magick-feature-flags 1.1.2 → 1.1.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7ce19a872aa305d47f9bd4fa75023829cb2a63aafa86809260049cd09e11e696
-  data.tar.gz: 8a1bed262b71e443384ba60505a2af92ae5f4a1399112730887ec89f6379097a
+  metadata.gz: e896cf3753f151fb2f1082a231c9af82095e3caea7716642a9f535e60d36e9e4
+  data.tar.gz: 24992a605474319bd831fbd60a6d955ba05de266d7419f60065fef2a2d32d2d1
 SHA512:
-  metadata.gz: 441203a6279d12d0ef44043e2145fc591e74cfe849ba186f2c5f6baebc617f78af6a2a6499cfc2c12e24fc0832640ccfd044436a3030bfbbf8d2549f9ff616bb
-  data.tar.gz: 4370e495deae46281c40f68d81ca1f388fd962297104c6409af7d91a21d6af7eafa5632ec3535c0dc4bcd570b428dd6286b0135a4b2f0c128a2c5e40b8248021
+  metadata.gz: ba376fb1fea1613bd7841fd4a56b8ed30833ab91c6563fad61abde4127caba802330b9bf14b9b0a52094addd7c58b92cb85d30af2b78c283647121de69fee19c
+  data.tar.gz: cfe7ad50afee3b0c7b192a1bb8a5b035834672f21d29627f67a3eda2939330880806686c655ccc6d17d4875c7d6fd029fc1f1732ee68562cc520373a2d54190f

data/app/controllers/magick/adminui/features_controller.rb

@@ -6,6 +6,7 @@ module Magick
       # Include route helpers so views can use magick_admin_ui.* helpers
       include Magick::AdminUI::Engine.routes.url_helpers
       layout 'application'
+      before_action :authenticate_admin!
       before_action :set_feature, only: %i[show edit update enable disable enable_for_user enable_for_role disable_for_role update_targeting]
 
       # Make route helpers available in views via magick_admin_ui helper
@@ -225,6 +226,18 @@ module Magick
 
       private
 
+      def authenticate_admin!
+        return unless Magick::AdminUI.config.require_role
+
+        auth_callback = Magick::AdminUI.config.require_role
+        if auth_callback.respond_to?(:call)
+          unless auth_callback.call(self)
+            head :forbidden
+            nil
+          end
+        end
+      end
+
       def set_feature
         feature_name = params[:id].to_s
         @feature = Magick.features[feature_name] || Magick[feature_name]

data/lib/magick/adapters/active_record.rb

@@ -5,6 +5,10 @@ module Magick
     class ActiveRecord < Base
       def initialize(model_class: nil)
         @model_class = model_class || default_model_class
+        # Cache AR version check once at init time (hot path optimization)
+        ar_major = ::ActiveRecord::VERSION::MAJOR
+        ar_minor = ::ActiveRecord::VERSION::MINOR
+        @use_json = ar_major >= 8 || (ar_major == 7 && ar_minor >= 1)
         # Verify table exists - raise clear error if it doesn't
         unless @model_class.table_exists?
           raise AdapterError, "Table 'magick_features' does not exist. Please run: rails generate magick:active_record && rails db:migrate"
@@ -30,20 +34,18 @@ module Magick
         feature_name_str = feature_name.to_s
         retries = 5
         begin
-          record = @model_class.find_or_initialize_by(feature_name: feature_name_str)
-          # Ensure data is a Hash (works for both serialize and attribute :json)
-          data = record.data || {}
-          data = {} unless data.is_a?(Hash)
-          data[key.to_s] = serialize_value(value)
-          record.data = data
-          # Use Time.now if Time.current is not available (for non-Rails environments)
-          record.updated_at = defined?(Time.current) ? Time.current : Time.now
-          record.save!
+          @model_class.transaction do
+            record = @model_class.lock.find_or_create_by!(feature_name: feature_name_str)
+            data = record.data || {}
+            data = {} unless data.is_a?(Hash)
+            data[key.to_s] = serialize_value(value)
+            record.update!(data: data, updated_at: defined?(Time.current) ? Time.current : Time.now)
+          end
         rescue ::ActiveRecord::StatementInvalid, ::ActiveRecord::ConnectionTimeoutError => e
-          # SQLite busy/locked errors - retry with exponential backoff
+          # SQLite busy/locked errors - retry with linear backoff
           if (e.message.include?('database is locked') || e.message.include?('busy') || e.message.include?('timeout')) && retries > 0
             retries -= 1
-            sleep(0.01 * (6 - retries)) # Exponential backoff: 0.01, 0.02, 0.03, 0.04, 0.05
+            sleep(0.01 * (6 - retries))
             retry
           end
           raise AdapterError, "Failed to set in ActiveRecord: #{e.message}"
@@ -97,9 +99,8 @@ module Magick
       end
 
