Skip to content

TODO.md

Latest commit

 

History

History
800 lines (657 loc) · 29.9 KB

TODO.md

File metadata and controls

800 lines (657 loc) · 29.9 KB

Authentication & ABAC Implementation Plan

Implementation checklist for the Authentication and ABAC system. See specs/auth-abac-system.md for full specification.

✅ Phase 0: Foundation (COMPLETED)

0.1 Create loom-auth Crate

  • Create crates/loom-auth/Cargo.toml with dependencies
  • Create crates/loom-auth/src/lib.rs with module structure
  • Add to workspace members in root Cargo.toml

0.2 Core Types

  • Create src/types.rs with all ID newtypes, roles, and enums
  • Create src/error.rs with AuthError enum

0.3 Database Migrations

  • Create migrations/008_auth_users.sql (users, identities)
  • Create migrations/009_auth_sessions.sql (sessions, access_tokens, device_codes, magic_links)
  • Create migrations/010_auth_orgs.sql (organizations, memberships, invitations)
  • Create migrations/011_auth_teams.sql (teams, team_memberships)
  • Create migrations/012_auth_api_keys.sql (api_keys, api_key_usage)
  • Create migrations/013_auth_threads_ext.sql (thread extensions, share_links, support_access)
  • Create migrations/014_auth_audit.sql (audit_logs)
  • Update db.rs to run new migrations

✅ Phase 1: Basic Web Auth (COMPLETED)

  • Create src/session.rs - Session management with 60-day sliding expiry
  • Create src/user.rs - User struct, Identity, Provider enum
  • Create src/middleware.rs - CurrentUser, AuthContext, token extraction
  • Create auth routes in loom-server:
    • GET /auth/providers
    • GET /auth/me
    • POST /auth/logout

✅ Phase 2: Magic Link (COMPLETED)

  • Create src/magic_link.rs - 10-minute single-use tokens
  • Create src/email.rs - SMTP config, email templates
  • Create routes:
    • POST /auth/magic-link
    • GET /auth/magic-link/verify

✅ Phase 3: CLI Auth (COMPLETED)

  • Create src/device_code.rs - Device code flow (123-456-789 format)
  • Create src/access_token.rs - Bearer tokens with 60-day sliding expiry
  • Create routes:
    • POST /auth/device/start
    • POST /auth/device/poll

✅ Phase 4: Organizations (COMPLETED)

  • Create src/org.rs - Organization, OrgMembership, OrgInvitation, OrgJoinRequest
  • Create routes in routes/orgs.rs:
    • GET /api/orgs
    • POST /api/orgs
    • GET /api/orgs/{id}
    • PATCH /api/orgs/{id}
    • DELETE /api/orgs/{id}
    • GET /api/orgs/{id}/members
    • POST /api/orgs/{id}/members
    • DELETE /api/orgs/{id}/members/{user_id}

✅ Phase 5: Teams (COMPLETED)

  • Create src/team.rs - Team, TeamMembership
  • Create routes in routes/teams.rs:
    • GET /api/orgs/{org_id}/teams
    • POST /api/orgs/{org_id}/teams
    • GET /api/orgs/{org_id}/teams/{team_id}
    • PATCH /api/orgs/{org_id}/teams/{team_id}
    • DELETE /api/orgs/{org_id}/teams/{team_id}
    • GET /api/orgs/{org_id}/teams/{team_id}/members
    • POST /api/orgs/{org_id}/teams/{team_id}/members
    • DELETE /api/orgs/{org_id}/teams/{team_id}/members/{user_id}

✅ Phase 6: ABAC Engine (COMPLETED)

  • Create src/abac/types.rs - SubjectAttrs, ResourceAttrs, Action
  • Create src/abac/engine.rs - is_allowed() policy dispatcher
  • Create src/abac/policies/thread.rs - Thread visibility policies
  • Create src/abac/policies/org.rs - Org/team management policies
  • Create src/abac/policies/llm.rs - LLM/tool access policies

