Co-authored-by: bryan <bryan.maass@gmail.com>

* Fix csp directives for embed previews

We set content security directives to allow for iframes on
dashboards. This list did not include 'self' so we can't actually host
an iframe pointing at our, well, self.

Embed previews work by just embedding an iframe with the dashboard and
this breaks if we don't allow iframes from our self.

* e2e test

---------

Co-authored-by: Aleksandr Lesnenko <alxnddr@gmail.com>

### Description

This PR updates Macaw to the latest version, which exposes a new analyzer which handles compound queries.

It also finishes the migration to using tagged-union result maps consistently across all the interfaces.

This should also remove the atrociously verbose analysis error messages in CI.

This standards on a "just maps" approach to returning disabled, disallowed, or failed query analysis. This is as opposed to the hodgepodge approach of significant `nil`, untagged unions with keywords, and exceptions.

Essentially we have a classic "either" style tagged union, where `:error` is the tag.

* upgrades is-airgapped? defn to defsetting airgap-enabled

- uses the airgap-enabled settings value to remove Cloud section in
  SettingsEditor
- "Metabase Enterprise Airgap" -> "Enterprise Airgap"

* hide still need help section in airgap mode

* move flag checking into selectors

* fe lint

* ts type check

* use optional chaining and nullish coalescing

* hide StillNeedHelp in ag mode

* adding airgap-enabled to createMockSettings

---------

Co-authored-by: Nick Fitzpatrick <nickfitz.582@gmail.com>

* Format databricks as spark in prettify-native-form

* Add test to be generalized in follow up

Co-authored-by: Ryan Laurie <iethree@gmail.com>

* add allowed iframe host setting wip

* use allowed-iframe-hosts setting in the CSP header

* add a test for the frame-src csp directive

* Update allowed-iframe-hosts setting definition

* Add error state for forbidden iframe url domains

* Move out iframe e2e test suite

* Add e2e test

* Update error message in view mode

* Fix unit tests

* Update setting on the admin page

* Update error state

* Add links to error states

* Update docs links

* Update link anchors

* Add default allowed hosts to public setting

* Update allowed domain check logic

* Fix default value display in admin page

* Don't update setting without changes

* Update error message spacing

* correct the parsing of allowed-hosts string for CSP header entries

* fix test

* fix not handling wildcard ports

* Fix failing e2e test

* Fix subdomain test

* address review

 - the parse-allowed-iframe-hosts fn is now memoized
 - a * entry is handled and doesn't produce a weird *:* entry
 - no more try/catch, errors in parsing will be logged but the list returns all valid entries
 - when www. is encountered, an entry including www. is added
 - trailing / is 'cleaned' and the entry is used as if there was no trailing /

* Fixup test for expecting a few more frame sources

* indentation fix for linter 



* Fix type error

---------

Co-authored-by: Adam James <adam.vermeer2@gmail.com>
Co-authored-by: Anton Kulyk <kuliks.anton@gmail.com>
Co-authored-by: dan sutton <dan@dpsutton.com>

* Do not create personal collections for API keys

Co-authored-by: Noah Moss <32746338+noahmoss@users.noreply.github.com>

This is to allow for the possibiliy of adding more metricsv2 usage and error metrics in the future while still
distinguishing the source of the errors.

### Description

This is a low level step towards applying table-level permissions to native queries.

It replaces the more generic and powerful `:ast-walker-1` analyzer with the more conservative `:basic-select` version we recently landed. The advantage of this version is that it protects against dynamic table references and false negatives due to masking.

This was throwing errors trying to `nippy/freeze!` an Atom.

That was because in certain circumstances a pMBQL query can end up in
`(:json_query metadata)` for a query, and those can contain an atom
due to `metabase.lib.cache` and both `CachedMetadataProvider` and
`InvocationTracker`.

I added `lib.query/serializable` as a single location to strip out
anything that isn't serializable, such as atoms. (And the entire
`:lib/metadata`, which is a wasted effort to serialize.)

Remove localization for some additional metrics that were missed in 2882692b.