       def load_all_features_data
-        records = @model_class.all
         result = {}
-        records.each do |record|
+        @model_class.find_each do |record|
           data = record.data || {}
           next unless data.is_a?(Hash)
 
@@ -118,15 +119,15 @@ module Magick
         feature_name_str = feature_name.to_s
         retries = 5
         begin
-          record = @model_class.find_or_initialize_by(feature_name: feature_name_str)
-          existing_data = record.data || {}
-          existing_data = {} unless existing_data.is_a?(Hash)
-          data_hash.each do |key, value|
-            existing_data[key.to_s] = serialize_value(value)
+          @model_class.transaction do
+            record = @model_class.lock.find_or_create_by!(feature_name: feature_name_str)
+            existing_data = record.data || {}
+            existing_data = {} unless existing_data.is_a?(Hash)
+            data_hash.each do |key, value|
+              existing_data[key.to_s] = serialize_value(value)
+            end
+            record.update!(data: existing_data, updated_at: defined?(Time.current) ? Time.current : Time.now)
           end
-          record.data = existing_data
-          record.updated_at = defined?(Time.current) ? Time.current : Time.now
-          record.save!
         rescue ::ActiveRecord::StatementInvalid, ::ActiveRecord::ConnectionTimeoutError => e
           if (e.message.include?('database is locked') || e.message.include?('busy') || e.message.include?('timeout')) && retries > 0
             retries -= 1
@@ -176,19 +177,13 @@ module Magick
       end
 
       def serialize_value(value)
-        # For ActiveRecord 8.1+ with attribute :json, we can store booleans as-is
-        # For older versions with serialize, we convert to strings
-        ar_major = ::ActiveRecord::VERSION::MAJOR
-        ar_minor = ::ActiveRecord::VERSION::MINOR
-        use_json = ar_major >= 8 || (ar_major == 7 && ar_minor >= 1)
-
         case value
         when Hash, Array
           value
         when true
-          use_json ? true : 'true'
+          @use_json ? true : 'true'
         when false
-          use_json ? false : 'false'
+          @use_json ? false : 'false'
         else
           value
         end

data/lib/magick/adapters/memory.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'json'
+
 module Magick
   module Adapters
     class Memory < Base
@@ -134,7 +136,7 @@ module Magick
       def serialize_value(value)
         case value
         when Hash, Array
-          Marshal.dump(value)
+          JSON.generate(value)
         else
           value
         end
@@ -145,10 +147,14 @@ module Magick
 
         case value
         when String
-          # Try to unmarshal if it's a serialized hash/array
-          begin
-            Marshal.load(value)
-          rescue StandardError
+          # Only attempt JSON parse on strings that look like JSON objects/arrays
+          if value.start_with?('{', '[')
+            begin
+              JSON.parse(value)
+            rescue JSON::ParserError
+              value
+            end
+          else
             value
           end
         else

data/lib/magick/adapters/redis.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'json'
+
 module Magick
   module Adapters
     class Redis < Base
@@ -37,8 +39,7 @@ module Magick
       end
 
       def all_features
-        pattern = "#{namespace}:*"
-        keys = redis.keys(pattern)
+        keys = scan_keys
         keys.map { |key| key.sub("#{namespace}:", '') }
       rescue StandardError => e
         raise AdapterError, "Failed to get all features from Redis: #{e.message}"
@@ -56,14 +57,18 @@ module Magick
       end
 
       def load_all_features_data
-        pattern = "#{namespace}:*"
-        keys = redis.keys(pattern)
+        keys = scan_keys
         return {} if keys.empty?
 