✅ Phase 7: API Keys (COMPLETED)

  • Create src/api_key.rs - lk_ prefixed keys, Argon2 hashing
  • Create routes in routes/api_keys.rs:
    • GET /api/orgs/{org_id}/api-keys
    • POST /api/orgs/{org_id}/api-keys
    • DELETE /api/orgs/{org_id}/api-keys/{id}
    • GET /api/orgs/{org_id}/api-keys/{id}/usage

✅ Phase 8: Audit & Security (COMPLETED)

  • Create src/audit.rs - AuditEventType, AuditLogEntry, 90-day retention
  • CSRF protection ready (SameSite cookies + tokens)

✅ Phase 9: Admin Features (COMPLETED)

  • Create src/admin.rs - ImpersonationSession, promotion/demotion checks
  • Create routes in routes/admin.rs:
    • GET /api/admin/users
    • PATCH /api/admin/users/{id}/roles
    • POST /api/admin/users/{id}/impersonate
    • POST /api/admin/impersonate/stop
    • GET /api/admin/audit-logs

✅ Phase 10: Sharing & Support (COMPLETED)

  • Create src/share_link.rs - 48-hex token, expiry, revocation
  • Create src/support_access.rs - 31-day auto-expiry
  • Create routes in routes/share.rs:
    • POST /api/threads/{id}/share
    • DELETE /api/threads/{id}/share
    • GET /api/threads/{id}/share/{token} (public)
    • POST /api/threads/{id}/support-access/request
    • POST /api/threads/{id}/support-access/approve
    • DELETE /api/threads/{id}/support-access

✅ Phase 11: User Profile & Account (COMPLETED)

  • Create src/account_deletion.rs - 90-day grace, tombstone users
  • Create routes in routes/users.rs:
    • GET /api/users/{id}
    • PATCH /api/users/me
    • POST /api/users/me/delete
    • POST /api/users/me/restore

✅ Phase 12: WebSocket Auth (COMPLETED)

  • Update WebSocket handler to validate session cookie
  • Implement first-message auth for CLI (30s timeout)
  • Add bearer token support for WebSocket connections
  • Add WebSocket upgrade route at /v1/ws/sessions/{session_id}
  • Implement keepalive ping/pong with 30s interval
  • Add comprehensive tests (31 tests in loom-server, 15 in loom-auth)

✅ Phase 13: Session Routes (COMPLETED)

  • Create routes in routes/sessions.rs:
    • GET /api/sessions
    • DELETE /api/sessions/{id}

✅ Phase 14: Documentation & OpenAPI (COMPLETED)

  • Added utoipa annotations to all route handlers
  • Added schemas to api_docs.rs
  • Added tags: auth, sessions, organizations, teams, users, api-keys, admin, share

✅ Phase 15: Testing (COMPLETED)

  • 365+ unit tests in loom-auth covering:
    • Session management
    • Token generation and verification
    • ABAC policy enforcement
    • Magic link flow
    • Device code flow
    • API key management
    • Audit logging
    • Share links and support access

Summary

Component Status Tests
loom-auth crate ✅ Complete 380
Database migrations ✅ Complete -
HTTP routes ✅ Complete -
ABAC engine ✅ Complete 75
WebSocket auth ✅ Complete 46

Files Created

loom-auth crate (19 modules):

crates/loom-auth/src/
├── abac/
│   ├── engine.rs
│   ├── mod.rs
│   ├── policies/
│   │   ├── llm.rs
│   │   ├── mod.rs
│   │   ├── org.rs
│   │   └── thread.rs
│   └── types.rs
├── access_token.rs
├── account_deletion.rs
├── admin.rs
├── api_key.rs
├── audit.rs
├── device_code.rs
├── email.rs
├── error.rs
├── lib.rs
├── magic_link.rs
├── middleware.rs
├── org.rs
├── session.rs
├── share_link.rs
├── support_access.rs
├── team.rs
├── types.rs
└── user.rs

loom-server routes (9 new modules):

crates/loom-server/src/routes/
├── admin.rs
├── api_keys.rs
├── auth.rs (updated)
├── orgs.rs
├── sessions.rs
├── share.rs
├── teams.rs
└── users.rs

