1
0
mirror of https://github.com/Unleash/unleash.git synced 2025-01-11 00:08:30 +01:00
Commit Graph

377 Commits

Author SHA1 Message Date
sighphyre
bfcad65cdc fix: Prevent deletion of built in roles 2022-01-14 10:30:34 +02:00
Ivar Conradi Østhus
c1826ca79a
fix: incorrect snapshot 2022-01-14 09:23:32 +01:00
sighphyre
0c78980502
feat: custom project roles (#1220)
* wip: environment for permissions

* fix: add migration for roles

* fix: connect environment with access service

* feat: add tests

* chore: Implement scaffolding for new rbac

* fix: add fake store

* feat: Add api endpoints for roles and permissions list

* feat: Add ability to provide permissions when creating a role and rename environmentName to name in the list permissions datastructure

* fix: Make project roles resolve correctly against new environments permissions structure

* fix: Patch migration to also populate permission names

* fix: Make permissions actually work with new environments

* fix: Add back to get permissions working for editor role

* fix: Removed ability to set role type through api during creation - it's now always custom

* feat: Return permissions on get role endpoint

* feat: Add in support for updating roles

* fix: Get a bunch of tests working and delete a few that make no sense anymore

* chore: A few small cleanups - remove logging and restore default on dev server config

* chore: Refactor role/access stores into more logical domains

* feat: Add in validation for roles

* feat: Patch db migration to handle old stucture

* fix: migration for project roles

* fix: patch a few broken tests

* fix: add permissions to editor

* fix: update test name

* fix: update user permission mapping

* fix: create new user

* fix: update root role test

* fix: update tests

* feat: Validation now works when updating a role

* fix: Add in very barebones down migration for rbac so that tests work

* fix: Improve responses from role resolution - getting a non existant role will throw a NotFound error

* fix: remove unused permissions

* fix: add test for connecting roles and deleting project

* fix: add test for adding a project member with a custom role

* fix: add test for changing user role

* fix: add guard for deleting role if the role is in use

* fix: alter migration

* chore: Minor code cleanups

* chore: Small code cleanups

* chore: More minor cleanups of code

* chore: Trim some dead code to make the linter happy

* feat: Schema validation for roles

* fix: setup permission for variant

* fix: remove unused import

* feat: Add cascading delete for role_permissions when deleting a role

* feat: add configuration option for disabling legacy api

* chore: update frontend to beta version

* 4.6.0-beta.0

* fix: export default project constant

* fix: update snapshot

* fix: module pattern ../../lib

* fix: move DEFAULT_PROJECT to types

* fix: remove debug logging

* fix: remove debug log state

* fix: Change permission descriptions

* fix: roles should have unique name

* fix: root roles should be connected to the default project

* fix: typo in role-schema.ts

* fix: Role permission empty string for non environment type

* feat: new permission for moving project

* fix: add event for changeProject

* fix: Removing a user from a project will now check to see if that project has an owner, rather than checking if any project has an owner

* fix: add tests for move project

* fix: Add in missing create/delete tag permissions

* fix: Removed duplicate impl caused by multiple good samaritans putting it back in!

* fix: Trim out add tag permissions, for now at least

* chore: Trim out new add and delete tag permissions - we're going with update feature instead

* chore: update frontend

* 4.6.0-beta.1

* feat: Prevent editing of built in roles

* fix: Patch an issue where permissions for variants/environments didn't match the front end

* fix: lint

Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com>
Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com>
2022-01-13 11:14:17 +01:00
Ivar Conradi Østhus
4a5b332567
fix: make sure our CSP allow gravatar.com for images 2022-01-12 23:22:04 +01:00
Youssef
0d6c440c69 feat: update feature types description 2022-01-07 11:25:10 +01:00
Ivar Conradi Østhus
b1a2f110c6
chore: reduce test time-complexity 2022-01-06 21:26:53 +01:00
Ivar Conradi Østhus
73685c771a
fix: allow static assets from cdn.getunleash.io 2022-01-06 21:08:16 +01:00
Ivar Conradi Østhus
559275129d
Fix/bcryptjs (#1239)
fixes: #1108
2022-01-06 20:43:57 +01:00
Ivar Conradi Østhus
26b7da8b5c
feat: add support for cdnPrefix for static assets (#1191) 2022-01-06 10:31:00 +01:00
Ivar Conradi Østhus
2b59a4219a
fix: Should not remove variants when updating feature toggle metadata (#1234) 2022-01-06 10:23:52 +01:00
Ivar Conradi Østhus
66d4aa61de
fix: correct format for API tokens 2022-01-05 10:40:22 +01:00
Juraj Malenica
e757c00840
feat: Add init api tokens option (#1181)
Adds support for initializing a fresh Unleash instance with predefined API tokens. 

