1
0
mirror of https://github.com/Unleash/unleash.git synced 2024-11-01 19:07:38 +01:00
Commit Graph

7591 Commits

Author SHA1 Message Date
Thomas Heartman
f5fb7b66d1
Fix: validate that the project is correct when getting feature by project (#2344)
## What

This PR fixes a bug where fetching a feature toggle via the
`/api/admin/projects/:projectId/features/:featureName` endpoint doesn't
validate that the feature belongs to the provided project. The same
thing applies to the archive functionality. This has also been fixed.

In doing so, it also adds corresponding tests to check for edge cases,
updates the 403 error response we use to provide clearer steps for the
user, and adds more error responses to the OpenAPI documentation.

## Why

As mentioned in #2337, it's unexpected that the provided project
shouldn't matter at all, and after discussions internally, it was also
discovered that this was never intended to be the case.

## Discussion points

It might be worth rethinking this for Unleash v5. Why does the features
API need the projects part at all when features are unique across the
entire instance? Would it be worth reverting to a simpler feature API
later or would that introduce issues with regards to how different
projects can have different active environments and so on?

### Further improvements

I have _not_ provided schemas for the error responses for the endpoints
at this time. I considered it, but because it would introduce new schema
code, more tests, etc, I decided to leave it for later. There's a
thorough OpenAPI walkthrough coming up, so I think it makes sense to do
it as part of that work instead. I am happy to be challenged on this,
however, and will implement it if you think it's better.

### Why 403 when the project is wrong?

We could also have used the 404 status code for when the feature exists
but doesn't belong to this project, but this would require more (and
more complex) code. We also already use 403 for cases like this for
post, patch, and put. Finally, the [HTTP spec's section on the 403
status code](https://httpwg.org/specs/rfc9110.html#status.403) says the
following (emphasis mine):

> The 403 (Forbidden) status code indicates that the server
**_understood the request but refuses to fulfill it_**. A server that
wishes to make public why the request has been forbidden can describe
that reason in the response content (if any).
>
> If authentication credentials were provided in the request, the server
considers them insufficient to grant access. The client SHOULD NOT
automatically repeat the request with the same credentials. The client
MAY repeat the request with new or different credentials. However, **_a
request might be forbidden for reasons unrelated to the credentials_**.

As such, I think using 403 makes sense in this case.

---

Closes #2337.
2022-11-08 13:34:01 +01:00
Mateusz Kwasniewski
88a9e0cb9b
feat: stateful banner (#2346)
Conditional banner for change request status
2022-11-08 12:56:28 +01:00
Fredrik Strand Oseberg
f76ac0edb3
Fix/embedded proxy memory leak (#2345)
* Fixes a memory leak where events would trigger the data polling to restart. Any event would setup another polling interval, which would strain our database. Separated the logic for fetching the data and the polling, and made sure that the polling was only initialized once.
2022-11-08 12:35:53 +01:00
Mateusz Kwasniewski
c6f906159b
feat: env check in change requests (#2336) 2022-11-07 09:16:29 +01:00
Ivar Conradi Østhus
bf521b58fd
fix: merge order for UI config 2022-11-04 14:43:12 +01:00
Nuno Góis
9577a81528
fix: clone environment creating token everytime (#2335) 2022-11-04 12:12:07 +00:00
Mateusz Kwasniewski
065833e5d1
feat: display change details (#2327)
* feat: display change details

* refactor: reorganize components

* feat: display deleted strategy name if present

* feat: UI tweaks

* fix: types

* refactor: remove unnecessary checks for types
2022-11-04 12:52:47 +01:00
Tymoteusz Czech
4b281d9513
Change request - edit strategy (#2334)
* feat: request change - add strategy

* refactor: use change request is-enabled hook

* feat: edit strategy

* fix: prettier formatting

* fix: refetch change request draft after adding
2022-11-04 11:55:45 +01:00
Tymoteusz Czech
d2000f2848
feat: request change - add strategy (#2330)
* feat: request change - add strategy