* Fix reference in deprecation notice

* Add lock_filled icon

* Add view-only tag to the question header for questions with hidden source tables

* Simplify the useHasHiddenSourceTables helper

* Add typings to useHasHiddenSourceTables

* Show 'view-only' badge when the question is not editable

* Set up card endpoints

* Add test for hidden tables

* Add e2e test for View-only tag

* Add visibilityType to TableDisplayInfo

* Use unfiltered table display info to determine which tables are hidden

* Rename util to hooks

* Use rem for border-radius

* Sign in in beforeEach

* Add tests for more visibility types

* Fix unit tests

* Remove empty file

* Add test for unavailable cards

* Remove unnecessary card endpoint

* Add unit test for inaccessible card

* Move ViewOnlyTag to it's own file

* Add more unit tests for ViewOnly tag

* Use MBQL to create queryies where possible

* Fix a Couple bugs related to pivot exports

 - pivot-grouping value, when not an int (in the case of Oracle dbs), would cause exports to contain zero rows. This
 fixes that
 - json formatted/unformatted for the dataset API endpoints (unsaved questions) was not being used, so all exports
 were formatted

* json and csv use (int group) to check row inclusion

* grouping change fix tests

* json formatted/unformatted test

* xlsx formatters are correct when pivot-grouping col is removed

* cljfmt

* fix up failing tests

* fix test

* Update src/metabase/api/dataset.clj

* Modularize metabase.pulse; add metabase.pulse.core API namespace

* Rename metabase.pulse.send-test

* Split email result attachment stuff into its own namespace

* Update dashboard-subscription-test

* Allow metabase.email.result-attachment externally... for now

* More code cleanup

* Decouple models.card and email.messages

* Decouple models.collection and metabase.email.messages

* Hopefully the last fix 

* Fix #48647 

* Fix event handler

* :render/text, not :pulse/text

* Test fixes 

* Test fix 

* RESPECT the modules

* Remove unused namespace

* Adds query_executions_by_source_24h and entity_id_translations_last_24h

- add docstring

* clear eid translation count in stats-post-cleanup

* remove ->> with after? it's confusing

* dissoc the right path

== Behaviour without this fix ==

See #48881

== Behaviour with this fix ==

1. Metabase starts with an empty application database, and a config file
   containing configuration for a connected database
3. By the time it reaches "INFO metabase.task :: Task scheduler started",
   `qrtz_triggers` contains `metabase.task.sync-and-analyze.trigger.1`
   (sample DB) and `metabase.task.sync-and-analyze.trigger.2` (DB from
   config file)

Closes: https://github.com/metabase/metabase/issues/48881


Co-authored-by: Noah Moss <noah@metabase.com>

* Use type date for case expression when there are Date and DateTime args

* Use logic for getting case expr type from annotate middleware

* Add e2e test

* Add bigquery test

* Update test

* cljfmt and comment

* Adjust e2e test

* Fix expression stage

* Add test

* Parallel test

* Adjust test

* Adjust test

* Use metric's aggregation :name

* Add test

* fix: Always cast json number types as decimal

Fixes #48507

* Fix tests

* Fix tests

* Fix test

Fixes #48639

* Let non-admins see tables in recents

```shell
❯ http get "localhost:3000/api/activity/recents?context=views" Cookie:"metabase.SESSION=ba..3d" -pb
{
    "recents": [
        {
            "can_write": false,
            "database": {
                "id": 6,
                "initial_sync_status": "complete",
                "name": "pg restaurants"
            },
            "description": null,
            "display_name": "Restaurants",
            "id": 112,
            "model": "table",
            "name": "restaurants",
            "table_schema": "public",
            "timestamp": "2024-10-15T22:11:39.412100Z"
        },
        {
            "can_write": false,
            "database": {
                "id": 6,
                "initial_sync_status": "complete",
                "name": "pg restaurants"
            },
            "description": null,
            "display_name": "Reviews",
            "id": 110,
            "model": "table",
            "name": "reviews",
            "table_schema": "public",
            "timestamp": "2024-10-15T19:53:19.999445Z"
        }
    ]
}
```

We were getting permissions of a "fake" table. Instead, let the db
select it and get the proper stuff. Worked for admins because
mi/can-read? is presumably always true for tables, and worked in tests
because we mocked mi/can-read?