Co-authored-by: sighphyre <liquidwicked64@gmail.com>
Co-authored-by: Juraj Malenica <juraj.malenica@mindsmiths.com>
Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com>
2022-01-05 10:00:59 +01:00
Ivar Conradi Østhus
c051eb9149
fix: expose ApiUser out of Unleash 2022-01-04 20:01:18 +01:00
sighphyre
5a82d9be87
fix: Update updateUser code to reject empty emails (#1210)
* fix: Update updateUser code to reject empty emails

This fixes an issue where the updateUser call would allow null email
addresses, then update the email to null and then raise an exception,
leaving the db in a state where no user could be resolved.

* fix: remove username/email requirement in user.ts

Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com>
2022-01-03 20:14:56 +01:00
Ivar Conradi Østhus
8d8d48026d
fix: adjust feature-variant-updated event 2021-12-17 04:30:39 +01:00
Christopher Kolstad
994db02f84
fix: Adds feature-variant-updated event. (#1189)
This triggers when we update or overwrite variants, and will include the
previous variants and the new variants.

Co-authored-by: Ivar Østhus <ivarconr@gmail.com>
2021-12-16 11:07:19 +01:00
Christopher Kolstad
791384ddb1
Fix/variants ordering (#1187)
* fix: sort variants on output

We found that for existing variants, the sorting by name wasn't applied, so the index in the patches were wrong. This PR adds the sort also when we're getting variants as part of the getFeature call, not just when we're getting the variants. This should make the UX consistent, and prevent our patches from hitting the wrong index in the variants array.

Co-authored-by: Youssef Khedher <khedher.youssef@hotmail.fr>
2021-12-15 14:20:32 +01:00
Ivar Conradi Østhus
08bff6359c fix: uintroduce call to update last_seen on client-instance 2021-12-10 09:31:54 +01:00
Ivar Conradi Østhus
573385a630 fix: drop client_metrics table 2021-12-10 09:31:54 +01:00
Ivar Conradi Østhus
bf1223e07d fix: rename services 2021-12-10 09:31:54 +01:00
Ivar Conradi Østhus
cf70da71c9 fix: lint 2021-12-10 09:31:54 +01:00
Ivar Conradi Østhus
bb4e6290d5 fix: move toggle-counters to metrics service 2021-12-10 09:31:54 +01:00
Ivar Conradi Østhus
9f13b801eb fix: rename metrics-service to client-instance service 2021-12-10 09:31:54 +01:00
Ivar Conradi Østhus
4a9939ccb1 feat: remove old metrics service 2021-12-10 09:31:54 +01:00
Youssef Khedher
7ec9672a5c
Merge pull request #1145 from Unleash/feat/update-health-report
feat: update health report
2021-12-06 15:39:45 +01:00
Fredrik Strand Oseberg
98d64fc1e4
fix: open validate endpoint (#1162)
* fix: open validate endpoint

* fix: set validate permission to none
2021-12-06 15:19:25 +01:00
Ivar Conradi Østhus
3c550f157a
fix: always require permission for POST, PATCH, PUT, DELETE (#1152) 2021-12-03 12:46:50 +01:00
Ivar Conradi Østhus
784ddf8fb3
fix: cleanup old user permissions (#1150) 2021-12-01 22:10:09 +01:00
Youssef
5e6e7e1aac adding tests 2021-12-01 10:41:41 +01:00
Youssef
26c9bfa3c8 fix: add timestamp on project creation for update_at column 2021-12-01 09:59:34 +01:00
Youssef
00f5740d18 fix: rename last_update to updated_at 2021-11-30 15:25:52 +01:00
Youssef
c3273ce1ab fix: remove lastUpdate from fieldToRow 2021-11-30 15:14:50 +01:00
Youssef
71c6b05bc4 fix: remove unused dep 2021-11-30 14:53:31 +01:00
Youssef
10c1b56e38 add lastupdate to health report 2021-11-30 14:05:44 +01:00
Youssef
991a4a8634 add last-update migration to projects table 2021-11-30 10:40:58 +01:00
Ivar Conradi Østhus
eb8265922d
Fix/enable standard environments (#1134) 2021-11-26 15:31:36 +01:00
Christopher Kolstad
5829ec7b3d
task: Sort variants by name (#1132) 2021-11-26 13:06:36 +01:00
Christopher Kolstad
5cdb3f665a
task: Ban changes to variants through feature (#1130)
* task: Ban changes to variants through feature

