@backstage-community/plugin-rbac 1.35.0 → 1.36.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (104) hide show
  1. package/CHANGELOG.md +7 -0
  2. package/dist/components/Administration.esm.js +2 -2
  3. package/dist/components/Administration.esm.js.map +1 -1
  4. package/dist/components/ConditionalAccess/AddNestedConditionButton.esm.js +5 -5
  5. package/dist/components/ConditionalAccess/AddNestedConditionButton.esm.js.map +1 -1
  6. package/dist/components/ConditionalAccess/ComplexConditionRow.esm.js +5 -5
  7. package/dist/components/ConditionalAccess/ComplexConditionRow.esm.js.map +1 -1
  8. package/dist/components/ConditionalAccess/ComplexConditionRowButtons.esm.js +7 -7
  9. package/dist/components/ConditionalAccess/ComplexConditionRowButtons.esm.js.map +1 -1
  10. package/dist/components/ConditionalAccess/ConditionRule.esm.js +2 -2
  11. package/dist/components/ConditionalAccess/ConditionRule.esm.js.map +1 -1
  12. package/dist/components/ConditionalAccess/ConditionalAccessSidebar.esm.js +9 -9
  13. package/dist/components/ConditionalAccess/ConditionalAccessSidebar.esm.js.map +1 -1
  14. package/dist/components/ConditionalAccess/ConditionsForm.esm.js +14 -14
  15. package/dist/components/ConditionalAccess/ConditionsForm.esm.js.map +1 -1
  16. package/dist/components/ConditionalAccess/ConditionsFormRow.esm.js +27 -27
  17. package/dist/components/ConditionalAccess/ConditionsFormRow.esm.js.map +1 -1
  18. package/dist/components/ConditionalAccess/ConditionsFormRowFields.esm.js +6 -6
  19. package/dist/components/ConditionalAccess/ConditionsFormRowFields.esm.js.map +1 -1
  20. package/dist/components/ConditionalAccess/CriteriaToggleButton.esm.js +2 -2
  21. package/dist/components/ConditionalAccess/CriteriaToggleButton.esm.js.map +1 -1
  22. package/dist/components/ConditionalAccess/CustomArrayField.esm.js +5 -5
  23. package/dist/components/ConditionalAccess/CustomArrayField.esm.js.map +1 -1
  24. package/dist/components/ConditionalAccess/RulesDropdownOption.esm.js +4 -4
  25. package/dist/components/ConditionalAccess/RulesDropdownOption.esm.js.map +1 -1
  26. package/dist/components/CreateRole/AddMembersForm.esm.js +13 -13
  27. package/dist/components/CreateRole/AddMembersForm.esm.js.map +1 -1
  28. package/dist/components/CreateRole/AddedMembersTable.esm.js +3 -3
  29. package/dist/components/CreateRole/AddedMembersTable.esm.js.map +1 -1
  30. package/dist/components/CreateRole/AddedMembersTableColumn.esm.js +4 -4
  31. package/dist/components/CreateRole/AddedMembersTableColumn.esm.js.map +1 -1
  32. package/dist/components/CreateRole/CreateRolePage.esm.js +6 -6
  33. package/dist/components/CreateRole/CreateRolePage.esm.js.map +1 -1
  34. package/dist/components/CreateRole/EditRolePage.esm.js +9 -5
  35. package/dist/components/CreateRole/EditRolePage.esm.js.map +1 -1
  36. package/dist/components/CreateRole/MembersDropdownOption.esm.js +4 -4
  37. package/dist/components/CreateRole/MembersDropdownOption.esm.js.map +1 -1
  38. package/dist/components/CreateRole/PermissionPoliciesForm.esm.js +98 -104
  39. package/dist/components/CreateRole/PermissionPoliciesForm.esm.js.map +1 -1
  40. package/dist/components/CreateRole/PermissionPoliciesFormNestedRow.esm.js +125 -0
  41. package/dist/components/CreateRole/PermissionPoliciesFormNestedRow.esm.js.map +1 -0
  42. package/dist/components/CreateRole/PermissionPoliciesFormRow.esm.js +104 -153
  43. package/dist/components/CreateRole/PermissionPoliciesFormRow.esm.js.map +1 -1
  44. package/dist/components/CreateRole/PermissionPoliciesFormTable.esm.js +174 -0
  45. package/dist/components/CreateRole/PermissionPoliciesFormTable.esm.js.map +1 -0
  46. package/dist/components/CreateRole/PluginsDropdown.esm.js +66 -0
  47. package/dist/components/CreateRole/PluginsDropdown.esm.js.map +1 -0
  48. package/dist/components/CreateRole/PluginsDropdownOption.esm.js +52 -0
  49. package/dist/components/CreateRole/PluginsDropdownOption.esm.js.map +1 -0
  50. package/dist/components/CreateRole/ReviewStep.esm.js +5 -5
  51. package/dist/components/CreateRole/ReviewStep.esm.js.map +1 -1
  52. package/dist/components/CreateRole/ReviewStepTable.esm.js +4 -4
  53. package/dist/components/CreateRole/ReviewStepTable.esm.js.map +1 -1
  54. package/dist/components/CreateRole/RoleDetailsForm.esm.js +4 -4
  55. package/dist/components/CreateRole/RoleDetailsForm.esm.js.map +1 -1
  56. package/dist/components/CreateRole/RoleForm.esm.js +16 -15
  57. package/dist/components/CreateRole/RoleForm.esm.js.map +1 -1
  58. package/dist/components/DownloadUserStatistics.esm.js +2 -2
  59. package/dist/components/DownloadUserStatistics.esm.js.map +1 -1
  60. package/dist/components/EditRole.esm.js +3 -3
  61. package/dist/components/EditRole.esm.js.map +1 -1
  62. package/dist/components/RbacPage.esm.js +3 -3
  63. package/dist/components/RbacPage.esm.js.map +1 -1
  64. package/dist/components/RoleOverview/AboutCard.esm.js +9 -9
  65. package/dist/components/RoleOverview/AboutCard.esm.js.map +1 -1
  66. package/dist/components/RoleOverview/MembersCard.esm.js +8 -8
  67. package/dist/components/RoleOverview/MembersCard.esm.js.map +1 -1
  68. package/dist/components/RoleOverview/MembersListColumns.esm.js +2 -2
  69. package/dist/components/RoleOverview/MembersListColumns.esm.js.map +1 -1
  70. package/dist/components/RoleOverview/PermissionsCard.esm.js +8 -8
  71. package/dist/components/RoleOverview/PermissionsCard.esm.js.map +1 -1
  72. package/dist/components/RoleOverview/RoleOverviewPage.esm.js +5 -5
  73. package/dist/components/RoleOverview/RoleOverviewPage.esm.js.map +1 -1
  74. package/dist/components/RolesList/DeleteRole.esm.js +3 -3
  75. package/dist/components/RolesList/DeleteRole.esm.js.map +1 -1
  76. package/dist/components/RolesList/DeleteRoleDialog.esm.js +15 -15
  77. package/dist/components/RolesList/DeleteRoleDialog.esm.js.map +1 -1
  78. package/dist/components/RolesList/RolesList.esm.js +9 -9
  79. package/dist/components/RolesList/RolesList.esm.js.map +1 -1
  80. package/dist/components/RolesList/RolesListColumns.esm.js +5 -5
  81. package/dist/components/RolesList/RolesListColumns.esm.js.map +1 -1
  82. package/dist/components/RolesList/RolesListToolbar.esm.js +5 -5
  83. package/dist/components/RolesList/RolesListToolbar.esm.js.map +1 -1
  84. package/dist/components/Router.esm.js +8 -8
  85. package/dist/components/Router.esm.js.map +1 -1
  86. package/dist/components/SnackbarAlert.esm.js +3 -3
  87. package/dist/components/SnackbarAlert.esm.js.map +1 -1
  88. package/dist/components/ToastContext.esm.js +4 -4
  89. package/dist/components/ToastContext.esm.js.map +1 -1
  90. package/dist/hooks/useMembers.esm.js +2 -2
  91. package/dist/hooks/useMembers.esm.js.map +1 -1
  92. package/dist/hooks/usePermissionPolicies.esm.js +9 -5
  93. package/dist/hooks/usePermissionPolicies.esm.js.map +1 -1
  94. package/dist/hooks/useRoles.esm.js +7 -9
  95. package/dist/hooks/useRoles.esm.js.map +1 -1
  96. package/dist/utils/create-role-utils.esm.js +14 -9
  97. package/dist/utils/create-role-utils.esm.js.map +1 -1
  98. package/dist/utils/rbac-utils.esm.js +21 -10
  99. package/dist/utils/rbac-utils.esm.js.map +1 -1
  100. package/package.json +1 -1
