Merge branch 'develop' into 'fb-optic-1677'

Workflow run: https://github.com/HumanSignal/label-studio/actions/runs/13451696957

Author: MihajloHoma

label_studio/feature_flags.json

@@ -1297,6 +1297,33 @@
       "version": 2,
       "deleted": false
     },
+    "fflag_feat_all_leap_1825_annotator_evaluation_short": {
+      "key": "fflag_feat_all_leap_1825_annotator_evaluation_short",
+      "on": false,
+      "prerequisites": [],
+      "targets": [],
+      "contextTargets": [],
+      "rules": [],
+      "fallthrough": {
+        "variation": 0
+      },
+      "offVariation": 1,
+      "variations": [
+        true,
+        false
+      ],
+      "clientSideAvailability": {
+        "usingMobileKey": false,
+        "usingEnvironmentId": false
+      },
+      "clientSide": false,
+      "salt": "d22daddab39444af9f4e3802a4d6bbf2",
+      "trackEvents": false,
+      "trackEventsFallthrough": false,
+      "debugEventsUntilDate": null,
+      "version": 2,
+      "deleted": false
+    },
     "fflag_feat_all_leap_883_custom_script_270524_short": {
       "key": "fflag_feat_all_leap_883_custom_script_270524_short",
       "on": true,

label_studio/jwt_auth/middleware.py

@@ -23,12 +23,17 @@ def __call__(self, request):
             try:
                 user_and_token = JWTAuthentication().authenticate(request)
                 if not user_and_token:
+                    logger.debug('JWT auth could not resolve user/token')
                     return self.get_response(request)
 
                 user = User.objects.get(pk=user_and_token[0].pk)
                 if user.active_organization.jwt.api_tokens_enabled:
+                    logger.debug('JWT auth resolved user/token')
                     request.user = user
                     request.is_jwt = True
+                else:
+                    logger.debug('JWT auth resolved user/token, but org does not have jwt enabled')
+
             except User.DoesNotExist:
                 logger.info('JWT authentication failed: User no longer exists')
                 return JsonResponse({'detail': 'User not found'}, status=status.HTTP_401_UNAUTHORIZED)

web/apps/labelstudio/src/utils/helpers.ts

@@ -141,10 +141,3 @@ export const getLastTraceback = (traceback: string): string => {
 
   return lastTraceIndex >= 0 ? lines.slice(lastTraceIndex).join("\n") : traceback;
 };
-
-export const isFlagEnabled = (id: string, flagList: Record<string, boolean>, defaultValue = false) => {
-  if (id in flagList) {
-    return flagList[id] === true ?? defaultValue;
-  }
-  return defaultValue;
-};

web/apps/labelstudio/src/utils/license-flags.ts

@@ -1,4 +1,4 @@
-import { isFlagEnabled } from "./helpers";
+import { isFlagEnabled } from "@humansignal/core/lib/utils/helpers";
 
 /**
  * Control Visibility and Access of Cloud Storage Connectors for Managers

web/dist/apps/labelstudio/main.js

@@ -1,6 +1,6 @@
 {
-  "message": "feat: block sentry in frontend side (#6615)",
-  "commit": "560e33091fa392bec906ca43f082afb1657b11a7",
-  "date": "2025-02-13T23:13:39.000Z",
+  "message": "fix: OPTIC-1709: Ensure checks for feature flag enablement are done correctly (#7121)",
+  "commit": "459ffbf8e7a133c938453ae21b689dd28280b5ea",
+  "date": "2025-02-20T22:35:54.000Z",
   "branch": "develop"
 }

web/dist/apps/labelstudio/main.js.map

@@ -1,6 +1,6 @@
 {
-  "message": "feat: block sentry in frontend side (#6615)",
-  "commit": "560e33091fa392bec906ca43f082afb1657b11a7",
-  "date": "2025-02-13T23:13:39.000Z",
+  "message": "fix: OPTIC-1709: Ensure checks for feature flag enablement are done correctly (#7121)",
+  "commit": "459ffbf8e7a133c938453ae21b689dd28280b5ea",
+  "date": "2025-02-20T22:35:54.000Z",
   "branch": "develop"
 }

