1
0
mirror of https://github.com/Unleash/unleash.git synced 2025-01-01 00:08:27 +01:00
Commit Graph

1950 Commits

Author SHA1 Message Date
Jaanus Sellin
5388eaf48c
fix: remove dangerouslySetInnerHTML (#4181) 2023-07-07 13:54:21 +03:00
Nuno Góis
e0f5d2c600
feat: show username and email in name column (users tables) (#4180)
https://linear.app/unleash/issue/2-1197/merge-columns-name-and-username-in-one-column-for-all-the-tables

Shows `email` and/or `username` in the `name` column of users tables.
This provides a more consistent look across the UI while saving some
space for other columns.

Before:

![image](https://github.com/Unleash/unleash/assets/14320932/b97b39ba-f5ae-4c39-aed5-d2f7574360c1)

After:

![image](https://github.com/Unleash/unleash/assets/14320932/ef79b6a8-c494-42b3-aef8-7012631e3dbd)
2023-07-07 11:24:09 +01:00
Jaanus Sellin
3c52550474
fix: bulk tags will work now with project permissions (#4177) 2023-07-07 11:55:13 +03:00
Mateusz Kwasniewski
03ddd07ed8
feat: no results on playground error (#4170) 2023-07-06 19:14:32 +02:00
Mateusz Kwasniewski
02fea44956
fix: initial playground env (#4167) 2023-07-06 16:04:33 +02:00
Simon Hornby
79dd508485
fix: project tokens can now be created with the correct permissions (#4165) 2023-07-06 15:47:03 +02:00
Nuno Góis
0dec24722d
fix: disallow deletion of all login history entries (#4159)
https://linear.app/unleash/issue/2-1191/disallow-deletion-of-all-login-entries-in-history-ui

Disallows deletion of all login history entries on the UI.


![image](https://github.com/Unleash/unleash/assets/14320932/f2378d61-0738-4614-b9c5-e81444e8dde1)
2023-07-06 12:19:48 +01:00
Nuno Góis
dd32e8ae0d
fix: disallow deletion of single login history entries (#4149)
https://linear.app/unleash/issue/2-1185/disallow-deletion-of-single-login-entries-in-history-ui

Disallows deletion of single login history entries on the UI.


![image](https://github.com/Unleash/unleash/assets/14320932/380f7e11-8151-49b1-bfd1-0042d87854b7)
2023-07-06 08:36:26 +01:00
Simon Hornby
b0e4c8a57e
chore: remove group root role toggle (#4026) 2023-07-05 14:33:33 +02:00
Nuno Góis
8707c2f7d9
fix: ensure userId context exists when running demo (#4144)
https://linear.app/unleash/issue/2-1168/demo-ensure-userid-context-field-in-setup-steps

This ensures that the `userId` context field exists when we reach
specific demo topics that require it in order to be successfully
completed. This uses the `setup` property on those topics, where we'll
check for the existence of this context field and create it if it's not
found.
2023-07-05 10:49:18 +01:00
Nuno Góis
8ff10aac29
fix: hide users list extra searchable columns (#4142)
https://linear.app/unleash/issue/2-1187/fix-two-extra-columns-in-users-list

This fixes a regression introduced in
https://github.com/Unleash/unleash/pull/4131 where two extra columns
were added for search only but were not properly hidden.

Thanks @nicolaesocaciu for the heads up!

