subflag-rails 0.4.0 → 0.5.1

data/app/views/subflag/rails/flags/edit.html.erb

@@ -0,0 +1,241 @@
+<div class="flex justify-between items-center mb-10">
+  <h2 style="font-size: 20px;">Edit Flag: <span class="mono"><%= @flag.key %></span></h2>
+  <a href="<%= flags_path %>" class="btn">Back to Flags</a>
+</div>
+
+<div class="card">
+  <h2>Basic Settings</h2>
+  <%= render "form", flag: @flag %>
+</div>
+
+<div class="card">
+  <h2>Targeting Rules</h2>
+  <p class="text-muted mb-10">Rules are evaluated in order. First match wins. If no rules match, the default value is used.</p>
+
+  <div id="rules-container">
+    <!-- Rules rendered by JS -->
+  </div>
+
+  <button type="button" class="btn mt-10" onclick="addRule()">+ Add Rule</button>
+
+  <input type="hidden" name="targeting_rules_json" id="targeting-rules-json" value="<%= @flag.targeting_rules.to_json %>">
+
+  <div class="mt-10">
+    <button type="button" class="btn btn-primary" onclick="saveRules()">Save Rules</button>
+  </div>
+</div>
+
+<div class="card">
+  <h2>Test Rules</h2>
+  <p class="text-muted mb-10">Enter a context (JSON) to test which value would be returned.</p>
+
+  <%= form_with url: test_flag_path(@flag), method: :post, local: true do |f| %>
+    <div class="form-group">
+      <%= f.label :context, "Test Context (JSON)" %>
+      <%= f.text_area :context, rows: 4, placeholder: '{"email": "test@company.com", "role": "admin"}', value: @test_context&.to_json, class: "mono" %>
+    </div>
+    <%= f.submit "Test", class: "btn" %>
+  <% end %>
+
+  <% if defined?(@test_result) && @test_result %>
+    <div class="mt-10" style="padding: 15px; background: #f0f9ff; border: 1px solid #bae6fd; border-radius: 4px;">
+      <strong>Result:</strong> <span class="mono"><%= @test_result.inspect %></span>
+    </div>
+  <% end %>
+</div>
+
+<style>
+  .rule { border: 1px solid #ddd; border-radius: 4px; padding: 15px; margin-bottom: 10px; background: #fafafa; }
+  .rule-header { display: flex; justify-content: space-between; align-items: center; margin-bottom: 10px; }
+  .rule-value { display: flex; gap: 10px; align-items: center; margin-bottom: 10px; }
+  .rule-value input { width: 200px; }
+  .rule-logic { margin-bottom: 10px; }
+  .rule-logic label { margin-right: 15px; }
+  .condition { display: flex; gap: 8px; align-items: center; margin-bottom: 8px; }
+  .condition select, .condition input { padding: 6px 10px; border: 1px solid #ddd; border-radius: 4px; font-size: 13px; }
+  .condition input[type="text"] { width: 180px; }
+  .remove-btn { background: none; border: none; color: #dc3545; cursor: pointer; font-size: 18px; padding: 0 5px; }
+  .remove-btn:hover { color: #c82333; }
+</style>
+
+<script>
+  const OPERATORS = [
+    { value: "EQUALS", label: "equals" },
+    { value: "NOT_EQUALS", label: "not equals" },
+    { value: "IN", label: "in (comma-separated)" },
+    { value: "NOT_IN", label: "not in" },
+    { value: "CONTAINS", label: "contains" },
+    { value: "STARTS_WITH", label: "starts with" },
+    { value: "ENDS_WITH", label: "ends with" },
+    { value: "GREATER_THAN", label: ">" },
+    { value: "LESS_THAN", label: "<" },
+    { value: "MATCHES", label: "matches (regex)" }
+  ];
+
+  let rules = [];
+
+  function init() {
+    const saved = document.getElementById("targeting-rules-json").value;
+    if (saved) {
+      try {
+        rules = JSON.parse(saved) || [];
+      } catch (e) {
+        rules = [];
+      }
+    }
+    renderRules();
+  }
+
+  function renderRules() {
+    const container = document.getElementById("rules-container");
+    container.innerHTML = rules.map((rule, ruleIndex) => renderRule(rule, ruleIndex)).join("");
+  }
+
+  function renderRule(rule, ruleIndex) {
+    const conditions = rule.conditions?.conditions || [];
+    const logicType = rule.conditions?.type || "AND";
+
+    return `
+      <div class="rule" data-rule-index="${ruleIndex}">
+        <div class="rule-header">
+          <strong>Rule ${ruleIndex + 1}</strong>
+          <button type="button" class="remove-btn" onclick="removeRule(${ruleIndex})">&times;</button>
+        </div>
+        <div class="rule-value">
+          <label>Return value:</label>
+          <input type="text" value="${escapeHtml(rule.value || '')}" onchange="updateRuleValue(${ruleIndex}, this.value)" placeholder="value when matched">
+        </div>
+        <div class="rule-logic">
+          <label><input type="radio" name="logic-${ruleIndex}" value="AND" ${logicType === 'AND' ? 'checked' : ''} onchange="updateLogic(${ruleIndex}, 'AND')"> ALL match</label>
+          <label><input type="radio" name="logic-${ruleIndex}" value="OR" ${logicType === 'OR' ? 'checked' : ''} onchange="updateLogic(${ruleIndex}, 'OR')"> ANY match</label>
