Created
March 6, 2023 20:53
-
-
Save rssnyder/baf190e5599d8964a1c7e57d7beb70c3 to your computer and use it in GitHub Desktop.
feature flag editors
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package feature_flags | |
| # Only allow FF edits by users in a group called ff_editors | |
| # This helps seperate create and edit access, which are currently bundled together | |
| deny["You are not allowed to edit flags"] { | |
| input.metadata.action == "onsave" | |
| # createdAt is in ms vs timestamp in s | |
| createdAt := floor(input.flag.createdAt / 1000) | |
| # this action is not a creation, based on timestamps being different | |
| input.metadata.timestamp != createdAt | |
| not is_ff_editor | |
| } | |
| is_ff_editor { | |
| input.metadata.userGroups[i].identifier == "ff_editors" | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment