee.ForeignKeyField(DataSource, null=True)
     latest_query_data = peewee.ForeignKeyField(QueryResult, null=True)
     name = peewee.CharField(max_length=255)
     description = peewee.CharField(max_length=4096, null=True)
@@ -460,18 +521,24 @@ class Query(ModelTimestampsMixin, BaseModel):
         return cls.select().where(where).order_by(cls.created_at.desc())
 
     @classmethod
-    def recent(cls, user_id):
+    def recent(cls, user_id=None, limit=20):
         # TODO: instead of t2 here, we should define table_alias for Query table
-        return cls.select().where(Event.created_at > peewee.SQL("current_date - 7")).\
+        query = cls.select().where(Event.created_at > peewee.SQL("current_date - 7")).\
             join(Event, on=(Query.id == peewee.SQL("t2.object_id::integer"))).\
             where(Event.action << ('edit', 'execute', 'edit_name', 'edit_description', 'view_source')).\
-            where(Event.user == user_id).\
             where(~(Event.object_id >> None)).\
             where(Event.object_type == 'query'). \
             where(cls.is_archived == False).\
             group_by(Event.object_id, Query.id).\
             order_by(peewee.SQL("count(0) desc"))
 
+        if user_id:
+            query = query.where(Event.user == user_id)
+
+        query = query.limit(limit)
+
+        return query
+
     @classmethod
     def update_instance(cls, query_id, **kwargs):
         if 'query' in kwargs:
@@ -515,6 +582,83 @@ class Query(ModelTimestampsMixin, BaseModel):
         return unicode(self.id)
 
 
+class Alert(ModelTimestampsMixin, BaseModel):
+    UNKNOWN_STATE = 'unknown'
+    OK_STATE = 'ok'
+    TRIGGERED_STATE = 'triggered'
+
+    id = peewee.PrimaryKeyField()
+    name = peewee.CharField()
+    query = peewee.ForeignKeyField(Query, related_name='alerts')
+    user = peewee.ForeignKeyField(User, related_name='alerts')
+    options = JSONField()
+    state = peewee.CharField(default=UNKNOWN_STATE)
+    last_triggered_at = DateTimeTZField(null=True)
+
+    class Meta:
+        db_table = 'alerts'
+
+    @classmethod
+    def all(cls):
+        return cls.select(Alert, User, Query).join(Query).switch(Alert).join(User)
+
+    def to_dict(self):
+        return {
+            'id': self.id,
+            'name': self.name,
+            'query': self.query.to_dict(),
+            'user': self.user.to_dict(),
+            'options': self.options,
+            'state': self.state,
+            'last_triggered_at': self.last_triggered_at,
+            'updated_at': self.updated_at,
+            'created_at': self.created_at
+        }
+
+    def evaluate(self):
+        data = json.loads(self.query.latest_query_data.data)
+        # todo: safe guard for empty
+        value = data['rows'][0][self.options['column']]
+        op = self.options['op']
+
+        if op == 'greater than' and value > self.options['value']:
+            new_state = self.TRIGGERED_STATE
+        elif op == 'less than' and value < self.options['value']:
+            new_state = self.TRIGGERED_STATE
+        elif op == 'equals' and value == self.options['value']:
+            new_state = self.TRIGGERED_STATE
+        else:
+            new_state = self.OK_STATE
+
+        return new_state
+
+    def subscribers(self):
+        return User.select().join(AlertSubscription).where(AlertSubscription.alert==self)
+
+
+class AlertSubscription(ModelTimestampsMixin, BaseModel):
+    user = peewee.ForeignKeyField(User)
+    alert = peewee.ForeignKeyField(Alert)
+
+    class Meta:
+        db_table = 'alert_subscriptions'
+
+    def to_dict(self):
+        return {
+            'user': self.user.to_dict(),
+            'alert_id': self._data['alert']
+        }
+
+    @classmethod
+    def all(cls, alert_id):
+        return AlertSubscription.select(AlertSubscription, User).join(User).where(AlertSubscription.alert==alert_id)
+
+    @classmethod
+    def unsubscribe(cls, alert_id, user_id):
+        query = AlertSubscription.delete().where(AlertSubscription.alert==alert_id).where(AlertSubscription.user==user_id)
+        return query.execute()
+
+
 class Dashboard(ModelTimestampsMixin, BaseModel):
     id = peewee.PrimaryKeyField()
     slug = peewee.CharField(max_length=140, index=True)
@@ -566,6 +710,7 @@ class Dashboard(ModelTimestampsMixin, BaseModel):
             'layout': layout,
             'dashboard_filters_enabled': self.dashboard_filters_enabled,
             'widgets': widgets_layout,
+            'is_archived': self.is_archived,
             'updated_at': self.updated_at,
             'created_at': self.created_at
         }
@@ -575,16 +720,23 @@ class Dashboard(ModelTimestampsMixin, BaseModel):
         return cls.get(cls.slug == slug)
 