+        </div>
+        <div class="conditions" id="conditions-${ruleIndex}">
+          ${conditions.map((c, cIndex) => renderCondition(c, ruleIndex, cIndex)).join("")}
+        </div>
+        <button type="button" class="btn btn-sm" onclick="addCondition(${ruleIndex})">+ Add Condition</button>
+      </div>
+    `;
+  }
+
+  function renderCondition(condition, ruleIndex, condIndex) {
+    const operatorOptions = OPERATORS.map(op =>
+      `<option value="${op.value}" ${condition.operator === op.value ? 'selected' : ''}>${op.label}</option>`
+    ).join("");
+
+    const valueDisplay = Array.isArray(condition.value) ? condition.value.join(", ") : (condition.value || "");
+
+    return `
+      <div class="condition">
+        <input type="text" placeholder="attribute" value="${escapeHtml(condition.attribute || '')}" onchange="updateCondition(${ruleIndex}, ${condIndex}, 'attribute', this.value)">
+        <select onchange="updateCondition(${ruleIndex}, ${condIndex}, 'operator', this.value)">
+          ${operatorOptions}
+        </select>
+        <input type="text" placeholder="value" value="${escapeHtml(valueDisplay)}" onchange="updateCondition(${ruleIndex}, ${condIndex}, 'value', this.value)">
+        <button type="button" class="remove-btn" onclick="removeCondition(${ruleIndex}, ${condIndex})">&times;</button>
+      </div>
+    `;
+  }
+
+  function addRule() {
+    rules.push({
+      value: "",
+      conditions: { type: "AND", conditions: [{ attribute: "", operator: "EQUALS", value: "" }] }
+    });
+    renderRules();
+  }
+
+  function removeRule(index) {
+    rules.splice(index, 1);
+    renderRules();
+  }
+
+  function updateRuleValue(ruleIndex, value) {
+    rules[ruleIndex].value = value;
+  }
+
+  function updateLogic(ruleIndex, type) {
+    rules[ruleIndex].conditions.type = type;
+  }
+
+  function addCondition(ruleIndex) {
+    if (!rules[ruleIndex].conditions.conditions) {
+      rules[ruleIndex].conditions.conditions = [];
+    }
+    rules[ruleIndex].conditions.conditions.push({ attribute: "", operator: "EQUALS", value: "" });
+    renderRules();
+  }
+
+  function removeCondition(ruleIndex, condIndex) {
+    rules[ruleIndex].conditions.conditions.splice(condIndex, 1);
+    renderRules();
+  }
+
+  function updateCondition(ruleIndex, condIndex, field, value) {
+    const cond = rules[ruleIndex].conditions.conditions[condIndex];
+    if (field === "value" && (cond.operator === "IN" || cond.operator === "NOT_IN")) {
+      cond.value = value.split(",").map(v => v.trim());
+    } else {
+      cond[field] = value;
+    }
+  }
+
+  function saveRules() {
+    const form = document.createElement("form");
+    form.method = "POST";
+    form.action = "<%= flag_path(@flag) %>";
+
+    const methodInput = document.createElement("input");
+    methodInput.type = "hidden";
+    methodInput.name = "_method";
+    methodInput.value = "PATCH";
+    form.appendChild(methodInput);
+
+    const csrfInput = document.createElement("input");
+    csrfInput.type = "hidden";
+    csrfInput.name = "<%= request_forgery_protection_token %>";
+    csrfInput.value = "<%= form_authenticity_token %>";
+    form.appendChild(csrfInput);
+
+    // Send all flag params to preserve other fields
+    const keyInput = document.createElement("input");
+    keyInput.type = "hidden";
+    keyInput.name = "flag[key]";
+    keyInput.value = "<%= @flag.key %>";
+    form.appendChild(keyInput);
+
+    const valueInput = document.createElement("input");
+    valueInput.type = "hidden";
+    valueInput.name = "flag[value]";
+    valueInput.value = "<%= @flag.value %>";
+    form.appendChild(valueInput);
+
+    const typeInput = document.createElement("input");
+    typeInput.type = "hidden";
+    typeInput.name = "flag[value_type]";
+    typeInput.value = "<%= @flag.value_type %>";
+    form.appendChild(typeInput);
+
+    const enabledInput = document.createElement("input");
+    enabledInput.type = "hidden";
+    enabledInput.name = "flag[enabled]";
+    enabledInput.value = "<%= @flag.enabled? %>";
+    form.appendChild(enabledInput);
+
+    const rulesInput = document.createElement("input");
+    rulesInput.type = "hidden";
+    rulesInput.name = "flag[targeting_rules]";
+    rulesInput.value = JSON.stringify(rules);
+    form.appendChild(rulesInput);
+
+    document.body.appendChild(form);
+    form.submit();
+  }
+
+  function escapeHtml(str) {
+    const div = document.createElement("div");
+    div.textContent = str;
+    return div.innerHTML;
+  }
+
+  document.addEventListener("DOMContentLoaded", init);
+</script>