Before:

![image](https://github.com/Unleash/unleash/assets/14320932/09db9078-7804-448a-b889-bd0c58cb2013)

After:

![image](https://github.com/Unleash/unleash/assets/14320932/f099cf42-811c-4a9b-b34a-482fd2bae478)
2023-07-05 08:39:59 +01:00
Jaanus Sellin
523122d184
feat: hovering over feature shows full feature name (#4138) 2023-07-04 15:57:07 +03:00
Mateusz Kwasniewski
1bee81b475
feat: advanced playground UI tweaks (#4136) 2023-07-04 11:37:50 +02:00
Nuno Góis
95a02158e8
fix: improve users search (#4131)
https://linear.app/unleash/issue/2-1183/improve-users-list-search

This adapts the users list to use the new `useSearch` hook so you can
have a better search that also includes "username" and "email" as
fields. It's also more extensible in case we'd like to add filters in
the future.
2023-07-04 09:30:40 +02:00
Nuno Góis
6a3965f57a
feat: improve demo welcome screen options (#4132)
https://linear.app/unleash/issue/2-1166/demo-welcome-screen-improvement

Improves UI/UX of the demo welcome screen dialog by adding the "Explore
on my own" button and renaming the "Try Unleash demo" button to "Go for
a guided tour".

This also adds UTM links to both the demo website URL and QR code.


![image](https://github.com/Unleash/unleash/assets/14320932/982063e8-b818-44a2-a867-046c6ce96a42)
2023-07-04 08:10:34 +01:00
Tymoteusz Czech
ce900830cb
Fix: change request info (#3971)
<!-- Thanks for creating a PR! To make it easier for reviewers and
everyone else to understand what your changes relate to, please add some
relevant content to the headings below. Feel free to ignore or delete
sections that you don't think are relevant. Thank you! ❤️ -->

## About the changes
- fixed spacing in sidebar
- consolidated info into one banner

closes
[#1-969/change-requests-ui-inconsistency](https://linear.app/unleash/issue/1-969/change-requests-ui-inconsistency)
2023-07-04 09:09:05 +02:00
David Leek
aa7627bc0b
feat/admin menu reorganize (#4129)
## About the changes
<!-- Describe the changes introduced. What are they and why are they
being introduced? Feel free to also add screenshots or steps to view the
changes if they're visual. -->

Reorganizes the items in the menu to align with the tabs on the admin
page.
Also makes admin menu available to all users, they can get there anyways
when using API access link, and all admin-only pages are disabled for
non-admins.
Also adds API access to the mobile drawer menu, in accordance with how
the configure menu is laid out.
2023-07-03 12:36:49 +01:00
Nuno Góis
5dcb0f1913
fix: demo flow with split strategy button by making step optional (#4125)
This fixes the demo flow by making the strategy popup step optional. 

This way the demo works whether the flag is enabled or not. Once we make
the split strategy button GA, we can remove this step entirely.

Feel free to re-enable the flag once this is deployed to demo.
2023-06-30 11:15:25 +01:00
David Leek
78ba72d861
feat: remove experimental flag for telemetry (#4123)
<!-- Thanks for creating a PR! To make it easier for reviewers and
everyone else to understand what your changes relate to, please add some
relevant content to the headings below. Feel free to ignore or delete
sections that you don't think are relevant. Thank you! ❤️ -->

## About the changes
<!-- Describe the changes introduced. What are they and why are they
being introduced? Feel free to also add screenshots or steps to view the
changes if they're visual. -->

This removes the experimental feature flag that defaulted to turn off
telemetry collection
2023-06-30 11:27:54 +02:00
David Leek
3a14b97fdd
feat/telemetry opt out (#4035)
<!-- Thanks for creating a PR! To make it easier for reviewers and
everyone else to understand what your changes relate to, please add some
relevant content to the headings below. Feel free to ignore or delete
sections that you don't think are relevant. Thank you! ❤️ -->

## About the changes
<!-- Describe the changes introduced. What are they and why are they
being introduced? Feel free to also add screenshots or steps to view the
changes if they're visual. -->

Adds a UI that shows current status of version and feature usage
collection configuration, and a presence in the configuration menu +
menu bar.

Configuring these features is done by setting environment variables. The
version info collection is an existing feature that we're making more
visible, the feature usage collection feature is a new feature that has
it's own environment configuration but also depends on version info
collection being active to work.