     @classmethod
-    def recent(cls, user_id):
-        return cls.select().where(Event.created_at > peewee.SQL("current_date - 7")). \
+    def recent(cls, user_id=None, limit=20):
+        query = cls.select().where(Event.created_at > peewee.SQL("current_date - 7")). \
             join(Event, on=(Dashboard.id == peewee.SQL("t2.object_id::integer"))). \
             where(Event.action << ('edit', 'view')).\
-            where(Event.user == user_id). \
             where(~(Event.object_id >> None)). \
             where(Event.object_type == 'dashboard'). \
+            where(Dashboard.is_archived == False). \
             group_by(Event.object_id, Dashboard.id). \
             order_by(peewee.SQL("count(0) desc"))
 
+        if user_id:
+            query = query.where(Event.user == user_id)
+
+        query = query.limit(limit)
+
+        return query
+
     def save(self, *args, **kwargs):
         if not self.slug:
             self.slug = utils.slugify(self.name)
@@ -704,7 +856,7 @@ class Event(BaseModel):
         return event
 
 
-all_models = (DataSource, User, QueryResult, Query, Dashboard, Visualization, Widget, ActivityLog, Group, Event)
+all_models = (DataSource, User, QueryResult, Query, Alert, Dashboard, Visualization, Widget, ActivityLog, Group, Event)
 
 
 def init_db():

redash/permissions.py

@@ -21,4 +21,22 @@ class require_permissions(object):
 
 
 def require_permission(permission):
-    return require_permissions((permission,))
+    return require_permissions((permission,))
+
+
+def has_permission_or_owner(permission, object_owner_id):
+    return int(object_owner_id) == current_user.id or current_user.has_permission(permission)
+
+
+def is_admin_or_owner(object_owner_id):
+    return has_permission_or_owner('admin', object_owner_id)
+
+
+def require_permission_or_owner(permission, object_owner_id):
+    if not has_permission_or_owner(permission, object_owner_id):
+        abort(403)
+
+
+def require_admin_or_owner(object_owner_id):
+    if not is_admin_or_owner(object_owner_id):
+        abort(403, message="You don't have permission to edit this resource.")

redash/query_runner/__init__.py

@@ -70,6 +70,13 @@ class BaseQueryRunner(object):
     def get_schema(self):
         return []
 
+    def _run_query_internal(self, query):
+        results, error = self.run_query(query)
+
+        if error is not None:
+            raise Exception("Failed running query [%s]." % query)
+        return json.loads(results)['rows']
+
     @classmethod
     def to_dict(cls):
         return {
@@ -105,7 +112,11 @@ def validate_configuration(query_runner_type, configuration_json):
         return False
 
     try:
-        jsonschema.validate(json.loads(configuration_json), query_runner_class.configuration_schema())
+        if isinstance(configuration_json, basestring):
+            configuration = json.loads(configuration_json)
+        else:
+            configuration = configuration_json
+        jsonschema.validate(configuration, query_runner_class.configuration_schema())
     except (ValidationError, ValueError):
         return False
 

redash/query_runner/big_query.py

@@ -1,3 +1,4 @@
+from base64 import b64decode
 import datetime
 import json
 import httplib2
@@ -89,20 +90,16 @@ class BigQuery(BaseQueryRunner):
         return {
             'type': 'object',
             'properties': {
-                'serviceAccount': {
-                    'type': 'string',
-                    'title': 'Service Account'
-                },
                 'projectId': {
                     'type': 'string',
                     'title': 'Project ID'
                 },
-                'privateKey': {
-                    'type': 'string',
-                    'title': 'Private Key Path'
+                'jsonKeyFile': {
+                    "type": "string",
+                    'title': 'JSON Key File'
                 }
             },
-            'required': ['serviceAccount', 'projectId', 'privateKey']
+            'required': ['jsonKeyFile', 'projectId']
         }
 
     def __init__(self, configuration_json):
@@ -113,8 +110,9 @@ class BigQuery(BaseQueryRunner):
             "https://www.googleapis.com/auth/bigquery",
             ]
 