Database migrations (7 new):

crates/loom-server/migrations/
├── 008_auth_users.sql
├── 009_auth_sessions.sql
├── 010_auth_orgs.sql
├── 011_auth_teams.sql
├── 012_auth_api_keys.sql
├── 013_auth_threads_ext.sql
└── 014_auth_audit.sql

Next Steps

  1. WebSocket Auth - ✅ Implemented cookie-based and first-message auth for WebSocket connections
  2. OAuth Integration - ✅ GitHub, Google, and Okta OAuth clients implemented
  3. Database Repositories - ✅ All route handlers connected to database operations
  4. GeoIP Integration - ✅ MaxMind database for session location tracking and feature flag evaluation
  5. Rate Limiting - Add per-IP/per-user rate limits (deferred from v1)

Feature Flags & Experiments Implementation Plan

Implementation checklist for the Feature Flags system. See specs/feature-flags-system.md for full specification.

✅ Phase 1: Core Types & Database (COMPLETED)

Goal: Establish foundational types and database schema.

Spec References:

  • Core entities: specs/feature-flags-system.md:95-232 (Flag, Variant, Strategy, KillSwitch)
  • Evaluation types: specs/feature-flags-system.md:204-232 (EvaluationContext, EvaluationResult)
  • Database schema: specs/feature-flags-system.md:477-573

Tasks:

  • Create crates/loom-flags-core/ crate
    • flag.rs - Flag, Variant, VariantValue, FlagPrerequisite types
    • strategy.rs - Strategy, Condition, AttributeOperator, Schedule types
    • kill_switch.rs - KillSwitch type
    • environment.rs - Environment type
    • sdk_key.rs - SdkKey, SdkKeyType types
    • evaluation.rs - EvaluationContext, EvaluationResult, EvaluationReason
    • error.rs - Error types using thiserror
  • Create crates/loom-server-flags/ crate structure
    • repository.rs - FlagsRepository trait and SqliteFlagsRepository implementation
    • evaluation.rs - Server-side flag evaluation engine
    • sdk_auth.rs - SDK key hashing and verification
    • error.rs - FlagsServerError types
  • Add database migration 030_feature_flags.sql
    • flag_environments table
    • flags table with org_id nullable for platform flags
    • flag_prerequisites table
    • flag_configs table (per-environment)
    • flag_strategies table
    • kill_switches table
    • sdk_keys table
    • exposure_logs table
    • flag_stats table
  • Create repository layer in loom-server-flags/src/repository.rs
  • Add i18n translations for feature flags (server and web)
  • 50 tests (40 in loom-flags-core, 9 in loom-server-flags, 1 doc test)

✅ Phase 2: Environment & SDK Keys (COMPLETED)

Goal: Environment management and SDK key authentication.

Spec References:

  • Environments: specs/feature-flags-system.md:176-186 (Environment type)
  • Auto-created environments: specs/feature-flags-system.md:261-269
  • SDK keys: specs/feature-flags-system.md:188-202 (SdkKey, SdkKeyType)
  • SDK key format: specs/feature-flags-system.md:274-289
  • SDK key endpoints: specs/feature-flags-system.md:410-413
  • Environment endpoints: specs/feature-flags-system.md:404-408

Tasks:

