flipper-ui 0.21.0.rc1 → 0.22.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1892ab407f3f56ccddb2268e6ce53d7d02ef68a5004c914bc68a61c791c1a97f
-  data.tar.gz: cff24cf7ed9f5521118d16af76cd2b8bc9b7ef90b345610450f2c2d836cc915d
+  metadata.gz: a619370e297b8fc379c57c8394cdfc798120ebfd9d4d091bc1902f3d9a2183be
+  data.tar.gz: a36c5d0a79836aec62188c04f5954a506d737e110a135028b3fc7d9d889a2579
 SHA512:
-  metadata.gz: 1c3afd4b54efb3d6df85b1be0df6671083d208a451526a71483519eb748ff87aaf4b5ca1d4d4594981b6172fbb7e4b82e6e7cab3268d26c237f98da499c3bf18
-  data.tar.gz: fc85ea7b8bae97535e34321b1c89ae1dcda2b834dc31876d91ddc7ec5387d52a2f912c53c1cf8a965c3442e655676923ee1040385fe3bd73df4b8c2a82af4c04
+  metadata.gz: b02d0683b248297b59e6013f816a6f09bbde28889e38201e0f41c89d29118f06f16061749d55041a786daf81d2d67da8e88885033c4819233794dbd55df3ea8d
+  data.tar.gz: 425e485bc419c1ae45554298df69a2d6cfdb4d2169fa2b0dc1b3e5e32009e5bafd27372796ab8a1bf3ac68dbc2d1be6a2474cbd7855b1d245fd61c8940e1cb81

data/docs/ui/README.md

@@ -109,7 +109,7 @@ Minimal example for Rack:
 ```ruby
 # config.ru
 
-require 'flipper-ui'
+require 'flipper/ui'
 
 adapter = Flipper::Adapters::Memory.new
 flipper = Flipper.new(adapter)

data/examples/ui/authorization.ru

@@ -5,50 +5,13 @@
 #   http://localhost:9999/
 #
 require 'bundler/setup'
-require "logger"
-
-require "flipper-ui"
+require "flipper/ui"
 require "flipper/adapters/pstore"
-require "active_support/notifications"
 
 Flipper.register(:admins) { |actor|
   actor.respond_to?(:admin?) && actor.admin?
 }
 
-Flipper.register(:early_access) { |actor|
-  actor.respond_to?(:early?) && actor.early?
-}
-
-# Setup logging of flipper calls.
-if ENV["LOG"] == "1"
-  $logger = Logger.new(STDOUT)
-  require "flipper/instrumentation/log_subscriber"
-  Flipper::Instrumentation::LogSubscriber.logger = $logger
-end
-
-adapter = Flipper::Adapters::PStore.new
-flipper = Flipper.new(adapter, instrumenter: ActiveSupport::Notifications)
-
-Flipper::UI.configure do |config|
-  # config.banner_text = 'Production Environment'
-  # config.banner_class = 'danger'
-  config.feature_creation_enabled = true
-  config.feature_removal_enabled = true
-  # config.show_feature_description_in_list = true
-  config.descriptions_source = lambda do |_keys|
-    {
-      "search_performance_another_long_thing" => "Just to test feature name length.",
-      "gauges_tracking" => "Should we track page views with gaug.es.",
-      "unused" => "Not used.",
-      "suits" => "Are suits necessary in business?",
-      "secrets" => "Secrets are lies.",
-      "logging" => "Log all the things.",
-      "new_cache" => "Like the old cache but newer.",
-      "a/b" => "Why would someone use a slash? I don't know but someone did. Let's make this really long so they regret using slashes. Please don't use slashes.",
