Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Return tags in /my-permission #4813

Closed
kyle-ssg opened this issue Nov 6, 2024 · 3 comments · Fixed by #4824
Closed

Return tags in /my-permission #4813

kyle-ssg opened this issue Nov 6, 2024 · 3 comments · Fixed by #4824
Assignees
@matthewelwell

Comments

@kyle-ssg
Copy link
Member

kyle-ssg commented Nov 6, 2024
edited
Loading

Is your feature request related to a problem? Please describe.

Tag-based roles allow you to restrict permissions to certain tagged features, however, the frontend doesn't currently receive any information about what tags the user has permissions for in the my-permissions endpoint - this means the frontend isn't disabling / hiding any access where appropriate tags aren't added.

Describe the solution you'd like.

In order for the frontend to start restricting tag based roles, the my-permissions endpoint needs to return the tags the permission has access to, if none are returned the frontend should assume they have access to permissions regardless of the tagged feature.

Describe alternatives you've considered

Let the api 403 when attempting actions, however this would add many new scenarios to test where the frontend was originally hiding / disabling ui

Additional context

No response
@matthewelwell
Copy link
Contributor

I guess we can just add an extra key, e.g. "tag_based_permissions" to the response object, like

{
  "permissions": ["VIEW_ENVIRONMENT", "CREATE_CHANGE_REQUEST"],
  "admin": false,
  "tag_based_permissions": [{"key": "UPDATE_FEATURE_STATE", "tags": [1, 2]}]
}

@kyle-ssg
Copy link
Member Author

kyle-ssg commented Nov 6, 2024

This makes sense, I will update the frontend PR to use this

@kyle-ssg kyle-ssg mentioned this issue Nov 6, 2024
Merged
4 tasks
@gagantrivedi gagantrivedi mentioned this issue Nov 11, 2024
Merged
4 tasks
@gagantrivedi
Copy link
Member

@kyle-ssg, I’ve implemented it here with a slight variation. Instead of using 'keys,' I've used 'permissions' (a list) since it can contain more than one permission.

e.g:

{
  "permissions": ["VIEW_ENVIRONMENT", "CREATE_CHANGE_REQUEST"],
  "admin": false,
  "tag_based_permissions": [{"permissions":  ["UPDATE_FEATURE_STATE"] , "tags": [1, 2]}]
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@matthewelwell matthewelwell

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat(my-permissions): Add tag based permissions Flagsmith/flagsmith
3 participants
@kyle-ssg @matthewelwell @gagantrivedi