data/app/views/subflag/rails/flags/index.html.erb

@@ -0,0 +1,50 @@
+<div class="flex justify-between items-center mb-10">
+  <h2 style="font-size: 20px;">Feature Flags</h2>
+  <a href="<%= new_flag_path %>" class="btn btn-primary">New Flag</a>
+</div>
+
+<div class="card">
+  <% if @flags.any? %>
+    <table>
+      <thead>
+        <tr>
+          <th>Key</th>
+          <th>Type</th>
+          <th>Default Value</th>
+          <th>Status</th>
+          <th>Rules</th>
+          <th></th>
+        </tr>
+      </thead>
+      <tbody>
+        <% @flags.each do |flag| %>
+          <tr>
+            <td class="mono"><%= flag.key %></td>
+            <td><%= flag.value_type %></td>
+            <td class="mono"><%= truncate(flag.value.to_s, length: 30) %></td>
+            <td>
+              <% if flag.enabled? %>
+                <span class="badge badge-success">enabled</span>
+              <% else %>
+                <span class="badge badge-secondary">disabled</span>
+              <% end %>
+            </td>
+            <td>
+              <% rules_count = flag.targeting_rules&.size || 0 %>
+              <span class="text-muted"><%= rules_count %> rule<%= rules_count == 1 ? '' : 's' %></span>
+            </td>
+            <td>
+              <div class="actions">
+                <a href="<%= edit_flag_path(flag) %>" class="btn btn-sm">Edit</a>
+                <%= button_to flag.enabled? ? "Disable" : "Enable", toggle_flag_path(flag), method: :post, class: "btn btn-sm" %>
+                <%= button_to "Delete", flag_path(flag), method: :delete, class: "btn btn-sm btn-danger", data: { confirm: "Delete flag '#{flag.key}'?" } %>
+              </div>
+            </td>
+          </tr>
+        <% end %>
+      </tbody>
+    </table>
+  <% else %>
+    <p class="text-muted">No flags yet. <a href="<%= new_flag_path %>">Create your first flag</a>.</p>
+  <% end %>
+</div>

