npm - @backstage-community/plugin-rbac - Versions diffs - 1.32.2 - Mend

@backstage-community/plugin-rbac 1.32.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (133) hide show

package/README.md ADDED Viewed

@@ -0,0 +1,106 @@
+# RBAC frontend plugin for Backstage
+The RBAC UI plugin offers a streamlined user interface for effectively managing permissions in your Backstage instance. It allows you to assign permissions to users and groups, empowering them to view, create, modify and delete Roles, provided they have the necessary permissions.
+## For administrators
+### Installation
+#### Installing as a dynamic plugin?
+The sections below are relevant for static plugins. If the plugin is expected to be installed as a dynamic one:
+- follow https://github.com/janus-idp/backstage-showcase/blob/main/showcase-docs/dynamic-plugins.md#installing-a-dynamic-plugin-package-in-the-showcase
+- add content of `app-config.yaml` into `app-config.local.yaml`.
+#### Prerequisites
+Follow the RBAC backend plugin [README](https://github.com/backstage/community-plugins/blob/main/workspaces/rbac/plugins/rbac-backend/README.md) to integrate rbac in your Backstage instance.
+---
+**NOTE**
+- For non-admin users, to enable create/edit role button on Administration -> RBAC roles list page, the role associated with your user should have the following permission policies associated with it. Add the following in your permission policies configuration file:
+```CSV
+p, role:default/team_a, catalog-entity, read, allow
+p, role:default/team_a, policy-entity, read, allow
+p, role:default/team_a, policy-entity, create, allow
+g, user:default/<login-id/user-name>, role:default/team_a
+```
+> Note: Make sure required users/groups are available in catalog as a role cannot be created without users/groups.
+> Note: Even after ingesting users/groups in catalog and applying above permissions if the create/edit button is still disabled then please contact your administrator as you might be conditionally restricted from accessing the create/edit button.
+- To fetch the permissions from other plugins like `Kubernetes` and `Jenkins` in the Role Form as mentioned [here](https://github.com/janus-idp/backstage-plugins/blob/main/plugins/rbac-backend/docs/permissions.md), add the following configuration in your `app-config.yaml`:
+```yaml title="app-config.yaml"
+permission:
+  enabled: true
+  rbac:
+    pluginsWithPermission:
+      - kubernetes
+      - jenkins
+    admin:
+      users:
+        - name: user:default/<user-name>
+```
+---
+#### Procedure
+1. Install the RBAC UI plugin executing the following command from the Backstage root directory :
+   ```console
+   yarn workspace app add @backstage-community/plugin-rbac
+   ```
+2. Add Route in `packages/app/src/App.tsx`:
+   ```tsx title="packages/app/src/App.tsx"
+   /* highlight-add-next-line */
+   import { RbacPage } from '@backstage-community/plugin-rbac';
+   <Route path="/rbac" element={<RbacPage />} />;
+   ```
+3. Add **Administration** Sidebar Item in `packages/app/src/components/Root/Root.tsx`:
+   ```tsx title="packages/app/src/components/Root/Root.tsx"
+   /* highlight-add-next-line */
+   import { Administration } from '@backstage-community/plugin-rbac';
+   export const Root = ({ children }: PropsWithChildren<{}>) => (
+     <SidebarPage>
+       <Sidebar>
+         ...
+         <Administration />
+         ...
+       </Sidebar>
+     </SidebarPage>
+   );
+   ```
+4. For users with vanilla backstage instance, would need to integrate [`Auth`](https://backstage.io/docs/auth/) in to the instance:
+   - ```yaml title="app-config.yaml"
+     # see https://backstage.io/docs/auth/ to learn about auth providers
+     environment: development
+     providers:
+        # Plugin: GitHub
+        github:
+           development:
+           clientId: ${GITHUB_BUCKET_CLIENT_ID}
+           clientSecret: ${GITHUB_BUCKET_SECRET}
+        # Plugin: BitBucket
+        bitbucket:
+           development:
+           clientId: ${BIT_BUCKET_CLIENT_ID}
+           clientSecret: ${BIT_BUCKET_SECRET}
+        ...
+     ```
+   - Integrate the [`SignIn`](https://backstage.io/docs/auth/#sign-in-configuration) component to be able to sign-in to the Backstage instance.

package/app-config.yaml ADDED Viewed

@@ -0,0 +1,19 @@
+dynamicPlugins:
+  frontend:
+    backstage-community.backstage-plugin-rbac:
+      appIcons:
+        - name: rbacIcon
+          importName: RbacIcon
+          module: RbacPlugin
+      dynamicRoutes:
+        - path: /rbac
+          module: RbacPlugin
+          importName: RbacPage
+          menuItem:
+            icon: rbacIcon
+            text: RBAC
+      menuItems:
+        rbac:
+          parent: admin
+          icon: rbacIcon
+          priority: 10

package/dist/api/LicensedUsersClient.esm.js ADDED Viewed

@@ -0,0 +1,45 @@
+import { createApiRef } from '@backstage/core-plugin-api';
+const licensedUsersApiRef = createApiRef({
+  id: "plugin.licensed-users-info.service"
+});
+class LicensedUsersAPIClient {
+  // @ts-ignore
+  configApi;
+  identityApi;
+  constructor(options) {
+    this.configApi = options.configApi;
+    this.identityApi = options.identityApi;
+  }
+  async isLicensePluginEnabled() {
+    const { token: idToken } = await this.identityApi.getCredentials();
+    const backendUrl = this.configApi.getString("backend.baseUrl");
+    const jsonResponse = await fetch(
+      `${backendUrl}/api/licensed-users-info/health`,
+      {
+        headers: {
+          ...idToken && { Authorization: `Bearer ${idToken}` }
+        }
+      }
+    );
+    return jsonResponse.ok;
+  }
+  async downloadStatistics() {
+    const { token: idToken } = await this.identityApi.getCredentials();
+    const backendUrl = this.configApi.getString("backend.baseUrl");
+    const response = await fetch(
+      `${backendUrl}/api/licensed-users-info/users`,
+      {
+        method: "GET",
+        headers: {
+          ...idToken && { Authorization: `Bearer ${idToken}` },
+          "Content-Type": "text/csv"
+        }
+      }
+    );
+    return response;
+  }
+}
+export { LicensedUsersAPIClient, licensedUsersApiRef };
+//# sourceMappingURL=LicensedUsersClient.esm.js.map

