Skip to content

fix: feature flag ui and feature flag writes missing RBAC permissions #493

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Oct 12, 2025
Merged

fix: feature flag ui and feature flag writes missing RBAC permissions #493

merged 3 commits into from
Oct 12, 2025

Conversation

@raghavyuva
Copy link
Owner

@raghavyuva raghavyuva commented Oct 12, 2025
edited by coderabbitai bot
Loading

Issue

Link to related issue(s):

Description

Short summary of what this PR changes or introduces.

Scope of Change

Select all applicable areas impacted by this PR:

  • View (UI/UX)
  • API
  • CLI
  • Infra / Deployment
  • Docs
  • Other (specify): ________

Screenshot / Video / GIF (if applicable)

Attach or embed screenshots, screen recordings, or GIFs demonstrating the feature or fix.

Related PRs (if any)

Link any related or dependent PRs across repos.

Additional Notes for Reviewers (optional)

Anything reviewers should know before testing or merging (e.g., environment variables, setup steps).

Developer Checklist

To be completed by the developer who raised the PR.

  • Add valid/relevant title for the PR
  • Self-review done
  • Manual dev testing done
  • No secrets exposed
  • No merge conflicts
  • Docs added/updated (if applicable)
  • Removed debug prints / secrets / sensitive data
  • Unit / Integration tests passing
  • Follows all standards defined in Nixopus Docs

Reviewer Checklist

To be completed by the reviewer before merge.

  • Peer review done
  • No console.logs / fmt.prints left
  • No secrets exposed
  • If any DB migrations, migration changes are verified
  • Verified release changes are production-ready

Summary by CodeRabbit

  • New Features

    • Feature Flags now support search, enabled/disabled filters, grouped views with icons, enabled/total badges, and improved loading skeleton.
    • Clear no-results messaging and streamlined toggle interactions with notifications.

  • Access Control

    • Expanded permissions: admins can update feature flags; members and viewers can read them. Toggle access is enforced by role.

  • Internationalization

    • Added translations for enabled/disabled and new Feature Flags UI strings (search, filters, no results, no features) across multiple languages.

@raghavyuva raghavyuva self-assigned this Oct 12, 2025
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Oct 12, 2025
edited
Loading

Walkthrough

Adds feature flag RBAC permissions in backend roles. Updates Feature Flags settings UI with search, enabled/disabled filters, grouped rendering with icons, loading skeleton, badges, and no-results messaging. Integrates RBAC guard on toggles. Expands i18n locales (EN/ES/FR/KN/ML) with new strings for common enabled/disabled and feature flag UI texts.

Changes

Cohort / File(s) Summary
RBAC permissions (backend)
api/internal/features/supertokens/auth.go		 Adds feature_flags permissions: admin gets read/update; member and viewer get read. No signature or control-flow changes.
Feature Flags UI (frontend)
view/app/settings/general/components/FeatureFlagsSettings.tsx		 Adds search/filter states and logic, grouped rendering with icons, badges for counts, loading skeleton, no-results alerts, and RBACGuard-wrapped toggles using update mutation and toasts.
i18n locales
view/lib/i18n/locales/en.json, view/lib/i18n/locales/es.json, view/lib/i18n/locales/fr.json, view/lib/i18n/locales/kn.json, view/lib/i18n/locales/ml.json		 Adds common.enabled/disabled and settings.featureFlags messages (searchPlaceholder, filters: all/enabled/disabled, noResults, noFeatures). Minor structural placements vary per locale.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor U as User
  participant UI as FeatureFlagsSettings (UI)
  participant RBAC as RBACGuard
  participant API as FeatureFlags API

  U->>UI: Open Feature Flags tab
  UI->>API: GET feature flags
  API-->>UI: Flags list
  UI->>UI: Apply search/filter (client-side)
  alt No matches
    UI-->>U: Show "no results" message
  else Matches
    UI-->>U: Render grouped flags with badges
  end

  U->>UI: Toggle a feature
  UI->>RBAC: Check "feature_flags:update"
  alt Permission granted
    UI->>API: PATCH update feature flag
    API-->>UI: Success/Failure
    UI-->>U: Toast success or error
  else Permission denied
    RBAC-->>U: Action blocked
  end
Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

Poem

In burrows of code where toggles reside,
I sniff for flags with whiskered pride.
Search, filter, group—hip-hop, hooray!
Badges gleam like dewdrops today.
With rightful keys, I flip the switch—
RBAC nods, no naughty glitch. 🐇✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)
Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. You can run @coderabbitai generate docstrings to improve docstring coverage.
✅ Passed checks (2 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check ✅ Passed The title accurately conveys the dual focus of the pull request by mentioning both the feature flag UI fixes and the addition of missing RBAC permissions for feature flag writes, which aligns with the backend and frontend changes in this changeset.
✨ Finishing touches
  • 📝 Generate docstrings
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch fix/feature-flags
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 71122a6 and b29a85b.

📒 Files selected for processing (7)
  • api/internal/features/supertokens/auth.go (2 hunks)
  • view/app/settings/general/components/FeatureFlagsSettings.tsx (4 hunks)
  • view/lib/i18n/locales/en.json (2 hunks)
  • view/lib/i18n/locales/es.json (2 hunks)
  • view/lib/i18n/locales/fr.json (2 hunks)
  • view/lib/i18n/locales/kn.json (2 hunks)
  • view/lib/i18n/locales/ml.json (2 hunks)
🧰 Additional context used
🧬 Code graph analysis (1)
view/app/settings/general/components/FeatureFlagsSettings.tsx (3)
view/types/feature-flags.ts (1)
  • FeatureFlag (1-9)
view/components/ui/typography.tsx (3)
  • TypographyH3 (17-23)
  • TypographyMuted (73-77)
  • TypographySmall (61-71)
view/components/rbac/RBACGuard.tsx (1)
  • RBACGuard (16-59)
🔇 Additional comments (1)
api/internal/features/supertokens/auth.go (1)

45-45: Approve feature flag permissions

  • Permissions correctly follow RBAC: admins read + update; members/viewers read-only.
  • No TS/TSX files found—manually verify backend handlers enforce these permissions and frontend uses matching strings.
  • Minor naming inconsistency: feature_flags uses underscore vs hyphens elsewhere.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@raghavyuva raghavyuva merged commit 2e1c857 into master Oct 12, 2025
4 checks passed
@raghavyuva raghavyuva deleted the fix/feature-flags branch October 16, 2025 09:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@raghavyuva raghavyuva

Labels

nixopus-api nixopus-view

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@raghavyuva