-    }
-  end
-end
-
 # Example middleware to allow reading the Flipper UI but nothing else.
 class FlipperReadOnlyMiddleware
   def initialize(app)
@@ -67,18 +30,17 @@ class FlipperReadOnlyMiddleware
 end
 
 # You can uncomment these to get some default data:
-# flipper[:search_performance_another_long_thing].enable
-# flipper[:gauges_tracking].enable
-# flipper[:unused].disable
-# flipper[:suits].enable_actor Flipper::Actor.new('1')
-# flipper[:suits].enable_actor Flipper::Actor.new('6')
-# flipper[:secrets].enable_group :admins
-# flipper[:secrets].enable_group :early_access
-# flipper[:logging].enable_percentage_of_time 5
-# flipper[:new_cache].enable_percentage_of_actors 15
-# flipper["something/slashed"].add
-
-run Flipper::UI.app(flipper) { |builder|
+# Flipper.enable(:search_performance_another_long_thing)
+# Flipper.disable(:gauges_tracking)
+# Flipper.disable(:unused)
+# Flipper.enable_actor(:suits, Flipper::Actor.new('1'))
+# Flipper.enable_actor(:suits, Flipper::Actor.new('6'))
+# Flipper.enable_group(:secrets, :admins)
+# Flipper.enable_percentage_of_time(:logging, 5)
+# Flipper.enable_percentage_of_actors(:new_cache, 15)
+# Flipper.add("a/b")
+
+run Flipper::UI.app { |builder|
   builder.use Rack::Session::Cookie, secret: "_super_secret"
   builder.use FlipperReadOnlyMiddleware
 }

data/examples/ui/basic.ru

@@ -9,9 +9,8 @@
 #   http://localhost:9999/
 #
 require 'bundler/setup'
-require "flipper-ui"
+require "flipper/ui"
 require "flipper/adapters/pstore"
-require "active_support/notifications"
 
 Flipper.register(:admins) { |actor|
   actor.respond_to?(:admin?) && actor.admin?
@@ -21,16 +20,6 @@ Flipper.register(:early_access) { |actor|
   actor.respond_to?(:early?) && actor.early?
 }
 
-# Setup logging of flipper calls.
-if ENV["LOG"] == "1"
-  $logger = Logger.new(STDOUT)
-  require "flipper/instrumentation/log_subscriber"
-  Flipper::Instrumentation::LogSubscriber.logger = $logger
-end
-
-adapter = Flipper::Adapters::PStore.new
-flipper = Flipper.new(adapter, instrumenter: ActiveSupport::Notifications)
-
 Flipper::UI.configure do |config|
   # config.banner_text = 'Production Environment'
   # config.banner_class = 'danger'
@@ -53,17 +42,17 @@ Flipper::UI.configure do |config|
 end
 
 # You can uncomment these to get some default data:
-# flipper[:search_performance_another_long_thing].enable
-# flipper[:gauges_tracking].enable
-# flipper[:unused].disable
-# flipper[:suits].enable_actor Flipper::Actor.new('1')
-# flipper[:suits].enable_actor Flipper::Actor.new('6')
-# flipper[:secrets].enable_group :admins
-# flipper[:secrets].enable_group :early_access
-# flipper[:logging].enable_percentage_of_time 5
-# flipper[:new_cache].enable_percentage_of_actors 15
-# flipper["a/b"].add
+# Flipper.enable(:search_performance_another_long_thing)
+# Flipper.disable(:gauges_tracking)
+# Flipper.disable(:unused)
+# Flipper.enable_actor(:suits, Flipper::Actor.new('1'))
+# Flipper.enable_actor(:suits, Flipper::Actor.new('6'))
+# Flipper.enable_group(:secrets, :admins)
+# Flipper.enable_group(:secrets, :early_access)
+# Flipper.enable_percentage_of_time(:logging, 5)
+# Flipper.enable_percentage_of_actors(:new_cache, 15)
+# Flipper.add("a/b")
 
-run Flipper::UI.app(flipper) { |builder|
+run Flipper::UI.app { |builder|
   builder.use Rack::Session::Cookie, secret: "_super_secret"
 }

data/lib/flipper/ui/action.rb

@@ -26,6 +26,36 @@ module Flipper
                                              'delete'.freeze,
                                            ]).freeze
 
+      SOURCES = {
+        bootstrap_css: {
+          src: "https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css".freeze,
+          hash: "sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm".freeze
+        }.freeze,
+        jquery_js: {
+          src: "https://code.jquery.com/jquery-3.2.1.slim.min.js".freeze,
+          hash: "sha384-KJ3o2DKtIkvYIK3UENzmM7KCkRr/rE9/Qpg6aAZGJwFDMVNA/GpGFF93hXpG5KkN".freeze
+        }.freeze,
+        popper_js: {
+          src: "https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js".freeze,
+          hash: "sha384-ApNbgh9B+Y1QKtv3Rn7W3mgPxhU9K/ScQsAP7hUibX39j7fakFPskvXusvfa0b4Q".freeze
+        }.freeze,
+        bootstrap_js: {
+          src: "https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js".freeze,
+          hash: "sha384-JZR6Spejh4U02d8jOt6vLEHfe/JQGiRRSQQxSfFWpi1MquVdAyjUar5+76PVCmYl".freeze
+        }.freeze
+      }.freeze
+      SCRIPT_SRCS = SOURCES.values_at(:jquery_js, :popper_js, :bootstrap_js).map { |s| s[:src] }
+      STYLE_SRCS = SOURCES.values_at(:bootstrap_css).map { |s| s[:src] }
+      CONTENT_SECURITY_POLICY = <<-CSP.delete("\n")
+        default-src 'none';
+        img-src 'self';
+        font-src 'self';
+        script-src 'report-sample' 'self' #{SCRIPT_SRCS.join(' ')};
+        style-src 'self' 'unsafe-inline' #{STYLE_SRCS.join(' ')};
+        style-src-attr 'unsafe-inline' ;
+        style-src-elem 'self' #{STYLE_SRCS.join(' ')};
