npm - @backstage-community/plugin-rbac - Versions diffs - 1.32.2 - Mend

@backstage-community/plugin-rbac 1.32.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (133) hide show

package/dist/utils/create-role-utils.esm.js ADDED Viewed

@@ -0,0 +1,231 @@
+import { getTitleCase } from '@janus-idp/shared-react';
+import * as yup from 'yup';
+import { isResourcedPolicy } from '@backstage-community/plugin-rbac-common';
+import { criterias } from '../components/ConditionalAccess/const.esm.js';
+const uniqBy = (arr, iteratee) => {
+  return arr.filter(
+    (x, i, self) => i === self.findIndex((y) => iteratee(x) === iteratee(y))
+  );
+};
+const getRoleData = (values) => {
+  return {
+    memberReferences: values.selectedMembers.map(
+      (mem) => mem.ref
+    ),
+    name: `${values.kind}:${values.namespace}/${values.name}`,
+    metadata: {
+      description: values.description
+    }
+  };
+};
+const validationSchema = yup.object({
+  name: yup.string().required("Name is required"),
+  selectedMembers: yup.array().min(1, "No member selected"),
+  permissionPoliciesRows: yup.array().of(
+    yup.object().shape({
+      plugin: yup.string().required("Plugin is required"),
+      permission: yup.string().required("Permission is required")
+    })
+  )
+});
+const getMembersCount = (member) => {
+  return member.kind === "Group" ? member.relations?.reduce((acc, relation) => {
+    let temp = acc;
+    if (relation.type === "hasMember") {
+      temp++;
+    }
+    return temp;
+  }, 0) : void 0;
+};
+const getParentGroupsCount = (member) => {
+  return member.kind === "Group" ? member.relations?.reduce((acc, relation) => {
+    let temp = acc;
+    if (relation.type === "childOf") {
+      temp++;
+    }
+    return temp;
+  }, 0) : void 0;
+};
+const getChildGroupsCount = (member) => {
+  return member.kind === "Group" ? member.relations?.reduce((acc, relation) => {
+    let temp = acc;
+    if (relation.type === "parentOf") {
+      temp++;
+    }
+    return temp;
+  }, 0) : void 0;
+};
+const getPermissionPolicies = (policies) => {
+  return policies.reduce(
+    (ppsAcc, policy) => {
+      const permission = isResourcedPolicy(policy) ? policy.resourceType : policy.name;
+      return {
+        ...ppsAcc,
+        [permission]: policies.reduce(
+          (policiesAcc, pol) => {
+            const perm = isResourcedPolicy(pol) ? pol.resourceType : pol.name;
+            if (permission === perm)
+              return {
+                policies: uniqBy(
+                  [...policiesAcc.policies, getTitleCase(pol.policy)],
+                  (val) => val
+                ),
+                isResourced: isResourcedPolicy(pol)
+              };
+            return policiesAcc;
+          },
+          { policies: [], isResourced: false }
+        )
+      };
+    },
+    {}
+  );
+};
+const getPluginsPermissionPoliciesData = (pluginsPermissionPolicies) => {
+  const plugins = pluginsPermissionPolicies.map(
+    (pluginPp) => pluginPp.pluginId
+  );
+  const pluginsPermissions = pluginsPermissionPolicies.reduce(
+    (acc, pp, index) => {
+      const permissions = pp.policies.reduce((plcAcc, plc) => {
+        const permission = isResourcedPolicy(plc) ? plc.resourceType : plc.name;
+        return [...plcAcc, permission];
+      }, []);
+      return {
+        ...acc,
+        [plugins[index]]: {
+          permissions: uniqBy(permissions ?? [], (val) => val),
+          policies: {
+            ...pp.policies ? getPermissionPolicies(pp.policies) : {}
+          }
+        }
+      };
+    },
+    {}
+  );
+  return { plugins, pluginsPermissions };
+};
+const getPermissionPoliciesData = (values) => {
+  const { kind, name, namespace, permissionPoliciesRows } = values;
+  return permissionPoliciesRows.reduce(
+    (acc, permissionPolicyRow) => {
+      const { permission, policies, conditions } = permissionPolicyRow;
+      const permissionPoliciesData = policies.reduce(
+        (pAcc, policy) => {
+          if (policy.effect === "allow" && !conditions) {
+            return [
+              ...pAcc,
+              {
+                entityReference: `${kind}:${namespace}/${name}`,
+                permission: `${permission}`,
+                policy: policy.policy.toLocaleLowerCase("en-US"),
+                effect: "allow"
+              }
+            ];
+          }
+          return pAcc;
+        },
+        []
+      );
+      return [...acc, ...permissionPoliciesData];
+    },
+    []
+  );
+};
+const getConditionalPermissionPoliciesData = (values) => {
+  const { kind, name, namespace, permissionPoliciesRows } = values;
+  return permissionPoliciesRows.reduce(
+    (acc, permissionPolicyRow) => {
+      const { permission, policies, isResourced, plugin, conditions } = permissionPolicyRow;
+      const permissionMapping = policies.reduce((pAcc, policy) => {
+        if (policy.effect === "allow") {
+          return [...pAcc, policy.policy.toLocaleLowerCase("en-US")];
+        }
+        return pAcc;
+      }, []);
+      return isResourced && conditions ? [
+        ...acc,
+        {
+          result: "CONDITIONAL",
+          roleEntityRef: `${kind}:${namespace}/${name}`,
+          pluginId: `${plugin}`,
+          resourceType: `${permission}`,
+          permissionMapping,
+          conditions: Object.keys(conditions)[0] === criterias.condition ? { ...conditions.condition } : conditions
+        }
+      ] : acc;
+    },
+    []
+  );
+};
+const getUpdatedConditionalPolicies = (values, initialValues) => {
+  const initialConditionsWithId = initialValues.permissionPoliciesRows.filter(
+    (ppr) => ppr.id
+  );
+  const conditionsWithId = values.permissionPoliciesRows.filter((ppr) => ppr.id);
+  return conditionsWithId.length > 0 ? conditionsWithId.reduce(
+    (acc, condition) => {
+      const conditionExists = initialConditionsWithId.find(
+        (c) => c.id === condition.id
+      );
+      if (conditionExists && condition.id)
+        return [
+          ...acc,
+          {
+            id: condition.id,
+            updateCondition: getConditionalPermissionPoliciesData({
+              ...values,
+              permissionPoliciesRows: [condition]
+            })[0]
+          }
+        ];
+      return acc;
+    },
+    []
+  ) : [];
+};
+const getNewConditionalPolicies = (values) => {
+  const newValues = { ...values };
+  const newPermissionPolicies = values.permissionPoliciesRows.filter(
+    (ppr) => !ppr.id
+  );
+  newValues.permissionPoliciesRows = newPermissionPolicies;
+  return getConditionalPermissionPoliciesData(newValues);
+};
+const getRemovedConditionalPoliciesIds = (values, initialValues) => {
+  const initialConditionsIds = initialValues.permissionPoliciesRows.map((ppr) => ppr.id).filter((id) => id);
+  const newConditionsIds = values.permissionPoliciesRows.map((ppr) => ppr.id).filter((id) => id);
+  return initialConditionsIds.length > 0 ? initialConditionsIds.reduce((acc, oldId) => {
+    const conditionExists = newConditionsIds.includes(oldId);
+    if (conditionExists) return acc;
+    return oldId ? [...acc, oldId] : acc;
+  }, []) : [];
+};
+const getPermissionsNumber = (values) => {
+  return getPermissionPoliciesData(values).length + getConditionalPermissionPoliciesData(values).length;
+};
+const getRulesNumber = (conditions) => {
+  if (!conditions) return 0;
+  let rulesNumber = 0;
+  if (conditions.allOf) {
+    rulesNumber += conditions.allOf.reduce((acc, condition) => {
+      return acc + getRulesNumber(condition);
+    }, 0);
+  }
+  if (conditions.anyOf) {
+    rulesNumber += conditions.anyOf.reduce((acc, condition) => {