-        private_key = _load_key(self.configuration["privateKey"])
-        credentials = SignedJwtAssertionCredentials(self.configuration['serviceAccount'], private_key, scope=scope)
+        key = json.loads(b64decode(self.configuration['jsonKeyFile']))
+
+        credentials = SignedJwtAssertionCredentials(key['client_email'], key['private_key'], scope=scope)
         http = httplib2.Http()
         http = credentials.authorize(http)
 
@@ -201,4 +199,4 @@ class BigQueryGCE(BigQuery):
 
 
 register(BigQuery)
-register(BigQueryGCE)
+register(BigQueryGCE)

redash/query_runner/elasticsearch.py

@@ -95,7 +95,8 @@ class ElasticSearch(BaseQueryRunner):
             'type': 'object',
             'properties': {
                 'server': {
-                    'type': 'string'
+                    'type': 'string',
+                    'title': 'Base URL'
                 }
             },
             "required" : ["server"]

redash/query_runner/google_spreadsheets.py

@@ -0,0 +1,117 @@
+from base64 import b64decode
+import json
+import logging
+import sys
+from redash.query_runner import *
+from redash.utils import JSONEncoder
+
+logger = logging.getLogger(__name__)
+
+try:
+    import gspread
+    from oauth2client.client import SignedJwtAssertionCredentials
+    from dateutil import parser
+    enabled = True
+except ImportError:
+    logger.warning("Missing dependencies. Please install gspread, dateutil and oauth2client.")
+    logger.warning("You can use pip:   pip install gspread dateutil oauth2client")
+
+    enabled = False
+
+
+def _load_key(filename):
+    with open(filename, "rb") as f:
+        return json.loads(f.read())
+
+
+def _guess_type(value):
+    try:
+        val = int(value)
+        return TYPE_INTEGER, val
+    except ValueError:
+        pass
+    try:
+        val = float(value)
+        return TYPE_FLOAT, val
+    except ValueError:
+        pass
+    if str(value).lower() in ('true', 'false'):
+        return TYPE_BOOLEAN, bool(value)
+    try:
+        val = parser.parse(value)
+        return TYPE_DATETIME, val
+    except ValueError:
+        pass
+    return TYPE_STRING, value
+
+
+class GoogleSpreadsheet(BaseQueryRunner):
+    HEADER_INDEX = 0
+
+    @classmethod
+    def annotate_query(cls):
+        return False
+
+    @classmethod
+    def type(cls):
+        return "google_spreadsheets"
+
+    @classmethod
+    def enabled(cls):
+        return enabled
+
+    @classmethod
+    def configuration_schema(cls):
+        return {
+            'type': 'object',
+            'properties': {
+                'jsonKeyFile': {
+                    "type": "string",
+                    'title': 'JSON Key File'
+                }
+            },
+            'required': ['jsonKeyFile']
+        }
+
+    def __init__(self, configuration_json):
+        super(GoogleSpreadsheet, self).__init__(configuration_json)
+
+    def _get_spreadsheet_service(self):
+        scope = [
+            'https://spreadsheets.google.com/feeds',
+        ]
+
+        key = json.loads(b64decode(self.configuration['jsonKeyFile']))
+        credentials = SignedJwtAssertionCredentials(key['client_email'], key["private_key"], scope=scope)
+        spreadsheetservice = gspread.authorize(credentials)
+        return spreadsheetservice
+
+    def run_query(self, query):
+        logger.debug("Spreadsheet is about to execute query: %s", query)
+        values = query.split("|")
+        key = values[0] #key of the spreadsheet
+        worksheet_num = 0 if len(values) != 2 else int(values[1])# if spreadsheet contains more than one worksheet - this is the number of it
+        try:
+            spreadsheet_service = self._get_spreadsheet_service()
+            spreadsheet = spreadsheet_service.open_by_key(key)
+            worksheets = spreadsheet.worksheets()
+            all_data = worksheets[worksheet_num].get_all_values()
+            column_names = []
+            columns = []
+            for j, column_name in enumerate(all_data[self.HEADER_INDEX]):
+                column_names.append(column_name)
+                columns.append({
+                    'name': column_name,
+                    'friendly_name': column_name,
+                    'type': _guess_type(all_data[self.HEADER_INDEX+1][j])
+                })
+            rows = [dict(zip(column_names, row)) for row in all_data[self.HEADER_INDEX+1:]]
+            data = {'columns': columns, 'rows': rows}
+            json_data = json.dumps(data, cls=JSONEncoder)
+            error = None
+        except Exception as e:
+            raise sys.exc_info()[1], None, sys.exc_info()[2]
+
+        return json_data, error
+
+register(GoogleSpreadsheet)