  • Implement Environment CRUD handlers in routes/flags.rs
    • GET /api/orgs/{org_id}/flags/environments
    • POST /api/orgs/{org_id}/flags/environments
    • GET /api/orgs/{org_id}/flags/environments/{env_id}
    • PATCH /api/orgs/{org_id}/flags/environments/{env_id}
    • DELETE /api/orgs/{org_id}/flags/environments/{env_id}
  • Auto-create dev and prod environments on org creation
    • Hook into org creation flow in routes/orgs.rs
  • Implement SDK key generation
    • Key format: loom_sdk_{type}_{env}_{random32hex}
    • Argon2 hashing for storage
    • Fixed SDK key parsing to handle environment names with underscores
  • Implement SDK key CRUD handlers
    • GET /api/orgs/{org_id}/flags/environments/{env_id}/sdk-keys
    • POST /api/orgs/{org_id}/flags/environments/{env_id}/sdk-keys
    • DELETE /api/orgs/{org_id}/flags/sdk-keys/{key_id}
  • Add flags API types to loom-server-api/src/flags.rs
  • Add flags_repo to AppState
  • 60+ tests (51 in loom-flags-core, 9 in loom-server-flags)
    • Property-based tests for environment name validation
    • Property-based tests for SDK key generation/parsing roundtrip

✅ Phase 3: Flag Management (COMPLETED)

Goal: Complete flag CRUD with per-environment configuration.

Spec References:

  • Flag type: specs/feature-flags-system.md:97-131
  • FlagConfig type: specs/feature-flags-system.md:133-143
  • Flag key format: specs/feature-flags-system.md:249-258
  • Flag endpoints: specs/feature-flags-system.md:370-378

Tasks:

  • Flag key validation
    • Pattern: ^[a-z][a-z0-9_]*(\.[a-z][a-z0-9_]*)*$
    • Length: 3-100 characters
  • Implement Flag CRUD handlers
    • GET /api/orgs/{org_id}/flags - list flags for org
    • POST /api/orgs/{org_id}/flags - create flag
    • GET /api/orgs/{org_id}/flags/{flag_id} - get flag by ID
    • PATCH /api/orgs/{org_id}/flags/{flag_id} - update flag
    • POST /api/orgs/{org_id}/flags/{flag_id}/archive - archive flag
    • POST /api/orgs/{org_id}/flags/{flag_id}/restore - restore archived flag
  • Implement FlagConfig handlers
    • GET /api/orgs/{org_id}/flags/{flag_id}/configs - get all environment configs
    • GET /api/orgs/{org_id}/flags/{flag_id}/configs/{env_id} - get specific config
    • PATCH /api/orgs/{org_id}/flags/{flag_id}/configs/{env_id} - update environment config
  • Auto-create configs for all environments on flag creation
  • Prerequisites handling
    • Store prerequisite relationships
    • Support in create/update flag
  • Property-based tests for flag key validation
  • 60 tests (all passing in loom-flags-core)

✅ Phase 4: Strategy System (COMPLETED)

Goal: Rollout strategies with targeting conditions.

Spec References:

  • Strategy type: specs/feature-flags-system.md:145-175 (Strategy, Condition, Schedule)
  • Evaluation engine: specs/feature-flags-system.md:301-349
  • Percentage hashing: specs/feature-flags-system.md:322-328
  • Schedule evaluation: specs/feature-flags-system.md:330-338
  • GeoIP resolution: specs/feature-flags-system.md:340-349
  • Strategy endpoints: specs/feature-flags-system.md:380-386

Tasks:

  • Implement Strategy CRUD handlers
    • GET /api/orgs/{org_id}/flags/strategies
    • POST /api/orgs/{org_id}/flags/strategies
    • GET /api/orgs/{org_id}/flags/strategies/{strategy_id}
    • PATCH /api/orgs/{org_id}/flags/strategies/{strategy_id}
    • DELETE /api/orgs/{org_id}/flags/strategies/{strategy_id}
  • Condition evaluation engine
    • Attribute conditions (equals, contains, in, etc.)
    • Geographic conditions (country, region, city)
    • Environment conditions
  • Percentage hashing with murmur3
    • Consistent hashing for sticky assignment
    • Configurable key (user_id, org_id, session_id)
  • Schedule evaluation
    • Time-based percentage ramps
  • GeoIP integration (completed)
    • Integrate with existing loom-server-geoip
    • Proxy header support (CF-Connecting-IP, X-Forwarded-For, X-Real-IP)
    • Region/subdivision support from MaxMind database
    • Server-resolved GeoIP takes precedence over client-provided geo context
    • Property-based tests for GeoIP context handling
  • Strategy API types in loom-server-api
  • i18n translations (EN, ES, AR)
  • 90+ tests including property-based tests for:
    • Attribute operator evaluation
    • Percentage hashing determinism and monotonicity
    • Schedule evaluation
    • Geographic operator case-insensitivity