+      return acc + getRulesNumber(condition);
+    }, 0);
+  }
+  if (conditions.not) {
+    rulesNumber += getRulesNumber(conditions.not);
+  }
+  if (conditions.condition || Object.keys(conditions).includes("rule")) {
+    rulesNumber += 1;
+  }
+  return rulesNumber;
+};
+export { getChildGroupsCount, getConditionalPermissionPoliciesData, getMembersCount, getNewConditionalPolicies, getParentGroupsCount, getPermissionPolicies, getPermissionPoliciesData, getPermissionsNumber, getPluginsPermissionPoliciesData, getRemovedConditionalPoliciesIds, getRoleData, getRulesNumber, getUpdatedConditionalPolicies, uniqBy, validationSchema };
+//# sourceMappingURL=create-role-utils.esm.js.map

package/dist/utils/create-role-utils.esm.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"create-role-utils.esm.js","sources":["../../src/utils/create-role-utils.ts"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport { getTitleCase } from '@janus-idp/shared-react';\nimport * as yup from 'yup';\n\nimport {\n isResourcedPolicy,\n PluginPermissionMetaData,\n PolicyDetails,\n ResourcedPolicy,\n Role,\n RoleBasedPolicy,\n} from '@backstage-community/plugin-rbac-common';\n\nimport { criterias } from '../components/ConditionalAccess/const';\nimport { ConditionsData } from '../components/ConditionalAccess/types';\nimport {\n PermissionPolicies,\n PluginsPermissionPoliciesData,\n PluginsPermissions,\n RoleFormValues,\n SelectedMember,\n} from '../components/CreateRole/types';\nimport {\n MemberEntity,\n PermissionsData,\n RoleBasedConditions,\n UpdatedConditionsData,\n} from '../types';\n\nexport const uniqBy = (arr: string[], iteratee: (arg: string) => any) => {\n return arr.filter(\n (x, i, self) => i === self.findIndex(y => iteratee(x) === iteratee(y)),\n );\n};\n\nexport const getRoleData = (values: RoleFormValues): Role => {\n return {\n memberReferences: values.selectedMembers.map(\n (mem: SelectedMember) => mem.ref,\n ),\n name: `${values.kind}:${values.namespace}/${values.name}`,\n metadata: {\n description: values.description,\n },\n };\n};\n\nexport const validationSchema = yup.object({\n name: yup.string().required('Name is required'),\n selectedMembers: yup.array().min(1, 'No member selected'),\n permissionPoliciesRows: yup.array().of(\n yup.object().shape({\n plugin: yup.string().required('Plugin is required'),\n permission: yup.string().required('Permission is required'),\n }),\n ),\n});\n\nexport const getMembersCount = (member: MemberEntity) => {\n return member.kind === 'Group'\n ? member.relations?.reduce((acc: any, relation: { type: string }) => {\n let temp = acc;\n if (relation.type === 'hasMember') {\n temp++;\n }\n return temp;\n }, 0)\n : undefined;\n};\n\nexport const getParentGroupsCount = (member: MemberEntity) => {\n return member.kind === 'Group'\n ? member.relations?.reduce((acc: any, relation: { type: string }) => {\n let temp = acc;\n if (relation.type === 'childOf') {\n temp++;\n }\n return temp;\n }, 0)\n : undefined;\n};\n\nexport const getChildGroupsCount = (member: MemberEntity) => {\n return member.kind === 'Group'\n ? member.relations?.reduce((acc: any, relation: { type: string }) => {\n let temp = acc;\n if (relation.type === 'parentOf') {\n temp++;\n }\n return temp;\n }, 0)\n : undefined;\n};\n\nexport const getPermissionPolicies = (\n policies: PolicyDetails[],\n): PermissionPolicies => {\n return policies.reduce(\n (ppsAcc: PermissionPolicies, policy: PolicyDetails) => {\n const permission = isResourcedPolicy(policy)\n ? (policy as ResourcedPolicy).resourceType\n : policy.name;\n return {\n ...ppsAcc,\n [permission]: policies.reduce(\n (policiesAcc: { policies: string[]; isResourced: boolean }, pol) => {\n const perm = isResourcedPolicy(pol)\n ? (pol as ResourcedPolicy).resourceType\n : pol.name;\n if (permission === perm)\n return {\n policies: uniqBy(\n [...policiesAcc.policies, getTitleCase(pol.policy as string)],\n val => val,\n ),\n isResourced: isResourcedPolicy(pol),\n };\n return policiesAcc;\n },\n { policies: [], isResourced: false },\n ),\n };\n },\n {},\n );\n};\n\nexport const getPluginsPermissionPoliciesData = (\n pluginsPermissionPolicies: PluginPermissionMetaData[],\n): PluginsPermissionPoliciesData => {\n const plugins: string[] = pluginsPermissionPolicies.map(\n pluginPp => pluginPp.pluginId,\n );\n const pluginsPermissions = pluginsPermissionPolicies.reduce(\n (acc: PluginsPermissions, pp, index) => {\n const permissions = pp.policies.reduce((plcAcc: string[], plc) => {\n const permission = isResourcedPolicy(plc)\n ? (plc as ResourcedPolicy).resourceType\n : plc.name;\n return [...plcAcc, permission];\n }, []);\n return {\n ...acc,\n [plugins[index]]: {\n permissions: uniqBy(permissions ?? [], val => val),\n policies: {\n ...(pp.policies ? getPermissionPolicies(pp.policies) : {}),\n },\n },\n };\n },\n {},\n );\n return { plugins, pluginsPermissions };\n};\n\nexport const getPermissionPoliciesData = (\n values: RoleFormValues,\n): RoleBasedPolicy[] => {\n const { kind, name, namespace, permissionPoliciesRows } = values;\n\n return permissionPoliciesRows.reduce(\n (acc: RoleBasedPolicy[], permissionPolicyRow) => {\n const { permission, policies, conditions } = permissionPolicyRow;\n const permissionPoliciesData = policies.reduce(\n (pAcc: RoleBasedPolicy[], policy) => {\n if (policy.effect === 'allow' && !conditions) {\n return [\n ...pAcc,\n {\n entityReference: `${kind}:${namespace}/${name}`,\n permission: `${permission}`,\n policy: policy.policy.toLocaleLowerCase('en-US'),\n effect: 'allow',\n },\n ];\n }\n return pAcc;\n },\n [],\n );\n return [...acc, ...permissionPoliciesData];\n },\n [],\n );\n};\n\nexport const getConditionalPermissionPoliciesData = (\n values: RoleFormValues,\n) => {\n const { kind, name, namespace, permissionPoliciesRows } = values;\n\n return permissionPoliciesRows.reduce(\n (acc: RoleBasedConditions[], permissionPolicyRow: PermissionsData) => {\n const { permission, policies, isResourced, plugin, conditions } =\n permissionPolicyRow;\n const permissionMapping = policies.reduce((pAcc: string[], policy) => {\n if (policy.effect === 'allow') {\n return [...pAcc, policy.policy.toLocaleLowerCase('en-US')];\n }\n return pAcc;\n }, []);\n return isResourced && conditions\n ? [\n ...acc,\n {\n result: 'CONDITIONAL',\n roleEntityRef: `${kind}:${namespace}/${name}`,\n pluginId: `${plugin}`,\n resourceType: `${permission}`,\n permissionMapping,\n conditions:\n Object.keys(conditions)[0] === criterias.condition\n ? { ...conditions.condition }\n : conditions,\n } as RoleBasedConditions,\n ]\n : acc;\n },\n [] as RoleBasedConditions[],\n );\n};\n\nexport const getUpdatedConditionalPolicies = (\n values: RoleFormValues,\n initialValues: RoleFormValues,\n): UpdatedConditionsData => {\n const initialConditionsWithId = initialValues.permissionPoliciesRows.filter(\n ppr => ppr.id,\n );\n\n const conditionsWithId = values.permissionPoliciesRows.filter(ppr => ppr.id);\n\n return conditionsWithId.length > 0\n ? conditionsWithId.reduce(\n (\n acc: { id: number; updateCondition: RoleBasedConditions }[],\n condition: PermissionsData,\n ) => {\n const conditionExists = initialConditionsWithId.find(\n c => c.id === condition.id,\n );\n\n if (conditionExists && condition.id)\n return [\n ...acc,\n {\n id: condition.id,\n updateCondition: getConditionalPermissionPoliciesData({\n ...values,\n permissionPoliciesRows: [condition],\n })[0],\n },\n ];\n return acc;\n },\n [],\n )\n : [];\n};\n\nexport const getNewConditionalPolicies = (values: RoleFormValues) => {\n const newValues = { ...values };\n const newPermissionPolicies = values.permissionPoliciesRows.filter(\n ppr => !ppr.id,\n );\n newValues.permissionPoliciesRows = newPermissionPolicies;\n return getConditionalPermissionPoliciesData(newValues);\n};\n\nexport const getRemovedConditionalPoliciesIds = (\n values: RoleFormValues,\n initialValues: RoleFormValues,\n) => {\n const initialConditionsIds = initialValues.permissionPoliciesRows\n .map(ppr => ppr.id)\n .filter(id => id);\n\n const newConditionsIds = values.permissionPoliciesRows\n .map(ppr => ppr.id)\n .filter(id => id);\n\n return initialConditionsIds.length > 0\n ? initialConditionsIds.reduce((acc: number[], oldId) => {\n const conditionExists = newConditionsIds.includes(oldId);\n if (conditionExists) return acc;\n return oldId ? [...acc, oldId] : acc;\n }, [])\n : [];\n};\n\nexport const getPermissionsNumber = (values: RoleFormValues) => {\n return (\n getPermissionPoliciesData(values).length +\n getConditionalPermissionPoliciesData(values).length\n );\n};\n\nexport const getConditionsNumber = (values: RoleFormValues) => {\n return getConditionalPermissionPoliciesData(values)?.length ?? 