Skip to content

Overview

Feature flags within a resolved organization + project — mirrors EnvironmentsController’s resolve-then-dispatch shape one level deeper. {project} is resolved key-or-guid, scoped to the resolved org (with the service-token project allowlist forwarded), via ResolveProjectIdAsync for every action. {flag} (get/update/archive/restore/delete) is then resolved key-or-guid, scoped to the resolved project, via ResolveFlagIdAsync. Dispatched commands/queries always use the resolved GUIDs, never the raw route strings. Writes (create/update/archive/restore/ delete) require at least Member (RequireRole); a Viewer attempting one gets a 403 forbidden envelope. Flag deletion/variation-removal guards (FLAG_HAS_DEPENDENTS, plan limits on create, etc.) surface as-is via the existing handlers’ custom ValidationException, which PublicApiExceptionFilterAttribute maps to a 400 validation_failed envelope automatically — no action here special-cases them. Defers flag runtime config (env-config, toggle, targeting rules, prerequisites) and variations to their own controllers (phase 3b Task 3 / phase 3c).