  101. package/dist/components/CreateRole/PoliciesCheckboxGroup.esm.js +0 -76
  102. package/dist/components/CreateRole/PoliciesCheckboxGroup.esm.js.map +0 -1
  103. package/dist/components/CreateRole/const.esm.js +0 -14
  104. package/dist/components/CreateRole/const.esm.js.map +0 -1
package/dist/hooks/useRoles.esm.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"useRoles.esm.js","sources":["../../src/hooks/useRoles.ts"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport React from 'react';\nimport { useAsync, useAsyncRetry, useInterval } from 'react-use';\n\nimport { useApi } from '@backstage/core-plugin-api';\nimport { usePermission } from '@backstage/plugin-permission-react';\n\nimport {\n isResourcedPolicy,\n PluginPermissionMetaData,\n policyEntityCreatePermission,\n policyEntityDeletePermission,\n policyEntityUpdatePermission,\n Role,\n RoleBasedPolicy,\n} from '@backstage-community/plugin-rbac-common';\n\nimport { rbacApiRef } from '../api/RBACBackendClient';\nimport { RolesData } from '../types';\nimport { getPermissions, getPermissionsArray } from '../utils/rbac-utils';\n\ntype RoleWithConditionalPoliciesCount = Role & {\n conditionalPoliciesCount: number;\n accessiblePlugins: string[];\n};\n\nexport const useRoles = (\n pollInterval?: number,\n): {\n loading: boolean;\n data: RolesData[];\n createRoleLoading: boolean;\n createRoleAllowed: boolean;\n error: {\n rolesError: string;\n policiesError: string;\n roleConditionError: string;\n };\n retry: { roleRetry: () => void; policiesRetry: () => void };\n} => {\n const rbacApi = useApi(rbacApiRef);\n const [newRoles, setNewRoles] = React.useState<\n RoleWithConditionalPoliciesCount[]\n >([]);\n const [roleConditionError, setRoleConditionError] =\n React.useState<string>('');\n const {\n value: roles,\n retry: roleRetry,\n error: rolesError,\n } = useAsyncRetry(async () => await rbacApi.getRoles());\n\n const {\n value: policies,\n retry: policiesRetry,\n error: policiesError,\n } = useAsyncRetry(async () => await rbacApi.getPolicies(), []);\n\n const {\n loading: membersLoading,\n value: members,\n error: membersError,\n } = useAsync(async () => {\n return await rbacApi.getMembers();\n });\n\n const {\n value: permissionPolicies,\n loading: loadingPermissionPolicies,\n error: permissionPoliciesError,\n } = useAsync(async () => {\n return await rbacApi.listPermissions();\n });\n\n const canReadUsersAndGroups =\n !membersLoading &&\n !membersError &&\n Array.isArray(members) &&\n members.length > 0;\n\n const deletePermissionResult = usePermission({\n permission: policyEntityDeletePermission,\n resourceRef: policyEntityDeletePermission.resourceType,\n });\n\n const policyEntityCreatePermissionResult = usePermission({\n permission: policyEntityCreatePermission,\n resourceRef: policyEntityCreatePermission.resourceType,\n });\n\n const createRoleLoading =\n policyEntityCreatePermissionResult.loading || membersLoading;\n\n const createRoleAllowed =\n policyEntityCreatePermissionResult.allowed && canReadUsersAndGroups;\n\n const editPermissionResult = usePermission({\n permission: policyEntityUpdatePermission,\n resourceRef: policyEntityUpdatePermission.resourceType,\n });\n\n React.useEffect(() => {\n const fetchAllPermissionPolicies = async () => {\n if (!Array.isArray(roles)) return;\n const failedFetchConditionRoles: string[] = [];\n const conditionPromises = roles.map(async role => {\n try {\n const conditionalPolicies = await rbacApi.getRoleConditions(\n role.name,\n );\n\n if ((conditionalPolicies as any as Response)?.statusText) {\n failedFetchConditionRoles.push(role.name);\n throw new Error(\n (conditionalPolicies as any as Response).statusText,\n );\n }\n const accessiblePlugins =\n Array.isArray(conditionalPolicies) && conditionalPolicies.length > 0\n ? conditionalPolicies.map(c => c.pluginId)\n : [];\n return {\n ...role,\n conditionalPoliciesCount: Array.isArray(conditionalPolicies)\n ? conditionalPolicies.length\n : 0,\n accessiblePlugins,\n };\n } catch (error) {\n setRoleConditionError(\n `Error fetching role conditions for ${\n failedFetchConditionRoles.length > 1 ? 'roles' : 'role'\n } ${failedFetchConditionRoles.join(', ')}, please try again later.`,\n );\n return {\n ...role,\n conditionalPoliciesCount: 0,\n accessiblePlugins: [],\n };\n }\n });\n\n const updatedRoles = await Promise.all(conditionPromises);\n setNewRoles(updatedRoles);\n };\n\n fetchAllPermissionPolicies();\n }, [roles, rbacApi]);\n\n const data: RolesData[] = React.useMemo(\n () =>\n Array.isArray(newRoles) && newRoles?.length > 0\n ? newRoles.reduce(\n (acc: RolesData[], role: RoleWithConditionalPoliciesCount) => {\n const permissions = getPermissions(\n role.name,\n policies as RoleBasedPolicy[],\n );\n\n let accPls = role.accessiblePlugins;\n if (\n !loadingPermissionPolicies &&\n !permissionPoliciesError &&\n (permissionPolicies as PluginPermissionMetaData[])?.length > 0\n ) {\n const pls = getPermissionsArray(\n role.name,\n policies as RoleBasedPolicy[],\n ).map(\n po =>\n (permissionPolicies as PluginPermissionMetaData[]).find(\n pp =>\n pp.policies?.find(pol =>\n isResourcedPolicy(pol)\n ? po.permission === pol.resourceType\n : po.permission === pol.name,\n ),\n )?.pluginId,\n );\n accPls = [...accPls, ...pls].filter(val => !!val) as string[];\n }\n const accessiblePlugins = accPls\n .filter((val, index, plugins) => plugins.indexOf(val) === index)\n .sort();\n\n return [\n ...acc,\n {\n id: role.name,\n name: role.name,\n description: role.metadata?.description ?? '-',\n members: role.memberReferences,\n permissions: role.conditionalPoliciesCount + permissions,\n modifiedBy: '-',\n lastModified: '-',\n actionsPermissionResults: {\n delete: deletePermissionResult,\n edit: {\n allowed:\n editPermissionResult.allowed && canReadUsersAndGroups,\n loading: editPermissionResult.loading,\n },\n },\n accessiblePlugins,\n },\n ];\n },\n [],\n )\n : [],\n [\n newRoles,\n policies,\n loadingPermissionPolicies,\n permissionPoliciesError,\n permissionPolicies,\n deletePermissionResult,\n editPermissionResult.allowed,\n editPermissionResult.loading,\n canReadUsersAndGroups,\n ],\n );\n const loading = !rolesError && !policiesError && !roles && !policies;\n\n useInterval(\n () => {\n roleRetry();\n policiesRetry();\n },\n loading ? null : pollInterval || 10000,\n );\n\n return {\n loading,\n data,\n error: {\n rolesError: (rolesError?.message ||\n (typeof roles === 'object'\n ? (roles as any as Response)?.statusText\n : '')) as string,\n policiesError: (policiesError?.message ||\n (typeof policies === 'object'\n ? (policies as any as Response)?.statusText\n : '')) as string,\n roleConditionError,\n },\n createRoleLoading,\n createRoleAllowed,\n retry: { roleRetry, policiesRetry },\n };\n};\n"],"names":[],"mappings":";;;;;;;;AAwCa,MAAA,QAAA,GAAW,CACtB,YAYG,KAAA;AACH,EAAM,MAAA,OAAA,GAAU,OAAO,UAAU,CAAA;AACjC,EAAA,MAAM,CAAC,QAAU,EAAA,WAAW,IAAI,KAAM,CAAA,QAAA,CAEpC,EAAE,CAAA;AACJ,EAAA,MAAM,CAAC,kBAAoB,EAAA,qBAAqB,CAC9C,GAAA,KAAA,CAAM,SAAiB,EAAE,CAAA;AAC3B,EAAM,MAAA;AAAA,IACJ,KAAO,EAAA,KAAA;AAAA,IACP,KAAO,EAAA,SAAA;AAAA,IACP,KAAO,EAAA;AAAA,MACL,aAAc,CAAA,YAAY,MAAM,OAAA,CAAQ,UAAU,CAAA;AAEtD,EAAM,MAAA;AAAA,IACJ,KAAO,EAAA,QAAA;AAAA,IACP,KAAO,EAAA,aAAA;AAAA,IACP,KAAO,EAAA;AAAA,GACT,GAAI,cAAc,YAAY,MAAM,QAAQ,WAAY,EAAA,EAAG,EAAE,CAAA;AAE7D,EAAM,MAAA;AAAA,IACJ,OAAS,EAAA,cAAA;AAAA,IACT,KAAO,EAAA,OAAA;AAAA,IACP,KAAO,EAAA;AAAA,GACT,GAAI,SAAS,YAAY;AACvB,IAAO,OAAA,MAAM,QAAQ,UAAW,EAAA;AAAA,GACjC,CAAA;AAED,EAAM,MAAA;AAAA,IACJ,KAAO,EAAA,kBAAA;AAAA,IACP,OAAS,EAAA,yBAAA;AAAA,IACT,KAAO,EAAA;AAAA,GACT,GAAI,SAAS,YAAY;AACvB,IAAO,OAAA,MAAM,QAAQ,eAAgB,EAAA;AAAA,GACtC,CAAA;AAED,EAAM,MAAA,qBAAA,GACJ,CAAC,cAAA,IACD,CAAC,YAAA,IACD,MAAM,OAAQ,CAAA,OAAO,CACrB,IAAA,OAAA,CAAQ,MAAS,GAAA,CAAA;AAEnB,EAAA,MAAM,yBAAyB,aAAc,CAAA;AAAA,IAC3C,UAAY,EAAA,4BAAA;AAAA,IACZ,aAAa,4BAA6B,CAAA;AAAA,GAC3C,CAAA;AAED,EAAA,MAAM,qCAAqC,aAAc,CAAA;AAAA,IACvD,UAAY,EAAA,4BAAA;AAAA,IACZ,aAAa,4BAA6B,CAAA;AAAA,GAC3C,CAAA;AAED,EAAM,MAAA,iBAAA,GACJ,mCAAmC,OAAW,IAAA,cAAA;AAEhD,EAAM,MAAA,iBAAA,GACJ,mCAAmC,OAAW,IAAA,qBAAA;AAEhD,EAAA,MAAM,uBAAuB,aAAc,CAAA;AAAA,IACzC,UAAY,EAAA,4BAAA;AAAA,IACZ,aAAa,4BAA6B,CAAA;AAAA,GAC3C,CAAA;AAED,EAAA,KAAA,CAAM,UAAU,MAAM;AACpB,IAAA,MAAM,6BAA6B,YAAY;AAC7C,MAAA,IAAI,CAAC,KAAA,CAAM,OAAQ,CAAA,KAAK,CAAG,EAAA;AAC3B,MAAA,MAAM,4BAAsC,EAAC;AAC7C,MAAA,MAAM,iBAAoB,GAAA,KAAA,CAAM,GAAI,CAAA,OAAM,IAAQ,KAAA;AAChD,QAAI,IAAA;AACF,UAAM,MAAA,mBAAA,GAAsB,MAAM,OAAQ,CAAA,iBAAA;AAAA,YACxC,IAAK,CAAA;AAAA,WACP;AAEA,UAAA,IAAK,qBAAyC,UAAY,EAAA;AACxD,YAA0B,yBAAA,CAAA,IAAA,CAAK,KAAK,IAAI,CAAA;AACxC,YAAA,MAAM,IAAI,KAAA;AAAA,cACP,mBAAwC,CAAA;AAAA,aAC3C;AAAA;AAEF,UAAA,MAAM,iBACJ,GAAA,KAAA,CAAM,OAAQ,CAAA,mBAAmB,KAAK,mBAAoB,CAAA,MAAA,GAAS,CAC/D,GAAA,mBAAA,CAAoB,GAAI,CAAA,CAAA,CAAA,KAAK,CAAE,CAAA,QAAQ,IACvC,EAAC;AACP,UAAO,OAAA;AAAA,YACL,GAAG,IAAA;AAAA,YACH,0BAA0B,KAAM,CAAA,OAAA,CAAQ,mBAAmB,CAAA,GACvD,oBAAoB,MACpB,GAAA,CAAA;AAAA,YACJ;AAAA,WACF;AAAA,iBACO,KAAO,EAAA;AACd,UAAA,qBAAA;AAAA,YACE,CAAA,mCAAA,EACE,yBAA0B,CAAA,MAAA,GAAS,CAAI,GAAA,OAAA,GAAU,MACnD,CAAI,CAAA,EAAA,yBAAA,CAA0B,IAAK,CAAA,IAAI,CAAC,CAAA,yBAAA;AAAA,WAC1C;AACA,UAAO,OAAA;AAAA,YACL,GAAG,IAAA;AAAA,YACH,wBAA0B,EAAA,CAAA;AAAA,YAC1B,mBAAmB;AAAC,WACtB;AAAA;AACF,OACD,CAAA;AAED,MAAA,MAAM,YAAe,GAAA,MAAM,OAAQ,CAAA,GAAA,CAAI,iBAAiB,CAAA;AACxD,MAAA,WAAA,CAAY,YAAY,CAAA;AAAA,KAC1B;AAEA,IAA2B,0BAAA,EAAA;AAAA,GAC1B,EAAA,CAAC,KAAO,EAAA,OAAO,CAAC,CAAA;AAEnB,EAAA,MAAM,OAAoB,KAAM,CAAA,OAAA;AAAA,IAC9B,MACE,MAAM,OAAQ,CAAA,QAAQ,KAAK,QAAU,EAAA,MAAA,GAAS,IAC1C,QAAS,CAAA,MAAA;AAAA,MACP,CAAC,KAAkB,IAA2C,KAAA;AAC5D,QAAA,MAAM,WAAc,GAAA,cAAA;AAAA,UAClB,IAAK,CAAA,IAAA;AAAA,UACL;AAAA,SACF;AAEA,QAAA,IAAI,SAAS,IAAK,CAAA,iBAAA;AAClB,QAAA,IACE,CAAC,yBACD,IAAA,CAAC,uBACA,IAAA,kBAAA,EAAmD,SAAS,CAC7D,EAAA;AACA,UAAA,MAAM,GAAM,GAAA,mBAAA;AAAA,YACV,IAAK,CAAA,IAAA;AAAA,YACL;AAAA,WACA,CAAA,GAAA;AAAA,YACA,QACG,kBAAkD,CAAA,IAAA;AAAA,cACjD,CAAA,EAAA,KACE,GAAG,QAAU,EAAA,IAAA;AAAA,gBAAK,CAAA,GAAA,KAChB,iBAAkB,CAAA,GAAG,CACjB,GAAA,EAAA,CAAG,eAAe,GAAI,CAAA,YAAA,GACtB,EAAG,CAAA,UAAA,KAAe,GAAI,CAAA;AAAA;AAC5B,aACD,EAAA;AAAA,WACP;AACA,UAAS,MAAA,GAAA,CAAC,GAAG,MAAA,EAAQ,GAAG,GAAG,EAAE,MAAO,CAAA,CAAA,GAAA,KAAO,CAAC,CAAC,GAAG,CAAA;AAAA;AAElD,QAAA,MAAM,iBAAoB,GAAA,MAAA,CACvB,MAAO,CAAA,CAAC,GAAK,EAAA,KAAA,EAAO,OAAY,KAAA,OAAA,CAAQ,OAAQ,CAAA,GAAG,CAAM,KAAA,KAAK,EAC9D,IAAK,EAAA;AAER,QAAO,OAAA;AAAA,UACL,GAAG,GAAA;AAAA,UACH;AAAA,YACE,IAAI,IAAK,CAAA,IAAA;AAAA,YACT,MAAM,IAAK,CAAA,IAAA;AAAA,YACX,WAAA,EAAa,IAAK,CAAA,QAAA,EAAU,WAAe,IAAA,GAAA;AAAA,YAC3C,SAAS,IAAK,CAAA,gBAAA;AAAA,YACd,WAAA,EAAa,KAAK,wBAA2B,GAAA,WAAA;AAAA,YAC7C,UAAY,EAAA,GAAA;AAAA,YACZ,YAAc,EAAA,GAAA;AAAA,YACd,wBAA0B,EAAA;AAAA,cACxB,MAAQ,EAAA,sBAAA;AAAA,cACR,IAAM,EAAA;AAAA,gBACJ,OAAA,EACE,qBAAqB,OAAW,IAAA,qBAAA;AAAA,gBAClC,SAAS,oBAAqB,CAAA;AAAA;AAChC,aACF;AAAA,YACA;AAAA;AACF,SACF;AAAA,OACF;AAAA,MACA;AAAC,QAEH,EAAC;AAAA,IACP;AAAA,MACE,QAAA;AAAA,MACA,QAAA;AAAA,MACA,yBAAA;AAAA,MACA,uBAAA;AAAA,MACA,kBAAA;AAAA,MACA,sBAAA;AAAA,MACA,oBAAqB,CAAA,OAAA;AAAA,MACrB,oBAAqB,CAAA,OAAA;AAAA,MACrB;AAAA;AACF,GACF;AACA,EAAA,MAAM,UAAU,CAAC,UAAA,IAAc,CAAC,aAAiB,IAAA,CAAC,SAAS,CAAC,QAAA;AAE5D,EAAA,WAAA;AAAA,IACE,MAAM;AACJ,MAAU,SAAA,EAAA;AACV,MAAc,aAAA,EAAA;AAAA,KAChB;AAAA,IACA,OAAA,GAAU,OAAuB;AAAA,GACnC;AAEA,EAAO,OAAA;AAAA,IACL,OAAA;AAAA,IACA,IAAA;AAAA,IACA,KAAO,EAAA;AAAA,MACL,YAAa,UAAY,EAAA,OAAA,KACtB,OAAO,KAAU,KAAA,QAAA,GACb,OAA2B,UAC5B,GAAA,EAAA,CAAA;AAAA,MACN,eAAgB,aAAe,EAAA,OAAA,KAC5B,OAAO,QAAa,KAAA,QAAA,GAChB,UAA8B,UAC/B,GAAA,EAAA,CAAA;AAAA,MACN;AAAA,KACF;AAAA,IACA,iBAAA;AAAA,IACA,iBAAA;AAAA,IACA,KAAA,EAAO,EAAE,SAAA,EAAW,aAAc;AAAA,GACpC;AACF;;;;"}
1
+ {"version":3,"file":"useRoles.esm.js","sources":["../../src/hooks/useRoles.ts"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport React from 'react';\nimport { useAsync, useAsyncRetry, useInterval } from 'react-use';\n\nimport { useApi } from '@backstage/core-plugin-api';\nimport { usePermission } from '@backstage/plugin-permission-react';\n\nimport {\n PluginPermissionMetaData,\n policyEntityCreatePermission,\n policyEntityDeletePermission,\n policyEntityUpdatePermission,\n Role,\n RoleBasedPolicy,\n} from '@backstage-community/plugin-rbac-common';\n\nimport { rbacApiRef } from '../api/RBACBackendClient';\nimport { RolesData } from '../types';\nimport { getPermissions, getPermissionsArray } from '../utils/rbac-utils';\n\ntype RoleWithConditionalPoliciesCount = Role & {\n conditionalPoliciesCount: number;\n accessiblePlugins: string[];\n};\n\nexport const useRoles = (\n pollInterval?: number,\n): {\n loading: boolean;\n data: RolesData[];\n createRoleLoading: boolean;\n createRoleAllowed: boolean;\n error: {\n rolesError: string;\n policiesError: string;\n roleConditionError: string;\n };\n retry: { roleRetry: () => void; policiesRetry: () => void };\n} => {\n const rbacApi = useApi(rbacApiRef);\n const [newRoles, setNewRoles] = React.useState<\n RoleWithConditionalPoliciesCount[]\n >([]);\n const [roleConditionError, setRoleConditionError] =\n React.useState<string>('');\n const {\n value: roles,\n retry: roleRetry,\n error: rolesError,\n } = useAsyncRetry(async () => await rbacApi.getRoles());\n\n const {\n value: policies,\n retry: policiesRetry,\n error: policiesError,\n } = useAsyncRetry(async () => await rbacApi.getPolicies(), []);\n\n const {\n loading: membersLoading,\n value: members,\n error: membersError,\n } = useAsync(async () => {\n return await rbacApi.getMembers();\n });\n\n const {\n value: permissionPolicies,\n loading: loadingPermissionPolicies,\n error: permissionPoliciesError,\n } = useAsync(async () => {\n return await rbacApi.listPermissions();\n });\n\n const canReadUsersAndGroups =\n !membersLoading &&\n !membersError &&\n Array.isArray(members) &&\n members.length > 0;\n\n const deletePermissionResult = usePermission({\n permission: policyEntityDeletePermission,\n resourceRef: policyEntityDeletePermission.resourceType,\n });\n\n const policyEntityCreatePermissionResult = usePermission({\n permission: policyEntityCreatePermission,\n resourceRef: policyEntityCreatePermission.resourceType,\n });\n\n const createRoleLoading =\n policyEntityCreatePermissionResult.loading || membersLoading;\n\n const createRoleAllowed =\n policyEntityCreatePermissionResult.allowed && canReadUsersAndGroups;\n\n const editPermissionResult = usePermission({\n permission: policyEntityUpdatePermission,\n resourceRef: policyEntityUpdatePermission.resourceType,\n });\n\n React.useEffect(() => {\n const fetchAllPermissionPolicies = async () => {\n if (!Array.isArray(roles)) return;\n const failedFetchConditionRoles: string[] = [];\n const conditionPromises = roles.map(async role => {\n try {\n const conditionalPolicies = await rbacApi.getRoleConditions(\n role.name,\n );\n\n if ((conditionalPolicies as any as Response)?.statusText) {\n failedFetchConditionRoles.push(role.name);\n throw new Error(\n (conditionalPolicies as any as Response).statusText,\n );\n }\n const accessiblePlugins =\n Array.isArray(conditionalPolicies) && conditionalPolicies.length > 0\n ? conditionalPolicies.map(c => c.pluginId)\n : [];\n return {\n ...role,\n conditionalPoliciesCount: Array.isArray(conditionalPolicies)\n ? conditionalPolicies.length\n : 0,\n accessiblePlugins,\n };\n } catch (error) {\n setRoleConditionError(\n `Error fetching role conditions for ${\n failedFetchConditionRoles.length > 1 ? 