0;\n};\n\nexport const getRulesNumber = (conditions?: ConditionsData) => {\n if (!conditions) return 0;\n let rulesNumber = 0;\n\n if (conditions.allOf) {\n rulesNumber += conditions.allOf.reduce((acc, condition) => {\n return acc + getRulesNumber(condition as ConditionsData);\n }, 0);\n }\n\n if (conditions.anyOf) {\n rulesNumber += conditions.anyOf.reduce((acc, condition) => {\n return acc + getRulesNumber(condition as ConditionsData);\n }, 0);\n }\n\n if (conditions.not) {\n rulesNumber += getRulesNumber(conditions.not as ConditionsData);\n }\n\n if (conditions.condition || Object.keys(conditions).includes('rule')) {\n rulesNumber += 1;\n }\n\n return rulesNumber;\n};\n"],"names":[],"mappings":";;;;;AA2Ca,MAAA,MAAA,GAAS,CAAC,GAAA,EAAe,QAAmC,KAAA;AACvE,EAAA,OAAO,GAAI,CAAA,MAAA;AAAA,IACT,CAAC,CAAA,EAAG,CAAG,EAAA,IAAA,KAAS,CAAM,KAAA,IAAA,CAAK,SAAU,CAAA,CAAA,CAAA,KAAK,QAAS,CAAA,CAAC,CAAM,KAAA,QAAA,CAAS,CAAC,CAAC,CAAA;AAAA,GACvE,CAAA;AACF,EAAA;AAEa,MAAA,WAAA,GAAc,CAAC,MAAiC,KAAA;AAC3D,EAAO,OAAA;AAAA,IACL,gBAAA,EAAkB,OAAO,eAAgB,CAAA,GAAA;AAAA,MACvC,CAAC,QAAwB,GAAI,CAAA,GAAA;AAAA,KAC/B;AAAA,IACA,IAAA,EAAM,GAAG,MAAO,CAAA,IAAI,IAAI,MAAO,CAAA,SAAS,CAAI,CAAA,EAAA,MAAA,CAAO,IAAI,CAAA,CAAA;AAAA,IACvD,QAAU,EAAA;AAAA,MACR,aAAa,MAAO,CAAA,WAAA;AAAA,KACtB;AAAA,GACF,CAAA;AACF,EAAA;AAEa,MAAA,gBAAA,GAAmB,IAAI,MAAO,CAAA;AAAA,EACzC,IAAM,EAAA,GAAA,CAAI,MAAO,EAAA,CAAE,SAAS,kBAAkB,CAAA;AAAA,EAC9C,iBAAiB,GAAI,CAAA,KAAA,EAAQ,CAAA,GAAA,CAAI,GAAG,oBAAoB,CAAA;AAAA,EACxD,sBAAA,EAAwB,GAAI,CAAA,KAAA,EAAQ,CAAA,EAAA;AAAA,IAClC,GAAA,CAAI,MAAO,EAAA,CAAE,KAAM,CAAA;AAAA,MACjB,MAAQ,EAAA,GAAA,CAAI,MAAO,EAAA,CAAE,SAAS,oBAAoB,CAAA;AAAA,MAClD,UAAY,EAAA,GAAA,CAAI,MAAO,EAAA,CAAE,SAAS,wBAAwB,CAAA;AAAA,KAC3D,CAAA;AAAA,GACH;AACF,CAAC,EAAA;AAEY,MAAA,eAAA,GAAkB,CAAC,MAAyB,KAAA;AACvD,EAAO,OAAA,MAAA,CAAO,SAAS,OACnB,GAAA,MAAA,CAAO,WAAW,MAAO,CAAA,CAAC,KAAU,QAA+B,KAAA;AACjE,IAAA,IAAI,IAAO,GAAA,GAAA,CAAA;AACX,IAAI,IAAA,QAAA,CAAS,SAAS,WAAa,EAAA;AACjC,MAAA,IAAA,EAAA,CAAA;AAAA,KACF;AACA,IAAO,OAAA,IAAA,CAAA;AAAA,GACT,EAAG,CAAC,CACJ,GAAA,KAAA,CAAA,CAAA;AACN,EAAA;AAEa,MAAA,oBAAA,GAAuB,CAAC,MAAyB,KAAA;AAC5D,EAAO,OAAA,MAAA,CAAO,SAAS,OACnB,GAAA,MAAA,CAAO,WAAW,MAAO,CAAA,CAAC,KAAU,QAA+B,KAAA;AACjE,IAAA,IAAI,IAAO,GAAA,GAAA,CAAA;AACX,IAAI,IAAA,QAAA,CAAS,SAAS,SAAW,EAAA;AAC/B,MAAA,IAAA,EAAA,CAAA;AAAA,KACF;AACA,IAAO,OAAA,IAAA,CAAA;AAAA,GACT,EAAG,CAAC,CACJ,GAAA,KAAA,CAAA,CAAA;AACN,EAAA;AAEa,MAAA,mBAAA,GAAsB,CAAC,MAAyB,KAAA;AAC3D,EAAO,OAAA,MAAA,CAAO,SAAS,OACnB,GAAA,MAAA,CAAO,WAAW,MAAO,CAAA,CAAC,KAAU,QAA+B,KAAA;AACjE,IAAA,IAAI,IAAO,GAAA,GAAA,CAAA;AACX,IAAI,IAAA,QAAA,CAAS,SAAS,UAAY,EAAA;AAChC,MAAA,IAAA,EAAA,CAAA;AAAA,KACF;AACA,IAAO,OAAA,IAAA,CAAA;AAAA,GACT,EAAG,CAAC,CACJ,GAAA,KAAA,CAAA,CAAA;AACN,EAAA;AAEa,MAAA,qBAAA,GAAwB,CACnC,QACuB,KAAA;AACvB,EAAA,OAAO,QAAS,CAAA,MAAA;AAAA,IACd,CAAC,QAA4B,MAA0B,KAAA;AACrD,MAAA,MAAM,aAAa,iBAAkB,CAAA,MAAM,CACtC,GAAA,MAAA,CAA2B,eAC5B,MAAO,CAAA,IAAA,CAAA;AACX,MAAO,OAAA;AAAA,QACL,GAAG,MAAA;AAAA,QACH,CAAC,UAAU,GAAG,QAAS,CAAA,MAAA;AAAA,UACrB,CAAC,aAA2D,GAAQ,KAAA;AAClE,YAAA,MAAM,OAAO,iBAAkB,CAAA,GAAG,CAC7B,GAAA,GAAA,CAAwB,eACzB,GAAI,CAAA,IAAA,CAAA;AACR,YAAA,IAAI,UAAe,KAAA,IAAA;AACjB,cAAO,OAAA;AAAA,gBACL,QAAU,EAAA,MAAA;AAAA,kBACR,CAAC,GAAG,WAAA,CAAY,UAAU,YAAa,CAAA,GAAA,CAAI,MAAgB,CAAC,CAAA;AAAA,kBAC5D,CAAO,GAAA,KAAA,GAAA;AAAA,iBACT;AAAA,gBACA,WAAA,EAAa,kBAAkB,GAAG,CAAA;AAAA,eACpC,CAAA;AACF,YAAO,OAAA,WAAA,CAAA;AAAA,WACT;AAAA,UACA,EAAE,QAAA,EAAU,EAAC,EAAG,aAAa,KAAM,EAAA;AAAA,SACrC;AAAA,OACF,CAAA;AAAA,KACF;AAAA,IACA,EAAC;AAAA,GACH,CAAA;AACF,EAAA;AAEa,MAAA,gCAAA,GAAmC,CAC9C,yBACkC,KAAA;AAClC,EAAA,MAAM,UAAoB,yBAA0B,CAAA,GAAA;AAAA,IAClD,cAAY,QAAS,CAAA,QAAA;AAAA,GACvB,CAAA;AACA,EAAA,MAAM,qBAAqB,yBAA0B,CAAA,MAAA;AAAA,IACnD,CAAC,GAAyB,EAAA,EAAA,EAAI,KAAU,KAAA;AACtC,MAAA,MAAM,cAAc,EAAG,CAAA,QAAA,CAAS,MAAO,CAAA,CAAC,QAAkB,GAAQ,KAAA;AAChE,QAAA,MAAM,aAAa,iBAAkB,CAAA,GAAG,CACnC,GAAA,GAAA,CAAwB,eACzB,GAAI,CAAA,IAAA,CAAA;AACR,QAAO,OAAA,CAAC,GAAG,MAAA,EAAQ,UAAU,CAAA,CAAA;AAAA,OAC/B,EAAG,EAAE,CAAA,CAAA;AACL,MAAO,OAAA;AAAA,QACL,GAAG,GAAA;AAAA,QACH,CAAC,OAAA,CAAQ,KAAK,CAAC,GAAG;AAAA,UAChB,aAAa,MAAO,CAAA,WAAA,IAAe,EAAC,EAAG,SAAO,GAAG,CAAA;AAAA,UACjD,QAAU,EAAA;AAAA,YACR,GAAI,EAAG,CAAA,QAAA,GAAW,sBAAsB,EAAG,CAAA,QAAQ,IAAI,EAAC;AAAA,WAC1D;AAAA,SACF;AAAA,OACF,CAAA;AAAA,KACF;AAAA,IACA,EAAC;AAAA,GACH,CAAA;AACA,EAAO,OAAA,EAAE,SAAS,kBAAmB,EAAA,CAAA;AACvC,EAAA;AAEa,MAAA,yBAAA,GAA4B,CACvC,MACsB,KAAA;AACtB,EAAA,MAAM,EAAE,IAAA,EAAM,IAAM,EAAA,SAAA,EAAW,wBAA2B,GAAA,MAAA,CAAA;AAE1D,EAAA,OAAO,sBAAuB,CAAA,MAAA;AAAA,IAC5B,CAAC,KAAwB,mBAAwB,KAAA;AAC/C,MAAA,MAAM,EAAE,UAAA,EAAY,QAAU,EAAA,UAAA,EAAe,GAAA,mBAAA,CAAA;AAC7C,MAAA,MAAM,yBAAyB,QAAS,CAAA,MAAA;AAAA,QACtC,CAAC,MAAyB,MAAW,KAAA;AACnC,UAAA,IAAI,MAAO,CAAA,MAAA,KAAW,OAAW,IAAA,CAAC,UAAY,EAAA;AAC5C,YAAO,OAAA;AAAA,cACL,GAAG,IAAA;AAAA,cACH;AAAA,gBACE,iBAAiB,CAAG,EAAA,IAAI,CAAI,CAAA,EAAA,SAAS,IAAI,IAAI,CAAA,CAAA;AAAA,gBAC7C,UAAA,EAAY,GAAG,UAAU,CAAA,CAAA;AAAA,gBACzB,MAAQ,EAAA,MAAA,CAAO,MAAO,CAAA,iBAAA,CAAkB,OAAO,CAAA;AAAA,gBAC/C,MAAQ,EAAA,OAAA;AAAA,eACV;AAAA,aACF,CAAA;AAAA,WACF;AACA,UAAO,OAAA,IAAA,CAAA;AAAA,SACT;AAAA,QACA,EAAC;AAAA,OACH,CAAA;AACA,MAAA,OAAO,CAAC,GAAG,GAAK,EAAA,GAAG,sBAAsB,CAAA,CAAA;AAAA,KAC3C;AAAA,IACA,EAAC;AAAA,GACH,CAAA;AACF,EAAA;AAEa,MAAA,oCAAA,GAAuC,CAClD,MACG,KAAA;AACH,EAAA,MAAM,EAAE,IAAA,EAAM,IAAM,EAAA,SAAA,EAAW,wBAA2B,GAAA,MAAA,CAAA;AAE1D,EAAA,OAAO,sBAAuB,CAAA,MAAA;AAAA,IAC5B,CAAC,KAA4B,mBAAyC,KAAA;AACpE,MAAA,MAAM,EAAE,UAAY,EAAA,QAAA,EAAU,WAAa,EAAA,MAAA,EAAQ,YACjD,GAAA,mBAAA,CAAA;AACF,MAAA,MAAM,iBAAoB,GAAA,QAAA,CAAS,MAAO,CAAA,CAAC,MAAgB,MAAW,KAAA;AACpE,QAAI,IAAA,MAAA,CAAO,WAAW,OAAS,EAAA;AAC7B,UAAA,OAAO,CAAC,GAAG,IAAA,EAAM,OAAO,MAAO,CAAA,iBAAA,CAAkB,OAAO,CAAC,CAAA,CAAA;AAAA,SAC3D;AACA,QAAO,OAAA,IAAA,CAAA;AAAA,OACT,EAAG,EAAE,CAAA,CAAA;AACL,MAAA,OAAO,eAAe,UAClB,GAAA;AAAA,QACE,GAAG,GAAA;AAAA,QACH;AAAA,UACE,MAAQ,EAAA,aAAA;AAAA,UACR,eAAe,CAAG,EAAA,IAAI,CAAI,CAAA,EAAA,SAAS,IAAI,IAAI,CAAA,CAAA;AAAA,UAC3C,QAAA,EAAU,GAAG,MAAM,CAAA,CAAA;AAAA,UACnB,YAAA,EAAc,GAAG,UAAU,CAAA,CAAA;AAAA,UAC3B,iBAAA;AAAA,UACA,UACE,EAAA,MAAA,CAAO,IAAK,CAAA,UAAU,CAAE,CAAA,CAAC,CAAM,KAAA,SAAA,CAAU,SACrC,GAAA,EAAE,GAAG,UAAA,CAAW,WAChB,GAAA,UAAA;AAAA,SACR;AAAA,OAEF,GAAA,GAAA,CAAA;AAAA,KACN;AAAA,IACA,EAAC;AAAA,GACH,CAAA;AACF,EAAA;AAEa,MAAA,6BAAA,GAAgC,CAC3C,MAAA,EACA,aAC0B,KAAA;AAC1B,EAAM,MAAA,uBAAA,GAA0B,cAAc,sBAAuB,CAAA,MAAA;AAAA,IACnE,SAAO,GAAI,CAAA,EAAA;AAAA,GACb,CAAA;AAEA,EAAA,MAAM,mBAAmB,MAAO,CAAA,sBAAA,CAAuB,MAAO,CAAA,CAAA,GAAA,KAAO,IAAI,EAAE,CAAA,CAAA;AAE3E,EAAO,OAAA,gBAAA,CAAiB,MAAS,GAAA,CAAA,GAC7B,gBAAiB,CAAA,MAAA;AAAA,IACf,CACE,KACA,SACG,KAAA;AACH,MAAA,MAAM,kBAAkB,uBAAwB,CAAA,IAAA;AAAA,QAC9C,CAAA,CAAA,KAAK,CAAE,CAAA,EAAA,KAAO,SAAU,CAAA,EAAA;AAAA,OAC1B,CAAA;AAEA,MAAA,IAAI,mBAAmB,SAAU,CAAA