feat: adds RequireFlagsEnabled decorator #1159
Conversation
|
I think this is a good idea, and it "feels right" to me ergonomically. Make sure you add something to the test-app to test and document this. |
kaushalkapasi
force-pushed
the
feat/require-flags-decorator
branch
2 times, most recently
from
ca912f0 to
a67cc35
Compare
| * Defaults to a 404 Not Found exception. | ||
| * @see {@link HttpException} | ||
| */ | ||
| exception?: HttpException; |
There was a problem hiding this comment.
I think it is okay to constrain the exceptions to HTTP exceptions, even though it might make sense to broaden this to general exceptions.
Sometimes custom filters are built for more complex cases so I think one could argue for being strict on that or allowing any exception to be thrown.
There was a problem hiding this comment.
Since these decorators are meant to be used at a Controller or Route level in Nest, I opted to limit the exception type to be an HTTPException since it can then be handled by the caller in a predictable manner.
| /** | ||
| * Options for injecting a feature flag into a route handler. | ||
| */ | ||
| interface RequireFlagsEnabledProps { |
There was a problem hiding this comment.
I think we could have some optional static evaluation context given here too.
There was a problem hiding this comment.
What would this look like? Is there an example you could share (maybe in another SDK) since I'm not fully familiar with that concept.
| /** | ||
| * Options for injecting a feature flag into a route handler. | ||
| */ | ||
| interface RequireFlagsEnabledProps { |
There was a problem hiding this comment.
Also we could have a context factory here too. Basically what we globally have for the OpenFeatureModule:
But this would be optional to me. We do not have it for the other decorators too:
So to me this is optional for this PR but it would be a great addition.
| /** | ||
| * Returns a domain scoped or the default OpenFeature client with the given context. | ||
| * @param {string} domain The domain of the OpenFeature client. | ||
| * @returns {Client} The OpenFeature client. | ||
| */ | ||
| function getClientForEvaluation(domain?: string) { | ||
| return domain ? OpenFeature.getClient(domain) : OpenFeature.getClient(); | ||
| } |
There was a problem hiding this comment.
We already have this function:
There was a problem hiding this comment.
Should I change that to be an exported function in a utils.ts file that can be imported across decorators? Additionally, should the decorators live in their own folder or folders, along the lines of: nest/src/decorators/require-flags-enabled/require-flags-enabled.ts?
| export const RequireFlagsEnabled = (props: RequireFlagsEnabledProps): ClassDecorator & MethodDecorator => | ||
| applyDecorators(UseInterceptors(FlagsEnabledInterceptor(props))); |
There was a problem hiding this comment.
I think there could be value in similar function like: RequireFlagEquals.
But this could also be added in another PR.
There was a problem hiding this comment.
Yeah! I opted to implement this first as the "easiest" option, a follow up would be to take a flag key and expected value combination to support String, Number and Object type flags.
There was a problem hiding this comment.
Yep that makes sense to me. I think most people would use this current decorator, which could basically just be a shorthand for a RequireFlagEquals implementation. I think instead of a key/value combination though, a lambda predicate might be easier (a lambda taking the EvalutionDetails which will run to decide to run the request or not). For RequireFlagsEnabled, the lambda would just be evalutationDetails.value === true
| const client = getClientForEvaluation(props.domain); | ||
|
|
||
| for (const flagKey of props.flagKeys) { | ||
| const endpointAccessible = await client.getBooleanValue(flagKey, false); |
There was a problem hiding this comment.
Sometimes there are cases where it is better to fall back to true as default value if the flag evaluation fails.
I think it would be worth it adding the default value as a parameter, defaulting to false.
| flagKeys: string[]; | ||
| /** | ||
| * The exception to throw if any of the required feature flags are not enabled. | ||
| * Defaults to a 404 Not Found exception. |
There was a problem hiding this comment.
I am not entirely sure why you chose 404 here.
Is it to prevent unwanted information disclosure in the case the feature is meant to be hidden?
There was a problem hiding this comment.
That's right. Defaulting to 404 as the preferred behaviour is to "hide" the existence of the Controller or Route from the caller entirely. This could also be integrated with any API documentation that the end user may generate.
There was a problem hiding this comment.
Ya I actually think for security reasons this is the most reasonable default.
|
I will have a look at what is wrong with the e2e test tomorrow @kaushalkapasi :) |
Seems to me like the test-harness git submodule was simply deleted. I've added it back in the latest commit. The e2e tests are working now but you have some small lint errors causing CI failures. |
| * Global {@link EvaluationContext} for OpenFeature. | ||
| * @see {@link OpenFeature#setContext} | ||
| */ | ||
| context?: EvaluationContext; |
There was a problem hiding this comment.
I'm a bit confused as to why we'd want to set the global context here?
It seems like a bit of a separation-of-concerns violation. Can somebody help me understand why it's useful here?
There was a problem hiding this comment.
That's a mistake, it shouldn't be the global context. Will be updated to: * The {@link EvaluationContext} for evaluating the feature flag.
packages/nest/test/fixtures.ts
Outdated
| testBooleanFlag2: { | ||
| defaultVariant: 'default', | ||
| variants: { default: false, enabled: true }, | ||
| disabled: false, | ||
| }, |
There was a problem hiding this comment.
Could we add another integration test where we use a flag with a simple targeting rule, which requires an evaluation context value (which is injected in an interceptor) to be present? That would ensure that we are using a per-request context as expected in our decorator(s).
There was a problem hiding this comment.
Sounds good, will add the test.
There was a problem hiding this comment.
I have a couple questions, and one request for an additional test (please let me know if you think this is not necessary) but this looks really cool. Great work!
Happy to approve from my perspective after these are resolved.
…er & endpoint access based on boolean flag values Signed-off-by: Kaushal Kapasi <[email protected]>
…s enabled decorator Signed-off-by: Kaushal Kapasi <[email protected]>
Signed-off-by: Kaushal Kapasi <[email protected]>
…text and allow for flags to change the default value for flag evaluation. move getClientForEvaluation method to utils file Signed-off-by: Kaushal Kapasi <[email protected]>
Signed-off-by: Todd Baert <[email protected]>
Signed-off-by: Kaushal Kapasi <[email protected]>
…add tests with targeting rules defined for the InMemoryProvider Signed-off-by: Kaushal Kapasi <[email protected]>
kaushalkapasi
force-pushed
the
feat/require-flags-decorator
branch
from
aa03a3a to
ba2c4d6
Compare
This PR
RequireFlagsEnableddecorator to allow a simple, reusable way to block access to a specific controller or endpoint based on the value of a list of one, or many, boolean flagsNotes
Follow-up Tasks
RequireFlagsEnableddecorator & usage examplesHow to test
npx jest --selectProject=nest