redash/query_runner/hive_ds.py

@@ -0,0 +1,134 @@
+import json
+import logging
+import sys
+
+from redash.query_runner import *
+from redash.utils import JSONEncoder
+
+logger = logging.getLogger(__name__)
+
+try:
+    from pyhive import hive
+    enabled = True
+except ImportError, e:
+    logger.warning("Missing dependencies. Please install pyhive.")
+    logger.warning("You can use pip: pip install pyhive")
+    enabled = False
+
+COLUMN_NAME = 0
+COLUMN_TYPE = 1
+
+types_map = {
+    'BIGINT': TYPE_INTEGER,
+    'TINYINT': TYPE_INTEGER,
+    'SMALLINT': TYPE_INTEGER,
+    'INT': TYPE_INTEGER,
+    'DOUBLE': TYPE_FLOAT,
+    'DECIMAL': TYPE_FLOAT,
+    'FLOAT': TYPE_FLOAT,
+    'REAL': TYPE_FLOAT,
+    'BOOLEAN': TYPE_BOOLEAN,
+    'TIMESTAMP': TYPE_DATETIME,
+    'DATE': TYPE_DATETIME,
+    'CHAR': TYPE_STRING,
+    'STRING': TYPE_STRING,
+    'VARCHAR': TYPE_STRING
+}
+
+
+class Hive(BaseQueryRunner):
+    @classmethod
+    def configuration_schema(cls):
+        return {
+            "type": "object",
+            "properties": {
+                "host": {
+                    "type": "string"
+                },
+                "port": {
+                    "type": "number"
+                },
+                "database": {
+                    "type": "string"
+                },
+                "username": {
+                    "type": "string"
+                }
+            },
+            "required": ["host"]
+        }
+
+    @classmethod
+    def annotate_query(cls):
+        return False
+
+    @classmethod
+    def type(cls):
+        return "hive"
+
+    def __init__(self, configuration_json):
+        super(Hive, self).__init__(configuration_json)
+
+    def get_schema(self):
+        try:
+            schemas_query = "show schemas"
+
+            tables_query = "show tables in %s"
+
+            columns_query = "show columns in %s"
+
+            schema = {}
+            for schema_name in filter(lambda a: len(a) > 0, map(lambda a: str(a['database_name']), self._run_query_internal(schemas_query))):
+                for table_name in filter(lambda a: len(a) > 0, map(lambda a: str(a['tab_name']), self._run_query_internal(tables_query % schema_name))):
+                    columns = filter(lambda a: len(a) > 0, map(lambda a: str(a['field']), self._run_query_internal(columns_query % table_name)))
+
+                    if schema_name != 'default':
+                        table_name = '{}.{}'.format(schema_name, table_name)
+
+                    schema[table_name] = {'name': table_name, 'columns': columns}
+        except Exception, e:
+            raise sys.exc_info()[1], None, sys.exc_info()[2]
+        return schema.values()
+
+    def run_query(self, query):
+
+        connection = None
+        try:
+            connection = hive.connect(**self.configuration)
+
+            cursor = connection.cursor()
+
+            cursor.execute(query)
+
+            column_names = []
+            columns = []
+
+            for column in cursor.description:
+                column_name = column[COLUMN_NAME]
+                column_names.append(column_name)
+
+                columns.append({
+                    'name': column_name,
+                    'friendly_name': column_name,
+                    'type': types_map.get(column[COLUMN_TYPE], None)
+                })
+
+            rows = [dict(zip(column_names, row)) for row in cursor]
+
+            data = {'columns': columns, 'rows': rows}
+            json_data = json.dumps(data, cls=JSONEncoder)
+            error = None
+            cursor.close()
+        except KeyboardInterrupt:
+            connection.cancel()
+            error = "Query cancelled by user."
+            json_data = None
+        except Exception as e:
+            logging.exception(e)
+            raise sys.exc_info()[1], None, sys.exc_info()[2]
+        finally:
+            connection.close()
+
+        return json_data, error
+
+register(Hive)