+      CSP
+
       # Public: Call this in subclasses so the action knows its route.
       #
       # regex - The Regexp that this action should run for.
@@ -130,6 +160,7 @@ module Flipper
       # Returns a response.
       def view_response(name)
         header 'Content-Type', 'text/html'
+        header 'Content-Security-Policy', CONTENT_SECURITY_POLICY
         body = view_with_layout { view_without_layout name }
         halt [@code, @headers, [body]]
       end
@@ -151,7 +182,7 @@ module Flipper
       # location - The String location to set the Location header to.
       def redirect_to(location)
         status 302
-        header 'Location', "#{script_name}#{location}"
+        header 'Location', "#{script_name}#{Rack::Utils.escape_path(location)}"
         halt [@code, @headers, ['']]
       end
 
@@ -237,6 +268,22 @@ module Flipper
       def valid_request_method?
         VALID_REQUEST_METHOD_NAMES.include?(request_method_name)
       end
+
+      def bootstrap_css
+        SOURCES[:bootstrap_css]
+      end
+
+      def bootstrap_js
+        SOURCES[:bootstrap_js]
+      end
+
+      def popper_js
+        SOURCES[:popper_js]
+      end
+
+      def jquery_js
+        SOURCES[:jquery_js]
+      end
     end
   end
 end

data/lib/flipper/ui/actions/actors_gate.rb

@@ -27,7 +27,7 @@ module Flipper
           value = params['value'].to_s.strip
 
           if Util.blank?(value)
-            error = Rack::Utils.escape("#{value.inspect} is not a valid actor value.")
+            error = "#{value.inspect} is not a valid actor value."
             redirect_to("/features/#{feature.key}/actors?error=#{error}")
           end
 

data/lib/flipper/ui/actions/features.rb

@@ -49,14 +49,14 @@ module Flipper
           value = params['value'].to_s.strip
 
           if Util.blank?(value)
-            error = Rack::Utils.escape("#{value.inspect} is not a valid feature name.")
+            error = "#{value.inspect} is not a valid feature name."
             redirect_to("/features/new?error=#{error}")
           end
 
           feature = flipper[value]
           feature.add
 
-          redirect_to "/features/#{Rack::Utils.escape_path(value)}"
+          redirect_to "/features/#{value}"
         end
       end
     end

data/lib/flipper/ui/actions/file.rb

@@ -5,7 +5,7 @@ module Flipper
   module UI
     module Actions
       class File < UI::Action
-        route %r{(images|css|js|octicons)/.*\Z}
+        route %r{(images|css|js)/.*\Z}
 
         def get
           Rack::File.new(public_path).call(request.env)

data/lib/flipper/ui/actions/groups_gate.rb

@@ -35,7 +35,7 @@ module Flipper
 
             redirect_to("/features/#{feature.key}")
           else
-            error = Rack::Utils.escape("The group named #{value.inspect} has not been registered.")