✅ Phase 5: Kill Switches (COMPLETED)

Goal: Emergency shutoff mechanism with flag linking.

Spec References:

  • KillSwitch type: specs/feature-flags-system.md:178-193
  • Kill switch design: specs/feature-flags-system.md:291-299
  • Activation/deactivation flow: specs/feature-flags-system.md:301-318
  • Kill switch endpoints: specs/feature-flags-system.md:388-395

Tasks:

  • Implement Kill switch CRUD handlers
    • GET /api/orgs/{org_id}/flags/kill-switches
    • POST /api/orgs/{org_id}/flags/kill-switches
    • GET /api/orgs/{org_id}/flags/kill-switches/{kill_switch_id}
    • PATCH /api/orgs/{org_id}/flags/kill-switches/{kill_switch_id}
    • DELETE /api/orgs/{org_id}/flags/kill-switches/{kill_switch_id}
  • Activation endpoint
    • POST /api/orgs/{org_id}/flags/kill-switches/{kill_switch_id}/activate
    • Required: reason field (validation enforced)
    • Set activated_at, activated_by, activation_reason
  • Deactivation endpoint
    • POST /api/orgs/{org_id}/flags/kill-switches/{kill_switch_id}/deactivate
    • Clear activation fields
  • Kill switch permissions
    • Uses org membership (same as other flags operations)
    • Any org member can manage kill switches
  • i18n translations (server: loom-common-i18n, web: loom-web)
  • API types in loom-server-api/src/flags.rs
  • Property-based tests (6 new tests for kill switch behavior)
  • 77 tests passing in loom-flags-core

✅ Phase 6: Evaluation Engine (COMPLETED)

Goal: Complete flag evaluation with all precedence rules.

Spec References:

  • Evaluation order: specs/feature-flags-system.md:303-320
  • Precedence rules: specs/feature-flags-system.md:241-246
  • Evaluation endpoints: specs/feature-flags-system.md:415-418

Tasks:

  • Implement full evaluation flow in loom-server-flags/src/evaluation.rs
    1. Check flag exists
    2. Check environment config (enabled/disabled)
    3. Check kill switches (platform first, then org)
    4. Check prerequisites
    5. Evaluate strategy (conditions, percentage, schedule)
    6. Return variant with reason
  • Platform vs org precedence
    • Platform flags override org flags with same key
    • Platform kill switches affect all orgs
  • Implement evaluation endpoints
    • POST /api/orgs/{org_id}/flags/evaluate - evaluate all flags for context
    • POST /api/orgs/{org_id}/flags/{flag_key}/evaluate - evaluate single flag
  • Return EvaluationResult with reason
  • API types for evaluation (EvaluationContextApi, EvaluationResultApi, EvaluationReasonApi)
  • 96 tests passing (77 in loom-flags-core, 19 in loom-server-flags)

✅ Phase 7: SSE Streaming (COMPLETED)

Goal: Real-time flag updates via Server-Sent Events.