web/dist/apps/labelstudio/vendor.js

@@ -1,6 +1,6 @@
 {
-  "message": "feat: block sentry in frontend side (#6615)",
-  "commit": "560e33091fa392bec906ca43f082afb1657b11a7",
-  "date": "2025-02-13T23:13:39.000Z",
+  "message": "fix: OPTIC-1709: Ensure checks for feature flag enablement are done correctly (#7121)",
+  "commit": "459ffbf8e7a133c938453ae21b689dd28280b5ea",
+  "date": "2025-02-20T22:35:54.000Z",
   "branch": "develop"
 }

web/dist/apps/labelstudio/vendor.js.map

@@ -1,6 +1,6 @@
 export const isFlagEnabled = (id: string, flagList: Record<string, boolean>, defaultValue = false) => {
   if (id in flagList) {
-    return flagList[id] === true || defaultValue;
+    return flagList[id] === true;
   }
   return defaultValue;
 };

web/dist/apps/labelstudio/version.json

@@ -13,7 +13,7 @@ import styles from "./PersonalJWTToken.module.scss";
  * each one of these eventually has to be migrated to core/ui
  */
 import { API } from "/apps/labelstudio/src/providers/ApiProvider";
-import { modal } from "/apps/labelstudio/src/components/Modal/Modal";
+import { modal, confirm } from "/apps/labelstudio/src/components/Modal/Modal";
 import { Button } from "/apps/labelstudio/src/components/Button/Button";
 import { Input, Label } from "/apps/labelstudio/src/components/Form/Elements";
 import { Tooltip } from "/apps/labelstudio/src/components/Tooltip/Tooltip";
@@ -99,21 +99,32 @@ export function PersonalJWTToken() {
   const [dialogOpened, setDialogOpened] = useState(false);
   const tokens = useAtomValue(tokensListAtom);
   const revokeToken = useAtomValue(revokeTokenAtom);
+  const createToken = useAtomValue(refreshTokenAtom);
 
   const tokensListClassName = clsx({
     [styles.tokensList]: tokens.data && tokens.data.length,
   });
 
   const revoke = useCallback(
     async (token: string) => {
-      await revokeToken.mutateAsync({ token });
+      confirm({
+        title: "Revoke Token",
+        body: `Are you sure you want to delete this access token? Any application using this token will need a new token to be able to access ${
+          window?.APP_SETTINGS?.app_name || "Label Studio"
+        }`,
+        okText: "Revoke",
+        buttonLook: "danger",
+        onOk: async () => {
+          await revokeToken.mutateAsync({ token });
+        },
+      });
     },
     [revokeToken],
   );
 
   const disallowAddingTokens = useMemo(() => {
-    return tokens.isLoading || (tokens.data?.length ?? 0) > 0;
-  }, [tokens.isLoading, tokens.data]);
+    return createToken.isPending || tokens.isLoading || (tokens.data?.length ?? 0) > 0;
+  }, [createToken.isPending, tokens.isLoading, tokens.data]);
 
   function openDialog() {
     if (dialogOpened) return;
@@ -123,6 +134,7 @@ export function PersonalJWTToken() {
       title: "New Auth Token",
       style: { width: 680 },
       body: CreateTokenForm,
+      closeOnClickOutside: false,
       onHidden: () => setDialogOpened(false),
     });
   }
@@ -161,7 +173,7 @@ export function PersonalJWTToken() {
       </div>
       <Tooltip title="You can only have one active token" disabled={!disallowAddingTokens}>
         <div style={{ width: "max-content" }}>
-          <Button disabled={disallowAddingTokens} onClick={openDialog}>
+          <Button disabled={disallowAddingTokens || dialogOpened} onClick={openDialog}>
             Create New Token
           </Button>
         </div>