When version collection is turned off and the experimental feature flag
for feature usage collection is turned off:
<img width="1269" alt="image"
src="https://github.com/Unleash/unleash/assets/707867/435a07da-d238-4b5b-a150-07e3bd6b816f">


When version collection is turned on and the experimental feature flag
is off:
<img width="1249" alt="image"
src="https://github.com/Unleash/unleash/assets/707867/8d1a76c5-99c9-4551-9a4f-86d477bbbf6f">


When the experimental feature flag is enabled, and version+telemetry is
turned off:
<img width="1239" alt="image"
src="https://github.com/Unleash/unleash/assets/707867/e0bc532b-be94-4076-bee1-faef9bc48a5b">


When version collection is turned on, the experimental feature flag is
enabled, and telemetry collection is turned off:
<img width="1234" alt="image"
src="https://github.com/Unleash/unleash/assets/707867/1bd190c1-08fe-4402-bde3-56f863a33289">


When version collection is turned on, the experimental feature flag is
enabled, and telemetry collection is turned on:
<img width="1229" alt="image"
src="https://github.com/Unleash/unleash/assets/707867/848912cd-30bd-43cf-9b81-c58a4cbad1e4">


When version collection is turned off, the experimental feature flag is
enabled, and telemetry collection is turned on:
<img width="1241" alt="image"
src="https://github.com/Unleash/unleash/assets/707867/d2b981f2-033f-4fae-a115-f93e0653729b">

---------

Co-authored-by: sighphyre <liquidwicked64@gmail.com>
Co-authored-by: Nuno Góis <github@nunogois.com>
Co-authored-by: Thomas Heartman <thomas@getunleash.ai>
2023-06-30 08:43:58 +02:00
Nuno Góis
73b4ae18c1
feat: responsive strategy icons (#4121)
https://linear.app/unleash/issue/2-1167/multiple-strategies-breaking-the-environment-card

https://linear.app/unleash/issue/2-1179/buttons-have-an-extra-space-if-the-icon-its-not-visible

This fixes the broken UI when we have too many strategies.

Before:
<img width="1500" alt="image"
src="https://github.com/Unleash/unleash/assets/14320932/ddf2f636-965c-4527-b879-dba5c16d9630">

After:
<img width="1303" alt="image"
src="https://github.com/Unleash/unleash/assets/14320932/852c20c9-c5f4-4aa5-b8c0-e5bc5286c572">

We also added the new strategy type to the tooltips:
<img width="519" alt="image"
src="https://github.com/Unleash/unleash/assets/14320932/117ee00f-f2a7-4ecb-8596-44486a2870a2">

<img width="422" alt="image"
src="https://github.com/Unleash/unleash/assets/14320932/4281a48c-4b6e-4100-86e2-29dfe9ce4cec">

This also fixes an extra margin we caught on our `PermissionButton` when
it had no endIcon set.

Co-authored by: @daveleek

---------

Co-authored-by: David Leek <david@getunleash.io>
2023-06-29 18:01:27 +01:00
Jaanus Sellin
b6f405d1af
fix: default strategy groupId failure (#4120) 2023-06-29 16:40:14 +03:00
Tymoteusz Czech
a073792d8c
fix: project 404 (#4114)
## About the changes
If project doesn't exist, show 404 information.

![image](https://github.com/Unleash/unleash/assets/2625371/6d7e1dfa-52f0-495b-a559-9733ec0b9340)

<!-- Does it close an issue? Multiple? -->
Closes
[issue/1-1069](https://linear.app/unleash/issue/1-1069/project-doesnt-show-404-if-it-doesnt-exist)
2023-06-29 12:48:32 +02:00
Thomas Heartman
be4c0f2578
chore: remove unused imports from yarn lint (#4082) 2023-06-29 09:08:00 +00:00
Nuno Góis
0b3ed79ecc
refactor: roles - make better plan assumptions (#4113)
https://linear.app/unleash/issue/2-1171/refactor-custom-root-roles-with-correct-plan-assumptions

This cleans up the hotfix `RoleSelect2` component and makes `RoleSelect`
take in a `roles` prop from the parent component.

