feat: Use isEnterprise from endpoint version response to determine permissions #2422
Conversation
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
github-actions
bot
added
the
front-end
|
Uffizzi Preview |
dabeeeenster
changed the title
frontend/common/utils/utils.tsx
Outdated
| if (!Utils.getFlagsmithHasFeature('plan_based_access')) { | ||
| if ( | ||
| !Utils.getFlagsmithHasFeature('plan_based_access') && | ||
| global.flagsmithVersion.is_enterprise |
There was a problem hiding this comment.
If I'm not mistaken this logic is incorrect, I think we allow features such as audit in open source
There was a problem hiding this comment.
Thank you @kyle-ssg. @matthewelwell, could you please confirm our business policy regarding the self-hosted free plan? If we have some features enabled for that case, I think we could return true for those in the same block of code.
There was a problem hiding this comment.
Audit shouldn't be allowed in open source (although it has been to this point). I think therefore this change is correct @kyle-ssg ?
There was a problem hiding this comment.
Ok, yeah after talking with Ben:
- Self hosted = same as SaaS without a plan
- EE = same as enterprise plan
I think this means we can remove the plan_based_access flag entirely in this PR.
There was a problem hiding this comment.
@kyle-ssg @matthewelwell I have a couple of questions in this regard:
- In the case of self-hosted (free) AFAIK we should allow unlimited users (invites), while in SaaS free we only allow 1 user. Currently, in the self-hosted free version, we allow unlimited invites for new users, which can be admins or regular users since RBAC is enabled. After these changes, we will only allow admins, since RBAC will be disabled. Is that OK?
- If that’s the case should we change this description https://github.com/Flagsmith/self-hosted/blob/ed4a044ddf165e7ec5017cb0dc53e661c3e04b6e/README.md?plain=1#L27 ?
- Other behaviors, like limiting the number Projects to only 1, and in general all the non-free plan features that were enabled before for self-hosted free will no longer be available, I guess we are aware of all these changes right?
|
@novakzaballa this is now released in v2.61.0 of the flagsmith images (flagsmith/flagsmith and flagsmith/flagsmith-private-cloud). You should be able to test it using those. |
…erminate permissions
novakzaballa
force-pushed
the
chore/handle-new-version-endpoint-response
branch
from
ff1c73c
to
6f62e3a
Compare
There was a problem hiding this comment.
This looks good to me.
I'm keen to get @kyle-ssg's opinion here too.
Also, one thing this has highlighted is that this means that all organisations in a given enterprise installation will have all functionality. Previously these controls were implemented on a per organisation basis via subscriptions that users created in their own installations. Keen to get @dabeeeenster's thoughts here?
That's fine |
|
Added 1 comment to PR. In regards to controlling this per org, if that's important to the business I think ultimately we should just return plan data for those orgs, then the FE never has to distinguish between installations and it all comes down to the plan. |
This is what we were doing previously though isn't it? |
|
Not sure, but if we were then that sounds better than detecting their installation type. |
|
|
Now, in addition to the above comment, what I understand from @kyle-ssg comment is that we should remove these lines that return true if it is a self-hosted enterprise from the |
Thanks for submitting a PR! Please check the boxes below:
pre-committo check lintingChanges
Use
isEnterpriseattribute from API/versionendpoint response to determine permissions.How did you test this code?
Tested with both self-hosted version