* refactor: use change request is-enabled hook
2022-11-04 11:25:06 +01:00
andreas-unleash
c1e0bd83b0
Frontend - Suggest change copy strategy (#2312)
* Suggest change copy strategy

* Fix merge conflicts

* Copy strategies from other environment added to draft

* Copy strategies from other environment added to draft

* Copy strategies from other environment added to draft

* Copy strategies from other environment added to draft

* fmt

* PR comments

* PR comments

* PR comments

* PR comments

* Fix: Conditionally hide Change Requests tab
2022-11-04 11:33:07 +02:00
sjaanus
a267f13a7d
4.18.0-beta.0 2022-11-04 11:02:47 +02:00
sjaanus
102713eeca
Remove uniqueness from change requests merging (#2332)
Remove uniqueness
2022-11-04 10:57:45 +02:00
Mateusz Kwasniewski
fae7de0d5d
refactor: hook for change requests (#2331)
* refactor: hook for change requests

* Update frontend/src/component/project/Project/ProjectFeatureToggles/ProjectFeatureToggles.tsx

Co-authored-by: Tymoteusz Czech <2625371+Tymek@users.noreply.github.com>

* Update frontend/src/component/project/Project/Project.tsx

Co-authored-by: Tymoteusz Czech <2625371+Tymek@users.noreply.github.com>

* Update frontend/src/component/feature/FeatureView/FeatureOverview/FeatureOverviewEnvSwitches/FeatureOverviewEnvSwitch/FeatureOverviewEnvSwitch.tsx

Co-authored-by: Tymoteusz Czech <2625371+Tymek@users.noreply.github.com>

* Update frontend/src/component/feature/FeatureStrategy/FeatureStrategyRemove/FeatureStrategyRemove.tsx

Co-authored-by: Tymoteusz Czech <2625371+Tymek@users.noreply.github.com>

* fix: fix imports

Co-authored-by: Tymoteusz Czech <2625371+Tymek@users.noreply.github.com>
2022-11-04 09:50:00 +01:00
Ivar Conradi Østhus
2d2d6f268a
fix: generate all hour buckets if missing (#2319) 2022-11-04 09:30:02 +01:00
andreas-unleash
46076fcbc8
Fix: Conditionally hide Change Requests tab (#2329) 2022-11-04 10:17:37 +02:00
sjaanus
f0a929044d
Change request API draft to open (#2320)
Draft to open
2022-11-04 09:44:56 +02:00
Ivar Conradi Østhus
0717b281fa
fix: update resolutions 2022-11-03 15:38:51 +01:00
Simon Hornby
3d0146cca7
Fix docker build (#2326)
* fix: patch stale docker lockfile
* fix: patch docker build to respect the fact that frontend now depends on some constants defined in unleash
2022-11-03 15:02:20 +01:00
Ivar Conradi Østhus
ae0006b839
fix: require minimatch 3.0.5 or higher 2022-11-03 14:43:36 +01:00
Simon Hornby
90cb737202
docs: add documentation for user group syncing (#2314)
* docs: add documentation for user group syncing and a end to end example for keycloak

Co-authored-by: Thomas Heartman <thomas@getunleash.ai>
2022-11-03 14:59:12 +02:00
Nuno Góis
20310bf1a4
docs: add environment cloning and how-to guide (#2249)
* docs: add environment cloning and how-to guide