After adding the new `/variants` endpoint for features we now have a way
to access control adding/modifying variants, so the /:featureName
endpoint should no longer allow editing/adding variants.

This removes variants as a known field from the featureMetadata schema
and tells joi to stripUnknown, thus making sure we never include
variants in the initial creation or future update calls.

For the old features v1 API we allow it to declare that it has already
validated the data coming with its own schema, so we should use the data
we get from it. Thus keeping the old v1 functionality intact

Co-authored-by: Simon Hornby <simon@getunleash.ai>
2021-11-25 14:53:58 +01:00
Ivar Conradi Østhus
b47b507e18
fix: metrics v2 should await for the clearer (#1114) 2021-11-25 14:18:35 +01:00
Christopher Kolstad
c9ff3972e2
fix: Stop healthrating from including archived (#1128)
- Since the archived toggles are not visible in the health dashboard,
  including them in the health rating calculation makes for some really
  confusing dashboards. This PR makes sure we only include non-archived
  toggles when calculating health.
2021-11-25 10:09:23 +01:00
Christopher Kolstad
72092e4a1c
fix: make new variant api validate name uniqueness (#1126) 2021-11-24 14:22:28 +01:00
Christopher Kolstad
6c6001619c
Feat/variant api (#1119)
Add a new .../:feature/variants API

