token based report

[pjain1]

Changes:

• This PR changes all the report links to always have a magic token.
• Magic tokens are created for each run of the report with expiry of 60 days for both internal and external users.
• This enables the links to never expire and everytime its clicked it just works (if user is removed or added etc. in all scenarios) unless the token expires.

UI changes needed:

• Report Creation API - Since even external users can now open the report in explore, the API now expects either the (metrics view and explore name) or canvas name on which report is created. UI also needs to specify a open mode which indicates if open link should be created for the user or not. It has following options

open_mode: legacy|none|creator|filter
open_filter: <filter to use if open_mode=filter>

- `legacy` (default): if the email is not a Rill user, don't provide an open link; otherwise, provide an open link without a magic token (so it uses their current credentials)
- `none`: don't provide an open link
- `creator`: provide an open link with a magic token that has the same attributes as the report creator
- `filter` (later): provide an open link with magic token that has the same attributes as the report creator, but filtered by `open_filter`

• Report Edit API - should include open_mode in the request now.
• Open link - open link will have magic token and can be used to show the explore (similar to a public URL). If a user is logged in, it should display a banner to say "this is a preview link" or something like that (may need product input here). The report's token may have different permissions/attributes than the current user (e.g. if the report was created by an admin, but the recipient is not an admin), so it cannot simply show the dashboard as the current user.
• Download link - use token to enable download, it already happens for external user now so probably only removing internal download page (if exists).
• Unsubscribe link - It will need to grab the email or slack_user query param from the url and call the unsubscribe API with this param.

Important Note: This does not support locking time ranges as of now (locking dimension filter works), as they would be evaluated during each report run at runtime. The queries that are sent by explore have a separate time range apart from the filter, magic token only supports row filter. If mgc token has time range then it will need to be reconciled with the actual time range sent.

Contributes to https://github.com/orgs/rilldata/projects/38/views/8?pane=issue&itemId=85181742&issue=rilldata%7Crill-private-issues%7C855

[begelundmuller]

Also, do we have a job that clears expired magic auth tokens periodically? If not, can you add one?

[pjain1]

Also, do we have a job that clears expired magic auth tokens periodically? If not, can you add one?

There is already a deleteExpiredAuthTokens job that will take care of it since we set an expiry.

[begelundmuller]

@pjain1 I responded to the two open questions on this PR. Can you let me know when you address them (or if you decide they are not worth it) and fix the merge conflict?