This also simplifies the role hooks again to assume Enterprise plan by
default. This means, however, that we must ensure that we only call
these hooks in Enterprise features or, if we do call them in other
plans, that we provide a graceful fallback for non-Enterprise.
Non-Enterprise instances do not have this endpoint, and so they are
currently grabbing role information from e.g. `useUsers` and
`useServiceAccounts`.

I'm not sure how I feel about this. Roles are an overarching concept of
Unleash. To me, having to be extremely conscious about the exact
scenario in which you're using such a hook feels like a trap, instead of
"I need roles, so I'll grab the `useRoles` hook and not think much about
it". I also don't like the way `roles` are currently tied to the users,
service accounts, project access, (...) instead of being its own thing.

This could be solved by a `RoleController` exposing the GET endpoints in
OSS, since all of the logic we need for this use-case lives there
anyways. This would then be overridden with the Enterprise-specific
controller when wrapped. This way we could assume the endpoint is always
there, no matter the plan.
This is just an idea and not something I explored in the PR. For now I'm
just focusing on leaving this feature in a sane state.

Tested this manually on `Pro` and `Enterprise` and I believe everything
is acting the way we intend, but would love some extra eyes.
2023-06-28 16:00:14 +01:00
andreas-unleash
d10ddcb12c
Fix/default strategy group (#4110) 2023-06-28 13:18:44 +03:00
andreas-unleash
5cbbd6f798
chore: remove strategyImprovements flag (#4043)
<!-- Thanks for creating a PR! To make it easier for reviewers and
everyone else to understand what your changes relate to, please add some
relevant content to the headings below. Feel free to ignore or delete
sections that you don't think are relevant. Thank you! ❤️ -->
Remove strategy improvements flag 
## About the changes
<!-- Describe the changes introduced. What are they and why are they
being introduced? Feel free to also add screenshots or steps to view the
changes if they're visual. -->

<!-- Does it close an issue? Multiple? -->
Closes #
[1-1048](https://linear.app/unleash/issue/1-1048/remove-strategyimprovements-flag)

<!-- (For internal contributors): Does it relate to an issue on public
roadmap? -->
<!--
Relates to [roadmap](https://github.com/orgs/Unleash/projects/10) item:
#
-->

### Important files
<!-- PRs can contain a lot of changes, but not all changes are equally
important. Where should a reviewer start looking to get an overview of
the changes? Are any files particularly important? -->


## Discussion points
<!-- Anything about the PR you'd like to discuss before it gets merged?
Got any questions or doubts? -->

---------

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
2023-06-28 11:38:21 +03:00
Ivar Conradi Østhus
d4390c8759
fix: allow roles to be selected when adding user to project (#4102) 2023-06-27 22:18:30 +02:00
Ivar Conradi Østhus
464ef5b326
fix: break toggle description niceley (#4093)
fixes: #3096
2023-06-27 09:15:16 +02:00
Ivar Conradi Østhus
b36ab58f87
fix: add timestamp to feature toggle metrics (#4094)
fixes: #2873


![image](https://github.com/Unleash/unleash/assets/158948/7d5bb8ee-6b88-49ad-8c51-474e19dc833d)
2023-06-27 09:14:45 +02:00
Nuno Góis
95a0c7748f
feat: upgrade AdminAlert to PermissionGuard (#4074)
https://linear.app/unleash/issue/2-1165/improve-adminalert-usage-to-be-more-generic-accept-non-admin

Upgrades our `AdminAlert` to a new `PermissionGuard`.

**Question**: We don't **need** to, but **should** we be specific about
the `ADMIN` permission every time?
Technically `PermissionGuard` could have `permissions` as optional and
assume `[]` by default, which will add `ADMIN` anyways. However, I feel
like we may gain some readability if we're specific about it. WDYT?