Spec References:

  • SSE events: specs/feature-flags-system.md:420-450
  • Event format: specs/feature-flags-system.md:436-445
  • Reconnection: specs/feature-flags-system.md:447-450

Tasks:

  • Implement SSE endpoint
    • GET /api/flags/stream
    • SDK key authentication with Argon2 verification
  • Event types in loom-flags-core/src/sse.rs
    • init - full state on connect
    • flag.updated - flag or config changed
    • flag.archived - flag archived
    • flag.restored - flag restored from archive
    • killswitch.activated - kill switch activated
    • killswitch.deactivated - kill switch deactivated
    • heartbeat - every 30s (via axum SSE KeepAlive)
  • Broadcast mechanism in loom-server-flags/src/sse.rs
    • Per-environment channels (org_id, environment_id)
    • Notify on flag/kill switch changes
    • Broadcast to entire org for org-wide changes
  • Client connection management
    • FlagsBroadcaster with channel statistics
    • Clean up empty channels
    • Connection tracking metrics
  • Event emission on changes
    • update_flag_config broadcasts flag.updated
    • archive_flag broadcasts flag.archived
    • restore_flag broadcasts flag.restored
    • activate_kill_switch broadcasts killswitch.activated
    • deactivate_kill_switch broadcasts killswitch.deactivated
  • Stats endpoint GET /api/flags/stream/stats (admin only)
  • i18n translations (EN, ES, AR)
  • 120 tests (91 in loom-flags-core, 29 in loom-server-flags)

✅ Phase 8: Exposure Tracking (COMPLETED)

Goal: Track flag evaluations for experiment analysis.

Spec References:

  • Exposure logging: specs/feature-flags-system.md:351-378
  • Exposure endpoints: specs/feature-flags-system.md:420-423

Tasks:

  • Implement ExposureLog creation
    • ExposureLog type with flag_id, environment_id, user_id, org_id, variant, reason
    • Repository methods: create_exposure_log, list_exposure_logs, count_exposure_logs
  • Deduplication logic
    • Context hash computation (SHA-256 of user_id + org_id + session_id + environment + attributes + geo)
    • exposure_exists_within_window method to check for duplicates within 1-hour window
  • Per-flag exposure toggle
    • Add exposure_tracking_enabled to Flag type
    • Database migration 031_exposure_tracking.sql
    • Updated flag CRUD to include exposure_tracking_enabled
  • i18n translations (EN, ES, AR) for server API messages
  • i18n translations for loom-web (exposure tracking UI strings)
  • Property-based tests for context hashing (determinism, uniqueness, format)
  • Unit tests for ExposureLog creation
  • 134+ tests passing (105 in loom-flags-core, 29 in loom-server-flags)

✅ Phase 9: Stale Detection & Stats (COMPLETED)

Goal: Track flag usage and identify stale flags.

Spec References:

  • Staleness criteria: specs/feature-flags-system.md:380-385
  • Flag stats: specs/feature-flags-system.md:387-394
  • Stats endpoints: specs/feature-flags-system.md:420-423

Tasks:

  • Implement FlagStats tracking
    • Repository trait methods: get_flag_stats, record_flag_evaluation, list_stale_flags
    • SQLite repository implementation with upsert for stats
    • Update last_evaluated_at on evaluation
    • Increment 24h/7d/30d evaluation counts
  • Stale flag detection
    • GET /api/orgs/{org_id}/flags/stale - list stale flags
    • Configurable threshold via LOOM_FLAGS_STALE_THRESHOLD_DAYS (default: 30 days)
    • Returns flags not evaluated within threshold, ordered by staleness
  • Flag stats endpoint
    • GET /api/orgs/{org_id}/flags/{flag_key}/stats - get individual flag statistics
    • Returns last_evaluated_at and evaluation counts
  • Evaluation recording integration
    • Stats recorded asynchronously (fire and forget) in evaluation endpoints
    • Both single flag and bulk evaluation endpoints record stats
  • API types in loom-server-api/src/flags.rs
    • FlagStatsResponse - single flag statistics
    • StaleFlagResponse - stale flag entry with days_since_evaluated
    • ListStaleFlagsResponse - list of stale flags with threshold
  • i18n translations (EN, ES, AR)
    • Server translations in loom-common-i18n
    • Web translations in loom-web
  • Property-based tests for FlagStats
    • Count invariants (24h <= 7d <= 30d)
    • Context hash determinism and uniqueness
  • 140+ tests passing (112 in loom-flags-core, 29 in loom-server-flags)

✅ Phase 10: Rust SDK (COMPLETED)

Goal: loom-flags crate for Rust clients.

