Previously, the old appMetricsSceneLogic might not have been unmounted
by the time the navigation to a new one starts. This resulted in issues
where the old one would load data.
When refreshing dashboard insights, the API call is against the Insight API.
This was returning the correct last_refresh date but that wasn't being copied into the dashboard tile, and so the dashboard didn't see the last refresh dates change until something in the UI (or a page refresh) reloaded tiles from the API.
Co-authored-by: Michael Matloka <dev@twixes.com>
## Problem
Take 2 on [this PR](https://github.com/PostHog/posthog/pull/11993#event-7470261128). The problem is that our rate limits should be based on `team_id` instead of an API key, and the last PR didn't handle views that didn't have a `team_id`.
## Changes
* Moves the rate_limit to be based on the `team_id` when possible
* Handles views that don't have a team_id
* Ensures the enabling/disabling of rate limits applies to all rate_limit classes (it used to only apply to the default classes)
and
* moves enabling the rate limit to an instance setting
* and adds a team id allow list for bypassing the rate limit
* and a simple cache which I think stops us hammering the reading of the infrequently changing settings
👉 *Stay up-to-date with [PostHog coding conventions](https://posthog.com/docs/contribute/coding-conventions) for a smoother review.*
## How did you test this code?
Added tests for the new cases:
* Rate limit works across a team - not just on an individual user.
* Rate limits work on views without a `team_id`
* Disabling the rate limits works
Co-authored-by: Paul D'Ambra <paul@posthog.com>
The dashboard logic was incorrectly filtering out tiles when applying updated to turbo mode. Which sometimes caused text tiles to disappear until the dashboard was refreshed. Notably if anything caused the tiles to refresh
## Problem
fly-by we tell typescript that `layouts` can be `Record<string, any>` but that's not true.
## Changes
so let's tell typescript that `layouts` is `Record<DashboardLayoutSize, Layout>`
## How did you test this code?
* loading dashboards and seeing them still work
* opening this PR and seeing if any TS errors shout at me
## Problem
When loading a dashboard we use `dashboard` from the `dashboardsLogic` which seems reasonable except that is actually coming from the `dashboardsModel`. `dashboard` isn't available on the `dashboardsModel` until it has loaded 300 dashboards
## Changes
`allItems` on the `dashboardLogic` is the result of loading a single dashboard. Which is faster than loading 300 probably 🤷
## How did you test this code?
running locally and seeing dashboards loading
* fix(apps): Fix API token for apps
* Fix hashing
* Use `this.db` directly instead of via `createCache()`
This way the personal API key will be unavailable to plugins.
* Limit key caching to 14 days
* Update plugins-api-key-manager.test.ts
Co-authored-by: Michael Matloka <dev@twixes.com>
Queries in production were failing because of the following error:
```
DB::Exception: Conversion from AggregateFunction(sum, SimpleAggregateFunction(sum, Int64)) to AggregateFunction(sum, Int64) is not supported: while converting source column `sum(failures)` to destination column `sum(failures)`. (CANNOT_CONVERT_TYPE) (version 22.3.6.5 (official build))
```
The fix is to keep schema for sharded and distributed table in sync
allows select to pass in the current value when actually selecting a tag so that you can choose pre-completed values
adds a spinner to the tag row to let user know when things are slow
## Problem
Django validates file content type by reading "magic bytes" from the start of the file. It doesn't then check that file really is the type it claims to be. https://docs.djangoproject.com/en/4.1/topics/security/#user-uploaded-content
That's not good enough for rock and roll. And would allow an attacker to attempt to upload HTML with magic bytes that pretend to be an image file. We would store that and then serve it back to a dashboard. ☠️ See more at https://trailofbits.github.io/ctf/forensics/
## Changes
On upload use the [Pillow image library](https://github.com/python-pillow/Pillow) to open the file and transpose it. The image must be valid to be successfully transposed.
## How did you test this code?
* Adding a valid image file and seeing the developer tests still run
* Adding a file handcrafted to start with gif magic bytes but not actually be a gif and seeing validation fail
* Uploading an image to a dashboard and seeing it still work
in this slack message a user reports that a graph with a series with all values less than 1 is hard to read because the axis ticks presented are 0 and 1.
* chore: url encode filenames used in uploaded media url
* correct use of quote
* Update snapshots
* chore: instrument-use-of-show-legend (#12253)
chore/instrument-use-of-show-legend
* chore: instrument unit choices (#12252)
* chore: ingestion warnings for alias calls preemptively (#12255)
* test(plugin-server): add pluginJob e2e tests (#12256)
* test(plugin-server): add pluginJob e2e tests
When trying to debug why some Graphile Worker jobs weren't going
through, I added some tests for export events v1, and runNow. This
didn't in the end help with my debugging, but should be useful as high
level tests for these features.
* chore: keep existing production seconds
* remove console.log
* feat: Recordings add support for moving forward and backward one frame (#12202)
* chore: allow overriding jest timezone (#12261)
* feat: show legend on dashboard for pie charts (#12248)
## Problem
related to #12226#11433
and closes #11863
## Changes
* updates dashboard view for pie charts to include the legend if shown
* adds aggregate value to the legend
* sorts the legend in descending order
* fixes hiding and showing pie segments and total when (un)selecting series in the legend
* remove file name from url
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Tiina Turban <tiina303@gmail.com>
Co-authored-by: Harry Waye <harry@posthog.com>
Co-authored-by: Ben White <ben@benjackwhite.co.uk>