package/dist/api/LicensedUsersClient.esm.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"LicensedUsersClient.esm.js","sources":["../../src/api/LicensedUsersClient.ts"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport {\n ConfigApi,\n createApiRef,\n IdentityApi,\n} from '@backstage/core-plugin-api';\n\nexport type LicensedUsersAPI = {\n isLicensePluginEnabled(): Promise<boolean>;\n downloadStatistics: () => Promise<Response>;\n};\n\n// @public\nexport const licensedUsersApiRef = createApiRef<LicensedUsersAPI>({\n id: 'plugin.licensed-users-info.service',\n});\n\nexport type Options = {\n configApi: ConfigApi;\n identityApi: IdentityApi;\n};\n\nexport class LicensedUsersAPIClient implements LicensedUsersAPI {\n // @ts-ignore\n private readonly configApi: ConfigApi;\n private readonly identityApi: IdentityApi;\n\n constructor(options: Options) {\n this.configApi = options.configApi;\n this.identityApi = options.identityApi;\n }\n async isLicensePluginEnabled(): Promise<boolean> {\n const { token: idToken } = await this.identityApi.getCredentials();\n const backendUrl = this.configApi.getString('backend.baseUrl');\n const jsonResponse = await fetch(\n `${backendUrl}/api/licensed-users-info/health`,\n {\n headers: {\n ...(idToken && { Authorization: `Bearer ${idToken}` }),\n },\n },\n );\n\n return jsonResponse.ok;\n }\n\n async downloadStatistics(): Promise<Response> {\n const { token: idToken } = await this.identityApi.getCredentials();\n const backendUrl = this.configApi.getString('backend.baseUrl');\n const response = await fetch(\n `${backendUrl}/api/licensed-users-info/users`,\n {\n method: 'GET',\n headers: {\n ...(idToken && { Authorization: `Bearer ${idToken}` }),\n 'Content-Type': 'text/csv',\n },\n },\n );\n return response;\n }\n}\n"],"names":[],"mappings":";;AA2BO,MAAM,sBAAsB,YAA+B,CAAA;AAAA,EAChE,EAAI,EAAA,oCAAA;AACN,CAAC,EAAA;AAOM,MAAM,sBAAmD,CAAA;AAAA;AAAA,EAE7C,SAAA,CAAA;AAAA,EACA,WAAA,CAAA;AAAA,EAEjB,YAAY,OAAkB,EAAA;AAC5B,IAAA,IAAA,CAAK,YAAY,OAAQ,CAAA,SAAA,CAAA;AACzB,IAAA,IAAA,CAAK,cAAc,OAAQ,CAAA,WAAA,CAAA;AAAA,GAC7B;AAAA,EACA,MAAM,sBAA2C,GAAA;AAC/C,IAAA,MAAM,EAAE,KAAO,EAAA,OAAA,KAAY,MAAM,IAAA,CAAK,YAAY,cAAe,EAAA,CAAA;AACjE,IAAA,MAAM,UAAa,GAAA,IAAA,CAAK,SAAU,CAAA,SAAA,CAAU,iBAAiB,CAAA,CAAA;AAC7D,IAAA,MAAM,eAAe,MAAM,KAAA;AAAA,MACzB,GAAG,UAAU,CAAA,+BAAA,CAAA;AAAA,MACb;AAAA,QACE,OAAS,EAAA;AAAA,UACP,GAAI,OAAW,IAAA,EAAE,aAAe,EAAA,CAAA,OAAA,EAAU,OAAO,CAAG,CAAA,EAAA;AAAA,SACtD;AAAA,OACF;AAAA,KACF,CAAA;AAEA,IAAA,OAAO,YAAa,CAAA,EAAA,CAAA;AAAA,GACtB;AAAA,EAEA,MAAM,kBAAwC,GAAA;AAC5C,IAAA,MAAM,EAAE,KAAO,EAAA,OAAA,KAAY,MAAM,IAAA,CAAK,YAAY,cAAe,EAAA,CAAA;AACjE,IAAA,MAAM,UAAa,GAAA,IAAA,CAAK,SAAU,CAAA,SAAA,CAAU,iBAAiB,CAAA,CAAA;AAC7D,IAAA,MAAM,WAAW,MAAM,KAAA;AAAA,MACrB,GAAG,UAAU,CAAA,8BAAA,CAAA;AAAA,MACb;AAAA,QACE,MAAQ,EAAA,KAAA;AAAA,QACR,OAAS,EAAA;AAAA,UACP,GAAI,OAAW,IAAA,EAAE,aAAe,EAAA,CAAA,OAAA,EAAU,OAAO,CAAG,CAAA,EAAA;AAAA,UACpD,cAAgB,EAAA,UAAA;AAAA,SAClB;AAAA,OACF;AAAA,KACF,CAAA;AACA,IAAO,OAAA,QAAA,CAAA;AAAA,GACT;AACF;;;;"}

package/dist/api/RBACBackendClient.esm.js ADDED Viewed

@@ -0,0 +1,337 @@
+import { parseEntityRef } from '@backstage/catalog-model';
+import { createApiRef } from '@backstage/core-plugin-api';
+const rbacApiRef = createApiRef({
+  id: "plugin.rbac.service"
+});
+class RBACBackendClient {
+  // @ts-ignore
+  configApi;
+  identityApi;
+  constructor(options) {
+    this.configApi = options.configApi;
+    this.identityApi = options.identityApi;
+  }
+  async getUserAuthorization() {
+    const { token: idToken } = await this.identityApi.getCredentials();
+    const backendUrl = this.configApi.getString("backend.baseUrl");
+    const jsonResponse = await fetch(`${backendUrl}/api/permission/`, {
+      headers: {
+        ...idToken && { Authorization: `Bearer ${idToken}` }
+      }
+    });
+    return jsonResponse.json();
+  }
+  async getRoles() {
+    const { token: idToken } = await this.identityApi.getCredentials();
+    const backendUrl = this.configApi.getString("backend.baseUrl");
+    const jsonResponse = await fetch(`${backendUrl}/api/permission/roles`, {
+      headers: {
+        ...idToken && { Authorization: `Bearer ${idToken}` }
+      }
+    });
+    if (jsonResponse.status !== 200 && jsonResponse.status !== 204) {
+      return jsonResponse;
+    }
+    return jsonResponse.json();
+  }
+  async getPolicies() {
+    const { token: idToken } = await this.identityApi.getCredentials();
+    const backendUrl = this.configApi.getString("backend.baseUrl");
+    const jsonResponse = await fetch(`${backendUrl}/api/permission/policies`, {
+      headers: {
+        ...idToken && { Authorization: `Bearer ${idToken}` }
+      }
+    });
+    if (jsonResponse.status !== 200 && jsonResponse.status !== 204) {
+      return jsonResponse;
+    }
+    return jsonResponse.json();
+  }
+  async getAssociatedPolicies(entityReference) {
+    const { kind, namespace, name } = parseEntityRef(entityReference);
+    const { token: idToken } = await this.identityApi.getCredentials();
+    const backendUrl = this.configApi.getString("backend.baseUrl");
+    const jsonResponse = await fetch(
+      `${backendUrl}/api/permission/policies/${kind}/${namespace}/${name}`,
+      {
+        headers: {
+          ...idToken && { Authorization: `Bearer ${idToken}` }
+        }
+      }
+    );
+    if (jsonResponse.status !== 200 && jsonResponse.status !== 204) {
+      return jsonResponse;
+    }
+    return jsonResponse.json();
+  }
+  async deleteRole(role) {
+    const { token: idToken } = await this.identityApi.getCredentials();
+    const backendUrl = this.configApi.getString("backend.baseUrl");
+    const { kind, namespace, name } = parseEntityRef(role);
+    const jsonResponse = await fetch(
+      `${backendUrl}/api/permission/roles/${kind}/${namespace}/${name}`,
+      {
+        headers: {
+          ...idToken && { Authorization: `Bearer ${idToken}` },
+          "Content-Type": "application/json"
+        },
+        method: "DELETE"
+      }
+    );
+    return jsonResponse;
+  }
+  async getRole(role) {
+    const { token: idToken } = await this.identityApi.getCredentials();
+    const backendUrl = this.configApi.getString("backend.baseUrl");
+    const { kind, namespace, name } = parseEntityRef(role);
+    const jsonResponse = await fetch(
+      `${backendUrl}/api/permission/roles/${kind}/${namespace}/${name}`,
+      {
+        headers: {
+          ...idToken && { Authorization: `Bearer ${idToken}` },
+          "Content-Type": "application/json"
+        }
+      }
+    );
+    if (jsonResponse.status !== 200 && jsonResponse.status !== 204) {
+      return jsonResponse;
+    }
+    return jsonResponse.json();
+  }
+  async getMembers() {
+    const { token: idToken } = await this.identityApi.getCredentials();
+    const backendUrl = this.configApi.getString("backend.baseUrl");
+    const jsonResponse = await fetch(
+      `${backendUrl}/api/catalog/entities?filter=kind=user&filter=kind=group`,
+      {
+        headers: {
+          ...idToken && { Authorization: `Bearer ${idToken}` },
