dojoengine · Larkooo · Nov 21, 2024 · Nov 20, 2024 · Nov 20, 2024 · Nov 20, 2024
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/bin/torii/src/main.rs b/bin/torii/src/main.rs
@@ -97,7 +97,14 @@ async fn main() -> anyhow::Result<()> {
     options = options.journal_mode(SqliteJournalMode::Wal);
     options = options.synchronous(SqliteSynchronous::Normal);
 
-    let pool = SqlitePoolOptions::new().min_connections(1).connect_with(options).await?;
+    let pool = SqlitePoolOptions::new().min_connections(1).connect_with(options.clone()).await?;
+
+    let readonly_options = options.read_only(true);
+    let readonly_pool = SqlitePoolOptions::new()
+        .min_connections(1)
+        .max_connections(100)
+        .connect_with(readonly_options)
+        .await?;
 
     // Set the number of threads based on CPU count
     let cpu_count = std::thread::available_parallelism().unwrap().get();
@@ -120,7 +127,7 @@ async fn main() -> anyhow::Result<()> {
     .await?;
     let executor_handle = tokio::spawn(async move { executor.run().await });
 
-    let model_cache = Arc::new(ModelCache::new(pool.clone()));
+    let model_cache = Arc::new(ModelCache::new(readonly_pool.clone()));
     let db = Sql::new(pool.clone(), sender.clone(), &args.indexing.contracts, model_cache.clone())
         .await?;
 
@@ -166,7 +173,7 @@ async fn main() -> anyhow::Result<()> {
     let shutdown_rx = shutdown_tx.subscribe();
     let (grpc_addr, grpc_server) = torii_grpc::server::new(
         shutdown_rx,
-        &pool,
+        &readonly_pool,
         block_rx,
         world_address,
         Arc::clone(&provider),
@@ -181,8 +188,12 @@ async fn main() -> anyhow::Result<()> {
     tokio::fs::create_dir_all(&artifacts_path).await?;
     let absolute_path = artifacts_path.canonicalize_utf8()?;
 
-    let (artifacts_addr, artifacts_server) =
-        torii_server::artifacts::new(shutdown_tx.subscribe(), &absolute_path, pool.clone()).await?;
+    let (artifacts_addr, artifacts_server) = torii_server::artifacts::new(
+        shutdown_tx.subscribe(),
+        &absolute_path,
+        readonly_pool.clone(),
+    )
+    .await?;
 
     let mut libp2p_relay_server = torii_relay::server::Relay::new(
         db,
@@ -203,11 +214,12 @@ async fn main() -> anyhow::Result<()> {
         Some(grpc_addr),
         None,
         Some(artifacts_addr),
+        Arc::new(readonly_pool.clone()),
     ));
 
     let graphql_server = spawn_rebuilding_graphql_server(
         shutdown_tx.clone(),
-        pool.into(),
+        readonly_pool.into(),
         args.external_url,
         proxy_server.clone(),
     );

diff --git a/crates/torii/server/Cargo.toml b/crates/torii/server/Cargo.toml
@@ -29,3 +29,4 @@ tower-http.workspace = true
 tower.workspace = true
 tracing.workspace = true
 warp.workspace = true
+form_urlencoded = "1.2.1"
diff --git a/crates/torii/server/src/proxy.rs b/crates/torii/server/src/proxy.rs
@@ -3,6 +3,8 @@ use std::net::{IpAddr, SocketAddr};
 use std::sync::Arc;
 use std::time::Duration;
 
+use base64::engine::general_purpose::STANDARD;
+use base64::Engine;
 use http::header::CONTENT_TYPE;
 use http::{HeaderName, Method};
 use hyper::client::connect::dns::GaiResolver;
@@ -12,6 +14,7 @@ use hyper::service::make_service_fn;
 use hyper::{Body, Client, Request, Response, Server, StatusCode};
 use hyper_reverse_proxy::ReverseProxy;
 use serde_json::json;
+use sqlx::{Column, Row, SqlitePool, TypeInfo};
 use tokio::sync::RwLock;
 use tower::ServiceBuilder;
 use tower_http::cors::{AllowOrigin, CorsLayer};
@@ -60,6 +63,7 @@ pub struct Proxy {
     grpc_addr: Option<SocketAddr>,
     artifacts_addr: Option<SocketAddr>,
     graphql_addr: Arc<RwLock<Option<SocketAddr>>>,
+    pool: Arc<SqlitePool>,
 }
 
 impl Proxy {
@@ -69,13 +73,15 @@ impl Proxy {
         grpc_addr: Option<SocketAddr>,
         graphql_addr: Option<SocketAddr>,
         artifacts_addr: Option<SocketAddr>,
+        pool: Arc<SqlitePool>,
     ) -> Self {
         Self {
             addr,
             allowed_origins,
             grpc_addr,
             graphql_addr: Arc::new(RwLock::new(graphql_addr)),
             artifacts_addr,
+            pool,
         }
     }
 
