Allow query access when impersonating (#2863)

Co-authored-by: Mihai Popescu <[email protected]>

Author: matt-aitken

apps/webapp/app/components/navigation/SideMenu.tsx

@@ -274,7 +274,7 @@ export function SideMenu({
               to={v3TestPath(organization, project, environment)}
               data-action="test"
             />
-            {(user.admin || featureFlags.hasQueryAccess) && (
+            {(user.admin || user.isImpersonating || featureFlags.hasQueryAccess) && (
               <SideMenuItem
                 name="Query"
                 icon={TableCellsIcon}

apps/webapp/app/routes/_app.orgs.$organizationSlug.projects.$projectParam.env.$envParam.query/route.tsx

@@ -77,9 +77,10 @@ import { querySchemas } from "~/v3/querySchemas";
 async function hasQueryAccess(
   userId: string,
   isAdmin: boolean,
+  isImpersonating: boolean,
   organizationSlug: string
 ): Promise<boolean> {
-  if (isAdmin) {
+  if (isAdmin || isImpersonating) {
     return true;
   }
 
@@ -117,7 +118,7 @@ export const loader = async ({ request, params }: LoaderFunctionArgs) => {
   const user = await requireUser(request);
   const { projectParam, organizationSlug, envParam } = EnvironmentParamSchema.parse(params);
 
-  const canAccess = await hasQueryAccess(user.id, user.admin, organizationSlug);
+  const canAccess = await hasQueryAccess(user.id, user.admin, user.isImpersonating, organizationSlug);
   if (!canAccess) {
     throw redirect("/");
   }
@@ -158,7 +159,7 @@ export const action = async ({ request, params }: ActionFunctionArgs) => {
   const user = await requireUser(request);
   const { projectParam, organizationSlug, envParam } = EnvironmentParamSchema.parse(params);
 
-  const canAccess = await hasQueryAccess(user.id, user.admin, organizationSlug);
+  const canAccess = await hasQueryAccess(user.id, user.admin, user.isImpersonating, organizationSlug);
   if (!canAccess) {
     return typedjson(
       { error: "Unauthorized", rows: null, columns: null, stats: null },