+          "Content-Type": "application/json"
+        }
+      }
+    );
+    if (jsonResponse.status !== 200 && jsonResponse.status !== 204) {
+      return jsonResponse;
+    }
+    return jsonResponse.json();
+  }
+  async listPermissions() {
+    const { token: idToken } = await this.identityApi.getCredentials();
+    const backendUrl = this.configApi.getString("backend.baseUrl");
+    const jsonResponse = await fetch(
+      `${backendUrl}/api/permission/plugins/policies`,
+      {
+        headers: {
+          ...idToken && { Authorization: `Bearer ${idToken}` },
+          "Content-Type": "application/json"
+        }
+      }
+    );
+    if (jsonResponse.status !== 200 && jsonResponse.status !== 204) {
+      return jsonResponse;
+    }
+    return jsonResponse.json();
+  }
+  async createRole(role) {
+    const { token: idToken } = await this.identityApi.getCredentials();
+    const backendUrl = this.configApi.getString("backend.baseUrl");
+    const jsonResponse = await fetch(`${backendUrl}/api/permission/roles`, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        Accept: "application/json",
+        ...idToken && { Authorization: `Bearer ${idToken}` }
+      },
+      body: JSON.stringify(role)
+    });
+    if (jsonResponse.status !== 200 && jsonResponse.status !== 201) {
+      return jsonResponse.json();
+    }
+    return jsonResponse;
+  }
+  async updateRole(oldRole, newRole) {
+    const { token: idToken } = await this.identityApi.getCredentials();
+    const backendUrl = this.configApi.getString("backend.baseUrl");
+    const { kind, namespace, name } = parseEntityRef(oldRole.name);
+    const body = {
+      oldRole,
+      newRole
+    };
+    const jsonResponse = await fetch(
+      `${backendUrl}/api/permission/roles/${kind}/${namespace}/${name}`,
+      {
+        method: "PUT",
+        headers: {
+          "Content-Type": "application/json",
+          Accept: "application/json",
+          ...idToken && { Authorization: `Bearer ${idToken}` }
+        },
+        body: JSON.stringify(body)
+      }
+    );
+    if (jsonResponse.status !== 200 && jsonResponse.status !== 201 && jsonResponse.status !== 204) {
+      return jsonResponse.json();
+    }
+    return jsonResponse;
+  }
+  async updatePolicies(entityReference, oldPolicies, newPolicies) {
+    const { token: idToken } = await this.identityApi.getCredentials();
+    const backendUrl = this.configApi.getString("backend.baseUrl");
+    const { kind, namespace, name } = parseEntityRef(entityReference);
+    const body = {
+      oldPolicy: oldPolicies,
+      newPolicy: newPolicies
+    };
+    const jsonResponse = await fetch(
+      `${backendUrl}/api/permission/policies/${kind}/${namespace}/${name}`,
+      {
+        method: "PUT",
+        headers: {
+          "Content-Type": "application/json",
+          Accept: "application/json",
+          ...idToken && { Authorization: `Bearer ${idToken}` }
+        },
+        body: JSON.stringify(body)
+      }
+    );
+    if (jsonResponse.status !== 200 && jsonResponse.status !== 201) {
+      return jsonResponse.json();
+    }
+    return jsonResponse;
+  }
+  async deletePolicies(entityReference, policies) {
+    const { token: idToken } = await this.identityApi.getCredentials();
+    const backendUrl = this.configApi.getString("backend.baseUrl");
+    const { kind, namespace, name } = parseEntityRef(entityReference);
+    const jsonResponse = await fetch(
+      `${backendUrl}/api/permission/policies/${kind}/${namespace}/${name}`,
+      {
+        headers: {
+          ...idToken && { Authorization: `Bearer ${idToken}` },
+          "Content-Type": "application/json",
+          Accept: "application/json"
+        },
+        body: JSON.stringify(policies),
+        method: "DELETE"
+      }
+    );
+    if (jsonResponse.status !== 200 && jsonResponse.status !== 201 && jsonResponse.status !== 204) {
+      return jsonResponse.json();
+    }
+    return jsonResponse;
+  }
+  async createPolicies(policies) {
+    const { token: idToken } = await this.identityApi.getCredentials();
+    const backendUrl = this.configApi.getString("backend.baseUrl");
+    const jsonResponse = await fetch(`${backendUrl}/api/permission/policies`, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        Accept: "application/json",
+        ...idToken && { Authorization: `Bearer ${idToken}` }
+      },
+      body: JSON.stringify(policies)
+    });
+    if (jsonResponse.status !== 200 && jsonResponse.status !== 201) {
+      return jsonResponse.json();
+    }
+    return jsonResponse;
+  }
+  async getPluginsConditionRules() {
+    const { token: idToken } = await this.identityApi.getCredentials();
+    const backendUrl = this.configApi.getString("backend.baseUrl");
+    const jsonResponse = await fetch(
+      `${backendUrl}/api/permission/plugins/condition-rules`,
+      {
+        headers: {
+          ...idToken && { Authorization: `Bearer ${idToken}` },
+          "Content-Type": "application/json"
+        }
+      }
+    );
+    if (jsonResponse.status !== 200) {
+      return jsonResponse;
+    }
+    return jsonResponse.json();
+  }
+  async createConditionalPermission(conditionalPermission) {
+    const { token: idToken } = await this.identityApi.getCredentials();
+    const backendUrl = this.configApi.getString("backend.baseUrl");
+    const jsonResponse = await fetch(
+      `${backendUrl}/api/permission/roles/conditions`,
+      {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          Accept: "application/json",
+          ...idToken && { Authorization: `Bearer ${idToken}` }
+        },
+        body: JSON.stringify(conditionalPermission)
+      }
+    );
+    if (jsonResponse.status !== 200 && jsonResponse.status !== 201) {
+      return jsonResponse.json();
+    }
+    return jsonResponse;
+  }
+  async getRoleConditions(roleRef) {
+    const { token: idToken } = await this.identityApi.getCredentials();
+    const backendUrl = this.configApi.getString("backend.baseUrl");
+    const jsonResponse = await fetch(
+      `${backendUrl}/api/permission/roles/conditions?roleEntityRef=${roleRef}`,
+      {
+        headers: {
+          ...idToken && { Authorization: `Bearer ${idToken}` },
+          "Content-Type": "application/json"
+        }
+      }
+    );
+    if (jsonResponse.status !== 200) {
+      return jsonResponse;
+    }
+    return jsonResponse.json();
+  }
+  async updateConditionalPolicies(conditionId, data) {
+    const { token: idToken } = await this.identityApi.getCredentials();
+    const backendUrl = this.configApi.getString("backend.baseUrl");
+    const jsonResponse = await fetch(