Single permission:

![image](https://github.com/Unleash/unleash/assets/14320932/eab414ae-e798-4ab6-ba96-cde2977dc98b)

Multiple permissions:

![image](https://github.com/Unleash/unleash/assets/14320932/25302442-8fcc-4aa1-9525-d54f5f9350af)
2023-06-23 13:25:35 +01:00
andreas-unleash
d2a98d0338
fix: set max height for add/replace button (#4085)
<!-- Thanks for creating a PR! To make it easier for reviewers and
everyone else to understand what your changes relate to, please add some
relevant content to the headings below. Feel free to ignore or delete
sections that you don't think are relevant. Thank you! ❤️ -->
Sets a maxHeight property for add/replace button in playground 
## About the changes
<!-- Describe the changes introduced. What are they and why are they
being introduced? Feel free to also add screenshots or steps to view the
changes if they're visual. -->

<!-- Does it close an issue? Multiple? -->
Closes #

<!-- (For internal contributors): Does it relate to an issue on public
roadmap? -->
<!--
Relates to [roadmap](https://github.com/orgs/Unleash/projects/10) item:
#
-->

### Important files
<!-- PRs can contain a lot of changes, but not all changes are equally
important. Where should a reviewer start looking to get an overview of
the changes? Are any files particularly important? -->


## Discussion points
<!-- Anything about the PR you'd like to discuss before it gets merged?
Got any questions or doubts? -->

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
2023-06-23 15:22:07 +03:00
Thomas Heartman
97875f3f59
chore: remove unused values to stop linter complaining (#4078) 2023-06-23 09:32:09 +00:00
Thomas Heartman
12c00733d9
feat: count number of combinations from playground (#4077)
This PR adds plausible tracking of the number of feature combinations
that we get from the advanced playground API.

The event type has been added to plausible

 Relates to #3545
2023-06-23 09:29:13 +00:00
Gastón Fournier
89cf16f915
Feat/more granular permissions check in create apitoken (#4072)
## About the changes
This PR enables or disables create API token button based on the
permissions.

**Note:** the button is only displayed if you have READ permissions on
some API token. This is a minor limitation as having CREATE permissions
should also grant READ permissions, but right now this is up to the user
to set up the custom role with the correct permissions

**Note 2:** Project-specific API tokens are also ruled by the
project-specific permission to create API tokens in a project (just
having the root permissions to create a client token or frontend token
does not grant access to create a project-specific API token). The
permissions to access the creation of a project-specific API token then
rely on the root permissions to allow the user to create either a client
token or a frontend token.

---------

Co-authored-by: David Leek <david@getunleash.io>
2023-06-23 10:57:08 +02:00
andreas-unleash
c81de4a5bc
fix: add strategy bug when strategySplittedButton flag is on (#4071)
<!-- Thanks for creating a PR! To make it easier for reviewers and
everyone else to understand what your changes relate to, please add some
relevant content to the headings below. Feel free to ignore or delete
sections that you don't think are relevant. Thank you! ❤️ -->

Fixes 2 bugs after the recent strategy improvements v2 changes:
- When creating a strategy the `groupId` param of the Gradual Rollout
strategy now populates the groupId (when using default strategy, the
groupId will only be overwritten when it is an empty string ) with the
feature name (as it was before)

- When editing/setting a default strategy for an environment the
`groupId` param should be an empty string, but editable.

## About the changes
<!-- Describe the changes introduced. What are they and why are they
being introduced? Feel free to also add screenshots or steps to view the
changes if they're visual. -->

<!-- Does it close an issue? Multiple? -->
Closes #

<!-- (For internal contributors): Does it relate to an issue on public
roadmap? -->
<!--
Relates to [roadmap](https://github.com/orgs/Unleash/projects/10) item:
#
-->

### Important files
<!-- PRs can contain a lot of changes, but not all changes are equally
important. Where should a reviewer start looking to get an overview of
the changes? Are any files particularly important? -->


## Discussion points
<!-- Anything about the PR you'd like to discuss before it gets merged?
Got any questions or doubts? -->

---------

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
2023-06-23 07:31:29 +00:00
Mateusz Kwasniewski
175b103b12
fix: remove playground results flip (#4076) 2023-06-23 09:28:49 +02:00
Nuno Góis
4163788bba
fix: update roles permission guard (#4070)
https://linear.app/unleash/issue/2-1162/read-roles-permissions-should-give-you-access-to-read-roles

This updates the roles page permission guard to be the `READ_ROLES`
permission instead of `ADMIN`, which better reflects on the UI the real
permissions of the user.