Spec References:

  • SDK design: specs/feature-flags-system.md:452-493
  • SDK behavior: specs/feature-flags-system.md:489-497
  • Crate structure: specs/feature-flags-system.md:16-37

Tasks:

  • Create crates/loom-flags/ crate
  • Implement FlagsClient
    • Builder pattern for configuration
    • SDK key authentication
    • Base URL configuration
  • Initialization
    • Fetch all flags on init
    • Start SSE connection
  • Local caching
    • In-memory flag cache
    • Update from SSE events
  • Evaluation methods
    • get_bool(key, context, default)
    • get_string(key, context, default)
    • get_json(key, context, default)
    • get_all(context)
  • Offline mode
    • Use last cached values when disconnected
  • Use loom-http for requests
    • Retry logic
    • User-Agent header
  • i18n translations (EN, ES, AR) for SDK error messages
  • 26 tests (unit tests + property-based tests for caching and evaluation)

✅ Phase 11: TypeScript Packages (COMPLETED)

Goal: @loom/http and @loom/flags packages.

Spec References:

  • TypeScript SDK: specs/feature-flags-system.md:474-487
  • Package structure: specs/feature-flags-system.md:39-53

Tasks:

  • Create web/packages/http/ package (@loom/http)
    • HTTP client with fetch
    • Retry with exponential backoff
    • Standard headers (User-Agent, Content-Type)
    • Error handling (HttpError, TimeoutError, NetworkError, RateLimitError)
  • Create web/packages/flags/ package (@loom/flags)
    • FlagsClient class
    • SDK key authentication
    • Initialization with flag fetch
    • SSE connection handling with reconnection
    • Local caching (FlagCache)
    • Evaluation methods (getBool, getString, getJson, getAll)
    • Event emitter for updates
    • Offline mode with cached values
  • i18n translations for SDK error messages
    • Server translations in loom-common-i18n
    • Web translations in loom-web
  • 51 tests passing (20 in @loom/http, 31 in @loom/flags)
    • Property-based tests for retry delay calculation
    • Property-based tests for flag cache operations
  • Workspace configuration for web packages (web/pnpm-workspace.yaml)

✅ Phase 12: Audit Integration (COMPLETED)

Goal: Full audit logging for all flag operations.

Spec References:

  • Audit events: specs/feature-flags-system.md:575-593

Tasks:

  • Add audit event types to loom-server-audit
    • FlagCreated, FlagUpdated, FlagArchived, FlagRestored
    • FlagConfigUpdated
    • StrategyCreated, StrategyUpdated, StrategyDeleted
    • KillSwitchCreated, KillSwitchUpdated, KillSwitchActivated, KillSwitchDeactivated, KillSwitchDeleted
    • SdkKeyCreated, SdkKeyRevoked
    • EnvironmentCreated, EnvironmentUpdated, EnvironmentDeleted
  • Integrate audit logging into all handlers
  • Test audit logging (3 new tests for feature flag events)
  • 63 tests passing in loom-server-audit

✅ Phase 13: Platform Flags (COMPLETED)

Goal: Super admin management of platform-level flags.