+      `${backendUrl}/api/permission/roles/conditions/${conditionId}}`,
+      {
+        method: "PUT",
+        headers: {
+          "Content-Type": "application/json",
+          Accept: "application/json",
+          ...idToken && { Authorization: `Bearer ${idToken}` }
+        },
+        body: JSON.stringify(data)
+      }
+    );
+    if (jsonResponse.status !== 200 && jsonResponse.status !== 201) {
+      return jsonResponse.json();
+    }
+    return jsonResponse;
+  }
+  async deleteConditionalPolicies(conditionId) {
+    const { token: idToken } = await this.identityApi.getCredentials();
+    const backendUrl = this.configApi.getString("backend.baseUrl");
+    const jsonResponse = await fetch(
+      `${backendUrl}/api/permission/roles/conditions/${conditionId}`,
+      {
+        headers: {
+          ...idToken && { Authorization: `Bearer ${idToken}` },
+          "Content-Type": "application/json",
+          Accept: "application/json"
+        },
+        method: "DELETE"
+      }
+    );
+    if (jsonResponse.status !== 200 && jsonResponse.status !== 201 && jsonResponse.status !== 204) {
+      return jsonResponse.json();
+    }
+    return jsonResponse;
+  }
+}
+export { RBACBackendClient, rbacApiRef };
+//# sourceMappingURL=RBACBackendClient.esm.js.map

package/dist/api/RBACBackendClient.esm.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"RBACBackendClient.esm.js","sources":["../../src/api/RBACBackendClient.ts"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport { parseEntityRef } from '@backstage/catalog-model';\nimport {\n ConfigApi,\n createApiRef,\n IdentityApi,\n} from '@backstage/core-plugin-api';\n\nimport {\n PermissionAction,\n PluginPermissionMetaData,\n Role,\n RoleBasedPolicy,\n RoleConditionalPolicyDecision,\n} from '@backstage-community/plugin-rbac-common';\n\nimport {\n MemberEntity,\n PluginConditionRules,\n RoleBasedConditions,\n RoleError,\n} from '../types';\n\n// @public\nexport type RBACAPI = {\n getUserAuthorization: () => Promise<{ status: string }>;\n getRoles: () => Promise<Role[] | Response>;\n getPolicies: () => Promise<RoleBasedPolicy[] | Response>;\n getAssociatedPolicies: (\n entityReference: string,\n ) => Promise<RoleBasedPolicy[] | Response>;\n deleteRole: (role: string) => Promise<Response>;\n getRole: (role: string) => Promise<Role[] | Response>;\n getMembers: () => Promise<MemberEntity[] | Response>;\n listPermissions: () => Promise<PluginPermissionMetaData[] | Response>;\n createRole: (role: Role) => Promise<RoleError | Response>;\n updateRole: (oldRole: Role, newRole: Role) => Promise<RoleError | Response>;\n updatePolicies: (\n entityReference: string,\n oldPolicy: RoleBasedPolicy[],\n newPolicy: RoleBasedPolicy[],\n ) => Promise<RoleError | Response>;\n createPolicies: (polices: RoleBasedPolicy[]) => Promise<RoleError | Response>;\n deletePolicies: (\n entityReference: string,\n polices: RoleBasedPolicy[],\n ) => Promise<RoleError | Response>;\n getPluginsConditionRules: () => Promise<PluginConditionRules[] | Response>;\n createConditionalPermission: (\n conditionalPermission: RoleBasedConditions,\n ) => Promise<RoleError | Response>;\n getRoleConditions: (\n roleRef: string,\n ) => Promise<RoleConditionalPolicyDecision<PermissionAction>[] | Response>;\n updateConditionalPolicies: (\n conditionId: number,\n data: RoleBasedConditions,\n ) => Promise<RoleError | Response>;\n deleteConditionalPolicies: (\n conditionId: number,\n ) => Promise<RoleError | Response>;\n};\n\nexport type Options = {\n configApi: ConfigApi;\n identityApi: IdentityApi;\n};\n\n// @public\nexport const rbacApiRef = createApiRef<RBACAPI>({\n id: 'plugin.rbac.service',\n});\n\nexport class RBACBackendClient implements RBACAPI {\n // @ts-ignore\n private readonly configApi: ConfigApi;\n private readonly identityApi: IdentityApi;\n\n constructor(options: Options) {\n this.configApi = options.configApi;\n this.identityApi = options.identityApi;\n }\n\n async getUserAuthorization() {\n const { token: idToken } = await this.identityApi.getCredentials();\n const backendUrl = this.configApi.getString('backend.baseUrl');\n const jsonResponse = await fetch(`${backendUrl}/api/permission/`, {\n headers: {\n ...(idToken && { Authorization: `Bearer ${idToken}` }),\n },\n });\n return jsonResponse.json();\n }\n\n async getRoles() {\n const { token: idToken } = await this.identityApi.getCredentials();\n const backendUrl = this.configApi.getString('backend.baseUrl');\n const jsonResponse = await fetch(`${backendUrl}/api/permission/roles`, {\n headers: {\n ...(idToken && { Authorization: `Bearer ${idToken}` }),\n },\n });\n\n if (jsonResponse.status !== 200 && jsonResponse.status !== 204) {\n return jsonResponse;\n }\n\n return jsonResponse.json();\n }\n\n async getPolicies() {\n const { token: idToken } = await this.identityApi.getCredentials();\n const backendUrl = this.configApi.getString('backend.baseUrl');\n const jsonResponse = await fetch(`${backendUrl}/api/permission/policies`, {\n headers: {\n ...(idToken && { Authorization: `Bearer ${idToken}` }),\n },\n });\n if (jsonResponse.status !== 200 && jsonResponse.status !== 204) {\n return jsonResponse;\n }\n return jsonResponse.json();\n }\n\n async getAssociatedPolicies(entityReference: string) {\n const { kind, namespace, name } = parseEntityRef(entityReference);\n const { token: idToken } = await this.identityApi.getCredentials();\n const backendUrl = this.configApi.getString('backend.baseUrl');\n const jsonResponse = await fetch(\n `${backendUrl}/api/permission/policies/${kind}/${namespace}/${name}`,\n {\n headers: {\n ...(idToken && { Authorization: `Bearer ${idToken}` }),\n },\n },\n );\n if (jsonResponse.status !== 200 && jsonResponse.status !== 204) {\n return jsonResponse;\n }\n return jsonResponse.json();\n }\n\n async deleteRole(role: string) {\n const { token: idToken } = await this.identityApi.getCredentials();\n const backendUrl = this.configApi.getString('backend.baseUrl');\n const { kind, namespace, name } = parseEntityRef(role);\n const jsonResponse = await fetch(\n `${backendUrl}/api/permission/roles/${kind}/${namespace}/${name}`,\n {\n headers: {\n ...(idToken && { Authorization: `Bearer ${idToken}` }),\n 'Content-Type': 'application/json',\n },\n method: 'DELETE',\n },\n );\n return jsonResponse;\n }\n\n async getRole(role: string) {\n const { token: idToken } = await this.identityApi.getCredentials();\n const backendUrl = this.configApi.getString('backend.baseUrl');\n const { kind, namespace, name } = parseEntityRef(role);\n const jsonResponse = await fetch(\n `${backendUrl}/api/permission/roles/${kind}/${namespace}/${name}`,\n {\n headers: {\n ...