data/app/views/subflag/rails/flags/new.html.erb

@@ -0,0 +1,5 @@
+<h2 style="font-size: 20px; margin-bottom: 20px;">New Flag</h2>
+
+<div class="card">
+  <%= render "form", flag: @flag %>
+</div>

data/config/routes.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+Subflag::Rails::Engine.routes.draw do
+  resources :flags do
+    member do
+      post :toggle
+      post :test
+    end
+  end
+
+  root to: "flags#index"
+end

data/lib/generators/subflag/install_generator.rb

@@ -30,11 +30,19 @@ module Subflag
         end
       end
 
+      # Helper for templates to detect PostgreSQL adapter
+      def postgresql?
+        return false unless defined?(::ActiveRecord::Base)
+
+        adapter = ::ActiveRecord::Base.connection_db_config.adapter.to_s rescue nil
+        adapter&.include?("postgresql") || adapter&.include?("postgis")
+      end
+
       def create_initializer
         template "initializer.rb.tt", "config/initializers/subflag.rb"
       end
 
-      def create_migration
+      def create_flags_migration
         return unless options[:backend] == "active_record"
 
         migration_template "create_subflag_flags.rb.tt",

data/lib/generators/subflag/templates/create_subflag_flags.rb.tt

@@ -9,6 +9,11 @@ class CreateSubflagFlags < ActiveRecord::Migration[<%= ActiveRecord::Migration.c
       t.boolean :enabled, null: false, default: true
       t.text :description
 
+      # Targeting rules for showing different values to different users
+      # Stores an array of { value, conditions } rules as JSON
+      # First matching rule wins; falls back to `value` if no match
+      t.<%= postgresql? ? 'jsonb' : 'json' %> :targeting_rules
+
       t.timestamps
     end
 

data/lib/subflag/rails/backends/active_record_provider.rb

@@ -3,26 +3,32 @@
 module Subflag
   module Rails
     module Backends
-      # Provider that reads flags from your Rails database
+      # Provider that reads flags from your Rails database with targeting support.
       #
-      # Stores flags in a `subflag_flags` table with typed values.
-      # Perfect for teams who want self-hosted feature flags without external dependencies.
+      # Stores flags in a `subflag_flags` table with typed values and optional
+      # targeting rules for showing different values to different users.
       #
-      # @example
+      # @example Basic setup
       #   Subflag::Rails.configure do |config|
       #     config.backend = :active_record
       #   end
       #
-      #   # Create a flag
+      # @example Create a simple flag
       #   Subflag::Rails::Flag.create!(
       #     key: "max-projects",
       #     value: "100",
-      #     value_type: "integer",
-      #     enabled: true
+      #     value_type: "integer"
       #   )
       #
-      #   # Use it
-      #   subflag_value(:max_projects, default: 3)  # => 100
+      # @example Create a flag with targeting rules
+      #   Subflag::Rails::Flag.create!(
+      #     key: "new-dashboard",
+      #     value: "false",
+      #     value_type: "boolean",
+      #     targeting_rules: [
+      #       { "value" => "true", "conditions" => { "type" => "AND", "conditions" => [{ "attribute" => "email", "operator" => "ENDS_WITH", "value" => "@company.com" }] } }
+      #     ]
+      #   )
       #
       class ActiveRecordProvider
         def metadata
@@ -33,40 +39,65 @@ module Subflag
         def shutdown; end
 
         def fetch_boolean_value(flag_key:, default_value:, evaluation_context: nil)
-          resolve(flag_key, default_value, :boolean)
+          resolve(flag_key, default_value, :boolean, evaluation_context)
         end
 
         def fetch_string_value(flag_key:, default_value:, evaluation_context: nil)
-          resolve(flag_key, default_value, :string)
+          resolve(flag_key, default_value, :string, evaluation_context)
         end
 
         def fetch_number_value(flag_key:, default_value:, evaluation_context: nil)
-          resolve(flag_key, default_value, :number)
+          resolve(flag_key, default_value, :number, evaluation_context)
         end
 
         def fetch_integer_value(flag_key:, default_value:, evaluation_context: nil)
-          resolve(flag_key, default_value, :integer)
+          resolve(flag_key, default_value, :integer, evaluation_context)
         end
 
