RostislavDugin
diff --git a/‎backend/cmd/main.go‎
Lines changed: 15 additions & 0 deletions b/‎backend/cmd/main.go‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎backend/internal/features/query/postgresql/controller.go‎
Lines changed: 57 additions & 0 deletions b/‎backend/internal/features/query/postgresql/controller.go‎
Lines changed: 57 additions & 0 deletions
diff --git a/‎backend/internal/features/query/postgresql/di.go‎
Lines changed: 33 additions & 0 deletions b/‎backend/internal/features/query/postgresql/di.go‎
Lines changed: 33 additions & 0 deletions
diff --git a/‎backend/internal/features/query/postgresql/dto.go‎
Lines changed: 36 additions & 0 deletions b/‎backend/internal/features/query/postgresql/dto.go‎
Lines changed: 36 additions & 0 deletions
diff --git a/‎backend/internal/features/query/postgresql/repository.go‎
Lines changed: 171 additions & 0 deletions b/‎backend/internal/features/query/postgresql/repository.go‎
Lines changed: 171 additions & 0 deletions
diff --git a/‎backend/internal/features/query/postgresql/service.go‎
Lines changed: 59 additions & 0 deletions b/‎backend/internal/features/query/postgresql/service.go‎
Lines changed: 59 additions & 0 deletions
@@ -27,6 +27,7 @@ import (
 	"postgresus-backend/internal/features/restores"
 	"postgresus-backend/internal/features/storages"
 	system_healthcheck "postgresus-backend/internal/features/system/healthcheck"
+	sqlquery "postgresus-backend/internal/features/query/postgresql"
 	"postgresus-backend/internal/features/users"
 	env_utils "postgresus-backend/internal/util/env"
 	files_utils "postgresus-backend/internal/util/files"
@@ -178,6 +179,13 @@ func setUpRoutes(r *gin.Engine) {
 	backupConfigController.RegisterRoutes(v1)
 	postgresMonitoringSettingsController.RegisterRoutes(v1)
 	postgresMonitoringMetricsController.RegisterRoutes(v1)
+	//registerSQLQuery(
+	//	v1,
+	//	databases.GetDatabaseService(),
+	//	users.GetUserService(),
+	//)
+	sqlquery.GetPostgresSqlQueryController().RegisterRoutes(v1)
+
 }
 
 func setUpDependencies() {
@@ -313,3 +321,10 @@ func mountFrontend(ginApp *gin.Engine) {
 		c.File(filepath.Join(staticDir, "index.html"))
 	})
 }
+
+//func registerSQLQuery(rg *gin.RouterGroup, dbSvc *databases.DatabaseService, userSvc *users.UserService) {
+//	repo := sqlquery.NewRepository()
+//	svc  := sqlquery.NewService(repo)
+//	ctrl := sqlquery.NewPostgresSqlQueryController(svc, userSvc, dbSvc)
+//	ctrl.RegisterRoutes(rg)
+//}
@@ -0,0 +1,57 @@
+package sqlquery
+
+import (
+	"net/http"
+
+	"postgresus-backend/internal/features/databases"
+	"postgresus-backend/internal/features/users"
+
+	"github.com/gin-gonic/gin"
+)
+
+type PostgresSqlQueryController struct {
+	svc     *Service
+	userSvc *users.UserService
+	dbSvc   *databases.DatabaseService
+}
+
+func NewPostgresSqlQueryController(svc *Service, userSvc *users.UserService, dbSvc *databases.DatabaseService) *PostgresSqlQueryController {
+	return &PostgresSqlQueryController{svc: svc, userSvc: userSvc, dbSvc: dbSvc}
+}
+
+func (c *PostgresSqlQueryController) RegisterRoutes(router *gin.RouterGroup) {
+	router.POST("/sqlquery/execute", c.Execute)
+}
+
+func (c *PostgresSqlQueryController) Execute(ctx *gin.Context) {
+	var req ExecuteRequest
+	if err := ctx.ShouldBindJSON(&req); err != nil {
+		ctx.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+
+	auth := ctx.GetHeader("Authorization")
+	if auth == "" {
+		ctx.JSON(http.StatusUnauthorized, gin.H{"error": "authorization header is required"})
+		return
+	}
+	user, err := c.userSvc.GetUserFromToken(auth)
+	if err != nil {
+		ctx.JSON(http.StatusUnauthorized, gin.H{"error": "invalid token"})
+		return
+	}
+
+	dbc, err := c.dbSvc.GetDatabase(user, req.DatabaseID)
+	if err != nil {
+		ctx.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+
+	resp, err := c.svc.Execute(dbc, &req)
+	if err != nil {
+		ctx.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+
+	ctx.JSON(http.StatusOK, resp)
+}
@@ -0,0 +1,33 @@
+package sqlquery
+
+import (
+	"postgresus-backend/internal/features/databases"
+	"postgresus-backend/internal/features/users"
+)
+
+var (
+	sqlRepo        *Repository
+	sqlService     *Service
+	sqlPgController *PostgresSqlQueryController
+)
+
+func init() {
+	// репозиторій та сервіс
+	sqlRepo = NewRepository()
+	sqlService = NewService(sqlRepo)
+
+	// залежності з сусідніх модулів через їх DI
+	userSvc := users.GetUserService()
+	dbSvc := databases.GetDatabaseService()
+
+	// контролер
+	sqlPgController = NewPostgresSqlQueryController(sqlService, userSvc, dbSvc)
+}
+
+func GetSqlQueryRepository() *Repository { return sqlRepo }
+func GetSqlQueryService() *Service       { return sqlService }
+
+// Головне: цей контролер реєструємо у router
+func GetPostgresSqlQueryController() *PostgresSqlQueryController {
+	return sqlPgController
+}
@@ -0,0 +1,36 @@
+package sqlquery
+
+import (
+	"time"
+
+	"github.com/google/uuid"
+)
+
+// ExecuteRequest — query to execute SELECT/CTE
+type ExecuteRequest struct {
+	DatabaseID uuid.UUID `json:"databaseId" binding:"required"`
+	SQL        string    `json:"sql"        binding:"required"`
+	MaxRows    int       `json:"maxRows"`
+	TimeoutSec int       `json:"timeoutSec"`
+}
+
+type ExecuteResponse struct {
+	Columns     []string      `json:"columns"`
+	Rows        [][]any       `json:"rows"`
+	RowCount    int           `json:"rowCount"`
+	Truncated   bool          `json:"truncated"`
+	ExecutionMs int64         `json:"executionMs"`
+}
+
+// Simple structure for history/logs (for future in the DB)
+type QueryAudit struct {
+	ID         uuid.UUID     `json:"id"`
+	UserID     uuid.UUID     `json:"user_id"`
+	DatabaseID uuid.UUID     `json:"database_id"`
+	SQL        string        `json:"sql"`
+	RowCount   int           `json:"row_count"`
+	Duration   time.Duration `json:"duration"`
+	When       time.Time     `json:"when"`
+	Ok         bool          `json:"ok"`
+	Error      string        `json:"error,omitempty"`
+}
@@ -0,0 +1,171 @@
+package sqlquery
+
+import (
+	"context"
+	"fmt"
+	"strings"
+	"time"
+
+	"postgresus-backend/internal/features/databases"
+	"postgresus-backend/internal/features/databases/databases/postgresql"
+
+	"github.com/jackc/pgx/v5/pgxpool"
+)
+
+type Repository struct{}
+
+func NewRepository() *Repository { return &Repository{} }
+
+func (r *Repository) openPool(ctx context.Context, dsn string) (*pgxpool.Pool, error) {
+	cfg, err := pgxpool.ParseConfig(dsn)
+	if err != nil {
+		return nil, err
+	}
+	cfg.MaxConns = 2
+	cfg.MinConns = 0
+	cfg.MaxConnIdleTime = 90 * time.Second
+	return pgxpool.NewWithConfig(ctx, cfg)
+}
+
+func buildPostgresDSN(pg *postgresql.PostgresqlDatabase) (string, error) {
+	if pg == nil {
+		return "", fmt.Errorf("postgres config is nil")
+	}
+	if pg.Database == nil {
+		return "", fmt.Errorf("database name is nil")
+	}
+
+	db := *pg.Database
+
+	ssl := "disable"
+	if pg.IsHttps {
+		ssl = "require"
+	}
+
+	return fmt.Sprintf(
+		"host=%s port=%d user=%s password=%s dbname=%s sslmode=%s",
+		pg.Host,
+		pg.Port,
+		pg.Username,
+		pg.Password,
+		db,
+		ssl,
+	), nil
+}
+
+type Result struct {
+	Columns   []string
+	Rows      [][]any
+	RowCount  int
+	Truncated bool
+	Duration  time.Duration
+}
+
+// ExecuteSelect — safe SELECT/CTE with forced LIMIT
+// ExecuteSQL — один стейтмент: SELECT/CTE виконуємо з лімітом, інші — через Exec
+func (r *Repository) ExecuteSQL(ctx context.Context, dbc *databases.Database, sql string, maxRows int) (*Result, error) {
+	// підтримуємо лише PostgreSQL (як і раніше)
+	t := strings.ToUpper(string(dbc.Type))
+	if t != "POSTGRES" && t != "POSTGRESQL" {
+		return nil, fmt.Errorf("only PostgreSQL type is supported, got %q", dbc.Type)
+	}
+
+	dsn, err := buildPostgresDSN(dbc.Postgresql)
+	if err != nil {
+		return nil, err
+	}
+
+	pool, err := r.openPool(ctx, dsn)
+	if err != nil {
+		return nil, err
+	}
+	defer pool.Close()
+
+	stmt := strings.TrimSpace(sql)
+	isSelect := isSelectLike(stmt)
+
+	start := time.Now()
+	if isSelect {
+		// SELECT / WITH ... SELECT — обгортаємо лімітом
+		stmt = ensureLimit(stmt, maxRows)
+
+		rows, err := pool.Query(ctx, stmt)
+		if err != nil {
+			return nil, err
+		}
+		defer rows.Close()
+
+		fds := rows.FieldDescriptions()
+		cols := make([]string, len(fds))
+		for i, fd := range fds {
+			cols[i] = fd.Name
+		}
+
+		outRows := make([][]any, 0, 64)
+		rowCount := 0
+		for rows.Next() {
+			vals, err := rows.Values()
+			if err != nil {
+				return nil, err
+			}
+			dst := make([]any, len(vals))
+			copy(dst, vals)
+			outRows = append(outRows, dst)
+			rowCount++
+		}
+		if err := rows.Err(); err != nil {
+			return nil, err
+		}
+
+		return &Result{
+			Columns:   cols,
+			Rows:      outRows,
+			RowCount:  rowCount,        // кількість повернутих рядків
+			Truncated: rowCount >= maxRows,
+			Duration:  time.Since(start),
+		}, nil
+	}
+
+	// DML/DDL: UPDATE/INSERT/DELETE/CREATE/... — просто виконуємо
+	tag, err := pool.Exec(ctx, stmt)
+	if err != nil {
+		return nil, err
+	}
+
+	// фронту достатньо часу виконання; таблиця буде порожня
+	// (за бажанням можна додати RowsAffected в DTO пізніше)
+	return &Result{
+		Columns:   []string{},
+		Rows:      [][]any{},
+		RowCount:  int(tag.RowsAffected()), // для інфи: скільки рядків зачеплено
+		Truncated: false,
+		Duration:  time.Since(start),
+	}, nil
+}
+
+// дуже проста евристика: SELECT або WITH без DML-ключових слів
+func isSelectLike(sql string) bool {
+	up := strings.ToUpper(strings.TrimSpace(sql))
+	if strings.HasPrefix(up, "SELECT ") {
+		return true
+	}
+	if strings.HasPrefix(up, "WITH ") {
+		// якщо це WITH ... INSERT/UPDATE/DELETE/... — вважаємо не-SELECT
+		for _, k := range []string{" INSERT ", " UPDATE ", " DELETE ", " CREATE ", " ALTER ", " DROP ", " TRUNCATE ", " GRANT ", " REVOKE "} {
+			if strings.Contains(up, k) {
+				return false
+			}
+		}
+		return true
+	}
+	return false
+}
+
+// ensureLimit — guaranteed to wrap in a subscript with LIMIT
+func ensureLimit(sql string, maxRows int) string {
+	s := strings.TrimSpace(sql)
+	if maxRows <= 0 {
+		maxRows = 1000
+	}
+	return fmt.Sprintf("SELECT * FROM (%s) __q LIMIT %d", s, maxRows)
+}
@@ -0,0 +1,59 @@
+package sqlquery
+
+import (
+	"context"
+	"errors"
+	"time"
+
+	"postgresus-backend/internal/features/databases"
+)
+
+type Service struct {
+	repo           *Repository
+	defaultRows    int
+	defaultTimeout time.Duration
+}
+
+func NewService(repo *Repository) *Service {
+	return &Service{
+		repo:           repo,
+		defaultRows:    1000,
+		defaultTimeout: 30 * time.Second,
+	}
+}
+
+func (s *Service) Execute(dbc *databases.Database, req *ExecuteRequest) (*ExecuteResponse, error) {
+	if req == nil {
+		return nil, errors.New("empty request")
+	}
+	//if !IsSafeSelect(req.SQL) {
+	//	return nil, errors.New("only single SELECT/CTE statements are allowed")
+	//}
+
+	maxRows := req.MaxRows
+	if maxRows <= 0 || maxRows > 10000 {
+		maxRows = s.defaultRows
+	}
+
+	timeout := s.defaultTimeout
+	if req.TimeoutSec > 0 && req.TimeoutSec < 120 {
+		timeout = time.Duration(req.TimeoutSec) * time.Second
+	}
+
+	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	defer cancel()
+
+	//res, err := s.repo.ExecuteSelect(ctx, dbc, req.SQL, maxRows)
+	res, err := s.repo.ExecuteSQL(ctx, dbc, req.SQL, maxRows)
+	if err != nil {
+		return nil, err
+	}
+
+	return &ExecuteResponse{
+		Columns:     res.Columns,
+		Rows:        res.Rows,
+		RowCount:    res.RowCount,
+		Truncated:   res.Truncated,
+		ExecutionMs: res.Duration.Milliseconds(),
+	}, nil
+}