,EAAA;AAC/B,QAAO,OAAA;AAAA,UACL,GAAG,GAAA;AAAA,UACH;AAAA,YACE,IAAI,SAAU,CAAA,EAAA;AAAA,YACd,iBAAiB,oCAAqC,CAAA;AAAA,cACpD,GAAG,MAAA;AAAA,cACH,sBAAA,EAAwB,CAAC,SAAS,CAAA;AAAA,aACnC,EAAE,CAAC,CAAA;AAAA,WACN;AAAA,SACF,CAAA;AACF,MAAO,OAAA,GAAA,CAAA;AAAA,KACT;AAAA,IACA,EAAC;AAAA,MAEH,EAAC,CAAA;AACP,EAAA;AAEa,MAAA,yBAAA,GAA4B,CAAC,MAA2B,KAAA;AACnE,EAAM,MAAA,SAAA,GAAY,EAAE,GAAG,MAAO,EAAA,CAAA;AAC9B,EAAM,MAAA,qBAAA,GAAwB,OAAO,sBAAuB,CAAA,MAAA;AAAA,IAC1D,CAAA,GAAA,KAAO,CAAC,GAAI,CAAA,EAAA;AAAA,GACd,CAAA;AACA,EAAA,SAAA,CAAU,sBAAyB,GAAA,qBAAA,CAAA;AACnC,EAAA,OAAO,qCAAqC,SAAS,CAAA,CAAA;AACvD,EAAA;AAEa,MAAA,gCAAA,GAAmC,CAC9C,MAAA,EACA,aACG,KAAA;AACH,EAAM,MAAA,oBAAA,GAAuB,aAAc,CAAA,sBAAA,CACxC,GAAI,CAAA,CAAA,GAAA,KAAO,IAAI,EAAE,CAAA,CACjB,MAAO,CAAA,CAAA,EAAA,KAAM,EAAE,CAAA,CAAA;AAElB,EAAM,MAAA,gBAAA,GAAmB,MAAO,CAAA,sBAAA,CAC7B,GAAI,CAAA,CAAA,GAAA,KAAO,IAAI,EAAE,CAAA,CACjB,MAAO,CAAA,CAAA,EAAA,KAAM,EAAE,CAAA,CAAA;AAElB,EAAA,OAAO,qBAAqB,MAAS,GAAA,CAAA,GACjC,qBAAqB,MAAO,CAAA,CAAC,KAAe,KAAU,KAAA;AACpD,IAAM,MAAA,eAAA,GAAkB,gBAAiB,CAAA,QAAA,CAAS,KAAK,CAAA,CAAA;AACvD,IAAA,IAAI,iBAAwB,OAAA,GAAA,CAAA;AAC5B,IAAA,OAAO,KAAQ,GAAA,CAAC,GAAG,GAAA,EAAK,KAAK,CAAI,GAAA,GAAA,CAAA;AAAA,GAChC,EAAA,EAAE,CAAA,GACL,EAAC,CAAA;AACP,EAAA;AAEa,MAAA,oBAAA,GAAuB,CAAC,MAA2B,KAAA;AAC9D,EAAA,OACE,0BAA0B,MAAM,CAAA,CAAE,MAClC,GAAA,oCAAA,CAAqC,MAAM,CAAE,CAAA,MAAA,CAAA;AAEjD,EAAA;AAMa,MAAA,cAAA,GAAiB,CAAC,UAAgC,KAAA;AAC7D,EAAI,IAAA,CAAC,YAAmB,OAAA,CAAA,CAAA;AACxB,EAAA,IAAI,WAAc,GAAA,CAAA,CAAA;AAElB,EAAA,IAAI,WAAW,KAAO,EAAA;AACpB,IAAA,WAAA,IAAe,UAAW,CAAA,KAAA,CAAM,MAAO,CAAA,CAAC,KAAK,SAAc,KAAA;AACzD,MAAO,OAAA,GAAA,GAAM,eAAe,SAA2B,CAAA,CAAA;AAAA,OACtD,CAAC,CAAA,CAAA;AAAA,GACN;AAEA,EAAA,IAAI,WAAW,KAAO,EAAA;AACpB,IAAA,WAAA,IAAe,UAAW,CAAA,KAAA,CAAM,MAAO,CAAA,CAAC,KAAK,SAAc,KAAA;AACzD,MAAO,OAAA,GAAA,GAAM,eAAe,SAA2B,CAAA,CAAA;AAAA,OACtD,CAAC,CAAA,CAAA;AAAA,GACN;AAEA,EAAA,IAAI,WAAW,GAAK,EAAA;AAClB,IAAe,WAAA,IAAA,cAAA,CAAe,WAAW,GAAqB,CAAA,CAAA;AAAA,GAChE;AAEA,EAAI,IAAA,UAAA,CAAW,aAAa,MAAO,CAAA,IAAA,CAAK,UAAU,CAAE,CAAA,QAAA,CAAS,MAAM,CAAG,EAAA;AACpE,IAAe,WAAA,IAAA,CAAA,CAAA;AAAA,GACjB;AAEA,EAAO,OAAA,WAAA,CAAA;AACT;;;;"}

package/dist/utils/rbac-utils.esm.js ADDED Viewed

@@ -0,0 +1,256 @@
+import { parseEntityRef, isUserEntity, stringifyEntityRef } from '@backstage/catalog-model';
+import { getTitleCase } from '@janus-idp/shared-react';
+import { isResourcedPolicy } from '@backstage-community/plugin-rbac-common';
+import { criterias } from '../components/ConditionalAccess/const.esm.js';
+import { getMembersCount } from './create-role-utils.esm.js';
+const getPermissionsArray = (role, policies) => {
+  if (!policies || policies?.length === 0 || !Array.isArray(policies)) {
+    return [];
+  }
+  return policies.filter(
+    (policy) => policy.entityReference === role && policy.effect !== "deny"
+  );
+};
+const getPermissions = (role, policies) => {
+  return getPermissionsArray(role, policies).length;
+};
+const getMembersString = (res) => {
+  let membersString = "";
+  if (res.users > 0) {
+    membersString = `${res.users} ${res.users > 1 ? "users" : "user"}`;
+  }
+  if (res.groups > 0) {
+    membersString = membersString.concat(
+      membersString.length > 0 ? ", " : "",
+      `${res.groups} ${res.groups > 1 ? "groups" : "group"}`
+    );
+  }
+  return membersString;
+};
+const getMembers = (members) => {
+  if (!members || members.length === 0) {
+    return "No members";
+  }
+  const res = members.reduce(
+    (acc, member) => {
+      if (typeof member === "object") {
+        if (member.type === "User" || member.type === "user") {
+          acc.users++;
+        } else {
+          acc.groups++;
+        }
+      } else {
+        const entity = parseEntityRef(member);
+        if (isUserEntity(entity)) {
+          acc.users++;
+        } else {
+          acc.groups++;
+        }
+      }
+      return acc;
+    },
+    { users: 0, groups: 0 }
+  );
+  return getMembersString(res);
+};
+const getMembersFromGroup = (group) => {
+  const membersList = group.relations?.reduce((acc, relation) => {
+    let temp = acc;
+    if (relation.type === "hasMember") {
+      temp++;
+    }
+    return temp;
+  }, 0);
+  return membersList ?? 0;
+};
+const getPluginInfo = (permissions, permissionName) => permissions.reduce(
+  (acc, p) => {
+    const policy = p.policies.find((pol) => {
+      if (pol.name === permissionName) {
+        return true;
+      }
+      if (isResourcedPolicy(pol)) {
+        return pol.resourceType === permissionName;
+      }
+      return false;
+    });
+    if (policy) {
+      return {
+        pluginId: p.pluginId || "-",
+        isResourced: isResourcedPolicy(policy) || false
+      };
+    }
+    return acc;
+  },
+  { pluginId: "-", isResourced: false }
+);
+const getPolicy = (str) => {
+  const arr = str.split(".");
+  return arr[arr.length - 1];
+};
+const getAllPolicies = (permission, allowedPolicies, policies) => {
+  const deniedPolicies = policies?.reduce((acc, p) => {
+    const perm = isResourcedPolicy(p) ? p.resourceType : p.name;
+    if (permission === perm && !allowedPolicies.find(
+      (allowedPolicy) => allowedPolicy.policy.toLocaleLowerCase("en-US") === p.policy?.toLocaleLowerCase("en-US")
+    )) {
+      acc.push({
+        policy: getTitleCase(p.policy) || "Use",
+        effect: "deny"
+      });
+    }
+    return acc;
+  }, []);
+  return [...allowedPolicies || [], ...deniedPolicies || []];
+};
+const getPermissionsData = (policies, permissionPolicies) => {
+  const data = policies.reduce(
+    (acc, policy) => {
+      if (policy?.effect === "allow") {
+        const policyStr = policy?.policy ?? getPolicy(policy.permission);
+        const policyTitleCase = getTitleCase(policyStr);
+        const permission = acc.find(
+          (plugin) => plugin.permission === policy.permission && !plugin.policies.has({
+            policy: policyTitleCase || "Use",
+            effect: "allow"
+          })
+        );
+        if (permission) {
+          permission.policyString?.add(
+            policyTitleCase ? `, ${policyTitleCase}` : ", Use"
+          );
+          permission.policies.add({
+            policy: policyTitleCase || "Use",
+            effect: policy.effect
+          });
+        } else {
+          const policyString = /* @__PURE__ */ new Set();
+          const policiesSet = /* @__PURE__ */ new Set();
+          acc.push({
+            permission: policy.permission ?? "-",
+            plugin: getPluginInfo(permissionPolicies, policy?.permission).pluginId,
+            policyString: policyString.add(policyTitleCase || "Use"),
+            policies: policiesSet.add({
+              policy: policyTitleCase || "Use",
+              effect: policy.effect
+            }),
+            isResourced: getPluginInfo(permissionPolicies, policy?.permission).isResourced
+          });
+        }
+      }
+      return acc;
+    },
+    []
+  );
+  return data.map((p) => ({
+    ...p,
+    ...p.policyString ? { policyString: Array.from(p.policyString) } : {},
+    policies: getAllPolicies(
+      p.permission,
+      Array.from(p.policies),
+      permissionPolicies.find((pp) => pp.pluginId === p.plugin)?.policies
+    )
+  }));
+};
+const getConditionUpperCriteria = (conditions) => {
+  return Object.keys(conditions).find(
+    (key) => [criterias.allOf, criterias.anyOf, criterias.not].includes(
+      key
+    )
+  );
+};
+const getConditionsData = (conditions) => {
+  const upperCriteria = getConditionUpperCriteria(conditions) ?? criterias.condition;
+  switch (upperCriteria) {
+    case criterias.allOf: {
+      const allOfConditions = conditions.allOf;
+      allOfConditions.map((aoc) => {
+        if (getConditionUpperCriteria(aoc)) {
+          return getConditionsData(aoc);
+        }
+        return aoc;
+      });
+      return { allOf: allOfConditions };
+    }
+    case criterias.anyOf: {
+      const anyOfConditions = conditions.anyOf;
+      anyOfConditions.map((aoc) => {
+        if (getConditionUpperCriteria(aoc)) {
+          return getConditionsData(aoc);
+        }
+        return aoc;
+      });
+      return { anyOf: anyOfConditions };
+    }
+    case criterias.not: {
+      const notCondition = conditions.not;
+      const nestedCondition = getConditionUpperCriteria(notCondition) ? getConditionsData(notCondition) : notCondition;
+      return { not: nestedCondition };
+    }
+    default:
+      return { condition: conditions };
+  }
+};
+const getPoliciesData = (allowedPermissions, policies) => {
+  return policies.map((p) => ({
+    policy: p,
+    ...allowedPermissions.includes(p.toLocaleLowerCase("en-US")) ? { effect: "allow" } : { effect: "deny" }
+  }));
+};
+const getConditionalPermissionsData = (conditionalPermissions, permissionPolicies) => {
+  return conditionalPermissions.reduce((acc, cp) => {
+    const conditions = getConditionsData(cp.conditions);
+    const allPolicies = permissionPolicies.pluginsPermissions?.[cp.pluginId]?.policies?.[cp.resourceType]?.policies ?? [];
+    const allowedPermissions = cp.permissionMapping.map(
+      (action) => action.toLocaleLowerCase("en-US")
+    );
+    const policyString = allowedPermissions.map((p) => p[0].toLocaleUpperCase("en-US") + p.slice(1)).join(", ");
+    return [
+      ...acc,
+      ...conditions ? [
+        {
+          plugin: cp.pluginId,
+          permission: cp.resourceType,
+          isResourced: true,
+          policies: getPoliciesData(allowedPermissions, allPolicies),
+          policyString,
+          conditions,
+          id: cp.id
+        }
+      ] : []
+    ];
+  }, []);
+};
+const getSelectedMember = (memberResource, ref) => {
+  if (memberResource) {
+    return {
+      id: memberResource.metadata.etag,
+      ref: stringifyEntityRef(memberResource),
+      label: memberResource.spec.profile?.displayName ?? memberResource.metadata.name,
+      etag: memberResource.metadata.etag,
+      type: memberResource.kind,
+      namespace: memberResource.metadata.namespace,
+      members: getMembersCount(memberResource)
+    };
+  } else if (ref) {
+    const { kind, namespace, name } = parseEntityRef(ref);
+    return {
+      id: `${kind}-${namespace}-${name}`,
+      ref,
+      label: name,
+      etag: `${kind}-${namespace}-${name}`,
+      type: kind,
+      namespace,
+      members: kind === "group" ? 0 : void 0
+    };
+  }
+  return {};
+};
+const isSamePermissionPolicy = (a, b) => a.entityReference === b.entityReference && a.permission === b.permission && a.policy === b.policy && a.effect === b.effect;
+const onlyInLeft = (left, right, compareFunction) => left.filter(
+  (leftValue) => !right.some((rightValue) => compareFunction(leftValue, rightValue))
+);
+export { getConditionUpperCriteria, getConditionalPermissionsData, getConditionsData, getMembers, getMembersFromGroup, getMembersString, getPermissions, getPermissionsArray, getPermissionsData, getPluginInfo, getPoliciesData, getSelectedMember, isSamePermissionPolicy, onlyInLeft };
+//# sourceMappingURL=rbac-utils.esm.js.map

package/dist/utils/rbac-utils.esm.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"rbac-utils.esm.js","sources":["../../src/utils/rbac-utils.ts"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport {\n GroupEntity,\n isUserEntity,\n parseEntityRef,\n stringifyEntityRef,\n} from '@backstage/catalog-model';\nimport {\n AllOfCriteria,\n AnyOfCriteria,\n NotCriteria,\n PermissionCondition,\n PermissionCriteria,\n} from '@backstage/plugin-permission-common';\n\nimport { getTitleCase } from '@janus-idp/shared-react';\n\nimport {\n isResourcedPolicy,\n PermissionAction,\n PluginPermissionMetaData,\n PolicyDetails,\n RoleBasedPolicy,\n RoleConditionalPolicyDecision,\n} from '@backstage-community/plugin-rbac-common';\n\nimport { criterias } from '../components/ConditionalAccess/const';\nimport { ConditionsData } from '../components/ConditionalAccess/types';\nimport {\n PluginsPermissionPoliciesData,\n RowPolicy,\n SelectedMember,\n} from '../components/CreateRole/types';\nimport {\n MemberEntity,\n MembersData,\n PermissionsData,\n PermissionsDataSet,\n} from '../types';\nimport { getMembersCount } from './create-role-utils';\n\nexport const getPermissionsArray = (\n role: string,\n policies: RoleBasedPolicy[],\n): RoleBasedPolicy[] => {\n if (!policies || policies?.length === 0 || !Array.isArray(policies)) {\n return [];\n }\n return policies.filter(\n (policy: RoleBasedPolicy) =>\n policy.entityReference === role && policy.effect !== 'deny',\n );\n};\n\nexport const getPermissions = (\n role: string,\n policies: RoleBasedPolicy[],\n): number => {\n return getPermissionsArray(role, policies).length;\n};\n\nexport const getMembersString = (res: {\n users: number;\n groups: number;\n}): string => {\n let membersString = '';\n if (res.users > 0) {\n membersString = `${res.users} ${res.users > 1 ? 'users' : 'user'}`;\n }\n if (res.groups > 0) {\n membersString = membersString.concat(\n membersString.length > 0 ? ', ' : '',\n `${res.groups} ${res.groups > 1 ? 'groups' : 'group'}`,\n );\n }\n return membersString;\n};\n\nexport const getMembers = (\n members: (string | MembersData | SelectedMember)[],\n): string => {\n if (!members || members.length === 0) {\n return 'No members';\n }\n\n const res = members.reduce(\n (acc, member) => {\n if (typeof member === 'object') {\n if (member.type === 'User' || member.type === 'user') {\n acc.users++;\n } else {\n acc.groups++;\n }\n } else {\n const entity = parseEntityRef(member) as any;\n if (isUserEntity(entity)) {\n acc.users++;\n } else {\n acc.groups++;\n }\n }\n return acc;\n },\n { users: 0, groups: 0 },\n );\n\n return getMembersString(res);\n};\n\nexport const getMembersFromGroup = (group: GroupEntity): number => {\n const membersList = group.relations?.reduce((acc, relation) => {\n let temp = acc;\n if (relation.type === 'hasMember') {\n temp++;\n }\n return temp;\n }, 0);\n return membersList ?? 0;\n};\n\nexport const getPluginInfo = (\n permissions: PluginPermissionMetaData[],\n permissionName?: string,\n): { pluginId: string; isResourced: boolean } =>\n permissions.reduce(\n (\n acc: { pluginId: string; isResourced: boolean },\n p: PluginPermissionMetaData,\n ) => {\n const policy = p.policies.find(pol => {\n if (pol.name === permissionName) {\n return true;\n }\n if (isResourcedPolicy(pol)) {\n return pol.resourceType === permissionName;\n }\n return false;\n });\n if (policy) {\n return {\n pluginId: p.pluginId || '-',\n isResourced: isResourcedPolicy(policy) || false,\n };\n }\n return acc;\n },\n { pluginId: '-', isResourced: false },\n );\n\nconst getPolicy = (str: string) => {\n const arr = str.split('.');\n return arr[arr.length - 1];\n};\n\nconst getAllPolicies = (\n permission: string,\n allowedPolicies: RowPolicy[],\n policies: PolicyDetails[],\n) => {\n const deniedPolicies = policies?.reduce((acc, p) => {\n const perm = isResourcedPolicy(p) ? p.resourceType : p.name;\n if (\n permission === perm &&\n !allowedPolicies.find(\n allowedPolicy =>\n allowedPolicy.policy.toLocaleLowerCase('en-US') ===\n p.policy?.toLocaleLowerCase('en-US'),\n )\n ) {\n acc.push({\n policy: getTitleCase(p.policy) || 'Use',\n effect: 'deny',\n });\n }\n return acc;\n }, [] as RowPolicy[]);\n return [...(allowedPolicies || []), ...