(idToken && { Authorization: `Bearer ${idToken}` }),\n 'Content-Type': 'application/json',\n },\n },\n );\n if (jsonResponse.status !== 200 && jsonResponse.status !== 204) {\n return jsonResponse;\n }\n return jsonResponse.json();\n }\n\n async getMembers() {\n const { token: idToken } = await this.identityApi.getCredentials();\n const backendUrl = this.configApi.getString('backend.baseUrl');\n const jsonResponse = await fetch(\n `${backendUrl}/api/catalog/entities?filter=kind=user&filter=kind=group`,\n {\n headers: {\n ...(idToken && { Authorization: `Bearer ${idToken}` }),\n 'Content-Type': 'application/json',\n },\n },\n );\n if (jsonResponse.status !== 200 && jsonResponse.status !== 204) {\n return jsonResponse;\n }\n return jsonResponse.json();\n }\n\n async listPermissions() {\n const { token: idToken } = await this.identityApi.getCredentials();\n const backendUrl = this.configApi.getString('backend.baseUrl');\n const jsonResponse = await fetch(\n `${backendUrl}/api/permission/plugins/policies`,\n {\n headers: {\n ...(idToken && { Authorization: `Bearer ${idToken}` }),\n 'Content-Type': 'application/json',\n },\n },\n );\n if (jsonResponse.status !== 200 && jsonResponse.status !== 204) {\n return jsonResponse;\n }\n return jsonResponse.json();\n }\n\n async createRole(role: Role) {\n const { token: idToken } = await this.identityApi.getCredentials();\n const backendUrl = this.configApi.getString('backend.baseUrl');\n const jsonResponse = await fetch(`${backendUrl}/api/permission/roles`, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n Accept: 'application/json',\n ...(idToken && { Authorization: `Bearer ${idToken}` }),\n },\n body: JSON.stringify(role),\n });\n if (jsonResponse.status !== 200 && jsonResponse.status !== 201) {\n return jsonResponse.json();\n }\n return jsonResponse;\n }\n\n async updateRole(oldRole: Role, newRole: Role) {\n const { token: idToken } = await this.identityApi.getCredentials();\n const backendUrl = this.configApi.getString('backend.baseUrl');\n const { kind, namespace, name } = parseEntityRef(oldRole.name);\n const body = {\n oldRole,\n newRole,\n };\n const jsonResponse = await fetch(\n `${backendUrl}/api/permission/roles/${kind}/${namespace}/${name}`,\n {\n method: 'PUT',\n headers: {\n 'Content-Type': 'application/json',\n Accept: 'application/json',\n ...(idToken && { Authorization: `Bearer ${idToken}` }),\n },\n body: JSON.stringify(body),\n },\n );\n if (\n jsonResponse.status !== 200 &&\n jsonResponse.status !== 201 &&\n jsonResponse.status !== 204\n ) {\n return jsonResponse.json();\n }\n return jsonResponse;\n }\n\n async updatePolicies(\n entityReference: string,\n oldPolicies: RoleBasedPolicy[],\n newPolicies: RoleBasedPolicy[],\n ) {\n const { token: idToken } = await this.identityApi.getCredentials();\n const backendUrl = this.configApi.getString('backend.baseUrl');\n const { kind, namespace, name } = parseEntityRef(entityReference);\n const body = {\n oldPolicy: oldPolicies,\n newPolicy: newPolicies,\n };\n const jsonResponse = await fetch(\n `${backendUrl}/api/permission/policies/${kind}/${namespace}/${name}`,\n {\n method: 'PUT',\n headers: {\n 'Content-Type': 'application/json',\n Accept: 'application/json',\n ...(idToken && { Authorization: `Bearer ${idToken}` }),\n },\n body: JSON.stringify(body),\n },\n );\n if (jsonResponse.status !== 200 && jsonResponse.status !== 201) {\n return jsonResponse.json();\n }\n return jsonResponse;\n }\n\n async deletePolicies(entityReference: string, policies: RoleBasedPolicy[]) {\n const { token: idToken } = await this.identityApi.getCredentials();\n const backendUrl = this.configApi.getString('backend.baseUrl');\n const { kind, namespace, name } = parseEntityRef(entityReference);\n const jsonResponse = await fetch(\n `${backendUrl}/api/permission/policies/${kind}/${namespace}/${name}`,\n {\n headers: {\n ...(idToken && { Authorization: `Bearer ${idToken}` }),\n 'Content-Type': 'application/json',\n Accept: 'application/json',\n },\n body: JSON.stringify(policies),\n method: 'DELETE',\n },\n );\n\n if (\n jsonResponse.status !== 200 &&\n jsonResponse.status !== 201 &&\n jsonResponse.status !== 204\n ) {\n return jsonResponse.json();\n }\n return jsonResponse;\n }\n\n async createPolicies(policies: RoleBasedPolicy[]) {\n const { token: idToken } = await this.identityApi.getCredentials();\n const backendUrl = this.configApi.getString('backend.baseUrl');\n const jsonResponse = await fetch(`${backendUrl}/api/permission/policies`, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n Accept: 'application/json',\n ...(idToken && { Authorization: `Bearer ${idToken}` }),\n },\n body: JSON.stringify(policies),\n });\n if (jsonResponse.status !== 200 && jsonResponse.status !== 201) {\n return jsonResponse.json();\n }\n return jsonResponse;\n }\n\n async getPluginsConditionRules() {\n const { token: idToken } = await this.identityApi.getCredentials();\n const backendUrl = this.configApi.getString('backend.baseUrl');\n const jsonResponse = await fetch(\n `${backendUrl}/api/permission/plugins/condition-rules`,\n {\n headers: {\n ...(idToken && { Authorization: `Bearer ${idToken}` }),\n 'Content-Type': 'application/json',\n },\n },\n );\n if (jsonResponse.status !== 200) {\n return jsonResponse;\n }\n return jsonResponse.json();\n }\n\n async createConditionalPermission(\n conditionalPermission: RoleBasedConditions,\n ) {\n const { token: idToken } = await this.identityApi.getCredentials();\n const backendUrl = this.configApi.getString('backend.baseUrl');\n const jsonResponse = await fetch(\n `${backendUrl}/api/permission/roles/conditions`,\n {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n Accept: 'application/json',\n ...(idToken && { Authorization: `Bearer ${idToken}` }),\n },\n body: JSON.stringify(conditionalPermission),\n },\n );\n if (jsonResponse.status !== 200 && jsonResponse.status !== 201) {\n return jsonResponse.json();\n }\n return jsonResponse;\n }\n\n async getRoleConditions(roleRef: string) {\n const { token: idToken } = await this.identityApi.getCredentials();\n const backendUrl = this.configApi.getString('backend.baseUrl');\n const jsonResponse = await fetch(\n `${backendUrl}/api/permission/roles/conditions?roleEntityRef=${roleRef}`,\n {\n headers: {\n ...(idToken && { Authorization: `Bearer ${idToken}` }),\n 'Content-Type': 'application/json',\n },\n },\n );\n if (jsonResponse.status !