redash/query_runner/impala_ds.py

@@ -0,0 +1,151 @@
+import json
+import logging
+import sys
+
+from redash.query_runner import *
+from redash.utils import JSONEncoder
+
+logger = logging.getLogger(__name__)
+
+try:
+    from impala.dbapi import connect
+    from impala.error import DatabaseError, RPCError
+    enabled = True
+except ImportError, e:
+    logger.warning("Missing dependencies. Please install impyla.")
+    logger.warning("You can use pip: pip install impyla")
+    enabled = False
+
+COLUMN_NAME = 0
+COLUMN_TYPE = 1
+
+types_map = {
+    'BIGINT': TYPE_INTEGER,
+    'TINYINT': TYPE_INTEGER,
+    'SMALLINT': TYPE_INTEGER,
+    'INT': TYPE_INTEGER,
+    'DOUBLE': TYPE_FLOAT,
+    'DECIMAL': TYPE_FLOAT,
+    'FLOAT': TYPE_FLOAT,
+    'REAL': TYPE_FLOAT,
+    'BOOLEAN': TYPE_BOOLEAN,
+    'TIMESTAMP': TYPE_DATETIME,
+    'CHAR': TYPE_STRING,
+    'STRING': TYPE_STRING,
+    'VARCHAR': TYPE_STRING
+}
+
+
+class Impala(BaseQueryRunner):
+    @classmethod
+    def configuration_schema(cls):
+        return {
+            "type": "object",
+            "properties": {
+                "host": {
+                    "type": "string"
+                },
+                "port": {
+                    "type": "number"
+                },
+                "protocol": {
+                    "type": "string",
+                    "title": "Please specify beeswax or hiveserver2"
+                },
+                "database": {
+                    "type": "string"
+                },
+                "use_ldap": {
+                    "type": "boolean"
+                },
+                "ldap_user": {
+                    "type": "string"
+                },
+                "ldap_password": {
+                    "type": "string"
+                },
+                "timeout": {
+                    "type": "number"
+                }
+            },
+            "required": ["host"]
+        }
+
+    @classmethod
+    def type(cls):
+        return "impala"
+
+    def __init__(self, configuration_json):
+        super(Impala, self).__init__(configuration_json)
+
+    def get_schema(self):
+        try:
+            schemas_query = "show schemas;"
+
+            tables_query = "show tables in %s;"
+
+            columns_query = "show column stats %s;"
+
+            schema = {}
+            for schema_name in map(lambda a: a['name'], self._run_query_internal(schemas_query)):
+                for table_name in map(lambda a: a['name'], self._run_query_internal(tables_query % schema_name)):
+                    columns = map(lambda a: a['Column'], self._run_query_internal(columns_query % table_name))
+
+                    if schema_name != 'default':
+                        table_name = '{}.{}'.format(schema_name, table_name)
+
+                    schema[table_name] = {'name': table_name, 'columns': columns}
+        except Exception, e:
+            raise sys.exc_info()[1], None, sys.exc_info()[2]
+        return schema.values()
+
+    def run_query(self, query):
+
+        connection = None
+        try:
+            connection = connect(**self.configuration)
+
+            cursor = connection.cursor()
+
+            cursor.execute(query)
+
+            column_names = []
+            columns = []
+
+            for column in cursor.description:
+                column_name = column[COLUMN_NAME]
+                column_names.append(column_name)
+
+                columns.append({
+                    'name': column_name,
+                    'friendly_name': column_name,
+                    'type': types_map.get(column[COLUMN_TYPE], None)
+                })
+
+            rows = [dict(zip(column_names, row)) for row in cursor]
+
+            data = {'columns': columns, 'rows': rows}
+            json_data = json.dumps(data, cls=JSONEncoder)
+            error = None
+            cursor.close()
+        except DatabaseError as e:
+            logging.exception(e)
+            json_data = None
+            error = e.message
+        except RPCError as e:
+            logging.exception(e)
+            json_data = None
+            error = "Metastore Error [%s]" % e.message
+        except KeyboardInterrupt:
+            connection.cancel()
+            error = "Query cancelled by user."
+            json_data = None
+        except Exception as e:
+            logging.exception(e)
+            raise sys.exc_info()[1], None, sys.exc_info()[2]
+        finally:
+            connection.close()
+
+        return json_data, error
+
+register(Impala)