* add next steps in how-to, update reference

* update how-to, add images

* Update website/docs/how-to/how-to-clone-environment.mdx

Co-authored-by: Simon Hornby <liquidwicked64@gmail.com>

* Update website/docs/how-to/how-to-clone-environment.mdx

Co-authored-by: Simon Hornby <liquidwicked64@gmail.com>

* Update website/docs/user_guide/environments.md

Co-authored-by: Simon Hornby <liquidwicked64@gmail.com>

* Update website/docs/how-to/how-to-clone-environment.mdx

Co-authored-by: Simon Hornby <liquidwicked64@gmail.com>

* Update website/docs/user_guide/environments.md

Co-authored-by: Simon Hornby <liquidwicked64@gmail.com>

* Update website/docs/how-to/how-to-clone-environment.mdx

Co-authored-by: Thomas Heartman <thomas@getunleash.ai>

* Update website/docs/how-to/how-to-clone-environment.mdx

Co-authored-by: Thomas Heartman <thomas@getunleash.ai>

* Update website/docs/how-to/how-to-clone-environment.mdx

Co-authored-by: Thomas Heartman <thomas@getunleash.ai>

* Update website/sidebars.js

Co-authored-by: Thomas Heartman <thomas@getunleash.ai>

* Update website/docs/how-to/how-to-clone-environment.mdx

Co-authored-by: Thomas Heartman <thomas@getunleash.ai>

* Update website/docs/how-to/how-to-clone-environment.mdx

Co-authored-by: Thomas Heartman <thomas@getunleash.ai>

* Update website/docs/how-to/how-to-clone-environment.mdx

Co-authored-by: Thomas Heartman <thomas@getunleash.ai>

* Update website/docs/user_guide/environments.md

Co-authored-by: Thomas Heartman <thomas@getunleash.ai>

* Update website/docs/user_guide/environments.md

Co-authored-by: Thomas Heartman <thomas@getunleash.ai>

* address PR comments

* Update website/docs/how-to/how-to-clone-environments.mdx

Co-authored-by: Thomas Heartman <thomas@getunleash.ai>

* Update website/docs/user_guide/environments.md

Co-authored-by: Thomas Heartman <thomas@getunleash.ai>

* Update website/docs/user_guide/environments.md

Co-authored-by: Thomas Heartman <thomas@getunleash.ai>

* Update website/docs/user_guide/environments.md

Co-authored-by: Thomas Heartman <thomas@getunleash.ai>

* fix uppercase in guide

Co-authored-by: Simon Hornby <liquidwicked64@gmail.com>
Co-authored-by: Thomas Heartman <thomas@getunleash.ai>
2022-11-03 14:14:08 +02:00
sjaanus
0de0da8f97
Remove manually added migrations and fix the scripts (#2324)
* Fix migrations

* Fix migrations
2022-11-03 14:05:47 +02:00
Fredrik Strand Oseberg
d8db33ac7f
Feat/change request overview applied state (#2322)
* feat: review button

* feat: add review button

* fix: add to box

* fix: separate function calls

* fix: comment out reviewers

* fix: type
2022-11-03 12:43:03 +01:00
Mateusz Kwasniewski
147408045b
feat: suggest remove strategy UI (#2321)
* feat: suggest remove strategy UI

* add delete strategy to draft

* refactor: extract hooks

* refactor: consistent fn usage
2022-11-03 12:26:35 +01:00
Ivar Conradi Østhus
4937b23e16
fix: remove duplicate formatApiPath in userUiConfigApi hook (#2318) 2022-11-03 08:47:16 +01:00
Tymoteusz Czech
0a855604af
feat: review your draft sidebar (#2305)
* refactor playground status chip component

* fix: update change request sidebar

* refactor: status badge cleanup

* fix: prettier formatting
2022-11-02 16:05:27 +01:00
Fredrik Strand Oseberg
2f1f9cecc2
feat: change request header (#2317)
* feat: change request header

* fix: dom nesting paragraphs

* fix: change path
2022-11-02 14:23:44 +01:00
Mateusz Kwasniewski
6622346286
Add stable row id. (#2315)
Co-authored-by: Tymoteusz Czech <2625371+Tymek@users.noreply.github.com>
2022-11-02 12:55:20 +01:00
Fredrik Strand Oseberg
9b10a8815b
Feat/review page timeline (#2310)
* fix: styling

* feat: overview timeline

* fix: rename types

* fix: pr comments
2022-11-02 11:14:26 +01:00
Nuno Góis
9fb431aab7
fix: limit total of PATs a user can have (#2301)
* fix: limit total of PATs a user can have

