diff --git a/lib/sanbase/queries/authorization.ex b/lib/sanbase/queries/authorization.ex index 04419ab498..2b4e7f89a8 100644 --- a/lib/sanbase/queries/authorization.ex +++ b/lib/sanbase/queries/authorization.ex @@ -17,6 +17,15 @@ defmodule Sanbase.Queries.Authorization do end end + @doc ~s""" + Returns the dynamic repo whose credentials have the least restrictions. + This is used to execute queries when basic auth is used + """ + @spec max_access_dynamic_repo() :: module() + def max_access_dynamic_repo() do + Sanbase.ClickhouseRepo.BusinessMaxUser + end + @doc ~s""" Convert the user's plan to a dynamic Clickhouse repo. """ diff --git a/lib/sanbase/queries/queries.ex b/lib/sanbase/queries/queries.ex index 102f7479c9..94c39bb11a 100644 --- a/lib/sanbase/queries/queries.ex +++ b/lib/sanbase/queries/queries.ex @@ -119,6 +119,10 @@ defmodule Sanbase.Queries do Queries.Authorization.user_can_execute_query(user, product_code, plan_name) end + def max_access_dynamic_repo() do + Queries.Authorization.max_access_dynamic_repo() + end + def user_plan_to_dynamic_repo(product_code, plan_name) do Queries.Authorization.user_plan_to_dynamic_repo(product_code, plan_name) end diff --git a/lib/sanbase_web/graphql/middlewares/user_auth.ex b/lib/sanbase_web/graphql/middlewares/user_auth.ex index 42d112dd1a..aee1ca1f4c 100644 --- a/lib/sanbase_web/graphql/middlewares/user_auth.ex +++ b/lib/sanbase_web/graphql/middlewares/user_auth.ex @@ -14,6 +14,9 @@ defmodule SanbaseWeb.Graphql.Middlewares.UserAuth do The user must have accepted the privacy policy in order to access resources. This allows both API key authentication and JWT authentication """ + def call(%Resolution{context: %{auth: %{auth_method: :basic}}} = resolution, _opts), + do: resolution + def call( %Resolution{ context: %{ diff --git a/lib/sanbase_web/graphql/resolvers/queries_resolver.ex b/lib/sanbase_web/graphql/resolvers/queries_resolver.ex index b347ab6501..8a443cd81c 100644 --- a/lib/sanbase_web/graphql/resolvers/queries_resolver.ex +++ b/lib/sanbase_web/graphql/resolvers/queries_resolver.ex @@ -3,6 +3,7 @@ defmodule SanbaseWeb.Graphql.Resolvers.QueriesResolver do alias Sanbase.Dashboards alias Sanbase.Queries.QueryMetadata alias Sanbase.Queries.Executor.Result + alias Absinthe.Resolution require Logger @@ -59,6 +60,19 @@ defmodule SanbaseWeb.Graphql.Resolvers.QueriesResolver do # Run query operations + def run_sql_query( + _root, + %{id: query_id}, + %Resolution{context: %{auth: %{auth_method: :basic}}} = resolution + ) do + with {:ok, query} <- Queries.get_query(query_id, nil) do + Process.put(:queries_dynamic_repo, Queries.max_access_dynamic_repo()) + + query_metadata = QueryMetadata.from_resolution(resolution) + Queries.run_query(query, %Sanbase.Accounts.User{id: -1}, query_metadata) + end + end + def run_sql_query( _root, %{id: query_id}, @@ -77,6 +91,28 @@ defmodule SanbaseWeb.Graphql.Resolvers.QueriesResolver do end end + def run_raw_sql_query( + _root, + %{sql_query_text: query_text, sql_query_parameters: query_parameters}, + %{context: %{auth: %{auth_method: :basic}}} = resolution + ) do + query_parameters = if query_parameters == "{}", do: %{}, else: query_parameters + + Process.put( + :queries_dynamic_repo, + Queries.max_access_dynamic_repo() + ) + + query_metadata = QueryMetadata.from_resolution(resolution) + + query = + Queries.get_ephemeral_query_struct(query_text, query_parameters, %Sanbase.Accounts.User{ + id: -1 + }) + + Queries.run_query(query, %Sanbase.Accounts.User{id: -1}, query_metadata) + end + def run_raw_sql_query( _root, %{sql_query_text: query_text, sql_query_parameters: query_parameters},