redash/query_runner/influx_db.py

@@ -0,0 +1,83 @@
+import json
+import logging
+
+from redash.utils import JSONEncoder
+from redash.query_runner import *
+
+logger = logging.getLogger(__name__)
+
+try:
+    from influxdb import InfluxDBClusterClient
+    enabled = True
+
+except ImportError:
+    logger.warning("Missing dependencies. Please install influxdb.")
+    logger.warning("You can use pip:   pip install influxdb")
+    enabled = False
+
+def _transform_result(results):
+    result_columns = []
+    result_rows = []
+
+    for result in results:
+        if not result_columns:
+            for c in result.raw['series'][0]['columns']:
+                result_columns.append({ "name": c })
+
+        for point in result.get_points():
+            result_rows.append(point)
+
+    return json.dumps({
+        "columns" : result_columns,
+        "rows" : result_rows
+    }, cls=JSONEncoder)
+
+class InfluxDB(BaseQueryRunner):
+    @classmethod
+    def configuration_schema(cls):
+        return {
+            'type': 'object',
+            'properties': {
+                'url': {
+                    'type': 'string'
+                }
+            },
+            'required': ['url']
+        }
+
+    @classmethod
+    def enabled(cls):
+        return enabled
+
+    @classmethod
+    def annotate_query(cls):
+        return False
+
+    @classmethod
+    def type(cls):
+        return "influxdb"
+
+    def __init__(self, configuration_json):
+        super(InfluxDB, self).__init__(configuration_json)
+
+    def run_query(self, query):
+        client = InfluxDBClusterClient.from_DSN(self.configuration['url'])
+
+        logger.debug("influxdb url: %s", self.configuration['url'])
+        logger.debug("influxdb got query: %s", query)
+
+        try:
+            results = client.query(query)
+            if not isinstance(results, list):
+                results = [results]
+
+            json_data = _transform_result(results)
+            error = None
+        except Exception, ex:
+            json_data = None
+            error = ex.message
+
+        return json_data, error
+
+
+register(InfluxDB)

redash/query_runner/mongodb.py

@@ -3,6 +3,7 @@ import datetime
 import logging
 import re
 import time
+from dateutil.parser import parse
 
 from redash.utils import JSONEncoder
 from redash.query_runner import *
@@ -40,7 +41,6 @@ class MongoDBJSONEncoder(JSONEncoder):
 
         return super(MongoDBJSONEncoder, self).default(o)
 
-
 # Simple query example:
 #
 # {
@@ -147,14 +147,21 @@ class MongoDB(BaseQueryRunner):
 
         return None
 
+    def _fix_dates(self, data):
+        for k in data:
+            if isinstance(data[k], list):
+                for i in range(0, len(data[k])):
+                    self._fix_dates(data[k][i])
+            elif isinstance(data[k], dict):
+                self._fix_dates(data[k])
+            else:
+                if isinstance(data[k], (str, unicode)):
+                    self._convert_date(data, k)
 
     def _convert_date(self, q, field_name):
         m = date_regex.findall(q[field_name])
         if len(m) > 0:
-            if q[field_name].find(":") == -1:
-                q[field_name] = datetime.datetime.fromtimestamp(time.mktime(time.strptime(m[0], "%Y-%m-%d")))
-            else:
-                q[field_name] = datetime.datetime.fromtimestamp(time.mktime(time.strptime(m[0], "%Y-%m-%d %H:%M")))
+            q[field_name] = parse(m[0], yearfirst=True)
 
     def run_query(self, query):
         if self.is_replica_set:
@@ -162,16 +169,14 @@ class MongoDB(BaseQueryRunner):
         else:
             db_connection = pymongo.MongoClient(self.configuration["connectionString"])
 
-        if self.db_name not in db_connection.database_names():
-            return None, "Unknown database name '%s'" % self.db_name
-
-        db = db_connection[self.db_name ]
+        db = db_connection[self.db_name]
 
         logger.debug("mongodb connection string: %s", self.configuration['connectionString'])
         logger.debug("mongodb got query: %s", query)
 
         try:
             query_data = json.loads(query)
+            self._fix_dates(query_data)
         except ValueError:
             return None, "Invalid query format. The query is not a valid JSON."
 
