1
0
mirror of https://github.com/Unleash/unleash.git synced 2024-12-22 19:07:54 +01:00
unleash.unleash/frontend
Nuno Góis 4d1f76e61b
fix: take into account project segments permission (#5304)
https://linear.app/unleash/issue/SR-164/ticket-1106-user-with-createedit-project-segment-is-not-able-to-edit-a

Fixes a bug where the `UPDATE_PROJECT_SEGMENT` permission is not
respected, both on the UI and on the API. The original intention was
stated
[here](https://github.com/Unleash/unleash/pull/3346#discussion_r1140434517).

This was easy to fix on the UI, since we were simply missing the extra
permission on the button permission checks.

Unfortunately the API can be tricky. Our auth middleware tries to grab
the `project` information from either the params or body object, but our
`DELETE` method does not contain this information. There is no body and
the endpoint looks like `/admin/segments/:id`, only including the
segment id.

This means that, in the rbac middleware when we check the permissions,
we need to figure out if we're in such a scenario and fetch the project
information from the DB, which feels a bit hacky, but it's something
we're seemingly already doing for features, so at least it's somewhat
consistent.

Ideally what we could do is leave this API alone and create a separate
one for project segments, with endpoints where we would have project as
a param, like so:
`http://localhost:4242/api/admin/projects/:projectId/segments/1`.

This PR opts to go with the quick and hacky solution for now since this
is an issue we want to fix quickly, but this is something that we should
be aware of. I'm also unsure if we want to create a new API for project
segments. If we decide that we want a different solution I don't mind
either adapting this PR or creating a follow up.
2023-11-09 09:37:47 +00:00
..
cypress refactor: slight clean up after GAing multiple roles (#5133) 2023-10-24 09:57:01 +01:00
public refactor: adapt to Vite (#940) 2022-05-05 16:15:22 +01:00
scripts feat: Generate new OAS types, tags component upgrade (#3269) 2023-03-15 11:35:24 +02:00
src fix: take into account project segments permission (#5304) 2023-11-09 09:37:47 +00:00
.editorconfig add editorconfig 2016-12-05 23:08:32 +01:00
.gitignore Test npm publish (#3554) 2023-04-18 15:44:19 +02:00
.nvmrc chore: update to node 18 (#3527) 2023-04-18 10:35:32 +02:00
cypress.config.ts feat: biome lint frontend (#4903) 2023-10-02 13:25:46 +01:00
cypress.d.ts feat: biome lint frontend (#4903) 2023-10-02 13:25:46 +01:00
index.html feat: dynamic icons by adding material symbols font (#5008) 2023-10-12 11:22:23 +01:00
index.js feat: biome lint frontend (#4903) 2023-10-02 13:25:46 +01:00
orval.config.js don't add version header to generated api schema 2023-03-15 13:29:18 +01:00
package.json chore(deps): update react monorepo (#5223) 2023-10-30 16:10:13 +00:00
README.md feat: application usage frontend (#4561) 2023-08-24 13:13:02 +03:00
tsconfig.json chore: refactor Cypress tests (#3445) 2023-04-04 11:46:28 +03:00
tsconfig.node.json
vercel.json
vite.config.ts feat: biome lint frontend (#4903) 2023-10-02 13:25:46 +01:00
yarn.lock chore(deps): update react monorepo (#5223) 2023-10-30 16:10:13 +00:00

frontend

This directory contains the Unleash Admin UI frontend app.

Run with a local instance of the unleash-api

Refer to the Contributing to Unleash guide for instructions. The frontend dev server runs (in port 3000) simultaneously with the backend dev server (in port 4242):

yarn install
yarn dev

Run with a sandbox instance of the Unleash API

Alternatively, instead of running unleash-api on localhost, you can use a remote instance:

cd ./frontend
yarn install
yarn run start:sandbox

Running end-to-end tests

We have a set of Cypress tests that run on the build before a PR can be merged so it's important that you check these yourself before submitting a PR. On the server the tests will run against the deployed Heroku app so this is what you probably want to test against:

yarn run start:sandbox

In a different shell, you can run the tests themselves:

yarn run e2e:heroku

If you need to test against patches against a local server instance, you'll need to run that, and then run the end to end tests using:

yarn run e2e

You may also need to test that a feature works against the enterprise version of unleash. Assuming the Heroku instance is still running, this can be done by:

yarn run start:enterprise
yarn run e2e

Generating the OpenAPI client

The frontend uses an OpenAPI client generated from the backend's OpenAPI spec. Whenever there are changes to the backend API, the client should be regenerated:

For now we only use generated types (src/openapi/models). We will use methods (src/openapi/apis) for new features soon.

yarn gen:api
rm -rf src/openapi/apis

clean up src/openapi/index.ts imports, only keep first line export * from './models';

This script assumes that you have a running instance of the enterprise backend at http://localhost:4242. The new OpenAPI client will be generated from the runtime schema of this instance. The target URL can be changed by setting the UNLEASH_OPENAPI_URL env var.

Analyzing bundle size

npx vite-bundle-visualizer in the root of the frontend directory