* bump ci

* Add new promethues counter for :metabase-metrics/adjust-errors

To record errors in metabase.query-processor.middleware.metrics/adjust

* Add prometheus metrics test to metrics middleware tests

* Also inc :metabase-metrics/adjust-errors when throwing an exception

* Make splice-compatible-metrics private

It doesn't seem to be used outside of metabase.query-processor.middleware.metrics.

* Add test for :metabase-metrics/adjust-errors when exception is thrown

* Move inc-and-throw! helper into metabase.analytics.prometheus

* Add inc-and-throw! test to prometheus tests

* Rename inc-test to inc!-test and use approx= and metric-value helpers

* Add try/catch to metrics adjust and record metric errors in a single place

Record promethues metrics in a single place in metabase.query-processor.middleware.metrics and ensure we record
failures for any exception throw.

* Improve testing description string

* Rename :metabase-metrics/adjust-errors to :metabase-query-processor/metrics-errors

* Move metrics adjustment try/catch into a new helper

This ensures we count all exceptions generated by adjust-metric-stages.

* Add new prometheus metric to count number of MB metrics seen by the QP

This new metric is intended to count the number of metrics that the query processor metrics middleware sees and
attempts to adjust.

* Add more metrics metrics tests

- Ensure that queries with no metrics do not incremement either counter
- Ensure that successful calls to adjust do not increment the error counter
- Ensure that exceptions throw from other libs also increment the error counter

* Rename test to adjust-prometheus-metrics-test and add helper to reduce code dup

* If no metrics are found immediately return query in metrics middleware adjust

Don't attempt to adjust query if we don't find any :metric clauses.

* Appease cljfmt

* Improve metric description

Co-authored-by: metamben <103100869+metamben@users.noreply.github.com>

* Improve epsilon test in approx=

Co-authored-by: metamben <103100869+metamben@users.noreply.github.com>

* Remove adjust-metric-stages-counting-errors

This function was an attempt to avoid double-counting errors, but probably not worth the effort.

See

https://github.com/metabase/metabase/pull/48598#discussion_r1800197964
https://github.com/metabase/metabase/pull/48598#discussion_r1800200421

* Count metrics directly when mocking prometheus/inc!

Based on PR feedback here:

https://github.com/metabase/metabase/pull/48598#discussion_r1800207674

* Remove prometheus/inc-and-throw!

Value prop was always questionable, but now that it's only called from a single place, just remove it and inline the
call to prometheus/inc!. Easy to add back later if it proves generally useful.

PR discussion thread

https://github.com/metabase/metabase/pull/48598#discussion_r1799728596

* Rename match-one-metric to find-first-metric

https://github.com/metabase/metabase/pull/48598#discussion_r1803321025

* Rename :metabase-query-processor/metrics-errors to metric-errors

https://github.com/metabase/metabase/pull/48598#discussion_r1803313818

* Throw an exception rather than logging a warning if we fail to adjust a metric

https://github.com/metabase/metabase/pull/48598#discussion_r1803328482



---------

Co-authored-by: metamben <103100869+metamben@users.noreply.github.com>

* add prometheus tracking for sdk-embedding

* indentation

* improve track-sdk-response api

* register :metabase-sdk/response-{ok,error} + test

* avoid cyclic dependency whe nusing prometheus

fixes:
[ /metabase/api/common ]
<- /metabase/models/setting
<- /metabase/analytics/settings
<- /metabase/analytics/prometheus
<- /metabase/analytics/sdk
<- /metabase/models/view_log
<- /metabase/events/schema
<- /metabase/events
<- [ /metabase/api/common ]
<- /metabase/public_settings/premium_features
<- /metabase/auth_provider
<- /metabase/driver
<- /dev/debug_qp
<- /dev

* nix dependency: events.schema --> models.view-log

- make them both read context from view-log-impl instead

* cljfmt