This adds
- `GET /api/admin/projects/:projectId/features/:featureName/variants` which returns 
```json
{ version: '1', variants: IVariant[] }
```
- `PATCH /api/admin/projects/:projectId/features/:featureName/variants` which accepts a json patch set and updates the feature's variants field and then returns 
```json
{ version: '1', variants: IVariant[] }
```
- `PUT /api/admin/projects/:projectId/features/:featureName/variants`
 which accepts a IVariant[] and overwrites the current variants list for the feature defined in :featureName and returns
```json
{ version: '1', variants: IVariant[] }

- This also makes sure the total weight of all variants is == 1000
- Validates that there is at least 1 'variable' variant if there are variants
- Validates that 'fix' variants total weight can't exceed 1000
- Adds tests for all these invariants.


Co-authored-by: Simon Hornby <simon@getunleash.ai>
2021-11-24 13:08:04 +01:00
Fredrik Strand Oseberg
c369b77b24
Merge branch 'master' into feat/splash 2021-11-12 13:19:36 +01:00
Youssef
2d03b8c61e fix: return be object instead of array 2021-11-12 13:19:06 +01:00
Ivar Conradi Østhus
d8478dd928
feat: clean up events (#1089)
Co-authored-by: Christopher Kolstad <chriswk@getunleash.ai>
2021-11-12 13:15:51 +01:00
Youssef
16429fcf9a fix: add cascade query inside create table for splash 2021-11-12 13:01:56 +01:00
Youssef
0199d1f211 fix: remove req.body from the splash object when update 2021-11-12 12:44:33 +01:00
Youssef Khedher
314c60393f
Merge branch 'master' into feat/splash 2021-11-12 11:30:08 +01:00
Youssef
e0356eff6d fix: update e2e test for splash 2021-11-12 11:18:09 +01:00
Youssef
fc275a6183 fix: update sql query in add-splash-entry 2021-11-12 11:02:12 +01:00
Youssef
c4e56aae09 fix: remove record splash and update sql query in add-splash-entry 2021-11-12 10:49:09 +01:00
Martin Lehmann
064599c942
fix: refactor client-metrics list and ttl-list to TypeScript (#1080)
Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com>
2021-11-11 20:29:40 +01:00
Ivar Conradi Østhus
f0895cf653
fix: prevent deadlock for batchinserting usage metrics (#1100)
* fix: prevent deadlock for batchinserting usage metrics

In client metrics v2 we utilize postgres to count the usage
across a few dimentions (featureName, app_name, environment).

It turns out that if the UPDATE values are not executed in a predictable
order we can end up in a deadlock scenario with postgresql.

In this fix we thus sort the metrics on the feature_name, app_name and
envrionment, to make sure they always are executed in a predictabel
order, and thus avoiding independent inserts colliding in to a deadlock
waiting for eachother.

* fix: tests cannot assume order
2021-11-11 16:05:29 +01:00
Youssef
cd38c5a01d add e2e splash test 2021-11-10 11:24:44 +01:00
Youssef
db9722dccc add splash e2e + api tests 2021-11-10 11:24:01 +01:00
Youssef
c4da3e89c5 fix: styling 2021-11-09 20:55:23 +01:00
Youssef
96f2514fc5 send splash data in the user object 2021-11-09 20:39:13 +01:00
Youssef
cc516618a1 add splash-controller and cascade migration 2021-11-09 14:16:34 +01:00
Fredrik Oseberg
d73293c576 fix: add migration 2021-11-09 11:52:02 +01:00
Youssef
875fb7734c create splash migration store and service file 2021-11-08 16:31:38 +01:00
Ivar Conradi Østhus
645a8bce05
fix: convert iso-strings from db to date object 2021-11-04 22:16:48 +01:00
Ivar Conradi Østhus
053956b45e
fix/projectId cannot change for strategy configs (#1084) 2021-11-04 21:24:55 +01:00
Fredrik Strand Oseberg
ec60f4485c
fix: disable projects (#1085) 2021-11-04 21:09:52 +01:00
Lennart
759b592d90
fix: update mime library method signature to 2.X (#1078)
Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com>
2021-11-02 23:43:16 +01:00
Martin Lehmann
b47e228181
fix: be explicit when specifying time & replace moment with date-fns (#1072) 2021-11-02 15:13:46 +01:00
Ivar Conradi Østhus
59f1c6e8e9
fix: add default sort order for built in envs (#1076) 2021-10-29 13:02:05 +02:00
Ivar Conradi Østhus
b04b6b3ef7
chore: mute expected test errors 2021-10-29 11:22:40 +02:00
Ivar Conradi Østhus
4fb1bcb524
feat: Disable password based login (#1046)
This commit will introduce a new setting used to disbaled
simple password based authention.

The setting itself is an enterprise setting.
2021-10-29 10:25:42 +02:00
Ivar Conradi Østhus
9e73ed8f47
chore: remvoe console.error for tests expecting error 2021-10-29 09:25:47 +02:00
Ivar Conradi Østhus
0e3813f5f6
fix: lint 2021-10-28 16:32:50 +02:00
Ivar Conradi Østhus
3ef7fd2420
fix: legacy feature stale on/off needs to return full toggle 2021-10-28 15:48:07 +02:00
Ivar Conradi Østhus
d0b2ce3170
fix: add enpoint for fetching a single user (#1074)
* fix: add enpoint for fetching a single user

* fix add api docs
2021-10-28 14:24:09 +02:00
