Allow Basic Auth to execute queries

Author: IvanIvanoff

lib/sanbase/queries/authorization.ex

@@ -17,6 +17,15 @@ defmodule Sanbase.Queries.Authorization do
     end
   end
 
+  @doc ~s"""
+  Returns the dynamic repo whose credentials have the least restrictions.
+  This is used to execute queries when basic auth is used
+  """
+  @spec max_access_dynamic_repo() :: module()
+  def max_access_dynamic_repo() do
+    Sanbase.ClickhouseRepo.BusinessMaxUser
+  end
+
   @doc ~s"""
   Convert the user's plan to a dynamic Clickhouse repo.
   """

lib/sanbase/queries/queries.ex

@@ -119,6 +119,10 @@ defmodule Sanbase.Queries do
     Queries.Authorization.user_can_execute_query(user, product_code, plan_name)
   end
 
+  def max_access_dynamic_repo() do
+    Queries.Authorization.max_access_dynamic_repo()
+  end
+
   def user_plan_to_dynamic_repo(product_code, plan_name) do
     Queries.Authorization.user_plan_to_dynamic_repo(product_code, plan_name)
   end

lib/sanbase_web/graphql/middlewares/user_auth.ex

@@ -14,6 +14,9 @@ defmodule SanbaseWeb.Graphql.Middlewares.UserAuth do
   The user must have accepted the privacy policy in order to access resources.
   This allows both API key authentication and JWT authentication
   """
+  def call(%Resolution{context: %{auth: %{auth_method: :basic}}} = resolution, _opts),
+    do: resolution
+
   def call(
         %Resolution{
           context: %{

lib/sanbase_web/graphql/resolvers/queries_resolver.ex

@@ -3,6 +3,7 @@ defmodule SanbaseWeb.Graphql.Resolvers.QueriesResolver do
   alias Sanbase.Dashboards
   alias Sanbase.Queries.QueryMetadata
   alias Sanbase.Queries.Executor.Result
+  alias Absinthe.Resolution
 
   require Logger
 
@@ -59,6 +60,19 @@ defmodule SanbaseWeb.Graphql.Resolvers.QueriesResolver do
 
   # Run query operations
 
+  def run_sql_query(
+        _root,
+        %{id: query_id},
+        %Resolution{context: %{auth: %{auth_method: :basic}}} = resolution
+      ) do
+    with {:ok, query} <- Queries.get_query(query_id, nil) do
+      Process.put(:queries_dynamic_repo, Queries.max_access_dynamic_repo())
+
+      query_metadata = QueryMetadata.from_resolution(resolution)
+      Queries.run_query(query, %Sanbase.Accounts.User{id: -1}, query_metadata)
+    end
+  end
+
   def run_sql_query(
         _root,
         %{id: query_id},
@@ -77,6 +91,28 @@ defmodule SanbaseWeb.Graphql.Resolvers.QueriesResolver do
     end
   end
 
+  def run_raw_sql_query(
+        _root,
+        %{sql_query_text: query_text, sql_query_parameters: query_parameters},
+        %{context: %{auth: %{auth_method: :basic}}} = resolution
+      ) do
+    query_parameters = if query_parameters == "{}", do: %{}, else: query_parameters
+
+    Process.put(
+      :queries_dynamic_repo,
+      Queries.max_access_dynamic_repo()
+    )
+
+    query_metadata = QueryMetadata.from_resolution(resolution)
+
+    query =
+      Queries.get_ephemeral_query_struct(query_text, query_parameters, %Sanbase.Accounts.User{
+        id: -1
+      })
+
+    Queries.run_query(query, %Sanbase.Accounts.User{id: -1}, query_metadata)
+  end
+
   def run_raw_sql_query(
         _root,
         %{sql_query_text: query_text, sql_query_parameters: query_parameters},