+            error = "The group named #{value.inspect} has not been registered."
             redirect_to("/features/#{feature.key}/groups?error=#{error}")
           end
         end

data/lib/flipper/ui/actions/percentage_of_actors_gate.rb

@@ -16,7 +16,7 @@ module Flipper
           begin
             feature.enable_percentage_of_actors params['value']
           rescue ArgumentError => exception
-            error = Rack::Utils.escape("Invalid percentage of actors value: #{exception.message}")
+            error = "Invalid percentage of actors value: #{exception.message}"
             redirect_to("/features/#{@feature.key}?error=#{error}")
           end
 

data/lib/flipper/ui/actions/percentage_of_time_gate.rb

@@ -16,7 +16,7 @@ module Flipper
           begin
             feature.enable_percentage_of_time params['value']
           rescue ArgumentError => exception
-            error = Rack::Utils.escape("Invalid percentage of time value: #{exception.message}")
+            error = "Invalid percentage of time value: #{exception.message}"
             redirect_to("/features/#{@feature.key}?error=#{error}")
           end
 

data/lib/flipper/ui/decorators/feature.rb

@@ -23,11 +23,11 @@ module Flipper
         def color_class
           case feature.state
           when :on
-            'text-success'
+            'bg-success'
           when :off
-            'text-danger'
+            'bg-danger'
           when :conditional
-            'text-warning'
+            'bg-warning'
           end
         end
 

data/lib/flipper/ui/middleware.rb

@@ -12,6 +12,7 @@ module Flipper
       def initialize(app, options = {})
         @app = app
         @env_key = options.fetch(:env_key, 'flipper')
+        @flipper = options.fetch(:flipper) { Flipper }
 
         @action_collection = ActionCollection.new
 
@@ -43,7 +44,7 @@ module Flipper
         if action_class.nil?
           @app.call(env)
         else
-          flipper = env.fetch(@env_key)
+          flipper = env.fetch(@env_key) { Flipper }
           action_class.run(flipper, request)
         end
       end

data/lib/flipper/ui/public/css/application.css

@@ -29,3 +29,10 @@ html {
 .toggle-on .toggle-block-when-off {
   display: none;
 }
+
+.status {
+  height: 10px;
+  width: 10px;
+  border-radius: 50%;
+  display: inline-block;
+}

data/lib/flipper/ui/views/feature.erb

@@ -21,7 +21,7 @@
     <div class="card">
       <%# Gate State Header %>
       <div class="card-header">
-        <span class="octicon octicon-squirrel <%= @feature.color_class %> mr-2"></span>
+        <span class="status <%= @feature.color_class %> mr-2"></span>
         <%= @feature.gate_state_title %>
       </div>
 
@@ -69,8 +69,8 @@
                   <%== csrf_input_tag %>
                   <input type="hidden" name="operation" value="disable">
                   <input type="hidden" name="value" value="<%= item %>">
-                  <button type="submit" value="Disable" class="btn btn-link btn-sm text-danger" data-toggle="tooltip" title="Disable <%= item %>" data-placement="left">
-                    <span class="octicon octicon-trashcan"></span>
+                  <button type="submit" value="Disable" class="btn btn-outline-danger" data-toggle="tooltip" title="Disable <%= item %>" data-placement="left">
+                    Remove
                   </button>
                 </form>
               </div>

data/lib/flipper/ui/views/features.erb

@@ -40,7 +40,7 @@
       <% @features.each do |feature| %>
         <div class="feature row align-items-center mt-0 px-3 border-bottom">
           <div class="col-1 col-md-auto">
-            <span class="octicon octicon-squirrel <%= feature.color_class %>" data-toggle="tooltip" title=<%= feature.state.to_s.capitalize %>></span>
+            <span class="status <%= feature.color_class %>" data-toggle="tooltip" title=<%= feature.state.to_s.capitalize %>></span>
           </div>
           <div class="col-10">
             <a href="<%= "#{script_name}/features/#{feature.key}" %>" class="d-block px-0 py-3 btn text-left text-dark">

data/lib/flipper/ui/views/layout.erb

@@ -6,8 +6,7 @@
     <meta http-equiv="X-UA-Compatible" content="IE=edge">
     <meta name="viewport" content="width=device-width, initial-scale=1">
 