Ivar Conradi Østhus
8040abb1c4
fix: reuse message formatter for addons (#1058) 2021-10-28 14:09:11 +02:00
Ivar Conradi Østhus
131eeeaa78
fix: demo-auth should use /auth path 2021-10-26 23:04:44 +02:00
Martin Lehmann
607b2a6657
fix: use date-fns for date/time maths instead of (wrong) Date#setHours (#1070)
Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com>
2021-10-26 20:13:30 +02:00
Martin Lehmann
3030666f18
chore: pool min 1, max 4 DB connections & limit Jest workers to 4 (#1069) 2021-10-26 19:50:13 +02:00
Ivar Conradi Østhus
07202a9910
fix: removing a strategy from a toggle should only require UPDATE_FEATURE permission 2021-10-25 11:14:38 +02:00
Christopher Kolstad
6914bd7908
fix: Only trigger environment enabled/disabled events if different f… (#1053)
Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com>
2021-10-21 22:33:50 +02:00
Ivar Conradi Østhus
1924961efa
fix: simplify how we update projects 2021-10-21 21:06:56 +02:00
Christopher Kolstad
f0dfe204ee
fix: Remove duplicate FEATURE_METADATA_UPDATED from events list for webhook addon (#1052) 2021-10-21 20:54:03 +02:00
Ivar Conradi Østhus
a0d5b04388
fix: only send FEATURE_UPDATED for legacy (#1054)
Co-authored-by: Christopher Kolstad <chriswk@getunleash.ai>
2021-10-21 20:53:39 +02:00
Christopher Kolstad
b7b5f0caa0
fix: add constraint for changing project. (#1049)
- In order for a feature toggle to be allowed to change project, the
  target project must have the same enabled environments.
- If the feature toggle has an environment which is not in use that does
  not exist in target project, this is ok.

Co-authored-by: Fredrik Strand Oseberg <fredrik.no@gmail.com>

Co-authored-by: Fredrik Strand Oseberg <fredrik.no@gmail.com>
2021-10-21 10:29:09 +02:00
Ivar Conradi Østhus
3484340cd0
fix: only add project environments if enabled (#1050) 2021-10-21 10:14:35 +02:00
Christopher Kolstad
62b121285c
Create a apiuser for demo auth. (#1045)
- If api token middleware is disabled, still allow calls to /api/client with a
  populated fake api user with client access.
2021-10-20 13:16:07 +02:00
Christopher Kolstad
28d0238732
add try-catch to demo auth middleware (#1044)
- Since we validate email used in auth the route function needs to
  handle the possibility that userService.loginUserWithoutPassword can
  throw.
2021-10-19 14:24:23 +02:00
Christopher Kolstad
1f37b0bf4b
fix: make hasPermission call handle api tokens (#1041) 2021-10-19 11:34:56 +02:00
Christopher Kolstad
26407cc02e
Fix/feature strategies needs project update (#1040)
* Make sure feature_strategies follow feature to new project
2021-10-19 09:49:43 +02:00
Ivar Conradi Østhus
3b925902d7
fix: event-log 2021-10-15 20:11:51 +02:00
Ivar Conradi Østhus
5f6758d8f0
fix: update context field does not await the response (#1027) 2021-10-14 08:30:36 +02:00
Ivar Conradi Østhus
ae03390331
fix: add support for experimental flags (#1025) 2021-10-13 20:52:44 +02:00
Ivar Conradi Østhus
daba53976d
fix: feature_strategies paramter column should not be null (#1024) 2021-10-13 12:42:57 +02:00
Ivar Conradi Østhus
41574e3938
fix: create admin users if enabled and zero users already 2021-10-12 21:39:57 +02:00
Christopher Kolstad
20a4aeff97
Make Appinstance registration include environment (#1014) 2021-10-12 10:39:28 +02:00
Christopher Kolstad
d176028a00 Trigger STALE events when patching stale field
- Also moved the patch function into service, instead of performing the
  operation in the controller
2021-10-11 11:27:20 +02:00
Ivar Conradi Østhus
fc455811f8
feat/metricsV2 (#1005)
Adds a new way of handling usage metrics where we push it directly to the database and performs aggregation on the fly. All metrics are aggregated in to buckets of hours. We will for now store metrics for the 48 hours with the following dimensions:

- featureName
- projectName
- envrionment
- yes (the actual count)
- no (the actual count)
2021-10-08 10:09:22 +02:00
Ivar Conradi Østhus
3612884501
feat: clone feature toggle API (#1006) 2021-10-08 09:37:27 +02:00
Christopher Kolstad
b4b222f4c9
feat: add new more specific feature/environment events to addons (#994)
* feat: add new more specific feature/environment events to addons

* Updated strategy change text

* Update all three addon messages for strategy

* Link to new features view for strategy change text

Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com>
2021-10-07 10:22:20 +02:00
Fredrik Strand Oseberg
12245664ad
fix: add sort order to environments (#1004)
* fix: add sort order to environments

* fix: lint

* fix: remove display name
2021-10-06 09:39:59 +02:00
Christopher Kolstad
a401580228
task: Disables feature_environments without strategies (#1003) 2021-10-06 09:25:34 +02:00
Ivar Conradi Østhus
796f202da3
fix: lint 2021-10-01 22:28:09 +02:00