== 200) {\n return jsonResponse;\n }\n return jsonResponse.json();\n }\n\n async updateConditionalPolicies(\n conditionId: number,\n data: RoleBasedConditions,\n ) {\n const { token: idToken } = await this.identityApi.getCredentials();\n const backendUrl = this.configApi.getString('backend.baseUrl');\n const jsonResponse = await fetch(\n `${backendUrl}/api/permission/roles/conditions/${conditionId}}`,\n {\n method: 'PUT',\n headers: {\n 'Content-Type': 'application/json',\n Accept: 'application/json',\n ...(idToken && { Authorization: `Bearer ${idToken}` }),\n },\n body: JSON.stringify(data),\n },\n );\n if (jsonResponse.status !== 200 && jsonResponse.status !== 201) {\n return jsonResponse.json();\n }\n return jsonResponse;\n }\n\n async deleteConditionalPolicies(conditionId: number) {\n const { token: idToken } = await this.identityApi.getCredentials();\n const backendUrl = this.configApi.getString('backend.baseUrl');\n const jsonResponse = await fetch(\n `${backendUrl}/api/permission/roles/conditions/${conditionId}`,\n {\n headers: {\n ...(idToken && { Authorization: `Bearer ${idToken}` }),\n 'Content-Type': 'application/json',\n Accept: 'application/json',\n },\n method: 'DELETE',\n },\n );\n\n if (\n jsonResponse.status !== 200 &&\n jsonResponse.status !== 201 &&\n jsonResponse.status !== 204\n ) {\n return jsonResponse.json();\n }\n return jsonResponse;\n }\n}\n"],"names":[],"mappings":";;;AAmFO,MAAM,aAAa,YAAsB,CAAA;AAAA,EAC9C,EAAI,EAAA,qBAAA;AACN,CAAC,EAAA;AAEM,MAAM,iBAAqC,CAAA;AAAA;AAAA,EAE/B,SAAA,CAAA;AAAA,EACA,WAAA,CAAA;AAAA,EAEjB,YAAY,OAAkB,EAAA;AAC5B,IAAA,IAAA,CAAK,YAAY,OAAQ,CAAA,SAAA,CAAA;AACzB,IAAA,IAAA,CAAK,cAAc,OAAQ,CAAA,WAAA,CAAA;AAAA,GAC7B;AAAA,EAEA,MAAM,oBAAuB,GAAA;AAC3B,IAAA,MAAM,EAAE,KAAO,EAAA,OAAA,KAAY,MAAM,IAAA,CAAK,YAAY,cAAe,EAAA,CAAA;AACjE,IAAA,MAAM,UAAa,GAAA,IAAA,CAAK,SAAU,CAAA,SAAA,CAAU,iBAAiB,CAAA,CAAA;AAC7D,IAAA,MAAM,YAAe,GAAA,MAAM,KAAM,CAAA,CAAA,EAAG,UAAU,CAAoB,gBAAA,CAAA,EAAA;AAAA,MAChE,OAAS,EAAA;AAAA,QACP,GAAI,OAAW,IAAA,EAAE,aAAe,EAAA,CAAA,OAAA,EAAU,OAAO,CAAG,CAAA,EAAA;AAAA,OACtD;AAAA,KACD,CAAA,CAAA;AACD,IAAA,OAAO,aAAa,IAAK,EAAA,CAAA;AAAA,GAC3B;AAAA,EAEA,MAAM,QAAW,GAAA;AACf,IAAA,MAAM,EAAE,KAAO,EAAA,OAAA,KAAY,MAAM,IAAA,CAAK,YAAY,cAAe,EAAA,CAAA;AACjE,IAAA,MAAM,UAAa,GAAA,IAAA,CAAK,SAAU,CAAA,SAAA,CAAU,iBAAiB,CAAA,CAAA;AAC7D,IAAA,MAAM,YAAe,GAAA,MAAM,KAAM,CAAA,CAAA,EAAG,UAAU,CAAyB,qBAAA,CAAA,EAAA;AAAA,MACrE,OAAS,EAAA;AAAA,QACP,GAAI,OAAW,IAAA,EAAE,aAAe,EAAA,CAAA,OAAA,EAAU,OAAO,CAAG,CAAA,EAAA;AAAA,OACtD;AAAA,KACD,CAAA,CAAA;AAED,IAAA,IAAI,YAAa,CAAA,MAAA,KAAW,GAAO,IAAA,YAAA,CAAa,WAAW,GAAK,EAAA;AAC9D,MAAO,OAAA,YAAA,CAAA;AAAA,KACT;AAEA,IAAA,OAAO,aAAa,IAAK,EAAA,CAAA;AAAA,GAC3B;AAAA,EAEA,MAAM,WAAc,GAAA;AAClB,IAAA,MAAM,EAAE,KAAO,EAAA,OAAA,KAAY,MAAM,IAAA,CAAK,YAAY,cAAe,EAAA,CAAA;AACjE,IAAA,MAAM,UAAa,GAAA,IAAA,CAAK,SAAU,CAAA,SAAA,CAAU,iBAAiB,CAAA,CAAA;AAC7D,IAAA,MAAM,YAAe,GAAA,MAAM,KAAM,CAAA,CAAA,EAAG,UAAU,CAA4B,wBAAA,CAAA,EAAA;AAAA,MACxE,OAAS,EAAA;AAAA,QACP,GAAI,OAAW,IAAA,EAAE,aAAe,EAAA,CAAA,OAAA,EAAU,OAAO,CAAG,CAAA,EAAA;AAAA,OACtD;AAAA,KACD,CAAA,CAAA;AACD,IAAA,IAAI,YAAa,CAAA,MAAA,KAAW,GAAO,IAAA,YAAA,CAAa,WAAW,GAAK,EAAA;AAC9D,MAAO,OAAA,YAAA,CAAA;AAAA,KACT;AACA,IAAA,OAAO,aAAa,IAAK,EAAA,CAAA;AAAA,GAC3B;AAAA,EAEA,MAAM,sBAAsB,eAAyB,EAAA;AACnD,IAAA,MAAM,EAAE,IAAM,EAAA,SAAA,EAAW,IAAK,EAAA,GAAI,eAAe,eAAe,CAAA,CAAA;AAChE,IAAA,MAAM,EAAE,KAAO,EAAA,OAAA,KAAY,MAAM,IAAA,CAAK,YAAY,cAAe,EAAA,CAAA;AACjE,IAAA,MAAM,UAAa,GAAA,IAAA,CAAK,SAAU,CAAA,SAAA,CAAU,iBAAiB,CAAA,CAAA;AAC7D,IAAA,MAAM,eAAe,MAAM,KAAA;AAAA,MACzB,GAAG,UAAU,CAAA,yBAAA,EAA4B,IAAI,CAAI,CAAA,EAAA,SAAS,IAAI,IAAI,CAAA,CAAA;AAAA,MAClE;AAAA,QACE,OAAS,EAAA;AAAA,UACP,GAAI,OAAW,IAAA,EAAE,aAAe,EAAA,CAAA,OAAA,EAAU,OAAO,CAAG,CAAA,EAAA;AAAA,SACtD;AAAA,OACF;AAAA,KACF,CAAA;AACA,IAAA,IAAI,YAAa,CAAA,MAAA,KAAW,GAAO,IAAA,YAAA,CAAa,WAAW,GAAK,EAAA;AAC9D,MAAO,OAAA,YAAA,CAAA;AAAA,KACT;AACA,IAAA,OAAO,aAAa,IAAK,EAAA,CAAA;AAAA,GAC3B;AAAA,EAEA,MAAM,WAAW,IAAc,EAAA;AAC7B,IAAA,MAAM,EAAE,KAAO,EAAA,OAAA,KAAY,MAAM,IAAA,CAAK,YAAY,cAAe,EAAA,CAAA;AACjE,IAAA,MAAM,UAAa,GAAA,IAAA,CAAK,SAAU,CAAA,SAAA,CAAU,iBAAiB,CAAA,CAAA;AAC7D,IAAA,MAAM,EAAE,IAAM,EAAA,SAAA,EAAW,IAAK,EAAA,GAAI,eAAe,IAAI,CAAA,CAAA;AACrD,IAAA,MAAM,eAAe,MAAM,KAAA;AAAA,MACzB,GAAG,UAAU,CAAA,sBAAA,EAAyB,IAAI,CAAI,CAAA,EAAA,SAAS,IAAI,IAAI,CAAA,CAAA;AAAA,MAC/D;AAAA,QACE,OAAS,EAAA;AAAA,UACP,GAAI,OAAW,IAAA,EAAE,aAAe,EAAA,CAAA,OAAA,EAAU,OAAO,CAAG,CAAA,EAAA;AAAA,UACpD,cAAgB,EAAA,kBAAA;AAAA,SAClB;AAAA,QACA,MAAQ,EAAA,QAAA;AAAA,OACV;AAAA,KACF,CAAA;AACA,IAAO,OAAA,YAAA,CAAA;AAAA,GACT;AAAA,EAEA,MAAM,QAAQ,IAAc,EAAA;AAC1B,IAAA,MAAM,EAAE,KAAO,EAAA,OAAA,KAAY,MAAM,IAAA,CAAK,YAAY,cAAe,EAAA,CAAA;AACjE,IAAA,MAAM,UAAa,GAAA,IAAA,CAAK,SAAU,CAAA,SAAA,CAAU,iBAAiB,CAAA,CAAA;AAC7D,IAAA,MAAM,EAAE,IAAM,EAAA,SAAA,EAAW,IAAK,EAAA,GAAI,eAAe,IAAI,CAAA,CAAA;AACrD,IAAA,MAAM,eAAe,MAAM,KAAA;AAAA,MACzB,GAAG,UAAU,CAAA,sBAAA,EAAyB,IAAI,CAAI,CAAA,EAAA,SAAS,IAAI,IAAI,CAAA,CAAA;AAAA,MAC/D;AAAA,QACE,OAAS,EAAA;AAAA,UACP,GAAI,OAAW,IAAA,EAAE,aAAe,EAAA,CAAA,OAAA,EAAU,OAAO,CAAG,CAAA,EAAA;AAAA,UACpD,cAAgB,EAAA,kBAAA;AAAA,SAClB;AAAA,OACF;AAAA,KACF,CAAA;AACA,IAAA,IAAI,YAAa,CAAA,MAAA,KAAW,GAAO,IAAA,YAAA,CAAa,WAAW,GAAK,EAAA;AAC9D,MAAO,OAAA,YAAA,CAAA;AAAA,KACT;AACA,IAAA,OAAO,aAAa,IAAK,EAAA,CAAA;AAAA,GAC3B;AAAA,EAEA,MAAM,UAAa,GAAA;AACjB,IAAA,MAAM,EAAE,KAAO,EAAA,OAAA,KAAY,MAAM,IAAA,CAAK,YAAY,cAAe,EAAA,CAAA;AACjE,IAAA,MAAM,UAAa,GAAA,IAAA,CAAK,SAAU,CAAA,SAAA,CAAU,iBAAiB,CAAA,CAAA;AAC7D,IAAA,MAAM,eAAe,MAAM,KAAA;AAAA,MACzB,GAAG,UAAU,CAAA,wDAAA,CAAA;AAAA,MACb;AAAA,QACE,OAAS,EAAA;AAAA,UACP,GAAI,OAAW,IAAA,EAAE,aAAe,EAAA,CAAA,OAAA,EAAU,OAAO,CAAG,CAAA,EAAA;AAAA,UACpD,cAAgB,EAAA,kBAAA;AAAA,SAClB;AAAA,OACF;AAAA,KACF,CAAA;AACA,IAAA,IAAI,YAAa,CAAA,MAAA,KAAW,GAAO,IAAA,YAAA,CAAa,WAAW,GAAK,EAAA;AAC9D,MAAO,OAAA,YAAA,CAAA;AAAA,KACT;AACA,IAAA,OAAO,aAAa,IAAK,EAAA,CAAA;AAAA,GAC3B;AAAA,EAEA,MAAM,eAAkB,GAAA;AACtB,IAAA,MAAM,EAAE,KAAO,EAAA,OAAA,KAAY,MAAM,IAAA,CAAK,YAAY,cAAe,EAAA,CAAA;AACjE,IAAA,MAAM,UAAa,GAAA,IAAA,CAAK,SAAU,CAAA,SAAA,CAAU,iBAAiB,CAAA,CAAA;AAC7D,IAAA,MAAM,eAAe,MAAM,KAAA;AAAA,MACzB,GAAG,UAAU,CAAA,gCAAA,CAAA;AAAA,MACb;AAAA,QACE,OAAS,EAAA;AAAA,UACP,GAAI,OAAW,IAAA,EAAE,aAAe,EAAA,CAAA,OAAA,EAAU,OAAO,CAAG,CAAA,EAAA;AAAA,UACpD,cAAgB,EAAA,kBAAA;AAAA,SAClB;AAAA,OACF;AAAA,KACF,CAAA;AACA,IAAA,IAAI,YAAa,CAAA,MAAA,KAAW,GAAO,IAAA,YAAA,CAAa,WAAW,GAAK,EAAA;AAC9D,MAAO,OAAA,YAAA,CAAA;AAAA,KACT;AACA,IAAA,OAAO,aAAa,IAAK,EAAA,CAAA;AAAA,GAC3B;AAAA,EAEA,MAAM,WAAW,IAAY,EAAA;AAC3B,IAAA,MAAM,EAAE,KAAO,EAAA,OAAA,KAAY,MAAM,IAAA,CAAK,YAAY,cAAe,EAAA,CAAA;AACjE,IAAA,MAAM,UAAa,GAAA,IAAA,CAAK,SAAU,CAAA,SAAA,CAAU,iBAAiB,CAAA,CAAA;AAC7D,IAAA,MAAM,YAAe,GAAA,MAAM,KAAM,CAAA,CAAA,EAAG,UAAU,CAAyB,qBAAA,CAAA,EAAA;AAAA,MACrE,MAAQ,EAAA,MAAA;AAAA,MACR,OAAS,EAAA;AAAA,QACP,cAAgB,EAAA,kBAAA;AAAA,QAChB,MAAQ,EAAA,kBAAA;AAAA,QACR,GAAI,OAAW,IAAA,EAAE,aAAe,EAAA,CAAA,OAAA,EAAU,OAAO,CAAG,CAAA,EAAA;AAAA,OACtD;AAAA,MACA,IAAA,EAAM,IAAK,CAAA,SAAA,CAAU,IAAI,CAAA;AAAA,KAC1B,CAAA,CAAA;AACD,IAAA,IAAI,YAAa,CAAA,MAAA,KAAW,GAAO,IAAA,YAAA,CAAa,WAAW,GAAK,EAAA;AAC9D,MAAA,OAAO,aAAa,