Our current `AdminAlert` component is pretty limited however, and I plan
to improve it in
https://linear.app/unleash/issue/2-1165/improve-adminalert-usage-to-be-more-generic-accept-non-admin
to better reflect the permission we're missing (instead of alerting that
you need to be an admin).
2023-06-22 14:43:26 +00:00
Nuno Góis
40a4451818
fix: add admin guard to groups (#4069)
Adds an admin guard to groups: It is an admin feature and should be
guarded on the UI the same way other admin features are.
2023-06-22 15:37:02 +01:00
Thomas Heartman
e824d83f93
feat: link to strategy edit screens from playground strategy results (#4063)
This PR adds links from the strategy evaluation results directly to the
strategy edit screen.

If the code doesn't find any links, nothing changes.

The link text will be the name of the strategy and the title (if it
exists).


![image](https://github.com/Unleash/unleash/assets/17786332/10ddbee2-2b19-46b8-a8be-994233f759ea)
2023-06-22 11:51:38 +00:00
Mateusz Kwasniewski
f0fe2368e1
feat: execution plan diff table (#4065) 2023-06-22 13:46:29 +02:00
andreas-unleash
fc35f227dc
fix: autocomplete bug when changing context field (#4064)
<!-- Thanks for creating a PR! To make it easier for reviewers and
everyone else to understand what your changes relate to, please add some
relevant content to the headings below. Feel free to ignore or delete
sections that you don't think are relevant. Thank you! ❤️ -->
Fixes a bug with the Autocomplete tags not clearing when moving from on
context field with values to another
## About the changes
<!-- Describe the changes introduced. What are they and why are they
being introduced? Feel free to also add screenshots or steps to view the
changes if they're visual. -->

<!-- Does it close an issue? Multiple? -->
Closes #

<!-- (For internal contributors): Does it relate to an issue on public
roadmap? -->
<!--
Relates to [roadmap](https://github.com/orgs/Unleash/projects/10) item:
#
-->

### Important files
<!-- PRs can contain a lot of changes, but not all changes are equally
important. Where should a reviewer start looking to get an overview of
the changes? Are any files particularly important? -->


## Discussion points
<!-- Anything about the PR you'd like to discuss before it gets merged?
Got any questions or doubts? -->

---------

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
2023-06-22 14:19:41 +03:00
Thomas Heartman
8cd89bb5a7
chore: update orval models (#4062)
Updates orval model based on the current enterprise changes.

Mostly doc/comment changes, but does introduce the new
strategySchemaLinks model.
2023-06-22 09:52:21 +00:00
Jaanus Sellin
e769cdd2ac
feat: plausible for new strategy flow (#4057) 2023-06-22 12:04:36 +03:00
andreas-unleash
559caee642
fix: multi env select should always have an environment selected (#4061)
<!-- Thanks for creating a PR! To make it easier for reviewers and
everyone else to understand what your changes relate to, please add some
relevant content to the headings below. Feel free to ignore or delete
sections that you don't think are relevant. Thank you! ❤️ -->

## About the changes
<!-- Describe the changes introduced. What are they and why are they
being introduced? Feel free to also add screenshots or steps to view the
changes if they're visual. -->

<!-- Does it close an issue? Multiple? -->
Closes #

<!-- (For internal contributors): Does it relate to an issue on public
roadmap? -->
<!--
Relates to [roadmap](https://github.com/orgs/Unleash/projects/10) item:
#
-->