@@ -180,23 +185,11 @@ class MongoDB(BaseQueryRunner):
         else:
             collection = query_data["collection"]
 
-        q = None
-        if "query" in query_data:
-            q = query_data["query"]
-            for k in q:
-                if q[k] and type(q[k]) in [str, unicode]:
-                    logging.debug(q[k])
-                    self._convert_date(q, k)
-                elif q[k] and type(q[k]) is dict:
-                    for k2 in q[k]:
-                        if type(q[k][k2]) in [str, unicode]:
-                            self._convert_date(q[k], k2)
-
+        q = query_data.get("query", None)
         f = None
 
-        aggregate = None
-        if "aggregate" in query_data:
-            aggregate = query_data["aggregate"]
+        aggregate = query_data.get("aggregate", None)
+        if aggregate:
             for step in aggregate:
                 if "$sort" in step:
                     sort_list = []
@@ -205,9 +198,7 @@ class MongoDB(BaseQueryRunner):
 
                     step["$sort"] = SON(sort_list)
 
-        if aggregate:
-            pass
-        else:
+        if not aggregate:
             s = None
             if "sort" in query_data and query_data["sort"]:
                 s = []
@@ -226,9 +217,6 @@ class MongoDB(BaseQueryRunner):
         columns = []
         rows = []
 
-        error = None
-        json_data = None
-
         cursor = None
         if q or (not q and not aggregate):
             if s:
@@ -244,7 +232,16 @@ class MongoDB(BaseQueryRunner):
 
         elif aggregate:
             r = db[collection].aggregate(aggregate)
-            cursor = r["result"]
+
+            # Backwards compatibility with older pymongo versions.
+            #
+            # Older pymongo version would return a dictionary from an aggregate command.
+            # The dict would contain a "result" key which would hold the cursor.
+            # Newer ones return pymongo.command_cursor.CommandCursor.
+            if isinstance(r, dict):
+                cursor = r["result"]
+            else:
+                cursor = r
 
         for r in cursor:
             for k in r:

redash/query_runner/mysql.py

@@ -103,17 +103,16 @@ class Mysql(BaseQueryRunner):
     def run_query(self, query):
         import MySQLdb
 
-        connection = MySQLdb.connect(host=self.configuration.get('host', ''),
-                                     user=self.configuration.get('user', ''),
-                                     passwd=self.configuration.get('passwd', ''),
-                                     db=self.configuration['db'],
-                                     port=self.configuration.get('port', 3306),
-                                     charset='utf8', use_unicode=True)
-        cursor = connection.cursor()
-
-        logger.debug("MySQL running query: %s", query)
-
+        connection = None
         try:
+            connection = MySQLdb.connect(host=self.configuration.get('host', ''),
+                                         user=self.configuration.get('user', ''),
+                                         passwd=self.configuration.get('passwd', ''),
+                                         db=self.configuration['db'],
+                                         port=self.configuration.get('port', 3306),
+                                         charset='utf8', use_unicode=True)
+            cursor = connection.cursor()
+            logger.debug("MySQL running query: %s", query)
             cursor.execute(query)
 
             data = cursor.fetchall()
@@ -145,7 +144,8 @@ class Mysql(BaseQueryRunner):
         except Exception as e:
             raise sys.exc_info()[1], None, sys.exc_info()[2]
         finally:
-            connection.close()
+            if connection:
+                connection.close()
 
         return json_data, error
 

redash/query_runner/pg.py

@@ -93,7 +93,7 @@ class PostgreSQL(BaseQueryRunner):
         results, error = self.run_query(query)
 
         if error is not None:
-           raise Exception("Failed getting schema.")
+            raise Exception("Failed getting schema.")
 
         results = json.loads(results)
 
@@ -127,35 +127,38 @@ class PostgreSQL(BaseQueryRunner):
             columns = []
             duplicates_counter = 1
 
