Feature Flags: Disable Temp Users & Signups | Issue #13

by Admin 56 views
Feature Flags: Disable Temp Users & Signups | Issue #13

Motivation

Platform administrators require the capability to manage user access by disabling both temporary user creation and new user signups. This is particularly important in production environments where organizations need to limit access to existing users, prevent anonymous temporary accounts, or temporarily halt registration during maintenance or security incidents. Without these essential controls, administrators find it challenging to enforce strict access policies or efficiently manage user onboarding in alignment with their specific organizational requirements.

Having feature flags to control user access is super important, guys! Think about it: you're running a platform, and you need to make sure only the right people are getting in. Maybe you want to limit access to only existing users, or maybe you're doing some maintenance and don't want anyone new signing up. That's where these flags come in handy. They give admins the power to flip a switch and control who can create temporary accounts or sign up for permanent ones. This is crucial for keeping things secure and running smoothly. Imagine trying to manage a platform without these controls – it would be chaos! You wouldn't be able to stop anonymous accounts from popping up or prevent people from signing up during sensitive times. So, yeah, these feature flags are a game-changer for access policy and user onboarding. They put the admins in the driver's seat, allowing them to tailor the platform to their specific needs and keep everything under control.

These feature flags empower administrators to precisely manage user access, ensuring that only authorized individuals can create temporary accounts or complete the signup process. This level of control is vital in scenarios where organizations must adhere to strict security protocols, such as during audits or when handling sensitive data. By disabling temporary user creation, administrators can prevent unauthorized access to the platform, mitigating the risk of potential security breaches. Similarly, the ability to disable new user signups allows administrators to regulate user onboarding, ensuring that only individuals who meet specific criteria can gain access to the system. This is particularly useful in highly regulated industries where compliance is paramount.

Moreover, feature flags provide administrators with the flexibility to respond swiftly to unforeseen circumstances. For instance, in the event of a security incident, administrators can immediately disable both temporary user creation and new user signups to prevent further unauthorized access. This rapid response capability is essential for containing potential damage and restoring system integrity. Additionally, administrators can leverage feature flags to temporarily close registration during maintenance periods, ensuring that new users do not encounter disruptions or errors during the update process. This proactive approach enhances user experience and minimizes potential frustration. By offering granular control over user access, feature flags enable administrators to maintain a secure and stable platform environment, fostering trust and confidence among users and stakeholders.

Current Behavior

Currently, the system permits both temporary user creation and new user signups without any administrative oversight. When users access the platform, they can automatically generate temporary accounts or register for permanent accounts through the available registration interface. There isn't a mechanism available for administrators to disable either of these functionalities, regardless of operational needs. It's like leaving the front door wide open, all the time!

Reproduction Steps:

  1. Go to the Puter platform homepage without logging in.
  2. Notice that a temporary user account gets created automatically.
  3. Head over to the signup page.
  4. Fill out the signup form with valid info.
  5. See that a new permanent user account is created successfully.
  6. Expected: Admins should be able to turn off either or both of these things through some settings.

So, right now, anyone can just waltz onto the platform and create a temporary account or sign up for a new one without any gatekeeping. There's no way for the admins to say, "Hold on, we're not taking any new users right now," or "No more temporary accounts!" It's all open season. That's why we need those feature flags – to give the admins some control over who's coming in and out.

This unrestricted access poses several challenges for administrators. Firstly, it can lead to an influx of temporary accounts, which may consume system resources and impact performance. Secondly, it makes it difficult to enforce access policies, as administrators cannot prevent unauthorized users from gaining entry to the platform. Thirdly, it complicates user onboarding processes, as administrators have no control over who can register for an account. Without the ability to disable temporary user creation and new user signups, administrators are essentially operating in a reactive mode, constantly addressing the consequences of unrestricted access rather than proactively managing user access.

Imagine a scenario where the platform is experiencing a surge in traffic due to a promotional campaign. In the absence of feature flags, administrators would be unable to temporarily halt new user signups to ensure that existing users can continue to access the platform without disruption. Similarly, during a security incident, administrators would be unable to prevent the creation of temporary accounts, which could potentially be exploited by malicious actors. The lack of control over user access not only increases the risk of security breaches but also undermines the platform's ability to provide a stable and reliable service.

Expected Behavior

Administrators should have the ability to set up feature flags that control whether temporary users can be created and whether new users can sign up. When these flags are turned on, the system should stop those actions and give users the right error messages. The flags should be set up in the backend and work with the existing FeatureFlagService stuff.

Basically, we want to give admins the power to say "no"! No more temporary users, no more new signups – if they don't want it, they can turn it off with a feature flag. And when someone tries to do something they're not supposed to, like create a temporary account when the flag is on, they should get a clear error message explaining why. These flags need to be easy to configure in the backend and play nice with the existing system. This is all about giving admins more control and making the platform more secure and manageable.

These feature flags should seamlessly integrate with the existing FeatureFlagService architecture, ensuring that they can be easily managed and configured through the backend. Administrators should have a user-friendly interface to toggle these flags on or off, allowing them to quickly adapt to changing circumstances. Furthermore, the system should provide comprehensive logging and auditing capabilities, enabling administrators to track when and by whom these flags were modified. This level of transparency is crucial for maintaining accountability and ensuring that access policies are consistently enforced.

Acceptance Criteria:

  • [ ] A temp-users-disabled feature flag can be set to stop temporary user creation.
  • [ ] A user-signup-disabled feature flag can be set to stop new user signups.
  • [ ] When temporary users are turned off, trying to make temp users should give a 403 error with a clear message.
  • [ ] When user signup is turned off, trying to sign up should give a 403 error with a clear message.
  • [ ] Both flags can be on at the same time, and the system should handle it correctly with a combined error message.

Steps To Test

  1. Test with both flags disabled (default behavior):
    • Go to the platform homepage and make sure a temporary user is created automatically.
    • Go to the signup page and create a new account.
    • Make sure both things work.
  2. Test with temp users disabled:
    • Set disable_temp_users: true in the backend config.
    • Restart the backend service.
    • Go to the platform homepage.
    • Make sure no temporary user is created and a good error is shown.
    • Make sure regular signup still works.
  3. Test with user signup disabled:
    • Set disable_user_signup: true in the backend config.
    • Restart the backend service.
    • Try to sign up through the signup page.
    • Make sure the signup request gives a 403 error with the message "User signup is disabled."
    • Make sure existing users can still log in.
  4. Test with both flags enabled:
    • Turn on both disable_temp_users and disable_user_signup.
    • Restart the backend service.
    • Try to get on the platform without logging in.
    • Make sure a good error message says both things are off.
    • Make sure existing users can still log in and use the platform.

Submission

Download https://cap.so/ to record your screen (use Studio mode). Export as an mp4, and drag and drop into an issue comment below.

Guide to submitting pull requests: https://hackmd.io/@timothy1ee/Hky8kV3hlx