### Important files
<!-- PRs can contain a lot of changes, but not all changes are equally
important. Where should a reviewer start looking to get an overview of
the changes? Are any files particularly important? -->


## Discussion points
<!-- Anything about the PR you'd like to discuss before it gets merged?
Got any questions or doubts? -->

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
2023-06-22 11:55:15 +03:00
Mateusz Kwasniewski
374d49f5bf
feat: ui tweaks for playground (#4058) 2023-06-22 10:13:17 +02:00
andreas-unleash
566b91e298
feat: advanced playground multi value context fields (#4053)
<!-- Thanks for creating a PR! To make it easier for reviewers and
everyone else to understand what your changes relate to, please add some
relevant content to the headings below. Feel free to ignore or delete
sections that you don't think are relevant. Thank you! ❤️ -->
Makes the autocomplete component in the playground context field - when
selecting a custom context field that has legal values - able to
select/edit multiple values.

## About the changes
<!-- Describe the changes introduced. What are they and why are they
being introduced? Feel free to also add screenshots or steps to view the
changes if they're visual. -->

<!-- Does it close an issue? Multiple? -->
Closes #
[1-1006](https://linear.app/unleash/issue/1-1006/multi-value-context-field)

<!-- (For internal contributors): Does it relate to an issue on public
roadmap? -->
<!--
Relates to [roadmap](https://github.com/orgs/Unleash/projects/10) item:
#
-->

### Important files
<!-- PRs can contain a lot of changes, but not all changes are equally
important. Where should a reviewer start looking to get an overview of
the changes? Are any files particularly important? -->


## Discussion points
<!-- Anything about the PR you'd like to discuss before it gets merged?
Got any questions or doubts? -->

---------

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
2023-06-22 11:06:25 +03:00
Nuno Góis
7e9069e390
refactor: token permissions, drop admin-like permissions (#4050)
https://linear.app/unleash/issue/2-1155/refactor-permissions

- Our `rbac-middleware` now supports multiple OR permissions;
- Drops non-specific permissions (e.g. CRUD API token permissions
without specifying the token type);
- Makes our permission descriptions consistent;
- Drops our higher-level permissions that basically mean ADMIN (e.g.
ADMIN token permissions) in favor of `ADMIN` permission in order to
avoid privilege escalations;

This PR may help with
https://linear.app/unleash/issue/2-1144/discover-potential-privilege-escalations
as it may prevent privilege escalations altogether.

There's some UI permission logic around this, but in the future
https://linear.app/unleash/issue/2-1156/adapt-api-tokens-creation-ui-to-new-permissions
could take it a bit further by adapting the creation of tokens as well.

---------

Co-authored-by: Gastón Fournier <gaston@getunleash.io>
2023-06-22 08:35:54 +01:00
Nuno Góis
5c9bf7b0e9
refactor: misc cleanups (#4022)
Misc cleanups of unused imports / variables.
2023-06-21 15:08:52 +01:00
andreas-unleash
57066cf129
Feat/multi env select (#4028)
<!-- Thanks for creating a PR! To make it easier for reviewers and
everyone else to understand what your changes relate to, please add some
relevant content to the headings below. Feel free to ignore or delete
sections that you don't think are relevant. Thank you! ❤️ -->

## About the changes
<!-- Describe the changes introduced. What are they and why are they
being introduced? Feel free to also add screenshots or steps to view the
changes if they're visual. -->

<!-- Does it close an issue? Multiple? -->
Closes #

<!-- (For internal contributors): Does it relate to an issue on public
roadmap? -->
<!--
Relates to [roadmap](https://github.com/orgs/Unleash/projects/10) item:
#
-->

### Important files
<!-- PRs can contain a lot of changes, but not all changes are equally
important. Where should a reviewer start looking to get an overview of
the changes? Are any files particularly important? -->


## Discussion points
<!-- Anything about the PR you'd like to discuss before it gets merged?
Got any questions or doubts? -->

---------

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
2023-06-21 17:08:27 +03:00