-    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
-    <link rel="stylesheet" href="<%= script_name %>/octicons/octicons.css">
+    <link rel="stylesheet" href="<%= bootstrap_css[:src] %>" integrity="<%= bootstrap_css[:hash] %>" crossorigin="anonymous">
     <link rel="stylesheet" href="<%= script_name %>/css/application.css">
   </head>
   <body class="py-4">
@@ -52,9 +51,9 @@
       <% end %>
     </div>
 
-    <script src="https://code.jquery.com/jquery-3.2.1.slim.min.js" integrity="sha384-KJ3o2DKtIkvYIK3UENzmM7KCkRr/rE9/Qpg6aAZGJwFDMVNA/GpGFF93hXpG5KkN" crossorigin="anonymous"></script>
-    <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js" integrity="sha384-ApNbgh9B+Y1QKtv3Rn7W3mgPxhU9K/ScQsAP7hUibX39j7fakFPskvXusvfa0b4Q" crossorigin="anonymous"></script>
-    <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js" integrity="sha384-JZR6Spejh4U02d8jOt6vLEHfe/JQGiRRSQQxSfFWpi1MquVdAyjUar5+76PVCmYl" crossorigin="anonymous"></script>
+    <script src="<%= jquery_js[:src] %>" integrity="<%= jquery_js[:hash] %>" crossorigin="anonymous"></script>
+    <script src="<%= popper_js[:src] %>" integrity="<%= popper_js[:hash] %>" crossorigin="anonymous"></script>
+    <script src="<%= bootstrap_js[:src] %>" integrity="<%= bootstrap_js[:hash] %>" crossorigin="anonymous"></script>
     <script src="<%= script_name %>/js/application.js"></script>
   </body>
 </html>

data/lib/flipper/ui.rb

@@ -39,14 +39,14 @@ module Flipper
     def self.app(flipper = nil, options = {})
       env_key = options.fetch(:env_key, 'flipper')
       rack_protection_options = options.fetch(:rack_protection, use: :authenticity_token)
+
       app = ->(_) { [200, { 'Content-Type' => 'text/html' }, ['']] }
       builder = Rack::Builder.new
       yield builder if block_given?
       builder.use Rack::Protection, rack_protection_options
       builder.use Rack::MethodOverride
       builder.use Flipper::Middleware::SetupEnv, flipper, env_key: env_key
-      builder.use Flipper::Middleware::Memoizer, env_key: env_key
-      builder.use Flipper::UI::Middleware, env_key: env_key
+      builder.use Flipper::UI::Middleware, flipper: flipper, env_key: env_key
       builder.run app
       klass = self
       builder.define_singleton_method(:inspect) { klass.inspect } # pretty rake routes output

data/lib/flipper/version.rb

@@ -1,3 +1,3 @@
 module Flipper
-  VERSION = '0.21.0.rc1'.freeze
+  VERSION = '0.22.1'.freeze
 end

data/spec/flipper/ui/actions/actors_gate_spec.rb

@@ -61,6 +61,23 @@ RSpec.describe Flipper::UI::Actions::ActorsGate do
         expect(last_response.headers['Location']).to eq('/features/search')
       end
 
+      context "when feature name contains space" do
+        before do
+          post 'features/sp%20ace/actors',
+               { 'value' => value, 'operation' => 'enable', 'authenticity_token' => token },
+               'rack.session' => session
+        end
+
+        it 'adds item to members' do
+          expect(flipper["sp ace"].actors_value).to include('User;6')
+        end
+
+        it "redirects back to feature" do
+          expect(last_response.status).to be(302)
+          expect(last_response.headers['Location']).to eq('/features/sp%20ace')
+        end
+      end
+
       context 'value contains whitespace' do
         let(:value) { '  User;6  ' }
 
@@ -75,7 +92,7 @@ RSpec.describe Flipper::UI::Actions::ActorsGate do
 
           it 'redirects back to feature' do
             expect(last_response.status).to be(302)
-            expect(last_response.headers['Location']).to eq('/features/search/actors?error=%22%22+is+not+a+valid+actor+value.')
+            expect(last_response.headers['Location']).to eq('/features/search/actors?error=%22%22%20is%20not%20a%20valid%20actor%20value.')
           end
         end
 
@@ -84,7 +101,7 @@ RSpec.describe Flipper::UI::Actions::ActorsGate do
 
           it 'redirects back to feature' do
             expect(last_response.status).to be(302)
-            expect(last_response.headers['Location']).to eq('/features/search/actors?error=%22%22+is+not+a+valid+actor+value.')
+            expect(last_response.headers['Location']).to eq('/features/search/actors?error=%22%22%20is%20not%20a%20valid%20actor%20value.')
           end
         end
       end