'roles' : 'role'\n } ${failedFetchConditionRoles.join(', ')}, please try again later.`,\n );\n return {\n ...role,\n conditionalPoliciesCount: 0,\n accessiblePlugins: [],\n };\n }\n });\n\n const updatedRoles = await Promise.all(conditionPromises);\n setNewRoles(updatedRoles);\n };\n\n fetchAllPermissionPolicies();\n }, [roles, rbacApi]);\n\n const data: RolesData[] = React.useMemo(\n () =>\n Array.isArray(newRoles) && newRoles?.length > 0\n ? newRoles.reduce(\n (acc: RolesData[], role: RoleWithConditionalPoliciesCount) => {\n const permissions = getPermissions(\n role.name,\n policies as RoleBasedPolicy[],\n );\n\n let accPls = role.accessiblePlugins;\n if (\n !loadingPermissionPolicies &&\n !permissionPoliciesError &&\n (permissionPolicies as PluginPermissionMetaData[])?.length > 0\n ) {\n const pls = getPermissionsArray(\n role.name,\n policies as RoleBasedPolicy[],\n ).map(\n po =>\n (permissionPolicies as PluginPermissionMetaData[]).find(\n pp =>\n pp.policies?.find(pol => po.permission === pol.name),\n )?.pluginId,\n );\n accPls = [...accPls, ...pls].filter(val => !!val) as string[];\n }\n const accessiblePlugins = accPls\n .filter((val, index, plugins) => plugins.indexOf(val) === index)\n .sort();\n\n return [\n ...acc,\n {\n id: role.name,\n name: role.name,\n description: role.metadata?.description ?? '-',\n members: role.memberReferences,\n permissions: role.conditionalPoliciesCount + permissions,\n modifiedBy: '-',\n lastModified: '-',\n actionsPermissionResults: {\n delete: deletePermissionResult,\n edit: {\n allowed:\n editPermissionResult.allowed && canReadUsersAndGroups,\n loading: editPermissionResult.loading,\n },\n },\n accessiblePlugins,\n },\n ];\n },\n [],\n )\n : [],\n [\n newRoles,\n policies,\n loadingPermissionPolicies,\n permissionPoliciesError,\n permissionPolicies,\n deletePermissionResult,\n editPermissionResult.allowed,\n editPermissionResult.loading,\n canReadUsersAndGroups,\n ],\n );\n const loading = !rolesError && !policiesError && !roles && !policies;\n\n useInterval(\n () => {\n roleRetry();\n policiesRetry();\n },\n loading ? null : pollInterval || 10000,\n );\n\n return {\n loading,\n data,\n error: {\n rolesError: (rolesError?.message ||\n (typeof roles === 'object'\n ? (roles as any as Response)?.statusText\n : '')) as string,\n policiesError: (policiesError?.message ||\n (typeof policies === 'object'\n ? (policies as any as Response)?.statusText\n : '')) as string,\n roleConditionError,\n },\n createRoleLoading,\n createRoleAllowed,\n retry: { roleRetry, policiesRetry },\n };\n};\n"],"names":["React"],"mappings":";;;;;;;;AAuCa,MAAA,QAAA,GAAW,CACtB,YAYG,KAAA;AACH,EAAM,MAAA,OAAA,GAAU,OAAO,UAAU,CAAA;AACjC,EAAA,MAAM,CAAC,QAAU,EAAA,WAAW,IAAIA,cAAM,CAAA,QAAA,CAEpC,EAAE,CAAA;AACJ,EAAA,MAAM,CAAC,kBAAoB,EAAA,qBAAqB,CAC9C,GAAAA,cAAA,CAAM,SAAiB,EAAE,CAAA;AAC3B,EAAM,MAAA;AAAA,IACJ,KAAO,EAAA,KAAA;AAAA,IACP,KAAO,EAAA,SAAA;AAAA,IACP,KAAO,EAAA;AAAA,MACL,aAAc,CAAA,YAAY,MAAM,OAAA,CAAQ,UAAU,CAAA;AAEtD,EAAM,MAAA;AAAA,IACJ,KAAO,EAAA,QAAA;AAAA,IACP,KAAO,EAAA,aAAA;AAAA,IACP,KAAO,EAAA;AAAA,GACT,GAAI,cAAc,YAAY,MAAM,QAAQ,WAAY,EAAA,EAAG,EAAE,CAAA;AAE7D,EAAM,MAAA;AAAA,IACJ,OAAS,EAAA,cAAA;AAAA,IACT,KAAO,EAAA,OAAA;AAAA,IACP,KAAO,EAAA;AAAA,GACT,GAAI,SAAS,YAAY;AACvB,IAAO,OAAA,MAAM,QAAQ,UAAW,EAAA;AAAA,GACjC,CAAA;AAED,EAAM,MAAA;AAAA,IACJ,KAAO,EAAA,kBAAA;AAAA,IACP,OAAS,EAAA,yBAAA;AAAA,IACT,KAAO,EAAA;AAAA,GACT,GAAI,SAAS,YAAY;AACvB,IAAO,OAAA,MAAM,QAAQ,eAAgB,EAAA;AAAA,GACtC,CAAA;AAED,EAAM,MAAA,qBAAA,GACJ,CAAC,cAAA,IACD,CAAC,YAAA,IACD,MAAM,OAAQ,CAAA,OAAO,CACrB,IAAA,OAAA,CAAQ,MAAS,GAAA,CAAA;AAEnB,EAAA,MAAM,yBAAyB,aAAc,CAAA;AAAA,IAC3C,UAAY,EAAA,4BAAA;AAAA,IACZ,aAAa,4BAA6B,CAAA;AAAA,GAC3C,CAAA;AAED,EAAA,MAAM,qCAAqC,aAAc,CAAA;AAAA,IACvD,UAAY,EAAA,4BAAA;AAAA,IACZ,aAAa,4BAA6B,CAAA;AAAA,GAC3C,CAAA;AAED,EAAM,MAAA,iBAAA,GACJ,mCAAmC,OAAW,IAAA,cAAA;AAEhD,EAAM,MAAA,iBAAA,GACJ,mCAAmC,OAAW,IAAA,qBAAA;AAEhD,EAAA,MAAM,uBAAuB,aAAc,CAAA;AAAA,IACzC,UAAY,EAAA,4BAAA;AAAA,IACZ,aAAa,4BAA6B,CAAA;AAAA,GAC3C,CAAA;AAED,EAAAA,cAAA,CAAM,UAAU,MAAM;AACpB,IAAA,MAAM,6BAA6B,YAAY;AAC7C,MAAA,IAAI,CAAC,KAAA,CAAM,OAAQ,CAAA,KAAK,CAAG,EAAA;AAC3B,MAAA,MAAM,4BAAsC,EAAC;AAC7C,MAAA,MAAM,iBAAoB,GAAA,KAAA,CAAM,GAAI,CAAA,OAAM,IAAQ,KAAA;AAChD,QAAI,IAAA;AACF,UAAM,MAAA,mBAAA,GAAsB,MAAM,OAAQ,CAAA,iBAAA;AAAA,YACxC,IAAK,CAAA;AAAA,WACP;AAEA,UAAA,IAAK,qBAAyC,UAAY,EAAA;AACxD,YAA0B,yBAAA,CAAA,IAAA,CAAK,KAAK,IAAI,CAAA;AACxC,YAAA,MAAM,IAAI,KAAA;AAAA,cACP,mBAAwC,CAAA;AAAA,aAC3C;AAAA;AAEF,UAAA,MAAM,iBACJ,GAAA,KAAA,CAAM,OAAQ,CAAA,mBAAmB,KAAK,mBAAoB,CAAA,MAAA,GAAS,CAC/D,GAAA,mBAAA,CAAoB,GAAI,CAAA,CAAA,CAAA,KAAK,CAAE,CAAA,QAAQ,IACvC,EAAC;AACP,UAAO,OAAA;AAAA,YACL,GAAG,IAAA;AAAA,YACH,0BAA0B,KAAM,CAAA,OAAA,CAAQ,mBAAmB,CAAA,GACvD,oBAAoB,MACpB,GAAA,CAAA;AAAA,YACJ;AAAA,WACF;AAAA,iBACO,KAAO,EAAA;AACd,UAAA,qBAAA;AAAA,YACE,CAAA,mCAAA,EACE,yBAA0B,CAAA,MAAA,GAAS,CAAI,GAAA,OAAA,GAAU,MACnD,CAAI,CAAA,EAAA,yBAAA,CAA0B,IAAK,CAAA,IAAI,CAAC,CAAA,yBAAA;AAAA,WAC1C;AACA,UAAO,OAAA;AAAA,YACL,GAAG,IAAA;AAAA,YACH,wBAA0B,EAAA,CAAA;AAAA,YAC1B,mBAAmB;AAAC,WACtB;AAAA;AACF,OACD,CAAA;AAED,MAAA,MAAM,YAAe,GAAA,MAAM,OAAQ,CAAA,GAAA,CAAI,iBAAiB,CAAA;AACxD,MAAA,WAAA,CAAY,YAAY,CAAA;AAAA,KAC1B;AAEA,IAA2B,0BAAA,EAAA;AAAA,GAC1B,EAAA,CAAC,KAAO,EAAA,OAAO,CAAC,CAAA;AAEnB,EAAA,MAAM,OAAoBA,cAAM,CAAA,OAAA;AAAA,IAC9B,MACE,MAAM,OAAQ,CAAA,QAAQ,KAAK,QAAU,EAAA,MAAA,GAAS,IAC1C,QAAS,CAAA,MAAA;AAAA,MACP,CAAC,KAAkB,IAA2C,KAAA;AAC5D,QAAA,MAAM,WAAc,GAAA,cAAA;AAAA,UAClB,IAAK,CAAA,IAAA;AAAA,UACL;AAAA,SACF;AAEA,QAAA,IAAI,SAAS,IAAK,CAAA,iBAAA;AAClB,QAAA,IACE,CAAC,yBACD,IAAA,CAAC,uBACA,IAAA,kBAAA,EAAmD,SAAS,CAC7D,EAAA;AACA,UAAA,MAAM,GAAM,GAAA,mBAAA;AAAA,YACV,IAAK,CAAA,IAAA;AAAA,YACL;AAAA,WACA,CAAA,GAAA;AAAA,YACA,QACG,kBAAkD,CAAA,IAAA;AAAA,cACjD,CAAA,EAAA,KACE,GAAG,QAAU,EAAA,IAAA,CAAK,SAAO,EAAG,CAAA,UAAA,KAAe,IAAI,IAAI;AAAA,aACpD,EAAA;AAAA,WACP;AACA,UAAS,MAAA,GAAA,CAAC,GAAG,MAAA,EAAQ,GAAG,GAAG,EAAE,MAAO,CAAA,CAAA,GAAA,KAAO,CAAC,CAAC,GAAG,CAAA;AAAA;AAElD,QAAA,MAAM,iBAAoB,GAAA,MAAA,CACvB,MAAO,CAAA,CAAC,GAAK,EAAA,KAAA,EAAO,OAAY,KAAA,OAAA,CAAQ,OAAQ,CAAA,GAAG,CAAM,KAAA,KAAK,EAC9D,IAAK,EAAA;AAER,QAAO,OAAA;AAAA,UACL,GAAG,GAAA;AAAA,UACH;AAAA,YACE,IAAI,IAAK,CAAA,IAAA;AAAA,YACT,MAAM,IAAK,CAAA,IAAA;AAAA,YACX,WAAA,EAAa,IAAK,CAAA,QAAA,EAAU,WAAe,IAAA,GAAA;AAAA,YAC3C,SAAS,IAAK,CAAA,gBAAA;AAAA,YACd,WAAA,EAAa,KAAK,wBAA2B,GAAA,WAAA;AAAA,YAC7C,UAAY,EAAA,GAAA;AAAA,YACZ,YAAc,EAAA,GAAA;AAAA,YACd,wBAA0B,EAAA;AAAA,cACxB,MAAQ,EAAA,sBAAA;AAAA,cACR,IAAM,EAAA;AAAA,gBACJ,OAAA,EACE,qBAAqB,OAAW,IAAA,qBAAA;AAAA,gBAClC,SAAS,oBAAqB,CAAA;AAAA;AAChC,aACF;AAAA,YACA;AAAA;AACF,SACF;AAAA,OACF;AAAA,MACA;AAAC,QAEH,EAAC;AAAA,IACP;AAAA,MACE,QAAA;AAAA,MACA,QAAA;AAAA,MACA,yBAAA;AAAA,MACA,uBAAA;AAAA,MACA,kBAAA;AAAA,MACA,sBAAA;AAAA,MACA,oBAAqB,CAAA,OAAA;AAAA,MACrB,oBAAqB,CAAA,OAAA;AAAA,MACrB;AAAA;AACF,GACF;AACA,EAAA,MAAM,UAAU,CAAC,UAAA,IAAc,CAAC,aAAiB,IAAA,CAAC,SAAS,CAAC,QAAA;AAE5D,EAAA,WAAA;AAAA,IACE,MAAM;AACJ,MAAU,SAAA,EAAA;AACV,MAAc,aAAA,EAAA;AAAA,KAChB;AAAA,IACA,OAAA,GAAU,OAAuB;AAAA,GACnC;AAEA,EAAO,OAAA;AAAA,IACL,OAAA;AAAA,IACA,IAAA;AAAA,IACA,KAAO,EAAA;AAAA,MACL,YAAa,UAAY,EAAA,OAAA,KACtB,OAAO,KAAU,KAAA,QAAA,GACb,OAA2B,UAC5B,GAAA,EAAA,CAAA;AAAA,MACN,eAAgB,aAAe,EAAA,OAAA,KAC5B,OAAO,QAAa,KAAA,QAAA,GAChB,UAA8B,UAC/B,GAAA,EAAA,CAAA;AAAA,MACN;AAAA,KACF;AAAA,IACA,iBAAA;AAAA,IACA,iBAAA;AAAA,IACA,KAAA,EAAO,EAAE,SAAA,EAAW,aAAc;AAAA,GACpC;AACF;;;;"}