-            for column in cursor.description:
-                # TODO: this deduplication needs to be generalized and reused in all query runners.
-                column_name = column.name
-                if column_name in column_names:
-                    column_name += str(duplicates_counter)
-                    duplicates_counter += 1
+            if cursor.description is not None:
+                for column in cursor.description:
+                    # TODO: this deduplication needs to be generalized and reused in all query runners.
+                    column_name = column.name
+                    if column_name in column_names:
+                        column_name += str(duplicates_counter)
+                        duplicates_counter += 1
 
-                column_names.append(column_name)
+                    column_names.append(column_name)
 
-                columns.append({
-                    'name': column_name,
-                    'friendly_name': column_name,
-                    'type': types_map.get(column.type_code, None)
-                })
+                    columns.append({
+                        'name': column_name,
+                        'friendly_name': column_name,
+                        'type': types_map.get(column.type_code, None)
+                    })
 
-            rows = [dict(zip(column_names, row)) for row in cursor]
+                rows = [dict(zip(column_names, row)) for row in cursor]
 
-            data = {'columns': columns, 'rows': rows}
-            json_data = json.dumps(data, cls=JSONEncoder)
-            error = None
-            cursor.close()
+                data = {'columns': columns, 'rows': rows}
+                error = None
+                json_data = json.dumps(data, cls=JSONEncoder)
+            else:
+                error = 'Query completed but it returned no data.'
+                json_data = None
         except (select.error, OSError) as e:
             logging.exception(e)
             error = "Query interrupted. Please retry."
             json_data = None
         except psycopg2.DatabaseError as e:
             logging.exception(e)
-            json_data = None
             error = e.message
+            json_data = None
         except KeyboardInterrupt:
             connection.cancel()
             error = "Query cancelled by user."

redash/query_runner/presto.py

@@ -0,0 +1,98 @@
+import json
+
+from redash.utils import JSONEncoder
+from redash.query_runner import *
+
+import logging
+logger = logging.getLogger(__name__)
+
+try:
+    from pyhive import presto
+    enabled = True
+
+except ImportError:
+    logger.warning("Missing dependencies. Please install PyHive.")
+    logger.warning("You can use pip:   pip install pyhive")
+    enabled = False
+
+PRESTO_TYPES_MAPPING = {
+    "integer" : TYPE_INTEGER,
+    "long" : TYPE_INTEGER,
+    "bigint" : TYPE_INTEGER,
+    "float" : TYPE_FLOAT,
+    "double" : TYPE_FLOAT,
+    "boolean" : TYPE_BOOLEAN,
+    "string" : TYPE_STRING,
+    "varchar": TYPE_STRING,
+    "date" : TYPE_DATE,
+}
+
+class Presto(BaseQueryRunner):
+    @classmethod
+    def configuration_schema(cls):
+        return {
+            'type': 'object',
+            'properties': {
+                'host': {
+                    'type': 'string'
+                },
+                'port': {
+                    'type': 'number'
+                },
+                'schema': {
+                    'type': 'string'
+                },
+                'catalog': {
+                    'type': 'string'
+                },
+                'username': {
+                    'type': 'string'
+                }
+            },
+            'required': ['host']
+        }
+
+    @classmethod
+    def enabled(cls):
+        return enabled
+
+    @classmethod
+    def annotate_query(cls):
+        return False
+
+    @classmethod
+    def type(cls):
+        return "presto"
+
+    def __init__(self, configuration_json):
+        super(Presto, self).__init__(configuration_json)
+
+    def run_query(self, query):
+        connection = presto.connect(
+                host=self.configuration.get('host', ''),
+                port=self.configuration.get('port', 8080),
+                username=self.configuration.get('username', 'redash'),
+                catalog=self.configuration.get('catalog', 'hive'),
+                schema=self.configuration.get('schema', 'default'))
+
+        cursor = connection.cursor()
+
+        try:
+            cursor.execute(query)
+            columns_data = [(row[0], row[1]) for row in cursor.description]
+
+            columns = [{'name': col[0],
+                'friendly_name': col[0],
+                'type': PRESTO_TYPES_MAPPING.get(col[1], None)} for col in columns_data]
+
+            rows = [dict(zip(([c[0] for c in columns_data]), r)) for i, r in enumerate(cursor.fetchall())]
+            data = {'columns': columns, 'rows': rows}
+            json_data = json.dumps(data, cls=JSONEncoder)
+            error = None
+        except Exception, ex:
+            json_data = None
+            error = ex.message
+
+        return json_data, error
+
+register(Presto)