* increase PAT limit to 10

* Update src/lib/services/pat-service.ts

Co-authored-by: Simon Hornby <liquidwicked64@gmail.com>

* disable button on the front-end when PAT limit is reached

* import from server instead of repeating ourselves

Co-authored-by: Simon Hornby <liquidwicked64@gmail.com>
2022-11-02 08:11:35 +00:00
sjaanus
98cda9258d
4.17.0-beta.11 2022-11-02 08:47:37 +02:00
sjaanus
5dd8616c74
Rename suggest changes to change request (#2311)
* Rename change request

* Merge with review status

* Move events and permissions
2022-11-02 08:34:14 +02:00
Fredrik Strand Oseberg
da102a3e98
Feat/review page states (#2309)
* feat: review status draft

* feat: add review status styles
2022-11-01 10:55:03 +01:00
sjaanus
e3a185d650
Hard cap expiry date of public signup token (#2308)
Validate expiry
2022-11-01 11:38:18 +02:00
sjaanus
c501fb221c
Hyperlink Injection in People Invitation Emails (#2307)
* Strip special characters

* Allow hyphens
2022-11-01 10:38:33 +02:00
Gastón Fournier
f1634bb524
fix: adapt to new CI builder format (#2303)
* fix: escape single quotes for curl

* Use new format of CI builder
2022-10-31 14:05:26 +01:00
Tymoteusz Czech
f39d1021d0
feat: discard suggested draft change (#2285)
* feat: discard suggested draft change

* fix: suggest changes api frontend integration

* fix suggested changes discard
2022-10-31 12:46:54 +00:00
Fredrik Strand Oseberg
15c22d7630
feat: integrate with API for suggest changes (#2286)
* feat: integrate with API for suggest changes

* fix: suggestions table tabs state (#2287)

* fix: suggestions table tabs state

* fix suggestion header padding

* fix: update snapshots

* fix: pr comments

* fix: revert store change

* fix: revert store fix

Co-authored-by: Tymoteusz Czech <2625371+Tymek@users.noreply.github.com>
2022-10-31 12:46:31 +01:00
sjaanus
95779754fb
4.17.0-beta.10 2022-10-31 11:55:16 +02:00
Fredrik Strand Oseberg
8f37f9fcc9
fix: re export knex (#2300) 2022-10-31 10:49:12 +01:00
Nuno Góis
07821174a5
refactor: remove PAT experimental flag (#2299) 2022-10-31 09:38:30 +00:00
Fredrik Strand Oseberg
3029564304
Feat/enterprise stores (#2289)
* feat: add capabilities for stores in enterprise

* fix: remove unused files
2022-10-31 10:35:59 +01:00
Nuno Góis
ce6d2e56bc
fix: only show link to create segment if you have permission (#2291) 2022-10-31 08:45:31 +00:00
Simon Hornby
9201f4f08f
4.17.0-beta.9 (#2298) 2022-10-31 09:35:00 +02:00
renovate[bot]
2a299d47bb
fix(deps): update dependency docusaurus-theme-openapi-docs to v1.4.1 (#2292)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-29 04:42:31 +00:00
renovate[bot]
e0ad3806aa
fix(deps): update dependency docusaurus-plugin-openapi-docs to v1.4.1 (#2288)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-29 02:56:05 +00:00
renovate[bot]
c4b18a2e45
chore(deps): update typescript-eslint monorepo to v5.41.0 (#2283)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-29 00:20:06 +00:00
renovate[bot]
670836061c
chore(deps): update dependency @vitejs/plugin-react to v2.2.0 (#2281)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-28 21:28:28 +00:00
renovate[bot]
4dda82263e
chore(deps): update dependency vite to v3.2.1 (#2282)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-28 18:21:39 +00:00
Nuno Góis
09cb61c719
fix: small UI fixes to the clone environment modal (#2290)
fix: small UI fixes to the environment modal
2022-10-28 16:05:27 +01:00