@@ -93,6 +99,7 @@ impl Proxy {
         let grpc_addr = self.grpc_addr;
         let graphql_addr = self.graphql_addr.clone();
         let artifacts_addr = self.artifacts_addr;
+        let pool = self.pool.clone();
 
         let make_svc = make_service_fn(move |conn: &AddrStream| {
             let remote_addr = conn.remote_addr().ip();
@@ -129,12 +136,14 @@ impl Proxy {
                     ),
                 });
 
+            let pool_clone = pool.clone();
             let graphql_addr_clone = graphql_addr.clone();
             let service = ServiceBuilder::new().option_layer(cors).service_fn(move |req| {
+                let pool = pool_clone.clone();
                 let graphql_addr = graphql_addr_clone.clone();
                 async move {
                     let graphql_addr = graphql_addr.read().await;
-                    handle(remote_addr, grpc_addr, artifacts_addr, *graphql_addr, req).await
+                    handle(remote_addr, grpc_addr, artifacts_addr, *graphql_addr, pool, req).await
                 }
             });
 
@@ -156,6 +165,7 @@ async fn handle(
     grpc_addr: Option<SocketAddr>,
     artifacts_addr: Option<SocketAddr>,
     graphql_addr: Option<SocketAddr>,
+    pool: Arc<SqlitePool>,
     req: Request<Body>,
 ) -> Result<Response<Body>, Infallible> {
     if req.uri().path().starts_with("/static") {
@@ -224,6 +234,84 @@ async fn handle(
         }
     }
 
+    if req.uri().path().starts_with("/sql") {
+        let query = if req.method() == Method::GET {
+            // Get the query from URL parameters
+            let params = req.uri().query().unwrap_or_default();
+            form_urlencoded::parse(params.as_bytes())
+                .find(|(key, _)| key == "q")
+                .map(|(_, value)| value.to_string())
+                .unwrap_or_default()
+        } else if req.method() == Method::POST {
+            // Get the query from request body
+            let body_bytes = hyper::body::to_bytes(req.into_body()).await.unwrap_or_default();
+            String::from_utf8(body_bytes.to_vec()).unwrap_or_default()
+        } else {
+            return Ok(Response::builder()
+                .status(StatusCode::METHOD_NOT_ALLOWED)
+                .body(Body::from("Only GET and POST methods are allowed"))
+                .unwrap());
+        };
+
+        // Execute the query in a read-only transaction
+        return match sqlx::query(&query).fetch_all(&*pool).await {
+            Ok(rows) => {
+                let result: Vec<_> = rows
+                    .iter()
+                    .map(|row| {
+                        let mut obj = serde_json::Map::new();
+                        for (i, column) in row.columns().iter().enumerate() {
+                            let value: serde_json::Value = match column.type_info().name() {
+                                "TEXT" => row
+                                    .get::<Option<String>, _>(i)
+                                    .map_or(serde_json::Value::Null, serde_json::Value::String),
+                                "INTEGER" => row
+                                    .get::<Option<i64>, _>(i)
+                                    .map_or(serde_json::Value::Null, |n| {
+                                        serde_json::Value::Number(n.into())
+                                    }),
+                                "REAL" => row.get::<Option<f64>, _>(i).map_or(
+                                    serde_json::Value::Null,
+                                    |f| {
+                                        serde_json::Number::from_f64(f).map_or(
+                                            serde_json::Value::Null,
+                                            serde_json::Value::Number,
+                                        )
+                                    },
+                                ),
+                                "BLOB" => row
+                                    .get::<Option<Vec<u8>>, _>(i)
+                                    .map_or(serde_json::Value::Null, |bytes| {
+                                        serde_json::Value::String(STANDARD.encode(bytes))
+                                    }),
+                                _ => row
+                                    .get::<Option<String>, _>(i)
+                                    .map_or(serde_json::Value::Null, serde_json::Value::String),
+                            };
+                            obj.insert(column.name().to_string(), value);
+                        }
+                        serde_json::Value::Object(obj)
+                    })
+                    .collect();
+
+                let json = serde_json::to_string(&result).unwrap();
+
+                Ok(Response::builder()
+                    .status(StatusCode::OK)
+                    .header(CONTENT_TYPE, "application/json")
+                    .body(Body::from(json))
+                    .unwrap())
+            }
+            Err(e) => {
+                error!("SQL query error: {:?}", e);
+                Ok(Response::builder()
+                    .status(StatusCode::BAD_REQUEST)
+                    .body(Body::from("Query error"))
+                    .unwrap())
+            }
+        };
+    }
+
     let json = json!({
         "service": "torii",
         "success": true