Feat/change request permissions (#2382)

* Adds two new permissions for the new enterprise level change request: APPROVE_CHANGE_REQUEST and APPLY_CHANGE_REQUEST

frontend/src/component/admin/projectRoles/hooks/useProjectRoleForm.ts

@@ -4,6 +4,11 @@ import cloneDeep from 'lodash.clonedeep';
 import useProjectRolePermissions from 'hooks/api/getters/useProjectRolePermissions/useProjectRolePermissions';
 import useProjectRolesApi from 'hooks/api/actions/useProjectRolesApi/useProjectRolesApi';
 import { formatUnknownError } from 'utils/formatUnknownError';
+import useUiConfig from 'hooks/api/getters/useUiConfig/useUiConfig';
+import {
+    APPLY_CHANGE_REQUEST,
+    APPROVE_CHANGE_REQUEST,
+} from 'component/providers/AccessProvider/permissions';
 
 export interface ICheckedPermission {
     [key: string]: IPermission;
@@ -17,6 +22,7 @@ const useProjectRoleForm = (
     initialRoleDesc = '',
     initialCheckedPermissions = {}
 ) => {
+    const { uiConfig } = useUiConfig();
     const { permissions } = useProjectRolePermissions({
         revalidateIfStale: false,
         revalidateOnReconnect: false,
@@ -246,6 +252,28 @@ const useProjectRoleForm = (
             ? `${permission.id}-${permission.environment}`
             : `${permission.id}`;
     };
+    // Clean up when feature is complete changeRequests
+    let filteredPermissions = cloneDeep(permissions);
+
+    if (!uiConfig?.flags.changeRequests) {
+        filteredPermissions.environments = filteredPermissions.environments.map(
+            env => {
+                env.permissions = env.permissions.filter(permission => {
+                    if (!uiConfig?.flags.changeRequests) {
+                        if (
+                            permission.name === APPLY_CHANGE_REQUEST ||
+                            permission.name === APPROVE_CHANGE_REQUEST
+                        ) {
+                            return false;
+                        }
+                    }
+                    return true;
+                });
+
+                return env;
+            }
+        );
+    }
 
     return {
         roleName,
@@ -264,7 +292,7 @@ const useProjectRoleForm = (
         validateNameUniqueness,
         errors,
         getRoleKey,
-        permissions,
+        permissions: filteredPermissions,
     };
 };
 

frontend/src/component/providers/AccessProvider/permissions.ts

@@ -31,3 +31,5 @@ export const MOVE_FEATURE_TOGGLE = 'MOVE_FEATURE_TOGGLE';
 export const CREATE_SEGMENT = 'CREATE_SEGMENT';
 export const UPDATE_SEGMENT = 'UPDATE_SEGMENT';
 export const DELETE_SEGMENT = 'DELETE_SEGMENT';
+export const APPLY_CHANGE_REQUEST = 'APPLY_CHANGE_REQUEST';
+export const APPROVE_CHANGE_REQUEST = 'APPROVE_CHANGE_REQUEST';

src/lib/types/permissions.ts

@@ -37,3 +37,5 @@ export const MOVE_FEATURE_TOGGLE = 'MOVE_FEATURE_TOGGLE';
 export const CREATE_SEGMENT = 'CREATE_SEGMENT';
 export const UPDATE_SEGMENT = 'UPDATE_SEGMENT';
 export const DELETE_SEGMENT = 'DELETE_SEGMENT';
+export const APPROVE_CHANGE_REQUEST = 'APPROVE_CHANGE_REQUEST';
+export const APPLY_CHANGE_REQUEST = 'APPLY_CHANGE_REQUEST';

src/migrations/20221108114358-add-change-request-permissions.js

@@ -0,0 +1,19 @@
+exports.up = function (db, cb) {
+    db.runSql(
+        `
+        INSERT INTO permissions (permission, display_name, type) VALUES ('APPROVE_CHANGE_REQUEST', 'Approve a change request', 'environment');
+        INSERT INTO permissions (permission, display_name, type) VALUES ('APPLY_CHANGE_REQUEST', 'Apply a change request', 'environment');
+        `,
+        cb,
+    );
+};
+
+exports.down = function (db, cb) {
+    db.runSql(
+        `
+        DELETE FROM permissions WHERE permission = 'APPROVE_CHANGE_REQUEST';
+        DELETE FROM permissions WHERE permission = 'APPLY_CHANGE_REQUEST';
+  `,
+        cb,
+    );
+};