IAAK,EAAA,CAAA;AAAA,KAC3B;AACA,IAAO,OAAA,YAAA,CAAA;AAAA,GACT;AAAA,EAEA,MAAM,UAAW,CAAA,OAAA,EAAe,OAAe,EAAA;AAC7C,IAAA,MAAM,EAAE,KAAO,EAAA,OAAA,KAAY,MAAM,IAAA,CAAK,YAAY,cAAe,EAAA,CAAA;AACjE,IAAA,MAAM,UAAa,GAAA,IAAA,CAAK,SAAU,CAAA,SAAA,CAAU,iBAAiB,CAAA,CAAA;AAC7D,IAAA,MAAM,EAAE,IAAM,EAAA,SAAA,EAAW,MAAS,GAAA,cAAA,CAAe,QAAQ,IAAI,CAAA,CAAA;AAC7D,IAAA,MAAM,IAAO,GAAA;AAAA,MACX,OAAA;AAAA,MACA,OAAA;AAAA,KACF,CAAA;AACA,IAAA,MAAM,eAAe,MAAM,KAAA;AAAA,MACzB,GAAG,UAAU,CAAA,sBAAA,EAAyB,IAAI,CAAI,CAAA,EAAA,SAAS,IAAI,IAAI,CAAA,CAAA;AAAA,MAC/D;AAAA,QACE,MAAQ,EAAA,KAAA;AAAA,QACR,OAAS,EAAA;AAAA,UACP,cAAgB,EAAA,kBAAA;AAAA,UAChB,MAAQ,EAAA,kBAAA;AAAA,UACR,GAAI,OAAW,IAAA,EAAE,aAAe,EAAA,CAAA,OAAA,EAAU,OAAO,CAAG,CAAA,EAAA;AAAA,SACtD;AAAA,QACA,IAAA,EAAM,IAAK,CAAA,SAAA,CAAU,IAAI,CAAA;AAAA,OAC3B;AAAA,KACF,CAAA;AACA,IACE,IAAA,YAAA,CAAa,WAAW,GACxB,IAAA,YAAA,CAAa,WAAW,GACxB,IAAA,YAAA,CAAa,WAAW,GACxB,EAAA;AACA,MAAA,OAAO,aAAa,IAAK,EAAA,CAAA;AAAA,KAC3B;AACA,IAAO,OAAA,YAAA,CAAA;AAAA,GACT;AAAA,EAEA,MAAM,cAAA,CACJ,eACA,EAAA,WAAA,EACA,WACA,EAAA;AACA,IAAA,MAAM,EAAE,KAAO,EAAA,OAAA,KAAY,MAAM,IAAA,CAAK,YAAY,cAAe,EAAA,CAAA;AACjE,IAAA,MAAM,UAAa,GAAA,IAAA,CAAK,SAAU,CAAA,SAAA,CAAU,iBAAiB,CAAA,CAAA;AAC7D,IAAA,MAAM,EAAE,IAAM,EAAA,SAAA,EAAW,IAAK,EAAA,GAAI,eAAe,eAAe,CAAA,CAAA;AAChE,IAAA,MAAM,IAAO,GAAA;AAAA,MACX,SAAW,EAAA,WAAA;AAAA,MACX,SAAW,EAAA,WAAA;AAAA,KACb,CAAA;AACA,IAAA,MAAM,eAAe,MAAM,KAAA;AAAA,MACzB,GAAG,UAAU,CAAA,yBAAA,EAA4B,IAAI,CAAI,CAAA,EAAA,SAAS,IAAI,IAAI,CAAA,CAAA;AAAA,MAClE;AAAA,QACE,MAAQ,EAAA,KAAA;AAAA,QACR,OAAS,EAAA;AAAA,UACP,cAAgB,EAAA,kBAAA;AAAA,UAChB,MAAQ,EAAA,kBAAA;AAAA,UACR,GAAI,OAAW,IAAA,EAAE,aAAe,EAAA,CAAA,OAAA,EAAU,OAAO,CAAG,CAAA,EAAA;AAAA,SACtD;AAAA,QACA,IAAA,EAAM,IAAK,CAAA,SAAA,CAAU,IAAI,CAAA;AAAA,OAC3B;AAAA,KACF,CAAA;AACA,IAAA,IAAI,YAAa,CAAA,MAAA,KAAW,GAAO,IAAA,YAAA,CAAa,WAAW,GAAK,EAAA;AAC9D,MAAA,OAAO,aAAa,IAAK,EAAA,CAAA;AAAA,KAC3B;AACA,IAAO,OAAA,YAAA,CAAA;AAAA,GACT;AAAA,EAEA,MAAM,cAAe,CAAA,eAAA,EAAyB,QAA6B,EAAA;AACzE,IAAA,MAAM,EAAE,KAAO,EAAA,OAAA,KAAY,MAAM,IAAA,CAAK,YAAY,cAAe,EAAA,CAAA;AACjE,IAAA,MAAM,UAAa,GAAA,IAAA,CAAK,SAAU,CAAA,SAAA,CAAU,iBAAiB,CAAA,CAAA;AAC7D,IAAA,MAAM,EAAE,IAAM,EAAA,SAAA,EAAW,IAAK,EAAA,GAAI,eAAe,eAAe,CAAA,CAAA;AAChE,IAAA,MAAM,eAAe,MAAM,KAAA;AAAA,MACzB,GAAG,UAAU,CAAA,yBAAA,EAA4B,IAAI,CAAI,CAAA,EAAA,SAAS,IAAI,IAAI,CAAA,CAAA;AAAA,MAClE;AAAA,QACE,OAAS,EAAA;AAAA,UACP,GAAI,OAAW,IAAA,EAAE,aAAe,EAAA,CAAA,OAAA,EAAU,OAAO,CAAG,CAAA,EAAA;AAAA,UACpD,cAAgB,EAAA,kBAAA;AAAA,UAChB,MAAQ,EAAA,kBAAA;AAAA,SACV;AAAA,QACA,IAAA,EAAM,IAAK,CAAA,SAAA,CAAU,QAAQ,CAAA;AAAA,QAC7B,MAAQ,EAAA,QAAA;AAAA,OACV;AAAA,KACF,CAAA;AAEA,IACE,IAAA,YAAA,CAAa,WAAW,GACxB,IAAA,YAAA,CAAa,WAAW,GACxB,IAAA,YAAA,CAAa,WAAW,GACxB,EAAA;AACA,MAAA,OAAO,aAAa,IAAK,EAAA,CAAA;AAAA,KAC3B;AACA,IAAO,OAAA,YAAA,CAAA;AAAA,GACT;AAAA,EAEA,MAAM,eAAe,QAA6B,EAAA;AAChD,IAAA,MAAM,EAAE,KAAO,EAAA,OAAA,KAAY,MAAM,IAAA,CAAK,YAAY,cAAe,EAAA,CAAA;AACjE,IAAA,MAAM,UAAa,GAAA,IAAA,CAAK,SAAU,CAAA,SAAA,CAAU,iBAAiB,CAAA,CAAA;AAC7D,IAAA,MAAM,YAAe,GAAA,MAAM,KAAM,CAAA,CAAA,EAAG,UAAU,CAA4B,wBAAA,CAAA,EAAA;AAAA,MACxE,MAAQ,EAAA,MAAA;AAAA,MACR,OAAS,EAAA;AAAA,QACP,cAAgB,EAAA,kBAAA;AAAA,QAChB,MAAQ,EAAA,kBAAA;AAAA,QACR,GAAI,OAAW,IAAA,EAAE,aAAe,EAAA,CAAA,OAAA,EAAU,OAAO,CAAG,CAAA,EAAA;AAAA,OACtD;AAAA,MACA,IAAA,EAAM,IAAK,CAAA,SAAA,CAAU,QAAQ,CAAA;AAAA,KAC9B,CAAA,CAAA;AACD,IAAA,IAAI,YAAa,CAAA,MAAA,KAAW,GAAO,IAAA,YAAA,CAAa,WAAW,GAAK,EAAA;AAC9D,MAAA,OAAO,aAAa,IAAK,EAAA,CAAA;AAAA,KAC3B;AACA,IAAO,OAAA,YAAA,CAAA;AAAA,GACT;AAAA,EAEA,MAAM,wBAA2B,GAAA;AAC/B,IAAA,MAAM,EAAE,KAAO,EAAA,OAAA,KAAY,MAAM,IAAA,CAAK,YAAY,cAAe,EAAA,CAAA;AACjE,IAAA,MAAM,UAAa,GAAA,IAAA,CAAK,SAAU,CAAA,SAAA,CAAU,iBAAiB,CAAA,CAAA;AAC7D,IAAA,MAAM,eAAe,MAAM,KAAA;AAAA,MACzB,GAAG,UAAU,CAAA,uCAAA,CAAA;AAAA,MACb;AAAA,QACE,OAAS,EAAA;AAAA,UACP,GAAI,OAAW,IAAA,EAAE,aAAe,EAAA,CAAA,OAAA,EAAU,OAAO,CAAG,CAAA,EAAA;AAAA,UACpD,cAAgB,EAAA,kBAAA;AAAA,SAClB;AAAA,OACF;AAAA,KACF,CAAA;AACA,IAAI,IAAA,YAAA,CAAa,WAAW,GAAK,EAAA;AAC/B,MAAO,OAAA,YAAA,CAAA;AAAA,KACT;AACA,IAAA,OAAO,aAAa,IAAK,EAAA,CAAA;AAAA,GAC3B;AAAA,EAEA,MAAM,4BACJ,qBACA,EAAA;AACA,IAAA,MAAM,EAAE,KAAO,EAAA,OAAA,KAAY,MAAM,IAAA,CAAK,YAAY,cAAe,EAAA,CAAA;AACjE,IAAA,MAAM,UAAa,GAAA,IAAA,CAAK,SAAU,CAAA,SAAA,CAAU,iBAAiB,CAAA,CAAA;AAC7D,IAAA,MAAM,eAAe,MAAM,KAAA;AAAA,MACzB,GAAG,UAAU,CAAA,gCAAA,CAAA;AAAA,MACb;AAAA,QACE,MAAQ,EAAA,MAAA;AAAA,QACR,OAAS,EAAA;AAAA,UACP,cAAgB,EAAA,kBAAA;AAAA,UAChB,MAAQ,EAAA,kBAAA;AAAA,UACR,GAAI,OAAW,IAAA,EAAE,aAAe,EAAA,CAAA,OAAA,EAAU,OAAO,CAAG,CAAA,EAAA;AAAA,SACtD;AAAA,QACA,IAAA,EAAM,IAAK,CAAA,SAAA,CAAU,qBAAqB,CAAA;AAAA,OAC5C;AAAA,KACF,CAAA;AACA,IAAA,IAAI,YAAa,CAAA,MAAA,KAAW,GAAO,IAAA,YAAA,CAAa,WAAW,GAAK,EAAA;AAC9D,MAAA,OAAO,aAAa,IAAK,EAAA,CAAA;AAAA,KAC3B;AACA,IAAO,OAAA,YAAA,CAAA;AAAA,GACT;AAAA,EAEA,MAAM,kBAAkB,OAAiB,EAAA;AACvC,IAAA,MAAM,EAAE,KAAO,EAAA,OAAA,KAAY,MAAM,IAAA,CAAK,YAAY,cAAe,EAAA,CAAA;AACjE,IAAA,MAAM,UAAa,GAAA,IAAA,CAAK,SAAU,CAAA,SAAA,CAAU,iBAAiB,CAAA,CAAA;AAC7D,IAAA,MAAM,eAAe,MAAM,KAAA;AAAA,MACzB,CAAA,EAAG,UAAU,CAAA,+CAAA,EAAkD,OAAO,CAAA,CAAA;AAAA,MACtE;AAAA,QACE,OAAS,EAAA;AAAA,UACP,GAAI,OAAW,IAAA,EAAE,aAAe,EAAA,CAAA,OAAA,EAAU,OAAO,CAAG,CAAA,EAAA;AAAA,UACpD,cAAgB,EAAA,kBAAA;AAAA,SAClB;AAAA,OACF;AAAA,KACF,CAAA;AACA,IAAI,IAAA,YAAA,CAAa,WAAW,GAAK,EAAA;AAC/B,MAAO,OAAA,YAAA,CAAA;AAAA,KACT;AACA,IAAA,OAAO,aAAa,IAAK,EAAA,CAAA;AAAA,GAC3B;AAAA,EAEA,MAAM,yBACJ,CAAA,WAAA,EACA,IACA,EAAA;AACA,IAAA,MAAM,EAAE,KAAO,EAAA,OAAA,KAAY,MAAM,IAAA,CAAK,YAAY,cAAe,EAAA,CAAA;AACjE,IAAA,MAAM,UAAa,GAAA,IAAA,CAAK,SAAU,CAAA,SAAA,CAAU,iBAAiB,CAAA,CAAA;AAC7D,IAAA,MAAM,eAAe,MAAM,KAAA;AAAA,MACzB,CAAA,EAAG,UAAU,CAAA,iCAAA,EAAoC,WAAW,CAAA,CAAA,CAAA;AAAA,MAC5D;AAAA,QACE,MAAQ,EAAA,KAAA;AAAA,QACR,OAAS,EAAA;AAAA,UACP,cAAgB,EAAA,kBAAA;AAAA,UAChB,MAAQ,EAAA,kBAAA;AAAA,UACR,GAAI,OAAW,IAAA,EAAE,aAAe,EAAA,CAAA,OAAA,EAAU,OAAO,CAAG,CAAA,EAAA;AAAA,SACtD;AAAA,QACA,IAAA,EAAM,IAAK,CAAA,SAAA,CAAU,IAAI,CAAA;AAAA,OAC3B;AAAA,KACF,CAAA;AACA,IAAA,IAAI,YAAa,CAAA,MAAA,KAAW,GAAO,IAAA,YAAA,CAAa,WAAW,GAAK,EAAA;AAC9D,MAAA,OAAO,aAAa,IAAK,EAAA,CAAA;AAAA,KAC3B;AACA,IAAO,OAAA,YAAA,CAAA;AAAA,GACT;AAAA,EAEA,MAAM,0BAA0B,WAAqB,EAAA;AACnD,IAAA,MAAM,EAAE,KAAO,EAAA,OAAA,KAAY,MAAM,IAAA,CAAK,YAAY,cAAe,EAAA,CAAA;AACjE,IAAA,MAAM,UAAa,GAAA,IAAA,CAAK,SAAU,CAAA,SAAA,CAAU,iBAAiB,CAAA,CAAA;AAC7D,IAAA,MAAM,eAAe,MAAM,KAAA;AAAA,MACzB,CAAA,EAAG,UAAU,CAAA,iCAAA,EAAoC,WAAW,CAAA,CAAA;AAAA,MAC5D;AAAA,QACE,OAAS,EAAA;AAAA,UACP,GAAI,OAAW,IAAA,EAAE,aAAe,EAAA,CAAA,OAAA,EAAU,OAAO,CAAG,CAAA,EAAA;AAAA,UACpD,cAAgB,EAAA,kBAAA;AAAA,UAChB,MAAQ,EAAA,kBAAA;AAAA,SACV;AAAA,QACA,MAAQ,EAAA,QAAA;AAAA,OACV;AAAA,KACF,CAAA;AAEA,IACE,IAAA,YAAA,CAAa,WAAW,GACxB,IAAA,YAAA,CAAa,WAAW,GACxB,IAAA,YAAA,CAAa,WAAW,GACxB,EAAA;AACA,MAAA,OAAO,aAAa,IAAK,EAAA,CAAA;AAAA,KAC3B;AACA,IAAO,OAAA,YAAA,CAAA;AAAA,GACT;AACF;;;;"}

package/dist/components/Administration.esm.js ADDED Viewed

@@ -0,0 +1,23 @@
+import React from 'react';
