token based report

[pjain1]

Changes:

• This PR changes all the report links to always have a magic token.
• Magic tokens are created for each run of the report with expiry of 60 days for both internal and external users.
• This enables the links to never expire and everytime its clicked it just works (if user is removed or added etc. in all scenarios) unless the token expires.

UI changes needed:

• Report Creation API - Since even external users can now open the report in explore, the API now expects either the metrics view and explore name or canvas name on which report is created.
• Open link - handle token and use it show the explore (similar to a public URL). If a user is logged in, it should display a banner to say "this is a preview link" or something like that (may need product input here). The report's token may have different permissions/attributes than the current user (e.g. if the report was created by an admin, but the recipient is not an admin), so it cannot simply show the dashboard as the current user.
• Download link - use token to enable download, it already happens for external user now so probably only removing internal download page (if exists).
• Unsubscribe link - It will need to grab the email or slack_user query param from the url and call the unsubscribe API with this param.

Important Note: This does not support locking time ranges as of now (locking dimension filter works), as they would be evaluated during each report run at runtime. The queries that are sent by explore have a separate time range apart from the filter, magic token only supports row filter. If mgc token has time range then it will need to be reconciled with the actual time range sent.

Contributes to https://github.com/orgs/rilldata/projects/38/views/8?pane=issue&itemId=85181742&issue=rilldata%7Crill-private-issues%7C855

[begelundmuller]

Also, do we have a job that clears expired magic auth tokens periodically? If not, can you add one?

[begelundmuller]

How will the report owner/admin open the report if they want to edit it? (E.g. change the frequency or the title)

[pjain1]

They will need to visit the reports page on UI.

We would need to detect if user is a project or org admin or creator of the report and add edit link. Currently we just add edit link for all Rill users but it has an issue if the user is not part of project (or not admin) otherwise it will be broken experience for them. For this reason I just removed the edit link and thought admin can visit the reports page, let me know if we want to add these checks.

[begelundmuller]

Though not great, this is alright. But would it be possible to keep the edit link for at least the owner user (I'm wondering if that would just require a simple check against the owner user ID)?

[pjain1]

Added edit link for owner, also added unsubscribe as a separate link since owner can be removed from project or org but should have option to unsubscribe.

[pjain1]

Also, do we have a job that clears expired magic auth tokens periodically? If not, can you add one?

There is already a deleteExpiredAuthTokens job that will take care of it since we set an expiry.

[pjain1]

If a user is added as both slack and email recipient using same email then unsubscribing from any one unsubscribes from both places, what behaviour we want here ?

[begelundmuller]

Is it easy to break it out by notifier type? If not, I think it's fine to unsubscribe both places because this will probably never happen in practice.

[pjain1]

done

[begelundmuller]

@pjain1 I responded to the two open questions on this PR. Can you let me know when you address them (or if you decide they are not worth it) and fix the merge conflict?