Spec References:

  • Two-tier system: specs/feature-flags-system.md:235-239
  • Precedence: specs/feature-flags-system.md:241-246
  • Platform endpoints: specs/feature-flags-system.md:425-432
  • Permissions: specs/feature-flags-system.md:595-618

Tasks:

  • Implement platform flag endpoints (super admin only)
    • GET /api/admin/flags - list platform flags
    • POST /api/admin/flags - create platform flag
    • GET /api/admin/flags/{key} - get platform flag by key
    • PATCH /api/admin/flags/{key} - update platform flag
    • POST /api/admin/flags/{key}/archive - archive platform flag
    • POST /api/admin/flags/{key}/restore - restore archived platform flag
  • Implement platform kill switch endpoints
    • GET /api/admin/flags/kill-switches - list platform kill switches
    • POST /api/admin/flags/kill-switches - create platform kill switch
    • GET /api/admin/flags/kill-switches/{key} - get platform kill switch
    • PATCH /api/admin/flags/kill-switches/{key} - update platform kill switch
    • POST /api/admin/flags/kill-switches/{key}/activate - activate kill switch
    • POST /api/admin/flags/kill-switches/{key}/deactivate - deactivate kill switch
    • DELETE /api/admin/flags/kill-switches/{key} - delete platform kill switch
  • Implement platform strategy endpoints
    • GET /api/admin/flags/strategies - list platform strategies
    • POST /api/admin/flags/strategies - create platform strategy
    • GET /api/admin/flags/strategies/{id} - get platform strategy
    • PATCH /api/admin/flags/strategies/{id} - update platform strategy
    • DELETE /api/admin/flags/strategies/{id} - delete platform strategy
  • SSE broadcast for platform events
    • broadcast_to_all method for platform-wide flag updates
  • i18n translations (EN, ES, AR) for all platform flag messages
  • Authorization tests (10 tests verifying super admin only access)
  • All tests passing

Feature Flags Dependencies

Rust Crates (per specs/feature-flags-system.md:620-639):

  • chrono - timestamps
  • serde, serde_json - serialization
  • thiserror - error types
  • uuid - IDs
  • murmur3 - percentage hashing
  • eventsource-stream - SSE client
  • sqlx - database

Integration Points:

  • loom-http - HTTP client with retry
  • loom-geoip - GeoIP resolution
  • loom-server-audit - audit logging
  • loom-db - database layer
  • loom-auth - ABAC permissions

✅ Feature Flags Testing Strategy (COMPLETED)

  • Unit tests for evaluation engine
    • loom-server-flags/src/evaluation.rs: 13 unit tests covering disabled flags, enabled flags, strategies, conditions, kill switches, schedules
  • Unit tests for condition matching
    • loom-flags-core/src/strategy.rs: 5 unit tests for attribute operators, geo operators
    • loom-server-flags/src/evaluation.rs: condition evaluation tests for attribute, geo, environment conditions
  • Unit tests for percentage hashing (verify consistency)
    • loom-server-flags/src/evaluation.rs: test_percentage_consistent_hashing, tests for 0% and 100% rollouts
    • Property-based tests: percentage_is_deterministic, percentage_monotonic
  • Integration tests for API endpoints
    • loom-server/tests/authz/flags.rs: 28 authorization tests covering all org-level flag routes
    • loom-server/tests/authz/admin.rs: 10 platform flags authorization tests
  • Integration tests for SSE streaming
    • loom-server-flags/src/sse.rs: 10 async tests for broadcast, subscription, cleanup, stats
    • loom-flags-core/src/sse.rs: serialization and event type tests
  • Property-based tests for strategy evaluation
    • loom-flags-core/src/strategy.rs: 12 proptest tests for operators, schedules, geo matching
    • loom-server-flags/src/evaluation.rs: 5 proptest tests for percentage hashing properties
  • SDK integration tests
    • loom-flags/src/lib.rs: 26 tests including property-based tests for caching and evaluation

Test counts:

  • loom-flags-core: 112 tests (unit + property-based)
  • loom-server-flags: 29 tests (unit + property-based + async)
  • loom-server authz flags tests: 28 tests
  • loom-flags SDK: 26 tests

Feature Flags Deployment Notes

  • Database migration must run before server starts
  • Auto-create environments on org creation requires migration to existing orgs
  • SSE requires appropriate timeout settings in load balancer
  • SDK keys should be rotated if exposed