From ded33a6d810b1be349e4c665450d90024f481c27 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nuno=20G=C3=B3is?= <github@nunogois.com>
Date: Thu, 10 Aug 2023 13:11:55 +0100
Subject: [PATCH] chore: remove customRootRoles flag in favor of killswitch
 (#4431)

https://linear.app/unleash/issue/2-1303/adapt-existing-customrootroles-flag-to-a-customrootroleskillswitch

Removes the existing `customRootRoles` flag in favor of a
`customRootRolesKillSwitch` which should follow the same logic but
negated/inverted.

Once released, this will effectively make custom root roles GA, and we
can use
[customRootRolesKillSwitch](https://app.unleash-hosted.com/hosted/projects/eg/features/customRootRolesKillSwitch)
to disable the feature if needed.
---
 .../src/component/admin/roles/RolesPage.tsx   |  7 +-
 frontend/src/interfaces/uiConfig.ts           |  2 +-
 .../__snapshots__/create-config.test.ts.snap  |  4 +-
 src/lib/services/access-service.test.ts       | 11 +--
 src/lib/services/access-service.ts            |  4 +-
 src/lib/types/experimental.ts                 | 13 ++-
 .../e2e/api/admin/api-token.auth.e2e.test.ts  | 85 +------------------
 7 files changed, 19 insertions(+), 107 deletions(-)

diff --git a/frontend/src/component/admin/roles/RolesPage.tsx b/frontend/src/component/admin/roles/RolesPage.tsx
index 0f418d1f66..e708b02e98 100644
--- a/frontend/src/component/admin/roles/RolesPage.tsx
+++ b/frontend/src/component/admin/roles/RolesPage.tsx
@@ -41,7 +41,7 @@ export const RolesPage = () => {
     const [modalOpen, setModalOpen] = useState(false);
     const [selectedRole, setSelectedRole] = useState<IRole>();
 
-    const tabs = uiConfig.flags.customRootRoles
+    const tabs = !uiConfig.flags.customRootRolesKillSwitch
         ? [
               {
                   label: 'Root roles',
@@ -65,7 +65,8 @@ export const RolesPage = () => {
     const isSmallScreen = useMediaQuery(theme.breakpoints.down('md'));
 
     const type =
-        !uiConfig.flags.customRootRoles || pathname.includes('project-roles')
+        uiConfig.flags.customRootRolesKillSwitch ||
+        pathname.includes('project-roles')
             ? PROJECT_ROLE_TYPE
             : ROOT_ROLE_TYPE;
 
@@ -157,7 +158,7 @@ export const RolesPage = () => {
                     element={
                         <RolesTable
                             type={
-                                uiConfig.flags.customRootRoles
+                                !uiConfig.flags.customRootRolesKillSwitch
                                     ? ROOT_ROLE_TYPE
                                     : PROJECT_ROLE_TYPE
                             }
diff --git a/frontend/src/interfaces/uiConfig.ts b/frontend/src/interfaces/uiConfig.ts
index 17edc676c8..4554d81565 100644
--- a/frontend/src/interfaces/uiConfig.ts
+++ b/frontend/src/interfaces/uiConfig.ts
@@ -50,7 +50,7 @@ export interface IFlags {
     disableBulkToggle?: boolean;
     disableNotifications?: boolean;
     advancedPlayground?: boolean;
-    customRootRoles?: boolean;
+    customRootRolesKillSwitch?: boolean;
     strategyVariant?: boolean;
     newProjectLayout?: boolean;
     configurableFeatureTypeLifetimes?: boolean;
diff --git a/src/lib/__snapshots__/create-config.test.ts.snap b/src/lib/__snapshots__/create-config.test.ts.snap
index cd63db562e..345a873436 100644
--- a/src/lib/__snapshots__/create-config.test.ts.snap
+++ b/src/lib/__snapshots__/create-config.test.ts.snap
@@ -70,7 +70,7 @@ exports[`should create default config 1`] = `
       "anonymiseEventLog": false,
       "caseInsensitiveInOperators": false,
       "configurableFeatureTypeLifetimes": false,
-      "customRootRoles": false,
+      "customRootRolesKillSwitch": false,
       "demo": false,
       "disableBulkToggle": false,
       "disableNotifications": false,
@@ -107,7 +107,7 @@ exports[`should create default config 1`] = `
       "anonymiseEventLog": false,
       "caseInsensitiveInOperators": false,
       "configurableFeatureTypeLifetimes": false,
-      "customRootRoles": false,
+      "customRootRolesKillSwitch": false,
       "demo": false,
       "disableBulkToggle": false,
       "disableNotifications": false,
diff --git a/src/lib/services/access-service.test.ts b/src/lib/services/access-service.test.ts
index b146f2ffe0..5d633bf380 100644
--- a/src/lib/services/access-service.test.ts
+++ b/src/lib/services/access-service.test.ts
@@ -14,12 +14,12 @@ import FakeEventStore from '../../test/fixtures/fake-event-store';
 import { IRole } from 'lib/types/stores/access-store';
 import { IGroup } from 'lib/types';
 
-function getSetup(customRootRoles: boolean = false) {
+function getSetup(customRootRolesKillSwitch: boolean = true) {
     const config = createTestConfig({
         getLogger,
         experimental: {
             flags: {
-                customRootRoles: customRootRoles,
+                customRootRolesKillSwitch,
             },
         },
     });
@@ -161,7 +161,7 @@ test('should be able to validate and cleanup with additional properties', async
 });
 
 test('user with custom root role should get a user root role', async () => {
-    const { accessService } = getSetup(true);
+    const { accessService } = getSetup(false);
     const customRootRole = await accessService.createRole({
         name: 'custom-root-role',
         description: 'test custom root role',
@@ -185,11 +185,6 @@ test('throws error when trying to delete a project role in use by group', async
     };
     const config = createTestConfig({
         getLogger,
-        experimental: {
-            flags: {
-                customRootRoles: false,
-            },
-        },
     });
 
     const eventStore = new FakeEventStore();
diff --git a/src/lib/services/access-service.ts b/src/lib/services/access-service.ts
index 4da1582515..0d1200f990 100644
--- a/src/lib/services/access-service.ts
+++ b/src/lib/services/access-service.ts
@@ -519,7 +519,7 @@ export class AccessService {
 
         if (
             roleType === CUSTOM_ROOT_ROLE_TYPE &&
-            !this.flagResolver.isEnabled('customRootRoles')
+            this.flagResolver.isEnabled('customRootRolesKillSwitch')
         ) {
             throw new InvalidOperationError(
                 'Custom root roles are not enabled.',
@@ -557,7 +557,7 @@ export class AccessService {
 
         if (
             roleType === CUSTOM_ROOT_ROLE_TYPE &&
-            !this.flagResolver.isEnabled('customRootRoles')
+            this.flagResolver.isEnabled('customRootRolesKillSwitch')
         ) {
             throw new InvalidOperationError(
                 'Custom root roles are not enabled.',
diff --git a/src/lib/types/experimental.ts b/src/lib/types/experimental.ts
index 0f420566e6..1e51d2c05b 100644
--- a/src/lib/types/experimental.ts
+++ b/src/lib/types/experimental.ts
@@ -20,7 +20,6 @@ export type IFlagKey =
     | 'disableBulkToggle'
     | 'disableNotifications'
     | 'advancedPlayground'
-    | 'customRootRoles'
     | 'strategyVariant'
     | 'newProjectLayout'
     | 'slackAppAddon'
@@ -29,7 +28,8 @@ export type IFlagKey =
     | 'filterInvalidClientMetrics'
     | 'frontendNavigationUpdate'
     | 'lastSeenByEnvironment'
-    | 'segmentChangeRequests';
+    | 'segmentChangeRequests'
+    | 'customRootRolesKillSwitch';
 
 export type IFlags = Partial<{ [key in IFlagKey]: boolean | Variant }>;
 
@@ -97,10 +97,6 @@ const flags: IFlags = {
         process.env.DISABLE_NOTIFICATIONS,
         false,
     ),
-    customRootRoles: parseEnvVarBoolean(
-        process.env.UNLEASH_EXPERIMENTAL_CUSTOM_ROOT_ROLES,
-        false,
-    ),
     newProjectLayout: parseEnvVarBoolean(
         process.env.UNLEASH_EXPERIMENTAL_NEW_PROJECT_LAYOUT,
         false,
@@ -113,7 +109,6 @@ const flags: IFlags = {
         process.env.UNLEASH_SLACK_APP_ADDON,
         false,
     ),
-
     emitPotentiallyStaleEvents: parseEnvVarBoolean(
         process.env.UNLEASH_EXPERIMENTAL_EMIT_POTENTIALLY_STALE_EVENTS,
         false,
@@ -138,6 +133,10 @@ const flags: IFlags = {
         process.env.UNLEASH_EXPERIMENTAL_SEGMENT_CHANGE_REQUESTS,
         false,
     ),
+    customRootRolesKillSwitch: parseEnvVarBoolean(
+        process.env.UNLEASH_EXPERIMENTAL_CUSTOM_ROOT_ROLES_KILL_SWITCH,
+        false,
+    ),
 };
 
 export const defaultExperimentalOptions: IExperimentalOptions = {
diff --git a/src/test/e2e/api/admin/api-token.auth.e2e.test.ts b/src/test/e2e/api/admin/api-token.auth.e2e.test.ts
index 20c2d24cf5..fed77e8b52 100644
--- a/src/test/e2e/api/admin/api-token.auth.e2e.test.ts
+++ b/src/test/e2e/api/admin/api-token.auth.e2e.test.ts
@@ -206,13 +206,7 @@ test('A role with only CREATE_PROJECT_API_TOKEN can create project tokens', asyn
         });
     };
 
-    const { request, destroy } = await setupAppWithCustomAuth(stores, preHook, {
-        experimental: {
-            flags: {
-                customRootRoles: true,
-            },
-        },
-    });
+    const { request, destroy } = await setupAppWithCustomAuth(stores, preHook);
 
     await request
         .post('/api/admin/projects/default/api-tokens')
@@ -261,13 +255,6 @@ describe('Fine grained API token permissions', () => {
             const { request, destroy } = await setupAppWithCustomAuth(
                 stores,
                 preHook,
-                {
-                    experimental: {
-                        flags: {
-                            customRootRoles: true,
-                        },
-                    },
-                },
             );
             await request
                 .post('/api/admin/api-tokens')
@@ -312,13 +299,6 @@ describe('Fine grained API token permissions', () => {
             const { request, destroy } = await setupAppWithCustomAuth(
                 stores,
                 preHook,
-                {
-                    experimental: {
-                        flags: {
-                            customRootRoles: true,
-                        },
-                    },
-                },
             );
             await request
                 .post('/api/admin/api-tokens')
@@ -363,13 +343,6 @@ describe('Fine grained API token permissions', () => {
             const { request, destroy } = await setupAppWithCustomAuth(
                 stores,
                 preHook,
-                {
-                    experimental: {
-                        flags: {
-                            customRootRoles: true,
-                        },
-                    },
-                },
             );
             await request
                 .post('/api/admin/api-tokens')
@@ -417,13 +390,6 @@ describe('Fine grained API token permissions', () => {
             const { request, destroy } = await setupAppWithCustomAuth(
                 stores,
                 preHook,
-                {
-                    experimental: {
-                        flags: {
-                            customRootRoles: true,
-                        },
-                    },
-                },
             );
             await stores.apiTokenStore.insert({
                 username: 'client',
@@ -486,13 +452,6 @@ describe('Fine grained API token permissions', () => {
             const { request, destroy } = await setupAppWithCustomAuth(
                 stores,
                 preHook,
-                {
-                    experimental: {
-                        flags: {
-                            customRootRoles: true,
-                        },
-                    },
-                },
             );
             await stores.apiTokenStore.insert({
                 username: 'client',
@@ -650,13 +609,6 @@ describe('Fine grained API token permissions', () => {
                 const { request, destroy } = await setupAppWithCustomAuth(
                     stores,
                     preHook,
-                    {
-                        experimental: {
-                            flags: {
-                                customRootRoles: true,
-                            },
-                        },
-                    },
                 );
                 const token = await stores.apiTokenStore.insert({
                     username: 'cilent',
@@ -706,13 +658,6 @@ describe('Fine grained API token permissions', () => {
                 const { request, destroy } = await setupAppWithCustomAuth(
                     stores,
                     preHook,
-                    {
-                        experimental: {
-                            flags: {
-                                customRootRoles: true,
-                            },
-                        },
-                    },
                 );
                 const token = await stores.apiTokenStore.insert({
                     username: 'frontend',
@@ -763,13 +708,6 @@ describe('Fine grained API token permissions', () => {
                 const { request, destroy } = await setupAppWithCustomAuth(
                     stores,
                     preHook,
-                    {
-                        experimental: {
-                            flags: {
-                                customRootRoles: true,
-                            },
-                        },
-                    },
                 );
                 const token = await stores.apiTokenStore.insert({
                     username: 'admin',
@@ -823,13 +761,6 @@ describe('Fine grained API token permissions', () => {
                 const { request, destroy } = await setupAppWithCustomAuth(
                     stores,
                     preHook,
-                    {
-                        experimental: {
-                            flags: {
-                                customRootRoles: true,
-                            },
-                        },
-                    },
                 );
                 const token = await stores.apiTokenStore.insert({
                     username: 'cilent',
@@ -879,13 +810,6 @@ describe('Fine grained API token permissions', () => {
                 const { request, destroy } = await setupAppWithCustomAuth(
                     stores,
                     preHook,
-                    {
-                        experimental: {
-                            flags: {
-                                customRootRoles: true,
-                            },
-                        },
-                    },
                 );
                 const token = await stores.apiTokenStore.insert({
                     username: 'frontend',
@@ -935,13 +859,6 @@ describe('Fine grained API token permissions', () => {
                 const { request, destroy } = await setupAppWithCustomAuth(
                     stores,
                     preHook,
-                    {
-                        experimental: {
-                            flags: {
-                                customRootRoles: true,
-                            },
-                        },
-                    },
                 );
                 const token = await stores.apiTokenStore.insert({
                     username: 'admin',