+        # Pipeline all HGETALL calls to avoid N+1 round-trips
+        raw_results = redis.pipelined do |pipeline|
+          keys.each { |key| pipeline.hgetall(key) }
+        end
+
         result = {}
-        keys.each do |key|
+        keys.each_with_index do |key, idx|
           feature_name = key.sub("#{namespace}:", '')
-          raw = redis.hgetall(key)
+          raw = raw_results[idx]
           next if raw.nil? || raw.empty?
 
           feature_data = {}
@@ -89,10 +94,28 @@ module Magick
         raise AdapterError, "Failed to set all data in Redis: #{e.message}"
       end
 
+      # Public accessor for the underlying Redis client
+      def client
+        @redis
+      end
+
       private
 
       attr_reader :redis, :namespace
 
+      # Use SCAN instead of KEYS to avoid blocking Redis
+      def scan_keys
+        pattern = "#{namespace}:*"
+        keys = []
+        cursor = '0'
+        loop do
+          cursor, batch = redis.scan(cursor, match: pattern, count: 100)
+          keys.concat(batch)
+          break if cursor == '0'
+        end
+        keys
+      end
+
       def key_for(feature_name)
         "#{namespace}:#{feature_name}"
       end
@@ -109,7 +132,7 @@ module Magick
       def serialize_value(value)
         case value
         when Hash, Array
-          Marshal.dump(value)
+          JSON.generate(value)
         when true
           'true'
         when false
@@ -122,17 +145,16 @@ module Magick
       def deserialize_value(value)
         return nil if value.nil?
 
-        # Try to unmarshal if it's a serialized hash/array
-        if value.is_a?(String) && value.start_with?("\x04\x08")
-          begin
-            Marshal.load(value)
-          rescue StandardError
-            value
-          end
-        elsif value == 'true'
+        if value == 'true'
           true
         elsif value == 'false'
           false
+        elsif value.is_a?(String) && value.start_with?('{', '[')
+          begin
+            JSON.parse(value)
+          rescue JSON::ParserError
+            value
+          end
         else
           value
         end

data/lib/magick/adapters/registry.rb

@@ -266,7 +266,7 @@ module Magick
       def redis_client
         return nil unless redis_adapter
 
-        redis_adapter.instance_variable_get(:@redis)
+        redis_adapter.client
       end
 
       # Publish cache invalidation message to Redis Pub/Sub (without deleting local memory cache)
@@ -276,7 +276,7 @@ module Magick
         return unless redis_adapter
 
         begin
-          redis_client = redis_adapter.instance_variable_get(:@redis)
+          redis_client = redis_adapter.client
           redis_client&.publish(CACHE_INVALIDATION_CHANNEL, feature_name.to_s)
         rescue StandardError => e
           # Silently fail - cache invalidation is best effort
@@ -299,6 +299,9 @@ module Magick
       # Check if a feature was recently written by this process
       def local_write?(feature_name_str)
         @reload_mutex.synchronize do
+          # Periodic cleanup of stale entries to prevent unbounded growth
+          cleanup_stale_tracking_entries
+
           wrote_at = @local_writes[feature_name_str]
           return false unless wrote_at
 
@@ -311,6 +314,16 @@ module Magick
         end
       end
 
+      # Clean up stale entries from tracking hashes (called under mutex)
+      def cleanup_stale_tracking_entries
+        now = Time.now.to_f
+        return if @last_tracking_cleanup && (now - @last_tracking_cleanup) < 60.0
+
+        @last_tracking_cleanup = now
+        @local_writes.delete_if { |_, wrote_at| (now - wrote_at) >= LOCAL_WRITE_TTL }
+        @last_reload_times.delete_if { |_, reload_at| (now - reload_at) >= 10.0 }
+      end
+
       # Start a background thread to listen for cache invalidation messages
       def start_cache_invalidation_subscriber
         return unless redis_adapter && defined?(Thread)
@@ -320,7 +333,7 @@ module Magick
         return if defined?(Rails) && Rails.env.test?
 