(deniedPolicies || [])];\n};\n\nexport const getPermissionsData = (\n policies: RoleBasedPolicy[],\n permissionPolicies: PluginPermissionMetaData[],\n): PermissionsData[] => {\n const data = policies.reduce(\n (acc: PermissionsDataSet[], policy: RoleBasedPolicy) => {\n if (policy?.effect === 'allow') {\n const policyStr =\n policy?.policy ?? getPolicy(policy.permission as string);\n const policyTitleCase = getTitleCase(policyStr);\n const permission = acc.find(\n plugin =>\n plugin.permission === policy.permission &&\n !plugin.policies.has({\n policy: policyTitleCase || 'Use',\n effect: 'allow',\n }),\n );\n if (permission) {\n permission.policyString?.add(\n policyTitleCase ? `, ${policyTitleCase}` : ', Use',\n );\n permission.policies.add({\n policy: policyTitleCase || 'Use',\n effect: policy.effect,\n });\n } else {\n const policyString = new Set<string>();\n const policiesSet = new Set<{ policy: string; effect: string }>();\n acc.push({\n permission: policy.permission ?? '-',\n plugin: getPluginInfo(permissionPolicies, policy?.permission)\n .pluginId,\n policyString: policyString.add(policyTitleCase || 'Use'),\n policies: policiesSet.add({\n policy: policyTitleCase || 'Use',\n effect: policy.effect,\n }),\n isResourced: getPluginInfo(permissionPolicies, policy?.permission)\n .isResourced,\n });\n }\n }\n return acc;\n },\n [],\n );\n return data.map((p: PermissionsDataSet) => ({\n ...p,\n ...(p.policyString ? { policyString: Array.from(p.policyString) } : {}),\n policies: getAllPolicies(\n p.permission,\n Array.from(p.policies),\n permissionPolicies.find(pp => pp.pluginId === p.plugin)\n ?.policies as PolicyDetails[],\n ),\n })) as PermissionsData[];\n};\n\nexport const getConditionUpperCriteria = (\n conditions: PermissionCriteria<PermissionCondition> | string,\n): string | undefined => {\n return Object.keys(conditions).find(key =>\n [criterias.allOf, criterias.anyOf, criterias.not].includes(\n key as keyof ConditionsData,\n ),\n );\n};\n\nexport const getConditionsData = (\n conditions: PermissionCriteria<PermissionCondition>,\n): ConditionsData | undefined => {\n const upperCriteria =\n getConditionUpperCriteria(conditions) ?? criterias.condition;\n\n switch (upperCriteria) {\n case criterias.allOf: {\n const allOfConditions = (conditions as AllOfCriteria<PermissionCondition>)\n .allOf;\n allOfConditions.map(aoc => {\n if (getConditionUpperCriteria(aoc)) {\n return getConditionsData(aoc);\n }\n return aoc;\n });\n return { allOf: allOfConditions as PermissionCondition[] };\n }\n case criterias.anyOf: {\n const anyOfConditions = (conditions as AnyOfCriteria<PermissionCondition>)\n .anyOf;\n anyOfConditions.map(aoc => {\n if (getConditionUpperCriteria(aoc)) {\n return getConditionsData(aoc);\n }\n return aoc;\n });\n return { anyOf: anyOfConditions as PermissionCondition[] };\n }\n case criterias.not: {\n const notCondition = (conditions as NotCriteria<PermissionCondition>).not;\n const nestedCondition = getConditionUpperCriteria(notCondition)\n ? getConditionsData(notCondition)\n : notCondition;\n return { not: nestedCondition as PermissionCondition };\n }\n default:\n return { condition: conditions as PermissionCondition };\n }\n};\n\nexport const getPoliciesData = (\n allowedPermissions: string[],\n policies: string[],\n): RowPolicy[] => {\n return policies.map(p => ({\n policy: p,\n ...(allowedPermissions.includes(p.toLocaleLowerCase('en-US'))\n ? { effect: 'allow' }\n : { effect: 'deny' }),\n }));\n};\n\nexport const getConditionalPermissionsData = (\n conditionalPermissions: RoleConditionalPolicyDecision<PermissionAction>[],\n permissionPolicies: PluginsPermissionPoliciesData,\n): PermissionsData[] => {\n return conditionalPermissions.reduce((acc: any, cp) => {\n const conditions = getConditionsData(cp.conditions);\n const allPolicies =\n permissionPolicies.pluginsPermissions?.[cp.pluginId]?.policies?.[\n cp.resourceType\n ]?.policies ?? [];\n const allowedPermissions = cp.permissionMapping.map(action =>\n action.toLocaleLowerCase('en-US'),\n );\n const policyString = allowedPermissions\n .map(p => p[0].toLocaleUpperCase('en-US') + p.slice(1))\n .join(', ');\n\n return [\n ...acc,\n ...(conditions\n ? [\n {\n plugin: cp.pluginId,\n permission: cp.resourceType,\n isResourced: true,\n policies: getPoliciesData(allowedPermissions, allPolicies),\n policyString,\n conditions,\n id: cp.id,\n },\n ]\n : []),\n ];\n }, []);\n};\n\nexport const getSelectedMember = (\n memberResource: MemberEntity | undefined,\n ref: string,\n): SelectedMember => {\n if (memberResource) {\n return {\n id: memberResource.metadata.etag as string,\n ref: stringifyEntityRef(memberResource),\n label:\n memberResource.spec.profile?.displayName ??\n memberResource.metadata.name,\n etag: memberResource.metadata.etag as string,\n type: memberResource.kind,\n namespace: memberResource.metadata.namespace as string,\n members: getMembersCount(memberResource),\n };\n } else if (ref) {\n const { kind, namespace, name } = parseEntityRef(ref);\n return {\n id: `${kind}-${namespace}-${name}`,\n ref,\n label: name,\n etag: `${kind}-${namespace}-${name}`,\n type: kind,\n namespace: namespace,\n members: kind === 'group' ? 0 : undefined,\n };\n }\n return {} as SelectedMember;\n};\n\nexport const isSamePermissionPolicy = (\n a: RoleBasedPolicy,\n b: RoleBasedPolicy,\n) =>\n a.entityReference === b.entityReference &&\n a.permission === b.permission &&\n a.policy === b.policy &&\n a.effect === b.effect;\n\nexport const onlyInLeft = (\n left: RoleBasedPolicy[],\n right: RoleBasedPolicy[],\n compareFunction: (a: RoleBasedPolicy, b: RoleBasedPolicy) => boolean,\n) =>\n left.filter(\n leftValue =>\n !right.some(rightValue => compareFunction(leftValue, rightValue)),\n );\n"],"names":[],"mappings":";;;;;;AAuDa,MAAA,mBAAA,GAAsB,CACjC,IAAA,EACA,QACsB,KAAA;AACtB,EAAI,IAAA,CAAC,YAAY,QAAU,EAAA,MAAA,KAAW,KAAK,CAAC,KAAA,CAAM,OAAQ,CAAA,QAAQ,CAAG,EAAA;AACnE,IAAA,OAAO,EAAC,CAAA;AAAA,GACV;AACA,EAAA,OAAO,QAAS,CAAA,MAAA;AAAA,IACd,CAAC,MACC,KAAA,MAAA,CAAO,eAAoB,KAAA,IAAA,IAAQ,OAAO,MAAW,KAAA,MAAA;AAAA,GACzD,CAAA;AACF,EAAA;AAEa,MAAA,cAAA,GAAiB,CAC5B,IAAA,EACA,QACW,KAAA;AACX,EAAO,OAAA,mBAAA,CAAoB,IAAM,EAAA,QAAQ,CAAE,CAAA,MAAA,CAAA;AAC7C,EAAA;AAEa,MAAA,gBAAA,GAAmB,CAAC,GAGnB,KAAA;AACZ,EAAA,IAAI,aAAgB,GAAA,EAAA,CAAA;AACpB,EAAI,IAAA,GAAA,CAAI,QAAQ,CAAG,EAAA;AACjB,IAAgB,aAAA,GAAA,CAAA,EAAG,IAAI,KAAK,CAAA,CAAA,EAAI,IAAI,KAAQ,GAAA,CAAA,GAAI,UAAU,MAAM,CAAA,CAAA,CAAA;AAAA,GAClE;AACA,EAAI,IAAA,GAAA,CAAI,SAAS,CAAG,EAAA;AAClB,IAAA,aAAA,GAAgB,aAAc,CAAA,MAAA;AAAA,MAC5B,aAAA,CAAc,MAAS,GAAA,CAAA,GAAI,IAAO,GAAA,EAAA;AAAA,MAClC,CAAA,EAAG,IAAI,MAAM,CAAA,CAAA,EAAI,IAAI,MAAS,GAAA,CAAA,GAAI,WAAW,OAAO,CAAA,CAAA;AAAA,KACtD,CAAA;AAAA,GACF;AACA,EAAO,OAAA,aAAA,CAAA;AACT,EAAA;AAEa,MAAA,UAAA,GAAa,CACxB,OACW,KAAA;AACX,EAAA,IAAI,CAAC,OAAA,IAAW,OAAQ,CAAA,MAAA,KAAW,CAAG,EAAA;AACpC,IAAO,OAAA,YAAA,CAAA;AAAA,GACT;AAEA,EAAA,MAAM,MAAM,OAAQ,CAAA,MAAA;AAAA,IAClB,CAAC,KAAK,MAAW,KAAA;AACf,MAAI,IAAA,OAAO,WAAW,QAAU,EAAA;AAC9B,QAAA,IAAI,MAAO,CAAA,IAAA,KAAS,MAAU,IAAA,MAAA,CAAO,SAAS,MAAQ,EAAA;AACpD,UAAI,GAAA,CAAA,KAAA,EAAA,CAAA;AAAA,SACC,MAAA;AACL,UAAI,GAAA,CAAA,MAAA,EAAA,CAAA;AAAA,SACN;AAAA,OACK,MAAA;AACL,QAAM,MAAA,MAAA,GAAS,eAAe,MAAM,CAAA,CAAA;AACpC,QAAI,IAAA,YAAA,CAAa,MAAM,CAAG,EAAA;AACxB,UAAI,GAAA,CAAA,KAAA,EAAA,CAAA;AAAA,SACC,MAAA;AACL,UAAI,GAAA,CAAA,MAAA,EAAA,CAAA;AAAA,SACN;AAAA,OACF;AACA,MAAO,OAAA,GAAA,CAAA;AAAA,KACT;AAAA,IACA,EAAE,KAAA,EAAO,CAAG,EAAA,MAAA,EAAQ,CAAE,EAAA;AAAA,GACxB,CAAA;AAEA,EAAA,OAAO,iBAAiB,GAAG,CAAA,CAAA;AAC7B,EAAA;AAEa,MAAA,mBAAA,GAAsB,CAAC,KAA+B,KAAA;AACjE,EAAA,MAAM,cAAc,KAAM,CAAA,SAAA,EAAW,MAAO,CAAA,CAAC,KAAK,QAAa,KAAA;AAC7D,IAAA,IAAI,IAAO,GAAA,GAAA,CAAA;AACX,IAAI,IAAA,QAAA,CAAS,SAAS,WAAa,EAAA;AACjC,MAAA,IAAA,EAAA,CAAA;AAAA,KACF;AACA,IAAO,OAAA,IAAA,CAAA;AAAA,KACN,CAAC,CAAA,CAAA;AACJ,EAAA,OAAO,WAAe,IAAA,CAAA,CAAA;AACxB,EAAA;AAEO,MAAM,aAAgB,GAAA,CAC3B,WACA,EAAA,cAAA,KAEA,WAAY,CAAA,MAAA;AAAA,EACV,CACE,KACA,CACG,KAAA;AACH,IAAA,MAAM,MAAS,GAAA,CAAA,CAAE,QAAS,CAAA,IAAA,CAAK,CAAO,GAAA,KAAA;AACpC,MAAI,IAAA,GAAA,CAAI,SAAS,cAAgB,EAAA;AAC/B,QAAO,OAAA,IAAA,CAAA;AAAA,OACT;AACA,MAAI,IAAA,iBAAA,CAAkB,GAAG,CAAG,EAAA;AAC1B,QAAA,OAAO,IAAI,YAAiB,KAAA,cAAA,CAAA;AAAA,OAC9B;AACA,MAAO,OAAA,KAAA,CAAA;AAAA,KACR,CAAA,CAAA;AACD,IAAA,IAAI,MAAQ,EAAA;AACV,MAAO,OAAA;AAAA,QACL,QAAA,EAAU,EAAE,QAAY,IAAA,GAAA;AAAA,QACxB,WAAA,EAAa,iBAAkB,CAAA,MAAM,CAAK,IAAA,KAAA;AAAA,OAC5C,CAAA;AAAA,KACF;AACA,IAAO,OAAA,GAAA,CAAA;AAAA,GACT;AAAA,EACA,EAAE,QAAA,EAAU,GAAK,EAAA,WAAA,EAAa,KAAM,EAAA;AACtC,EAAA;AAEF,MAAM,SAAA,GAAY,CAAC,GAAgB,KAAA;AACjC,EAAM,MAAA,GAAA,GAAM,GAAI,CAAA,KAAA,CAAM,GAAG,CAAA,CAAA;AACzB,EAAO,OAAA,GAAA,CAAI,GAAI,CAAA,MAAA,GAAS,CAAC,CAAA,CAAA;AAC3B,CAAA,CAAA;AAEA,MAAM,cAAiB,GAAA,CACrB,UACA,EAAA,eAAA,EACA,QACG,KAAA;AACH,EAAA,MAAM,cAAiB,GAAA,QAAA,EAAU,MAAO,CAAA,CAAC,KAAK,CAAM,KAAA;AAClD,IAAA,MAAM,OAAO,iBAAkB,CAAA,CAAC,CAAI,GAAA,CAAA,CAAE,eAAe,CAAE,CAAA,IAAA,CAAA;AACvD,IACE,IAAA,UAAA,KAAe,IACf,IAAA,CAAC,eAAgB,CAAA,IAAA;AAAA,MACf,CAAA,aAAA,KACE,cAAc,MAAO,CAAA,iBAAA,CAAkB,OAAO,CAC9C,KAAA,CAAA,CAAE,MAAQ,EAAA,iBAAA,CAAkB,OAAO,CAAA;AAAA,KAEvC,EAAA;AACA,MAAA,GAAA,CAAI,IAAK,CAAA;AAAA,QACP,MAAQ,EAAA,YAAA,CAAa,CAAE,CAAA,MAAM,CAAK,IAAA,KAAA;AAAA,QAClC,MAAQ,EAAA,MAAA;AAAA,OACT,CAAA,CAAA;AAAA,KACH;AACA,IAAO,OAAA,GAAA,CAAA;AAAA,GACT,EAAG,EAAiB,CAAA,CAAA;AACpB,EAAO,OAAA,CAAC,GAAI,eAAmB,IAAA,IAAK,GAAI,cAAA,IAAkB,EAAG,CAAA,CAAA;AAC/D,CAAA,CAAA;AAEa,MAAA,kBAAA,GAAqB,CAChC,QAAA,EACA,kBACsB,KAAA;AACtB,EAAA,MAAM,OAAO,QAAS,CAAA,MAAA;AAAA,IACpB,CAAC,KAA2B,MAA4B,KAAA;AACtD,MAAI,IAAA,MAAA,EAAQ,WAAW,OAAS,EAAA;AAC9B,QAAA,MAAM,SACJ,GAAA,MAAA,EAAQ,MAAU,IAAA,SAAA,CAAU,OAAO,UAAoB,CAAA,CAAA;AACzD,QAAM,MAAA,eAAA,GAAkB,aAAa,SAAS,CAAA,CAAA;AAC9C,QAAA,MAAM,aAAa,GAAI,CAAA,IAAA;AAAA,UACrB,CAAA,MAAA,KACE,OAAO,UAAe,KAAA,MAAA,CAAO,cAC7B,CAAC,MAAA,CAAO,SAAS,GAAI,CAAA;AAAA,YACnB,QAAQ,eAAmB,IAAA,KAAA;AAAA,YAC3B,MAAQ,EAAA,OAAA;AAAA,WACT,CAAA;AAAA,SACL,CAAA;AACA,QAAA,IAAI,UAAY,EAAA;AACd,UAAA,UAAA,CAAW,YAAc,EAAA,GAAA;AAAA,YACvB,eAAA,GAAkB,CAAK,EAAA,EAAA,eAAe,CAAK,CAAA,GAAA,OAAA;AAAA,WAC7C,CAAA;AACA,UAAA,UAAA,CAAW,SAAS,GAAI,CAAA;AAAA,YACtB,QAAQ,eAAmB,IAAA,KAAA;AAAA,YAC3B,QAAQ,MAAO,CAAA,MAAA;AAAA,WAChB,CAAA,CAAA;AAAA,SACI,MAAA;AACL,UAAM,MAAA,YAAA,uBAAmB,GAAY,EAAA,CAAA;AACrC,UAAM,MAAA,WAAA,uBAAkB,GAAwC,EAAA,CAAA;AAChE,UAAA,GAAA,CAAI,IAAK,CAAA;AAAA,YACP,UAAA,EAAY,OAAO,UAAc,IAAA,GAAA;AAAA,YACjC,MAAQ,EAAA,aAAA,CAAc,kBAAoB,EAAA,MAAA,EAAQ,UAAU,CACzD,CAAA,QAAA;AAAA,YACH,YAAc,EAAA,YAAA,CAAa,GAAI,CAAA,eAAA,IAAmB,KAAK,CAAA;AAAA,YACvD,QAAA,EAAU,YAAY,GAAI,CAAA;AAAA,cACxB,QAAQ,eAAmB,IAAA,KAAA;AAAA,cAC3B,QAAQ,MAAO,CAAA,MAAA;AAAA,aAChB,CAAA;AAAA,YACD,WAAa,EAAA,aAAA,CAAc,kBAAoB,EAAA,MAAA,EAAQ,UAAU,CAC9D,CAAA,WAAA;AAAA,WACJ,CAAA,CAAA;AAAA,SACH;AAAA,OACF;AACA,MAAO,OAAA,GAAA,CAAA;AAAA,KACT;AAAA,IACA,EAAC;AAAA,GACH,CAAA;AACA,EAAO,OAAA,IAAA,CAAK,GAAI,CAAA,CAAC,CAA2B,MAAA;AAAA,IAC1C,GAAG,CAAA;AAAA,IACH,GAAI,CAAE,CAAA,YAAA,GAAe,EAAE,YAAA,EAAc,KAAM,CAAA,IAAA,CAAK,CAAE,CAAA,YAAY,CAAE,EAAA,GAAI,EAAC;AAAA,IACrE,QAAU,EAAA,cAAA;AAAA,MACR,CAAE,CAAA,UAAA;AAAA,MACF,KAAA,CAAM,IAAK,CAAA,CAAA,CAAE,QAAQ,CAAA;AAAA,MACrB,mBAAmB,IAAK,CAAA,CAAA,EAAA,KAAM,GAAG,QAAa,KAAA,CAAA,CAAE,MAAM,CAClD,EAAA,QAAA;AAAA,KACN;AAAA,GACA,CAAA,CAAA,CAAA;AACJ,EAAA;AAEa,MAAA,yBAAA,GAA4B,CACvC,UACuB,KAAA;AACvB,EAAO,OAAA,MAAA,CAAO,IAAK,CAAA,UAAU,CAAE,CAAA,IAAA;AAAA,IAAK,CAAA,GAAA,KAClC,CAAC,SAAU,CAAA,KAAA,EAAO,UAAU,KAAO,EAAA,SAAA,CAAU,GAAG,CAAE,CAAA,QAAA;AAAA,MAChD,GAAA;AAAA,KACF;AAAA,GACF,CAAA;AACF,EAAA;AAEa,MAAA,iBAAA,GAAoB,CAC/B,UAC+B,KAAA;AAC/B,EAAA,MAAM,aACJ,GAAA,yBAAA,CAA0B,UAAU,CAAA,IAAK,SAAU,CAAA,SAAA,CAAA;AAErD,EAAA,QAAQ,aAAe;AAAA,IACrB,KAAK,UAAU,KAAO,EAAA;AACpB,MAAA,MAAM,kBAAmB,UACtB,CAAA,KAAA,CAAA;AACH,MAAA,eAAA,CAAgB,IAAI,CAAO,GAAA,KAAA;AACzB,QAAI,IAAA,yBAAA,CAA0B,GAAG,CAAG,EAAA;AAClC,UAAA,OAAO,kBAAkB,GAAG,CAAA,CAAA;AAAA,SAC9B;AACA,QAAO,OAAA,GAAA,CAAA;AAAA,OACR,CAAA,CAAA;AACD,MAAO,OAAA,EAAE,OAAO,eAAyC,EAAA,CAAA;AAAA,KAC3D;AAAA,IACA,KAAK,UAAU,KAAO,EAAA;AACpB,MAAA,MAAM,kBAAmB,UACtB,CAAA,KAAA,CAAA;AACH,MAAA,eAAA,CAAgB,IAAI,CAAO,GAAA,KAAA;AACzB,QAAI,IAAA,yBAAA,CAA0B,GAAG,CAAG,EAAA;AAClC,UAAA,OAAO,kBAAkB,GAAG,CAAA,CAAA;AAAA,SAC9B;AACA,QAAO,OAAA,GAAA,CAAA;AAAA,OACR,CAAA,CAAA;AACD,MAAO,OAAA,EAAE,OAAO,eAAyC,EAAA,CAAA;AAAA,KAC3D;AAAA,IACA,KAAK,UAAU,GAAK,EAAA;AAClB,MAAA,MAAM,eAAgB,UAAgD,CAAA,GAAA,CAAA;AACtE,MAAA,MAAM,kBAAkB,yBAA0B,CAAA,YAAY,CAC1D,GAAA,iBAAA,CAAkB,YAAY,CAC9B,GAAA,YAAA,CAAA;AACJ,MAAO,OAAA,EAAE,KAAK,eAAuC,EAAA,CAAA;AAAA,KACvD;AAAA,IACA;AACE,MAAO,OAAA,EAAE,WAAW,UAAkC,EAAA,CAAA;AAAA,GAC1D;AACF,EAAA;AAEa,MAAA,eAAA,GAAkB,CAC7B,kBAAA,EACA,QACgB,KAAA;AAChB,EAAO,OAAA,QAAA,CAAS,IAAI,CAAM,CAAA,MAAA;AAAA,IACxB,MAAQ,EAAA,CAAA;AAAA,IACR,GAAI,kBAAA,CAAmB,QAAS,CAAA,CAAA,CAAE,kBAAkB,OAAO,CAAC,CACxD,GAAA,EAAE,MAAQ,EAAA,OAAA,EACV,GAAA,EAAE,QAAQ,MAAO,EAAA;AAAA,GACrB,CAAA,CAAA,CAAA;AACJ,EAAA;AAEa,MAAA,6BAAA,GAAgC,CAC3C,sBAAA,EACA,kBACsB,KAAA;AACtB,EAAA,OAAO,sBAAuB,CAAA,MAAA,CAAO,CAAC,GAAA,EAAU,EAAO,KAAA;AACrD,IAAM,MAAA,UAAA,GAAa,iBAAkB,CAAA,EAAA,CAAG,UAAU,CAAA,CAAA;AAClD,IAAM,MAAA,WAAA,GACJ,kBAAmB,CAAA,kBAAA,GAAqB,EAAG,CAAA,QAAQ,CAAG,EAAA,QAAA,GACpD,EAAG,CAAA,YACL,CAAG,EAAA,QAAA,IAAY,EAAC,CAAA;AAClB,IAAM,MAAA,kBAAA,GAAqB,GAAG,iBAAkB,CAAA,GAAA;AAAA,MAAI,CAAA,MAAA,KAClD,MAAO,CAAA,iBAAA,CAAkB,OAAO,CAAA;AAAA,KAClC,CAAA;AACA,IAAA,MAAM,eAAe,kBAClB,CAAA,GAAA,CAAI,CAAK,CAAA,KAAA,CAAA,CAAE,CAAC,CAAE,CAAA,iBAAA,CAAkB,OAAO,CAAA,GAAI,EAAE,KAAM,CAAA,CAAC,CAAC,CAAA,CACrD,KAAK,IAAI,CAAA,CAAA;AAEZ,IAAO,OAAA;AAAA,MACL,GAAG,GAAA;AAAA,MACH,GAAI,UACA,GAAA;AAAA,QACE;AAAA,UACE,QAAQ,EAAG,CAAA,QAAA;AAAA,UACX,YAAY,EAAG,CAAA,YAAA;AAAA,UACf,WAAa,EAAA,IAAA;AAAA,UACb,QAAA,EAAU,eAAgB,CAAA,kBAAA,EAAoB,WAAW,CAAA;AAAA,UACzD,YAAA;AAAA,UACA,UAAA;AAAA,UACA,IAAI,EAAG,CAAA,EAAA;AAAA,SACT;AAAA,UAEF,EAAC;AAAA,KACP,CAAA;AAAA,GACF,EAAG,EAAE,CAAA,CAAA;AACP,EAAA;AAEa,MAAA,iBAAA,GAAoB,CAC/B,cAAA,EACA,GACmB,KAAA;AACnB,EAAA,IAAI,cAAgB,EAAA;AAClB,IAAO,OAAA;AAAA,MACL,EAAA,EAAI,eAAe,QAAS,CAAA,IAAA;AAAA,MAC5B,GAAA,EAAK,mBAAmB,cAAc,CAAA;AAAA,MACtC,OACE,cAAe,CAAA,IAAA,CAAK,OAAS,EAAA,WAAA,IAC7B,eAAe,QAAS,CAAA,IAAA;AAAA,MAC1B,IAAA,EAAM,eAAe,QAAS,CAAA,IAAA;AAAA,MAC9B,MAAM,cAAe,CAAA,IAAA;AAAA,MACrB,SAAA,EAAW,eAAe,QAAS,CAAA,SAAA;AAAA,MACnC,OAAA,EAAS,gBAAgB,cAAc,CAAA;AAAA,KACzC,CAAA;AAAA,aACS,GAAK,EAAA;AACd,IAAA,MAAM,EAAE,IAAM,EAAA,SAAA,EAAW,IAAK,EAAA,GAAI,eAAe,GAAG,CAAA,CAAA;AACpD,IAAO,OAAA;AAAA,MACL,IAAI,CAAG,EAAA,IAAI,CAAI,CAAA,EAAA,SAAS,IAAI,IAAI,CAAA,CAAA;AAAA,MAChC,GAAA;AAAA,MACA,KAAO,EAAA,IAAA;AAAA,MACP,MAAM,CAAG,EAAA,IAAI,CAAI,CAAA,EAAA,SAAS,IAAI,IAAI,CAAA,CAAA;AAAA,MAClC,IAAM,EAAA,IAAA;AAAA,MACN,SAAA;AAAA,MACA,OAAA,EAAS,IAAS,KAAA,OAAA,GAAU,CAAI,GAAA,KAAA,CAAA;AAAA,KAClC,CAAA;AAAA,GACF;AACA,EAAA,OAAO,EAAC,CAAA;AACV,EAAA;AAEO,MAAM,yBAAyB,CACpC,CAAA,EACA,MAEA,CAAE,CAAA,eAAA,KAAoB,EAAE,eACxB,IAAA,CAAA,CAAE,UAAe,KAAA,CAAA,CAAE,cACnB,CAAE,CAAA,MAAA,KAAW,EAAE,MACf,IAAA,CAAA,CAAE,WAAW,CAAE,CAAA,OAAA;AAEV,MAAM,UAAa,GAAA,CACxB,IACA,EAAA,KAAA,EACA,oBAEA,IAAK,CAAA,MAAA;AAAA,EACH,CAAA,SAAA,KACE,CAAC,KAAM,CAAA,IAAA,CAAK,gBAAc,eAAgB,CAAA,SAAA,EAAW,UAAU,CAAC,CAAA;AACpE;;;;"}

package/dist/utils/role-form-utils.esm.js ADDED Viewed

@@ -0,0 +1,66 @@
+const createPermissions = async (newPermissions, rbacApi, errorMsgPrefix) => {
+  if (newPermissions.length > 0) {
+    const permissionsRes = await rbacApi.createPolicies(newPermissions);
+    if (permissionsRes.error) {
+      throw new Error(
+        `${errorMsgPrefix || "Unable to create the permission policies."} ${permissionsRes.error.message}`
+      );
+    }
+  }
+};
+const removePermissions = async (name, deletePermissions, rbacApi) => {