+import { useAsync } from 'react-use';
+import { SidebarItem } from '@backstage/core-components';
+import { useApi, configApiRef } from '@backstage/core-plugin-api';
+import RbacIcon from '@mui/icons-material/VpnKeyOutlined';
+import { rbacApiRef } from '../api/RBACBackendClient.esm.js';
+const Administration = () => {
+  const rbacApi = useApi(rbacApiRef);
+  const { loading: isUserLoading, value: result } = useAsync(
+    async () => await rbacApi.getUserAuthorization(),
+    []
+  );
+  const config = useApi(configApiRef);
+  const isRBACPluginEnabled = config.getOptionalBoolean("permission.enabled");
+  if (!isUserLoading && isRBACPluginEnabled) {
+    return result?.status === "Authorized" ? /* @__PURE__ */ React.createElement(SidebarItem, { text: "RBAC", to: "rbac", icon: RbacIcon }) : null;
+  }
+  return null;
+};
+export { Administration };
+//# sourceMappingURL=Administration.esm.js.map

package/dist/components/Administration.esm.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"Administration.esm.js","sources":["../../src/components/Administration.tsx"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport React from 'react';\nimport { useAsync } from 'react-use';\n\nimport { SidebarItem } from '@backstage/core-components';\nimport {\n configApiRef,\n IconComponent,\n useApi,\n} from '@backstage/core-plugin-api';\n\nimport { default as RbacIcon } from '@mui/icons-material/VpnKeyOutlined';\n\nimport { rbacApiRef } from '../api/RBACBackendClient';\n\nexport const Administration = () => {\n const rbacApi = useApi(rbacApiRef);\n const { loading: isUserLoading, value: result } = useAsync(\n async () => await rbacApi.getUserAuthorization(),\n [],\n );\n\n const config = useApi(configApiRef);\n const isRBACPluginEnabled = config.getOptionalBoolean('permission.enabled');\n\n if (!isUserLoading && isRBACPluginEnabled) {\n return result?.status === 'Authorized' ? (\n <SidebarItem text=\"RBAC\" to=\"rbac\" icon={RbacIcon as IconComponent} />\n ) : null;\n }\n return null;\n};\n"],"names":[],"mappings":";;;;;;;AA6BO,MAAM,iBAAiB,MAAM;AAClC,EAAM,MAAA,OAAA,GAAU,OAAO,UAAU,CAAA,CAAA;AACjC,EAAA,MAAM,EAAE,OAAA,EAAS,aAAe,EAAA,KAAA,EAAO,QAAW,GAAA,QAAA;AAAA,IAChD,YAAY,MAAM,OAAA,CAAQ,oBAAqB,EAAA;AAAA,IAC/C,EAAC;AAAA,GACH,CAAA;AAEA,EAAM,MAAA,MAAA,GAAS,OAAO,YAAY,CAAA,CAAA;AAClC,EAAM,MAAA,mBAAA,GAAsB,MAAO,CAAA,kBAAA,CAAmB,oBAAoB,CAAA,CAAA;AAE1E,EAAI,IAAA,CAAC,iBAAiB,mBAAqB,EAAA;AACzC,IAAO,OAAA,MAAA,EAAQ,MAAW,KAAA,YAAA,mBACvB,KAAA,CAAA,aAAA,CAAA,WAAA,EAAA,EAAY,IAAK,EAAA,MAAA,EAAO,EAAG,EAAA,MAAA,EAAO,IAAM,EAAA,QAAA,EAA2B,CAClE,GAAA,IAAA,CAAA;AAAA,GACN;AACA,EAAO,OAAA,IAAA,CAAA;AACT;;;;"}

package/dist/components/ConditionalAccess/AddNestedConditionButton.esm.js ADDED Viewed

@@ -0,0 +1,23 @@
+import React from 'react';
+import { Box, Typography } from '@material-ui/core';
+import Tooltip from '@material-ui/core/Tooltip';
+import HelpOutlineIcon from '@material-ui/icons/HelpOutline';
+const AddNestedConditionButton = () => {
+  const tooltipTitle = () => /* @__PURE__ */ React.createElement("div", null, /* @__PURE__ */ React.createElement(Typography, { variant: "body1", component: "p", align: "center" }, "Nested conditions are ", /* @__PURE__ */ React.createElement("b", null, "1 layer rules within a main condition"), ". It lets you allow appropriate access by using detailed permissions based on various conditions. You can add multiple nested conditions."), /* @__PURE__ */ React.createElement(Typography, { variant: "body1", component: "p", align: "center" }, "For example, you can allow access to all entity types in the main condition and use a nested condition to limit the access to entities owned by the user."));
+  return /* @__PURE__ */ React.createElement(
+    Box,
+    {
+      style: {
+        display: "flex",
+        justifyContent: "center",
+        alignItems: "center"
+      }
+    },
+    /* @__PURE__ */ React.createElement(Typography, { variant: "body1", component: "span" }, "Add Nested Condition"),
+    /* @__PURE__ */ React.createElement(Tooltip, { title: tooltipTitle(), placement: "top" }, /* @__PURE__ */ React.createElement(HelpOutlineIcon, { fontSize: "inherit", style: { marginLeft: "0.25rem" } }))
+  );
+};
+export { AddNestedConditionButton };
+//# sourceMappingURL=AddNestedConditionButton.esm.js.map

package/dist/components/ConditionalAccess/AddNestedConditionButton.esm.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"AddNestedConditionButton.esm.js","sources":["../../../src/components/ConditionalAccess/AddNestedConditionButton.tsx"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport React from 'react';\n\nimport { Box, Typography } from '@material-ui/core';\nimport Tooltip from '@material-ui/core/Tooltip';\nimport HelpOutlineIcon from '@material-ui/icons/HelpOutline';\n\nexport const AddNestedConditionButton = () => {\n const tooltipTitle = () => (\n <div>\n <Typography variant=\"body1\" component=\"p\" align=\"center\">\n Nested conditions are <b>1 layer rules within a main condition</b>. It\n lets you allow appropriate access by using detailed permissions based on\n various conditions. You can add multiple nested conditions.\n </Typography>\n <Typography variant=\"body1\" component=\"p\" align=\"center\">\n For example, you can allow access to all entity types in the main\n condition and use a nested condition to limit the access to entities\n owned by the user.\n </Typography>\n </div>\n );\n return (\n <Box\n style={{\n display: 'flex',\n justifyContent: 'center',\n alignItems: 'center',\n }}\n >\n <Typography variant=\"body1\" component=\"span\">\n Add Nested Condition\n </Typography>\n <Tooltip title={tooltipTitle()} placement=\"top\">\n <HelpOutlineIcon fontSize=\"inherit\" style={{ marginLeft: '0.25rem' }} />\n </Tooltip>\n </Box>\n );\n};\n"],"names":[],"mappings":";;;;;AAqBO,MAAM,2BAA2B,MAAM;AAC5C,EAAA,MAAM,YAAe,GAAA,sBAClB,KAAA,CAAA,aAAA,CAAA,KAAA,EAAA,IAAA,kBACE,KAAA,CAAA,aAAA,CAAA,UAAA,EAAA,EAAW,OAAQ,EAAA,OAAA,EAAQ,SAAU,EAAA,GAAA,EAAI,KAAM,EAAA,QAAA,EAAA,EAAS,wBACjC,kBAAA,KAAA,CAAA,aAAA,CAAC,GAAE,EAAA,IAAA,EAAA,uCAAqC,CAAI,EAAA,2IAGpE,CACA,kBAAA,KAAA,CAAA,aAAA,CAAC,UAAW,EAAA,EAAA,OAAA,EAAQ,OAAQ,EAAA,SAAA,EAAU,GAAI,EAAA,KAAA,EAAM,QAAS,EAAA,EAAA,2JAIzD,CACF,CAAA,CAAA;AAEF,EACE,uBAAA,KAAA,CAAA,aAAA;AAAA,IAAC,GAAA;AAAA,IAAA;AAAA,MACC,KAAO,EAAA;AAAA,QACL,OAAS,EAAA,MAAA;AAAA,QACT,cAAgB,EAAA,QAAA;AAAA,QAChB,UAAY,EAAA,QAAA;AAAA,OACd;AAAA,KAAA;AAAA,wCAEC,UAAW,EAAA,EAAA,OAAA,EAAQ,OAAQ,EAAA,SAAA,EAAU,UAAO,sBAE7C,CAAA;AAAA,wCACC,OAAQ,EAAA,EAAA,KAAA,EAAO,YAAa,EAAA,EAAG,WAAU,KACxC,EAAA,kBAAA,KAAA,CAAA,aAAA,CAAC,eAAgB,EAAA,EAAA,QAAA,EAAS,WAAU,KAAO,EAAA,EAAE,UAAY,EAAA,SAAA,IAAa,CACxE,CAAA;AAAA,GACF,CAAA;AAEJ;;;;"}