         @subscriber_thread = Thread.new do
-          redis_client = redis_adapter.instance_variable_get(:@redis)
+          redis_client = redis_adapter.client
           return unless redis_client
 
           begin

data/lib/magick/export_import.rb

@@ -75,7 +75,7 @@ module Magick
 
       # Rails 8+ event
       if defined?(Magick::Rails::Events) && Magick::Rails::Events.rails8?
-        Magick::Rails::Events.imported(format: format, feature_count: features.length)
+        Magick::Rails::Events.imported(format: :json, feature_count: features.length)
       end
 
       features

data/lib/magick/feature.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require 'digest'
+require 'time'
 require_relative '../magick/feature_variant'
 
 module Magick
@@ -89,16 +90,17 @@ module Magick
     end
 
     def check_enabled(context = {})
+      # Dup context to avoid mutating the caller's hash
+      context = context.dup
+
       # Extract context from user object if provided
       # This allows Magick.enabled?(:feature, user: player) to work
       if context[:user]
-        extracted = extract_context_from_object(context[:user])
+        extracted = extract_context_from_object(context.delete(:user))
         # Merge extracted context, but don't override explicit values already in context
         extracted.each do |key, value|
           context[key] = value unless context.key?(key)
         end
-        # Remove :user key after extraction to avoid confusion
-        context.delete(:user)
       end
 
       # Fast path: check status first
@@ -780,7 +782,7 @@ module Magick
       ip_list.any? do |ip_str|
         IPAddr.new(ip_str).include?(client_ip)
       end
-    rescue IPAddr::InvalidAddressError
+    rescue IPAddr::InvalidAddressError, ArgumentError
       false
     end
 
@@ -819,8 +821,7 @@ module Magick
       conditions = complex_config[:conditions] || complex_config['conditions'] || []
       operator = (complex_config[:operator] || complex_config['operator'] || :and).to_sym
 
-      results = conditions.map do |condition|
-        # Each condition is a hash with type and params
+      evaluate_condition = lambda do |condition|
         condition_type = (condition[:type] || condition['type']).to_sym
         condition_params = condition[:params] || condition['params'] || {}
 
@@ -845,9 +846,9 @@ module Magick
 
       case operator
       when :and, :all
-        results.all?
+        conditions.all?(&evaluate_condition)
       when :or, :any
-        results.any?
+        conditions.any?(&evaluate_condition)
       else
         false
       end
@@ -963,8 +964,19 @@ module Magick
     end
 
     def enable_targeting(type, value)
-      @targeting[type] ||= []
-      @targeting[type] << value.to_s unless @targeting[type].include?(value.to_s)
+      case type
+      when :date_range, :custom_attributes, :complex_conditions, :variants
+        # These types store structured data directly (Hash or Array of Hashes)
+        @targeting[type] = value
+      when :percentage_users, :percentage_requests
+        # Numeric types store a single value
+        @targeting[type] = value.to_f
+      else
+        # Array-based types (user, group, role, tag, ip_address)
+        @targeting[type] ||= []
+        str_value = value.to_s
+        @targeting[type] << str_value unless @targeting[type].include?(str_value)
+      end
       save_targeting
 
       # Rails 8+ event

data/lib/magick/targeting/complex.rb

@@ -11,13 +11,11 @@ module Magick
       def matches?(context)
         return false if @conditions.empty?
 
-        results = @conditions.map { |condition| condition.matches?(context) }
-
         case @operator
         when :and, :all
-          results.all?
+          @conditions.all? { |condition| condition.matches?(context) }
         when :or, :any
-          results.any?
+          @conditions.any? { |condition| condition.matches?(context) }
         else
           false
         end

data/lib/magick/targeting/custom_attribute.rb

@@ -7,6 +7,10 @@ module Magick
         @attribute_name = attribute_name.to_sym
         @values = Array(values)
         @operator = operator.to_sym
+
+        if %i[greater_than gt less_than lt].include?(@operator) && @values.empty?
+          raise ArgumentError, "#{@operator} operator requires at least one value"
+        end
       end
 
       def matches?(context)

data/lib/magick/targeting/date_range.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'time'
+
 module Magick
   module Targeting
     class DateRange < Base

data/lib/magick/targeting/ip_address.rb

@@ -14,7 +14,7 @@ module Magick
 
         client_ip = IPAddr.new(context[:ip_address])
         @ip_addresses.any? { |ip| ip.include?(client_ip) }
-      rescue IPAddr::InvalidAddressError
+      rescue IPAddr::InvalidAddressError, ArgumentError
         false
       end
     end

data/lib/magick/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Magick
-  VERSION = '1.1.2'
+  VERSION = '1.1.3'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: magick-feature-flags
 version: !ruby/object:Gem::Version
-  version: 1.1.2
+  version: 1.1.3
 platform: ruby
 authors:
 - Andrew Lobanov