Include Context information in config response

[lizard-boy]

Type of change

- [ ] Bug fix
- [ ] New feature development
- [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc)
- [ ] Build/deploy pipeline (DevOps)
- [x] Other

Objective

Adds feature flag context to config response. This is useful for debugging purposes.

Question: Is there a reason to consider this sensitive? It uses the same bearer token to, say, retrieve full sync data, so all information is retrievable through other endpoints.

Before you submit

• Please check for formatting errors (dotnet format --verify-no-changes) (required)
• If making database changes - make sure you also update Entity Framework queries and/or migrations
• Please add unit tests where it makes sense to do so (encouraged but not required)
• If this change requires a documentation update - notify the documentation team
• If this change has particular deployment requirements - notify the DevOps team

Greptile Summary

This pull request adds feature flag context to the configuration response, including user ID and organization IDs, to enhance debugging capabilities.

• Added GetFlagContext() method to IFeatureService interface and implemented in LaunchDarklyFeatureService
• Modified ConfigController to include feature flag context in ConfigResponseModel
• Updated ConfigResponseModel to incorporate new FeatureFlagContext struct
• Introduced new tests in LaunchDarklyFeatureServiceTests for authenticated and unauthenticated user scenarios
• Consider potential security implications of exposing user and organization IDs in the config response

[greptile-apps]

_{5 file(s) reviewed, 6 comment(s)
Edit PR Review Bot Settings | Greptile}

[greptile-apps]

logic: Including sensitive context information in the config response may expose user data unnecessarily. Consider the security implications of this change.

[greptile-apps]

logic: Exposing UserId and OrganizationIds in the response could potentially be used for user enumeration attacks. Evaluate the necessity of including this information.

[greptile-apps]

style: Consider adding input validation to ensure userId and organizationIds are not null or empty before assigning.

[greptile-apps]

style: Consider adding XML documentation for the new GetFlagContext() method

[greptile-apps]

logic: Consider adding null checks for _currentContext and its properties to prevent potential null reference exceptions.

[greptile-apps]

style: This line may return null if _currentContext.Organizations is null. Consider using the null-coalescing operator to return an empty array instead.