+  if (deletePermissions.length > 0) {
+    const permissionsRes = await rbacApi.deletePolicies(
+      name,
+      deletePermissions
+    );
+    if (permissionsRes.error) {
+      throw new Error(
+        `Unable to delete the permission policies. ${permissionsRes.error.message}`
+      );
+    }
+  }
+};
+const removeConditions = async (deleteConditions, rbacApi) => {
+  if (deleteConditions.length > 0) {
+    const promises = deleteConditions.map(
+      (cid) => rbacApi.deleteConditionalPolicies(cid)
+    );
+    const cppRes = await Promise.all(promises);
+    const cpErr = cppRes.map((r) => r.error?.message).filter((m) => m);
+    if (cpErr.length > 0) {
+      throw new Error(
+        `Unable to remove conditions from the role. ${cpErr.join("\n")}`
+      );
+    }
+  }
+};
+const modifyConditions = async (updateConditions, rbacApi) => {
+  if (updateConditions.length > 0) {
+    const promises = updateConditions.map(
+      ({ id, updateCondition }) => rbacApi.updateConditionalPolicies(id, updateCondition)
+    );
+    const cppRes = await Promise.all(promises);
+    const cpErr = cppRes.map((r) => r.error?.message).filter((m) => m);
+    if (cpErr.length > 0) {
+      throw new Error(`Unable to update conditions. ${cpErr.join("\n")}`);
+    }
+  }
+};
+const createConditions = async (newConditions, rbacApi, errorMsgPrefix) => {
+  if (newConditions.length > 0) {
+    const promises = newConditions.map(
+      (cpp) => rbacApi.createConditionalPermission(cpp)
+    );
+    const cppRes = await Promise.all(promises);
+    const cpErr = cppRes.map((r) => r.error?.message).filter((m) => m);
+    if (cpErr.length > 0) {
+      throw new Error(
+        `${errorMsgPrefix || "Unable to add conditions to the role."} ${cpErr.join("\n")}`
+      );
+    }
+  }
+};
+export { createConditions, createPermissions, modifyConditions, removeConditions, removePermissions };
+//# sourceMappingURL=role-form-utils.esm.js.map

package/dist/utils/role-form-utils.esm.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"role-form-utils.esm.js","sources":["../../src/utils/role-form-utils.ts"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport { RoleBasedPolicy } from '@backstage-community/plugin-rbac-common';\n\nimport { RBACAPI } from '../api/RBACBackendClient';\nimport {\n RoleBasedConditions,\n RoleError,\n UpdatedConditionsData,\n} from '../types';\n\nexport const createPermissions = async (\n newPermissions: RoleBasedPolicy[],\n rbacApi: RBACAPI,\n errorMsgPrefix?: string,\n) => {\n if (newPermissions.length > 0) {\n const permissionsRes = await rbacApi.createPolicies(newPermissions);\n if ((permissionsRes as unknown as RoleError).error) {\n throw new Error(\n `${errorMsgPrefix || 'Unable to create the permission policies.'} ${\n (permissionsRes as unknown as RoleError).error.message\n }`,\n );\n }\n }\n};\n\nexport const removePermissions = async (\n name: string,\n deletePermissions: RoleBasedPolicy[],\n rbacApi: RBACAPI,\n) => {\n if (deletePermissions.length > 0) {\n const permissionsRes = await rbacApi.deletePolicies(\n name,\n deletePermissions,\n );\n if ((permissionsRes as unknown as RoleError).error) {\n throw new Error(\n `Unable to delete the permission policies. ${\n (permissionsRes as unknown as RoleError).error.message\n }`,\n );\n }\n }\n};\n\nexport const removeConditions = async (\n deleteConditions: number[],\n rbacApi: RBACAPI,\n) => {\n if (deleteConditions.length > 0) {\n const promises = deleteConditions.map(cid =>\n rbacApi.deleteConditionalPolicies(cid),\n );\n\n const cppRes: (Response | RoleError)[] = await Promise.all(promises);\n const cpErr = cppRes\n .map(r => (r as unknown as RoleError).error?.message)\n .filter(m => m);\n\n if (cpErr.length > 0) {\n throw new Error(\n `Unable to remove conditions from the role. ${cpErr.join('\\n')}`,\n );\n }\n }\n};\n\nexport const modifyConditions = async (\n updateConditions: UpdatedConditionsData,\n rbacApi: RBACAPI,\n) => {\n if (updateConditions.length > 0) {\n const promises = updateConditions.map(({ id, updateCondition }) =>\n rbacApi.updateConditionalPolicies(id, updateCondition),\n );\n\n const cppRes: (Response | RoleError)[] = await Promise.all(promises);\n const cpErr = cppRes\n .map(r => (r as unknown as RoleError).error?.message)\n .filter(m => m);\n\n if (cpErr.length > 0) {\n throw new Error(`Unable to update conditions. ${cpErr.join('\\n')}`);\n }\n }\n};\n\nexport const createConditions = async (\n newConditions: RoleBasedConditions[],\n rbacApi: RBACAPI,\n errorMsgPrefix?: string,\n) => {\n if (newConditions.length > 0) {\n const promises = newConditions.map(cpp =>\n rbacApi.createConditionalPermission(cpp),\n );\n\n const cppRes: (Response | RoleError)[] = await Promise.all(promises);\n const cpErr = cppRes\n .map(r => (r as unknown as RoleError).error?.message)\n .filter(m => m);\n\n if (cpErr.length > 0) {\n throw new Error(\n `${\n errorMsgPrefix || 'Unable to add conditions to the role.'\n } ${cpErr.join('\\n')}`,\n );\n }\n }\n};\n"],"names":[],"mappings":"AAwBO,MAAM,iBAAoB,GAAA,OAC/B,cACA,EAAA,OAAA,EACA,cACG,KAAA;AACH,EAAI,IAAA,cAAA,CAAe,SAAS,CAAG,EAAA;AAC7B,IAAA,MAAM,cAAiB,GAAA,MAAM,OAAQ,CAAA,cAAA,CAAe,cAAc,CAAA,CAAA;AAClE,IAAA,IAAK,eAAwC,KAAO,EAAA;AAClD,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,GAAG,cAAkB,IAAA,2CAA2C,CAC7D,CAAA,EAAA,cAAA,CAAwC,MAAM,OACjD,CAAA,CAAA;AAAA,OACF,CAAA;AAAA,KACF;AAAA,GACF;AACF,EAAA;AAEO,MAAM,iBAAoB,GAAA,OAC/B,IACA,EAAA,iBAAA,EACA,OACG,KAAA;AACH,EAAI,IAAA,iBAAA,CAAkB,SAAS,CAAG,EAAA;AAChC,IAAM,MAAA,cAAA,GAAiB,MAAM,OAAQ,CAAA,cAAA;AAAA,MACnC,IAAA;AAAA,MACA,iBAAA;AAAA,KACF,CAAA;AACA,IAAA,IAAK,eAAwC,KAAO,EAAA;AAClD,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,CAAA,0CAAA,EACG,cAAwC,CAAA,KAAA,CAAM,OACjD,CAAA,CAAA;AAAA,OACF,CAAA;AAAA,KACF;AAAA,GACF;AACF,EAAA;AAEa,MAAA,gBAAA,GAAmB,OAC9B,gBAAA,EACA,OACG,KAAA;AACH,EAAI,IAAA,gBAAA,CAAiB,SAAS,CAAG,EAAA;AAC/B,IAAA,MAAM,WAAW,gBAAiB,CAAA,GAAA;AAAA,MAAI,CAAA,GAAA,KACpC,OAAQ,CAAA,yBAAA,CAA0B,GAAG,CAAA;AAAA,KACvC,CAAA;AAEA,IAAA,MAAM,MAAmC,GAAA,MAAM,OAAQ,CAAA,GAAA,CAAI,QAAQ,CAAA,CAAA;AACnE,IAAM,MAAA,KAAA,GAAQ,MACX,CAAA,GAAA,CAAI,CAAM,CAAA,KAAA,CAAA,CAA2B,OAAO,OAAO,CAAA,CACnD,MAAO,CAAA,CAAA,CAAA,KAAK,CAAC,CAAA,CAAA;AAEhB,IAAI,IAAA,KAAA,CAAM,SAAS,CAAG,EAAA;AACpB,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,CAA8C,2CAAA,EAAA,KAAA,CAAM,IAAK,CAAA,IAAI,CAAC,CAAA,CAAA;AAAA,OAChE,CAAA;AAAA,KACF;AAAA,GACF;AACF,EAAA;AAEa,MAAA,gBAAA,GAAmB,OAC9B,gBAAA,EACA,OACG,KAAA;AACH,EAAI,IAAA,gBAAA,CAAiB,SAAS,CAAG,EAAA;AAC/B,IAAA,MAAM,WAAW,gBAAiB,CAAA,GAAA;AAAA,MAAI,CAAC,EAAE,EAAI,EAAA,eAAA,OAC3C,OAAQ,CAAA,yBAAA,CAA0B,IAAI,eAAe,CAAA;AAAA,KACvD,CAAA;AAEA,IAAA,MAAM,MAAmC,GAAA,MAAM,OAAQ,CAAA,GAAA,CAAI,QAAQ,CAAA,CAAA;AACnE,IAAM,MAAA,KAAA,GAAQ,MACX,CAAA,GAAA,CAAI,CAAM,CAAA,KAAA,CAAA,CAA2B,OAAO,OAAO,CAAA,CACnD,MAAO,CAAA,CAAA,CAAA,KAAK,CAAC,CAAA,CAAA;AAEhB,IAAI,IAAA,KAAA,CAAM,SAAS,CAAG,EAAA;AACpB,MAAA,MAAM,IAAI,KAAM,CAAA,CAAA,6BAAA,EAAgC,MAAM,IAAK,CAAA,IAAI,CAAC,CAAE,CAAA,CAAA,CAAA;AAAA,KACpE;AAAA,GACF;AACF,EAAA;AAEO,MAAM,gBAAmB,GAAA,OAC9B,aACA,EAAA,OAAA,EACA,cACG,KAAA;AACH,EAAI,IAAA,aAAA,CAAc,SAAS,CAAG,EAAA;AAC5B,IAAA,MAAM,WAAW,aAAc,CAAA,GAAA;AAAA,MAAI,CAAA,GAAA,KACjC,OAAQ,CAAA,2BAAA,CAA4B,GAAG,CAAA;AAAA,KACzC,CAAA;AAEA,IAAA,MAAM,MAAmC,GAAA,MAAM,OAAQ,CAAA,GAAA,CAAI,QAAQ,CAAA,CAAA;AACnE,IAAM,MAAA,KAAA,GAAQ,MACX,CAAA,GAAA,CAAI,CAAM,CAAA,KAAA,CAAA,CAA2B,OAAO,OAAO,CAAA,CACnD,MAAO,CAAA,CAAA,CAAA,KAAK,CAAC,CAAA,CAAA;AAEhB,IAAI,IAAA,KAAA,CAAM,SAAS,CAAG,EAAA;AACpB,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,GACE,cAAkB,IAAA,uCACpB,IAAI,KAAM,CAAA,IAAA,CAAK,IAAI,CAAC,CAAA,CAAA;AAAA,OACtB,CAAA;AAAA,KACF;AAAA,GACF;AACF;;;;"}