         def fetch_float_value(flag_key:, default_value:, evaluation_context: nil)
-          resolve(flag_key, default_value, :float)
+          resolve(flag_key, default_value, :float, evaluation_context)
         end
 
         def fetch_object_value(flag_key:, default_value:, evaluation_context: nil)
-          resolve(flag_key, default_value, :object)
+          resolve(flag_key, default_value, :object, evaluation_context)
         end
 
         private
 
-        def resolve(flag_key, default_value, expected_type)
+        def resolve(flag_key, default_value, expected_type, evaluation_context)
           flag = Subflag::Rails::Flag.find_by(key: flag_key)
 
           unless flag&.enabled?
             return resolution(default_value, reason: :default)
           end
 
-          value = flag.typed_value(expected_type)
-          resolution(value, reason: :static, variant: "default")
+          # Convert OpenFeature context to hash for targeting evaluation
+          context = context_to_hash(evaluation_context)
+          value = flag.evaluate(context: context, expected_type: expected_type)
+
+          # Determine if targeting matched
+          reason = flag.targeting_rules.present? && context.present? ? :targeting_match : :static
+          resolution(value, reason: reason, variant: "default")
+        end
+
+        def context_to_hash(evaluation_context)
+          return nil if evaluation_context.nil?
+
+          # OpenFeature::SDK::EvaluationContext stores fields as instance variables
+          # We need to extract them into a hash for our targeting engine
+          if evaluation_context.respond_to?(:to_h)
+            evaluation_context.to_h
+          elsif evaluation_context.respond_to?(:fields)
+            evaluation_context.fields
+          else
+            # Fallback: extract instance variables
+            hash = {}
+            evaluation_context.instance_variables.each do |var|
+              key = var.to_s.delete("@")
+              hash[key] = evaluation_context.instance_variable_get(var)
+            end
+            hash
+          end
         end
 
         def resolution(value, reason:, variant: nil)

data/lib/subflag/rails/configuration.rb

@@ -48,6 +48,9 @@ module Subflag
       #   Set to nil to disable cross-request caching (default).
       attr_accessor :cache_ttl
 
+      # @return [Proc, nil] Admin authentication callback for the admin UI
+      attr_reader :admin_auth_callback
+
       def initialize
         @backend = :subflag
         @api_key = nil
@@ -56,6 +59,7 @@ module Subflag
         @logging_enabled = false
         @log_level = :debug
         @cache_ttl = nil
+        @admin_auth_callback = nil
       end
 
       # Set the backend with validation
@@ -116,6 +120,25 @@ module Subflag
 
         @user_context_block.call(user)
       end
+
+      # Configure authentication for the admin UI
+      #
+      # @yield [controller] Block called before each admin action
+      # @yieldparam controller [ActionController::Base] The controller instance
+      #
+      # @example Require admin role
+      #   config.admin_auth do
+      #     redirect_to main_app.root_path unless current_user&.admin?
+      #   end
+      #
+      # @example Use Devise authenticate
+      #   config.admin_auth do
+      #     authenticate_user!
+      #   end
+      def admin_auth(&block)
+        @admin_auth_callback = block if block_given?
+        @admin_auth_callback
+      end
     end
   end
 end

data/lib/subflag/rails/engine.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+module Subflag
+  module Rails
+    # Mountable engine for the Subflag admin UI.
+    #
+    # Mount in your routes to get a web UI for managing flags:
+    #
+    #   # config/routes.rb
+    #   mount Subflag::Rails::Engine => "/subflag"
+    #
+    # The engine provides:
+    # - Flag CRUD (list, create, edit, delete)
+    # - Targeting rule builder
+    # - Rule testing interface
+    #
+    # Security: Configure authentication in an initializer:
+    #
+    #   Subflag::Rails.configure do |config|
+    #     config.admin_auth do |controller|
+    #       controller.authenticate_admin!  # Your auth method
+    #     end
+    #   end
+    #
+    class Engine < ::Rails::Engine
+      isolate_namespace Subflag::Rails
+
+      # Load engine routes
+      initializer "subflag.routes" do |app|
+        # Routes are loaded automatically from config/routes.rb
+      end
+    end
+  end
+end