package/dist/utils/create-role-utils.esm.js CHANGED
@@ -22,12 +22,16 @@ const getRoleData = (values) => {
22
22
  const validationSchema = yup.object({
23
23
  name: yup.string().required("Name is required"),
24
24
  selectedMembers: yup.array().min(1, "No member selected"),
25
+ selectedPlugins: yup.array().min(1, "No plugin selected"),
25
26
  permissionPoliciesRows: yup.array().of(
26
27
  yup.object().shape({
27
28
  plugin: yup.string().required("Plugin is required"),
28
- permission: yup.string().required("Permission is required")
29
+ permission: yup.string().required("Permission is required"),
30
+ policies: yup.array().min(1).of(
31
+ yup.object().shape({ policy: yup.string(), effect: yup.string() }).test((p) => p.effect === "allow")
32
+ )
29
33
  })
30
- )
34
+ ).min(1)
31
35
  });
32
36
  const getMembersCount = (member) => {
33
37
  return member.kind === "Group" ? member.relations?.reduce((acc, relation) => {
@@ -59,19 +63,20 @@ const getChildGroupsCount = (member) => {
59
63
  const getPermissionPolicies = (policies) => {
60
64
  return policies.reduce(
61
65
  (ppsAcc, policy) => {
62
- const permission = isResourcedPolicy(policy) ? policy.resourceType : policy.name;
66
+ const permission = policy.name;
63
67
  return {
64
68
  ...ppsAcc,
65
69
  [permission]: policies.reduce(
66
70
  (policiesAcc, pol) => {
67
- const perm = isResourcedPolicy(pol) ? pol.resourceType : pol.name;
71
+ const perm = pol.name;
68
72
  if (permission === perm)
69
73
  return {
70
74
  policies: uniqBy(
71
75
  [...policiesAcc.policies, getTitleCase(pol.policy)],
72
76
  (val) => val
73
77
  ),
74
- isResourced: isResourcedPolicy(pol)
78
+ isResourced: isResourcedPolicy(pol),
79
+ resourceType: isResourcedPolicy(pol) ? pol.resourceType : ""
75
80
  };
76
81
  return policiesAcc;
77
82
  },
@@ -89,13 +94,13 @@ const getPluginsPermissionPoliciesData = (pluginsPermissionPolicies) => {
89
94
  const pluginsPermissions = pluginsPermissionPolicies.reduce(
90
95
  (acc, pp, index) => {
91
96
  const permissions = pp.policies.reduce((plcAcc, plc) => {
92
- const permission = isResourcedPolicy(plc) ? plc.resourceType : plc.name;
97
+ const permission = plc.name;
93
98
  return [...plcAcc, permission];
94
99
  }, []);
95
100
  return {
96
101
  ...acc,
97
102
  [plugins[index]]: {
98
- permissions: uniqBy(permissions ?? [], (val) => val),
103
+ permissions: permissions ?? [],
99
104
  policies: {
100
105
  ...pp.policies ? getPermissionPolicies(pp.policies) : {}
101
106
  }
@@ -137,7 +142,7 @@ const getConditionalPermissionPoliciesData = (values) => {
137
142
  const { kind, name, namespace, permissionPoliciesRows } = values;
138
143
  return permissionPoliciesRows.reduce(
139
144
  (acc, permissionPolicyRow) => {
140
- const { permission, policies, isResourced, plugin, conditions } = permissionPolicyRow;
145
+ const { policies, isResourced, plugin, conditions, resourceType } = permissionPolicyRow;
141
146
  const permissionMapping = policies.reduce((pAcc, policy) => {
142
147
  if (policy.effect === "allow") {
143
148
  return [...pAcc, policy.policy.toLocaleLowerCase("en-US")];
@@ -150,7 +155,7 @@ const getConditionalPermissionPoliciesData = (values) => {
150
155
  result: "CONDITIONAL",
151
156
  roleEntityRef: `${kind}:${namespace}/${name}`,
152
157
  pluginId: `${plugin}`,
153
- resourceType: `${permission}`,
158
+ resourceType: `${resourceType}`,
154
159
  permissionMapping,
155
160
  conditions: Object.keys(conditions)[0] === criterias.condition ? { ...conditions.condition } : conditions
156
161
  }
package/dist/utils/create-role-utils.esm.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"create-role-utils.esm.js","sources":["../../src/utils/create-role-utils.ts"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport { getTitleCase } from '@janus-idp/shared-react';\nimport * as yup from 'yup';\n\nimport {\n isResourcedPolicy,\n PluginPermissionMetaData,\n PolicyDetails,\n ResourcedPolicy,\n Role,\n RoleBasedPolicy,\n} from '@backstage-community/plugin-rbac-common';\n\nimport { criterias } from '../components/ConditionalAccess/const';\nimport { ConditionsData } from '../components/ConditionalAccess/types';\nimport {\n PermissionPolicies,\n PluginsPermissionPoliciesData,\n PluginsPermissions,\n RoleFormValues,\n SelectedMember,\n} from '../components/CreateRole/types';\nimport {\n MemberEntity,\n PermissionsData,\n RoleBasedConditions,\n UpdatedConditionsData,\n} from '../types';\n\nexport const uniqBy = (arr: string[], iteratee: (arg: string) => any) => {\n return arr.filter(\n (x, i, self) => i === self.findIndex(y => iteratee(x) === iteratee(y)),\n );\n};\n\nexport const getRoleData = (values: RoleFormValues): Role => {\n return {\n memberReferences: values.selectedMembers.map(\n (mem: SelectedMember) => mem.ref,\n ),\n name: `${values.kind}:${values.namespace}/${values.name}`,\n metadata: {\n description: values.description,\n },\n };\n};\n\nexport const validationSchema = yup.object({\n name: yup.string().required('Name is required'),\n selectedMembers: yup.array().min(1, 'No member selected'),\n permissionPoliciesRows: yup.array().of(\n yup.object().shape({\n plugin: yup.string().required('Plugin is required'),\n permission: yup.string().required('Permission is required'),\n }),\n ),\n});\n\nexport const getMembersCount = (member: MemberEntity) => {\n return member.kind === 'Group'\n ? member.relations?.reduce((acc: any, relation: { type: string }) => {\n let temp = acc;\n if (relation.type === 'hasMember') {\n temp++;\n }\n return temp;\n }, 0)\n : undefined;\n};\n\nexport const getParentGroupsCount = (member: MemberEntity) => {\n return member.kind === 'Group'\n ? member.relations?.reduce((acc: any, relation: { type: string }) => {\n let temp = acc;\n if (relation.type === 'childOf') {\n temp++;\n }\n return temp;\n }, 0)\n : undefined;\n};\n\nexport const getChildGroupsCount = (member: MemberEntity) => {\n return member.kind === 'Group'\n ? member.relations?.reduce((acc: any, relation: { type: string }) => {\n let temp = acc;\n if (relation.type === 'parentOf') {\n temp++;\n }\n return temp;\n }, 0)\n : undefined;\n};\n\nexport const getPermissionPolicies = (\n policies: PolicyDetails[],\n): PermissionPolicies => {\n return policies.reduce(\n (ppsAcc: PermissionPolicies, policy: PolicyDetails) => {\n const permission = isResourcedPolicy(policy)\n ? (policy as ResourcedPolicy).resourceType\n : policy.name;\n return {\n ...ppsAcc,\n [permission]: policies.reduce(\n (policiesAcc: { policies: string[]; isResourced: boolean }, pol) => {\n const perm = isResourcedPolicy(pol)\n ? (pol as ResourcedPolicy).resourceType\n : pol.name;\n if (permission === perm)\n return {\n policies: uniqBy(\n [...policiesAcc.policies, getTitleCase(pol.policy as string)],\n val => val,\n ),\n isResourced: isResourcedPolicy(pol),\n };\n return policiesAcc;\n },\n { policies: [], isResourced: false },\n ),\n };\n },\n {},\n );\n};\n\nexport const getPluginsPermissionPoliciesData = (\n pluginsPermissionPolicies: PluginPermissionMetaData[],\n): PluginsPermissionPoliciesData => {\n const plugins: string[] = pluginsPermissionPolicies.map(\n pluginPp => pluginPp.pluginId,\n );\n const pluginsPermissions = pluginsPermissionPolicies.reduce(\n (acc: PluginsPermissions, pp, index) => {\n const permissions = pp.policies.reduce((plcAcc: string[], plc) => {\n const permission = isResourcedPolicy(plc)\n ? (plc as ResourcedPolicy).resourceType\n : plc.name;\n return [...plcAcc, permission];\n }, []);\n return {\n ...acc,\n [plugins[index]]: {\n permissions: uniqBy(permissions ?? [], val => val),\n policies: {\n ...(pp.policies ? getPermissionPolicies(pp.policies) : {}),\n },\n },\n };\n },\n {},\n );\n return { plugins, pluginsPermissions };\n};\n\nexport const getPermissionPoliciesData = (\n values: RoleFormValues,\n): RoleBasedPolicy[] => {\n const { kind, name, namespace, permissionPoliciesRows } = values;\n\n return permissionPoliciesRows.reduce(\n (acc: RoleBasedPolicy[], permissionPolicyRow) => {\n const { permission, policies, conditions } = permissionPolicyRow;\n const permissionPoliciesData = policies.reduce(\n (pAcc: RoleBasedPolicy[], policy) => {\n if (policy.effect === 'allow' && !conditions) {\n return [\n ...pAcc,\n {\n entityReference: `${kind}:${namespace}/${name}`,\n permission: `${permission}`,\n policy: policy.policy.toLocaleLowerCase('en-US'),\n effect: 'allow',\n },\n ];\n }\n return pAcc;\n },\n [],\n );\n return [...acc, ...permissionPoliciesData];\n },\n [],\n );\n};\n\nexport const getConditionalPermissionPoliciesData = (\n values: RoleFormValues,\n) => {\n const { kind, name, namespace, permissionPoliciesRows } = values;\n\n return permissionPoliciesRows.reduce(\n (acc: RoleBasedConditions[], permissionPolicyRow: PermissionsData) => {\n const { permission, policies, isResourced, plugin, conditions } =\n permissionPolicyRow;\n const permissionMapping = policies.reduce((pAcc: string[], policy) => {\n if (policy.effect === 'allow') {\n return [...pAcc, policy.policy.toLocaleLowerCase('en-US')];\n }\n return pAcc;\n }, []);\n return isResourced && conditions\n ? [\n ...acc,\n {\n result: 'CONDITIONAL',\n roleEntityRef: `${kind}:${namespace}/${name}`,\n pluginId: `${plugin}`,\n resourceType: `${permission}`,\n permissionMapping,\n conditions:\n Object.keys(conditions)[0] === criterias.condition\n ? { ...conditions.condition }\n : conditions,\n } as RoleBasedConditions,\n ]\n : acc;\n },\n [] as RoleBasedConditions[],\n );\n};\n\nexport const getUpdatedConditionalPolicies = (\n values: RoleFormValues,\n initialValues: RoleFormValues,\n): UpdatedConditionsData => {\n const initialConditionsWithId = initialValues.permissionPoliciesRows.filter(\n ppr => ppr.id,\n );\n\n const conditionsWithId = values.permissionPoliciesRows.filter(ppr => ppr.id);\n\n return conditionsWithId.length > 0\n ? conditionsWithId.reduce(\n (\n acc: { id: number; updateCondition: RoleBasedConditions }[],\n condition: PermissionsData,\n ) => {\n const conditionExists = initialConditionsWithId.find(\n c => c.id === condition.id,\n );\n\n if (conditionExists && condition.id)\n return [\n ...acc,\n {\n id: condition.id,\n updateCondition: getConditionalPermissionPoliciesData({\n ...values,\n permissionPoliciesRows: [condition],\n })[0],\n },\n ];\n return acc;\n },\n [],\n )\n : [];\n};\n\nexport const getNewConditionalPolicies = (values: RoleFormValues) => {\n const newValues = { ...values };\n const newPermissionPolicies = values.permissionPoliciesRows.filter(\n ppr => !ppr.id,\n );\n newValues.permissionPoliciesRows = newPermissionPolicies;\n return getConditionalPermissionPoliciesData(newValues);\n};\n\nexport const getRemovedConditionalPoliciesIds = (\n values: RoleFormValues,\n initialValues: RoleFormValues,\n) => {\n const initialConditionsIds = initialValues.permissionPoliciesRows\n .map(ppr => ppr.id)\n .filter(id => id);\n\n const newConditionsIds = values.permissionPoliciesRows\n .map(ppr => ppr.id)\n .filter(id => id);\n\n return initialConditionsIds.length > 0\n ? initialConditionsIds.reduce((acc: number[], oldId) => {\n const conditionExists = newConditionsIds.includes(oldId);\n if (conditionExists) return acc;\n return oldId ? [...acc, oldId] : acc;\n }, [])\n : [];\n};\n\nexport const getPermissionsNumber = (values: RoleFormValues) => {\n return (\n getPermissionPoliciesData(values).length +\n getConditionalPermissionPoliciesData(values).length\n );\n};\n\nexport const getConditionsNumber = (values: RoleFormValues) => {\n return getConditionalPermissionPoliciesData(values)?.length ?? 0;\n};\n\nexport const getRulesNumber = (conditions?: ConditionsData) => {\n if (!conditions) return 0;\n let rulesNumber = 0;\n\n if (conditions.allOf) {\n rulesNumber += conditions.allOf.reduce((acc, condition) => {\n return acc + getRulesNumber(condition as ConditionsData);\n }, 0);\n }\n\n if (conditions.anyOf) {\n rulesNumber += conditions.anyOf.reduce((acc, condition) => {\n return acc + getRulesNumber(condition as ConditionsData);\n }, 0);\n }\n\n if (conditions.not) {\n rulesNumber += getRulesNumber(conditions.not as ConditionsData);\n }\n\n if (conditions.condition || Object.keys(conditions).includes('rule')) {\n rulesNumber += 1;\n }\n\n return rulesNumber;\n};\n"],"names":[],"mappings":";;;;;AA2Ca,MAAA,MAAA,GAAS,CAAC,GAAA,EAAe,QAAmC,KAAA;AACvE,EAAA,OAAO,GAAI,CAAA,MAAA;AAAA,IACT,CAAC,CAAA,EAAG,CAAG,EAAA,IAAA,KAAS,CAAM,KAAA,IAAA,CAAK,SAAU,CAAA,CAAA,CAAA,KAAK,QAAS,CAAA,CAAC,CAAM,KAAA,QAAA,CAAS,CAAC,CAAC;AAAA,GACvE;AACF;AAEa,MAAA,WAAA,GAAc,CAAC,MAAiC,KAAA;AAC3D,EAAO,OAAA;AAAA,IACL,gBAAA,EAAkB,OAAO,eAAgB,CAAA,GAAA;AAAA,MACvC,CAAC,QAAwB,GAAI,CAAA;AAAA,KAC/B;AAAA,IACA,IAAA,EAAM,GAAG,MAAO,CAAA,IAAI,IAAI,MAAO,CAAA,SAAS,CAAI,CAAA,EAAA,MAAA,CAAO,IAAI,CAAA,CAAA;AAAA,IACvD,QAAU,EAAA;AAAA,MACR,aAAa,MAAO,CAAA;AAAA;AACtB,GACF;AACF;AAEa,MAAA,gBAAA,GAAmB,IAAI,MAAO,CAAA;AAAA,EACzC,IAAM,EAAA,GAAA,CAAI,MAAO,EAAA,CAAE,SAAS,kBAAkB,CAAA;AAAA,EAC9C,iBAAiB,GAAI,CAAA,KAAA,EAAQ,CAAA,GAAA,CAAI,GAAG,oBAAoB,CAAA;AAAA,EACxD,sBAAA,EAAwB,GAAI,CAAA,KAAA,EAAQ,CAAA,EAAA;AAAA,IAClC,GAAA,CAAI,MAAO,EAAA,CAAE,KAAM,CAAA;AAAA,MACjB,MAAQ,EAAA,GAAA,CAAI,MAAO,EAAA,CAAE,SAAS,oBAAoB,CAAA;AAAA,MAClD,UAAY,EAAA,GAAA,CAAI,MAAO,EAAA,CAAE,SAAS,wBAAwB;AAAA,KAC3D;AAAA;AAEL,CAAC;AAEY,MAAA,eAAA,GAAkB,CAAC,MAAyB,KAAA;AACvD,EAAO,OAAA,MAAA,CAAO,SAAS,OACnB,GAAA,MAAA,CAAO,WAAW,MAAO,CAAA,CAAC,KAAU,QAA+B,KAAA;AACjE,IAAA,IAAI,IAAO,GAAA,GAAA;AACX,IAAI,IAAA,QAAA,CAAS,SAAS,WAAa,EAAA;AACjC,MAAA,IAAA,EAAA;AAAA;AAEF,IAAO,OAAA,IAAA;AAAA,GACT,EAAG,CAAC,CACJ,GAAA,SAAA;AACN;AAEa,MAAA,oBAAA,GAAuB,CAAC,MAAyB,KAAA;AAC5D,EAAO,OAAA,MAAA,CAAO,SAAS,OACnB,GAAA,MAAA,CAAO,WAAW,MAAO,CAAA,CAAC,KAAU,QAA+B,KAAA;AACjE,IAAA,IAAI,IAAO,GAAA,GAAA;AACX,IAAI,IAAA,QAAA,CAAS,SAAS,SAAW,EAAA;AAC/B,MAAA,IAAA,EAAA;AAAA;AAEF,IAAO,OAAA,IAAA;AAAA,GACT,EAAG,CAAC,CACJ,GAAA,SAAA;AACN;AAEa,MAAA,mBAAA,GAAsB,CAAC,MAAyB,KAAA;AAC3D,EAAO,OAAA,MAAA,CAAO,SAAS,OACnB,GAAA,MAAA,CAAO,WAAW,MAAO,CAAA,CAAC,KAAU,QAA+B,KAAA;AACjE,IAAA,IAAI,IAAO,GAAA,GAAA;AACX,IAAI,IAAA,QAAA,CAAS,SAAS,UAAY,EAAA;AAChC,MAAA,IAAA,EAAA;AAAA;AAEF,IAAO,OAAA,IAAA;AAAA,GACT,EAAG,CAAC,CACJ,GAAA,SAAA;AACN;AAEa,MAAA,qBAAA,GAAwB,CACnC,QACuB,KAAA;AACvB,EAAA,OAAO,QAAS,CAAA,MAAA;AAAA,IACd,CAAC,QAA4B,MAA0B,KAAA;AACrD,MAAA,MAAM,aAAa,iBAAkB,CAAA,MAAM,CACtC,GAAA,MAAA,CAA2B,eAC5B,MAAO,CAAA,IAAA;AACX,MAAO,OAAA;AAAA,QACL,GAAG,MAAA;AAAA,QACH,CAAC,UAAU,GAAG,QAAS,CAAA,MAAA;AAAA,UACrB,CAAC,aAA2D,GAAQ,KAAA;AAClE,YAAA,MAAM,OAAO,iBAAkB,CAAA,GAAG,CAC7B,GAAA,GAAA,CAAwB,eACzB,GAAI,CAAA,IAAA;AACR,YAAA,IAAI,UAAe,KAAA,IAAA;AACjB,cAAO,OAAA;AAAA,gBACL,QAAU,EAAA,MAAA;AAAA,kBACR,CAAC,GAAG,WAAA,CAAY,UAAU,YAAa,CAAA,GAAA,CAAI,MAAgB,CAAC,CAAA;AAAA,kBAC5D,CAAO,GAAA,KAAA;AAAA,iBACT;AAAA,gBACA,WAAA,EAAa,kBAAkB,GAAG;AAAA,eACpC;AACF,YAAO,OAAA,WAAA;AAAA,WACT;AAAA,UACA,EAAE,QAAA,EAAU,EAAC,EAAG,aAAa,KAAM;AAAA;AACrC,OACF;AAAA,KACF;AAAA,IACA;AAAC,GACH;AACF;AAEa,MAAA,gCAAA,GAAmC,CAC9C,yBACkC,KAAA;AAClC,EAAA,MAAM,UAAoB,yBAA0B,CAAA,GAAA;AAAA,IAClD,cAAY,QAAS,CAAA;AAAA,GACvB;AACA,EAAA,MAAM,qBAAqB,yBAA0B,CAAA,MAAA;AAAA,IACnD,CAAC,GAAyB,EAAA,EAAA,EAAI,KAAU,KAAA;AACtC,MAAA,MAAM,cAAc,EAAG,CAAA,QAAA,CAAS,MAAO,CAAA,CAAC,QAAkB,GAAQ,KAAA;AAChE,QAAA,MAAM,aAAa,iBAAkB,CAAA,GAAG,CACnC,GAAA,GAAA,CAAwB,eACzB,GAAI,CAAA,IAAA;AACR,QAAO,OAAA,CAAC,GAAG,MAAA,EAAQ,UAAU,CAAA;AAAA,OAC/B,EAAG,EAAE,CAAA;AACL,MAAO,OAAA;AAAA,QACL,GAAG,GAAA;AAAA,QACH,CAAC,OAAA,CAAQ,KAAK,CAAC,GAAG;AAAA,UAChB,aAAa,MAAO,CAAA,WAAA,IAAe,EAAC,EAAG,SAAO,GAAG,CAAA;AAAA,UACjD,QAAU,EAAA;AAAA,YACR,GAAI,EAAG,CAAA,QAAA,GAAW,sBAAsB,EAAG,CAAA,QAAQ,IAAI;AAAC;AAC1D;AACF,OACF;AAAA,KACF;AAAA,IACA;AAAC,GACH;AACA,EAAO,OAAA,EAAE,SAAS,kBAAmB,EAAA;AACvC;AAEa,MAAA,yBAAA,GAA4B,CACvC,MACsB,KAAA;AACtB,EAAA,MAAM,EAAE,IAAA,EAAM,IAAM,EAAA,SAAA,EAAW,wBAA2B,GAAA,MAAA;AAE1D,EAAA,OAAO,sBAAuB,CAAA,MAAA;AAAA,IAC5B,CAAC,KAAwB,mBAAwB,KAAA;AAC/C,MAAA,MAAM,EAAE,UAAA,EAAY,QAAU,EAAA,UAAA,EAAe,GAAA,mBAAA;AAC7C,MAAA,MAAM,yBAAyB,QAAS,CAAA,MAAA;AAAA,QACtC,CAAC,MAAyB,MAAW,KAAA;AACnC,UAAA,IAAI,MAAO,CAAA,MAAA,KAAW,OAAW,IAAA,CAAC,UAAY,EAAA;AAC5C,YAAO,OAAA;AAAA,cACL,GAAG,IAAA;AAAA,cACH;AAAA,gBACE,iBAAiB,CAAG,EAAA,IAAI,CAAI,CAAA,EAAA,SAAS,IAAI,IAAI,CAAA,CAAA;AAAA,gBAC7C,UAAA,EAAY,GAAG,UAAU,CAAA,CAAA;AAAA,gBACzB,MAAQ,EAAA,MAAA,CAAO,MAAO,CAAA,iBAAA,CAAkB,OAAO,CAAA;AAAA,gBAC/C,MAAQ,EAAA;AAAA;AACV,aACF;AAAA;AAEF,UAAO,OAAA,IAAA;AAAA,SACT;AAAA,QACA;AAAC,OACH;AACA,MAAA,OAAO,CAAC,GAAG,GAAK,EAAA,GAAG,sBAAsB,CAAA;AAAA,KAC3C;AAAA,IACA;AAAC,GACH;AACF;AAEa,MAAA,oCAAA,GAAuC,CAClD,MACG,KAAA;AACH,EAAA,MAAM,EAAE,IAAA,EAAM,IAAM,EAAA,SAAA,EAAW,wBAA2B,GAAA,MAAA;AAE1D,EAAA,OAAO,sBAAuB,CAAA,MAAA;AAAA,IAC5B,CAAC,KAA4B,mBAAyC,KAAA;AACpE,MAAA,MAAM,EAAE,UAAY,EAAA,QAAA,EAAU,WAAa,EAAA,MAAA,EAAQ,YACjD,GAAA,mBAAA;AACF,MAAA,MAAM,iBAAoB,GAAA,QAAA,CAAS,MAAO,CAAA,CAAC,MAAgB,MAAW,KAAA;AACpE,QAAI,IAAA,MAAA,CAAO,WAAW,OAAS,EAAA;AAC7B,UAAA,OAAO,CAAC,GAAG,IAAA,EAAM,OAAO,MAAO,CAAA,iBAAA,CAAkB,OAAO,CAAC,CAAA;AAAA;AAE3D,QAAO,OAAA,IAAA;AAAA,OACT,EAAG,EAAE,CAAA;AACL,MAAA,OAAO,eAAe,UAClB,GAAA;AAAA,QACE,GAAG,GAAA;AAAA,QACH;AAAA,UACE,MAAQ,EAAA,aAAA;AAAA,UACR,eAAe,CAAG,EAAA,IAAI,CAAI,CAAA,EAAA,SAAS,IAAI,IAAI,CAAA,CAAA;AAAA,UAC3C,QAAA,EAAU,GAAG,MAAM,CAAA,CAAA;AAAA,UACnB,YAAA,EAAc,GAAG,UAAU,CAAA,CAAA;AAAA,UAC3B,iBAAA;AAAA,UACA,UACE,EAAA,MAAA,CAAO,IAAK,CAAA,UAAU,CAAE,CAAA,CAAC,CAAM,KAAA,SAAA,CAAU,SACrC,GAAA,EAAE,GAAG,UAAA,CAAW,WAChB,GAAA;AAAA;AACR,OAEF,GAAA,GAAA;AAAA,KACN;AAAA,IACA;AAAC,GACH;AACF;AAEa,MAAA,6BAAA,GAAgC,CAC3C,MAAA,EACA,aAC0B,KAAA;AAC1B,EAAM,MAAA,uBAAA,GAA0B,cAAc,sBAAuB,CAAA,MAAA;AAAA,IACnE,SAAO,GAAI,CAAA;AAAA,GACb;AAEA,EAAA,MAAM,mBAAmB,MAAO,CAAA,sBAAA,CAAuB,MAAO,CAAA,CAAA,GAAA,KAAO,IAAI,EAAE,CAAA;AAE3E,EAAO,OAAA,gBAAA,CAAiB,MAAS,GAAA,CAAA,GAC7B,gBAAiB,CAAA,MAAA;AAAA,IACf,CACE,KACA,SACG,KAAA;AACH,MAAA,MAAM,kBAAkB,uBAAwB,CAAA,IAAA;AAAA,QAC9C,CAAA,CAAA,KAAK,CAAE,CAAA,EAAA,KAAO,SAAU,CAAA;AAAA,OAC1B;AAEA,MAAA,IAAI,mBAAmB,SAAU,CAAA,EAAA;AAC/B,QAAO,OAAA;AAAA,UACL,GAAG,GAAA;AAAA,UACH;AAAA,YACE,IAAI,SAAU,CAAA,EAAA;AAAA,YACd,iBAAiB,oCAAqC,CAAA;AAAA,cACpD,GAAG,MAAA;AAAA,cACH,sBAAA,EAAwB,CAAC,SAAS;AAAA,aACnC,EAAE,CAAC;AAAA;AACN,SACF;AACF,MAAO,OAAA,GAAA;AAAA,KACT;AAAA,IACA;AAAC,MAEH,EAAC;AACP;AAEa,MAAA,yBAAA,GAA4B,CAAC,MAA2B,KAAA;AACnE,EAAM,MAAA,SAAA,GAAY,EAAE,GAAG,MAAO,EAAA;AAC9B,EAAM,MAAA,qBAAA,GAAwB,OAAO,sBAAuB,CAAA,MAAA;AAAA,IAC1D,CAAA,GAAA,KAAO,CAAC,GAAI,CAAA;AAAA,GACd;AACA,EAAA,SAAA,CAAU,sBAAyB,GAAA,qBAAA;AACnC,EAAA,OAAO,qCAAqC,SAAS,CAAA;AACvD;AAEa,MAAA,gCAAA,GAAmC,CAC9C,MAAA,EACA,aACG,KAAA;AACH,EAAM,MAAA,oBAAA,GAAuB,aAAc,CAAA,sBAAA,CACxC,GAAI,CAAA,CAAA,GAAA,KAAO,IAAI,EAAE,CAAA,CACjB,MAAO,CAAA,CAAA,EAAA,KAAM,EAAE,CAAA;AAElB,EAAM,MAAA,gBAAA,GAAmB,MAAO,CAAA,sBAAA,CAC7B,GAAI,CAAA,CAAA,GAAA,KAAO,IAAI,EAAE,CAAA,CACjB,MAAO,CAAA,CAAA,EAAA,KAAM,EAAE,CAAA;AAElB,EAAA,OAAO,qBAAqB,MAAS,GAAA,CAAA,GACjC,qBAAqB,MAAO,CAAA,CAAC,KAAe,KAAU,KAAA;AACpD,IAAM,MAAA,eAAA,GAAkB,gBAAiB,CAAA,QAAA,CAAS,KAAK,CAAA;AACvD,IAAA,IAAI,iBAAwB,OAAA,GAAA;AAC5B,IAAA,OAAO,KAAQ,GAAA,CAAC,GAAG,GAAA,EAAK,KAAK,CAAI,GAAA,GAAA;AAAA,GAChC,EAAA,EAAE,CAAA,GACL,EAAC;AACP;AAEa,MAAA,oBAAA,GAAuB,CAAC,MAA2B,KAAA;AAC9D,EAAA,OACE,0BAA0B,MAAM,CAAA,CAAE,MAClC,GAAA,oCAAA,CAAqC,MAAM,CAAE,CAAA,MAAA;AAEjD;AAMa,MAAA,cAAA,GAAiB,CAAC,UAAgC,KAAA;AAC7D,EAAI,IAAA,CAAC,YAAmB,OAAA,CAAA;AACxB,EAAA,IAAI,WAAc,GAAA,CAAA;AAElB,EAAA,IAAI,WAAW,KAAO,EAAA;AACpB,IAAA,WAAA,IAAe,UAAW,CAAA,KAAA,CAAM,MAAO,CAAA,CAAC,KAAK,SAAc,KAAA;AACzD,MAAO,OAAA,GAAA,GAAM,eAAe,SAA2B,CAAA;AAAA,OACtD,CAAC,CAAA;AAAA;AAGN,EAAA,IAAI,WAAW,KAAO,EAAA;AACpB,IAAA,WAAA,IAAe,UAAW,CAAA,KAAA,CAAM,MAAO,CAAA,CAAC,KAAK,SAAc,KAAA;AACzD,MAAO,OAAA,GAAA,GAAM,eAAe,SAA2B,CAAA;AAAA,OACtD,CAAC,CAAA;AAAA;AAGN,EAAA,IAAI,WAAW,GAAK,EAAA;AAClB,IAAe,WAAA,IAAA,cAAA,CAAe,WAAW,GAAqB,CAAA;AAAA;AAGhE,EAAI,IAAA,UAAA,CAAW,aAAa,MAAO,CAAA,IAAA,CAAK,UAAU,CAAE,CAAA,QAAA,CAAS,MAAM,CAAG,EAAA;AACpE,IAAe,WAAA,IAAA,CAAA;AAAA;AAGjB,EAAO,OAAA,WAAA;AACT;;;;"}
1
+ {"version":3,"file":"create-role-utils.esm.js","sources":["../../src/utils/create-role-utils.ts"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport { getTitleCase } from '@janus-idp/shared-react';\nimport * as yup from 'yup';\n\nimport {\n isResourcedPolicy,\n PluginPermissionMetaData,\n PolicyDetails,\n Role,\n RoleBasedPolicy,\n} from '@backstage-community/plugin-rbac-common';\n\nimport { criterias } from '../components/ConditionalAccess/const';\nimport { ConditionsData } from '../components/ConditionalAccess/types';\nimport {\n PermissionPolicies,\n PluginsPermissionPoliciesData,\n PluginsPermissions,\n RoleFormValues,\n SelectedMember,\n} from '../components/CreateRole/types';\nimport {\n MemberEntity,\n PermissionsData,\n RoleBasedConditions,\n UpdatedConditionsData,\n} from '../types';\n\nexport const uniqBy = (arr: string[], iteratee: (arg: string) => any) => {\n return arr.filter(\n (x, i, self) => i === self.findIndex(y => iteratee(x) === iteratee(y)),\n );\n};\n\nexport const getRoleData = (values: RoleFormValues): Role => {\n return {\n memberReferences: values.selectedMembers.map(\n (mem: SelectedMember) => mem.ref,\n ),\n name: `${values.kind}:${values.namespace}/${values.name}`,\n metadata: {\n description: values.description,\n },\n };\n};\n\nexport const validationSchema = yup.object({\n name: yup.string().required('Name is required'),\n selectedMembers: yup.array().min(1, 'No member selected'),\n selectedPlugins: yup.array().min(1, 'No plugin selected'),\n permissionPoliciesRows: yup\n .array()\n .of(\n yup.object().shape({\n plugin: yup.string().required('Plugin is required'),\n permission: yup.string().required('Permission is required'),\n policies: yup\n .array()\n .min(1)\n .of(\n yup\n .object()\n .shape({ policy: yup.string(), effect: yup.string() })\n .test(p => p.effect === 'allow'),\n ),\n }),\n )\n .min(1),\n});\n\nexport const getMembersCount = (member: MemberEntity) => {\n return member.kind === 'Group'\n ? member.relations?.reduce((acc: any, relation: { type: string }) => {\n let temp = acc;\n if (relation.type === 'hasMember') {\n temp++;\n }\n return temp;\n }, 0)\n : undefined;\n};\n\nexport const getParentGroupsCount = (member: MemberEntity) => {\n return member.kind === 'Group'\n ? member.relations?.reduce((acc: any, relation: { type: string }) => {\n let temp = acc;\n if (relation.type === 'childOf') {\n temp++;\n }\n return temp;\n }, 0)\n : undefined;\n};\n\nexport const getChildGroupsCount = (member: MemberEntity) => {\n return member.kind === 'Group'\n ? member.relations?.reduce((acc: any, relation: { type: string }) => {\n let temp = acc;\n if (relation.type === 'parentOf') {\n temp++;\n }\n return temp;\n }, 0)\n : undefined;\n};\n\nexport const getPermissionPolicies = (\n policies: PolicyDetails[],\n): PermissionPolicies => {\n return policies.reduce(\n (ppsAcc: PermissionPolicies, policy: PolicyDetails) => {\n const permission = policy.name;\n return {\n ...ppsAcc,\n [permission]: policies.reduce(\n (policiesAcc: { policies: string[]; isResourced: boolean }, pol) => {\n const perm = pol.name;\n if (permission === perm)\n return {\n policies: uniqBy(\n [...policiesAcc.policies, getTitleCase(pol.policy as string)],\n val => val,\n ),\n isResourced: isResourcedPolicy(pol),\n resourceType: isResourcedPolicy(pol) ? pol.resourceType : '',\n };\n return policiesAcc;\n },\n { policies: [], isResourced: false },\n ),\n };\n },\n {},\n );\n};\n\nexport const getPluginsPermissionPoliciesData = (\n pluginsPermissionPolicies: PluginPermissionMetaData[],\n): PluginsPermissionPoliciesData => {\n const plugins: string[] = pluginsPermissionPolicies.map(\n pluginPp => pluginPp.pluginId,\n );\n const pluginsPermissions = pluginsPermissionPolicies.reduce(\n (acc: PluginsPermissions, pp, index) => {\n const permissions = pp.policies.reduce((plcAcc: string[], plc) => {\n const permission = plc.name;\n return [...plcAcc, permission];\n }, []);\n return {\n ...acc,\n [plugins[index]]: {\n permissions: permissions ?? [],\n policies: {\n ...(pp.policies ? getPermissionPolicies(pp.policies) : {}),\n },\n },\n };\n },\n {},\n );\n return { plugins, pluginsPermissions };\n};\n\nexport const getPermissionPoliciesData = (\n values: RoleFormValues,\n): RoleBasedPolicy[] => {\n const { kind, name, namespace, permissionPoliciesRows } = values;\n\n return permissionPoliciesRows.reduce(\n (acc: RoleBasedPolicy[], permissionPolicyRow) => {\n const { permission, policies, conditions } = permissionPolicyRow;\n const permissionPoliciesData = policies.reduce(\n (pAcc: RoleBasedPolicy[], policy) => {\n if (policy.effect === 'allow' && !conditions) {\n return [\n ...pAcc,\n {\n entityReference: `${kind}:${namespace}/${name}`,\n permission: `${permission}`,\n policy: policy.policy.toLocaleLowerCase('en-US'),\n effect: 'allow',\n },\n ];\n }\n return pAcc;\n },\n [],\n );\n return [...acc, ...permissionPoliciesData];\n },\n [],\n );\n};\n\nexport const getConditionalPermissionPoliciesData = (\n values: RoleFormValues,\n) => {\n const { kind, name, namespace, permissionPoliciesRows } = values;\n\n return permissionPoliciesRows.reduce(\n (acc: RoleBasedConditions[], permissionPolicyRow: PermissionsData) => {\n const { policies, isResourced, plugin, conditions, resourceType } =\n permissionPolicyRow;\n const permissionMapping = policies.reduce((pAcc: string[], policy) => {\n if (policy.effect === 'allow') {\n return [...pAcc, policy.policy.toLocaleLowerCase('en-US')];\n }\n return pAcc;\n }, []);\n return isResourced && conditions\n ? [\n ...acc,\n {\n result: 'CONDITIONAL',\n roleEntityRef: `${kind}:${namespace}/${name}`,\n pluginId: `${plugin}`,\n resourceType: `${resourceType}`,\n permissionMapping,\n conditions:\n Object.keys(conditions)[0] === criterias.condition\n ? { ...conditions.condition }\n : conditions,\n } as RoleBasedConditions,\n ]\n : acc;\n },\n [] as RoleBasedConditions[],\n );\n};\n\nexport const getUpdatedConditionalPolicies = (\n values: RoleFormValues,\n initialValues: RoleFormValues,\n): UpdatedConditionsData => {\n const initialConditionsWithId = initialValues.permissionPoliciesRows.filter(\n ppr => ppr.id,\n );\n\n const conditionsWithId = values.permissionPoliciesRows.filter(ppr => ppr.id);\n\n return conditionsWithId.length > 0\n ? conditionsWithId.reduce(\n (\n acc: { id: number; updateCondition: RoleBasedConditions }[],\n condition: PermissionsData,\n ) => {\n const conditionExists = initialConditionsWithId.find(\n c => c.id === condition.id,\n );\n\n if (conditionExists && condition.id)\n return [\n ...acc,\n {\n id: condition.id,\n updateCondition: getConditionalPermissionPoliciesData({\n ...values,\n permissionPoliciesRows: [condition],\n })[0],\n },\n ];\n return acc;\n },\n [],\n )\n : [];\n};\n\nexport const getNewConditionalPolicies = (values: RoleFormValues) => {\n const newValues = { ...values };\n const newPermissionPolicies = values.permissionPoliciesRows.filter(\n ppr => !ppr.id,\n );\n newValues.permissionPoliciesRows = newPermissionPolicies;\n return getConditionalPermissionPoliciesData(newValues);\n};\n\nexport const getRemovedConditionalPoliciesIds = (\n values: RoleFormValues,\n initialValues: RoleFormValues,\n) => {\n const initialConditionsIds = initialValues.permissionPoliciesRows\n .map(ppr => ppr.id)\n .filter(id => id);\n\n const newConditionsIds = values.permissionPoliciesRows\n .map(ppr => ppr.id)\n .filter(id => id);\n\n return initialConditionsIds.length > 0\n ? initialConditionsIds.reduce((acc: number[], oldId) => {\n const conditionExists = newConditionsIds.includes(oldId);\n if (conditionExists) return acc;\n return oldId ? [...acc, oldId] : acc;\n }, [])\n : [];\n};\n\nexport const getPermissionsNumber = (values: RoleFormValues) => {\n return (\n getPermissionPoliciesData(values).length +\n getConditionalPermissionPoliciesData(values).length\n );\n};\n\nexport const getConditionsNumber = (values: RoleFormValues) => {\n return getConditionalPermissionPoliciesData(values)?.length ?? 0;\n};\n\nexport const getRulesNumber = (conditions?: ConditionsData) => {\n if (!conditions) return 0;\n let rulesNumber = 0;\n\n if (conditions.allOf) {\n rulesNumber += conditions.allOf.reduce((acc, condition) => {\n return acc + getRulesNumber(condition as ConditionsData);\n }, 0);\n }\n\n if (conditions.anyOf) {\n rulesNumber += conditions.anyOf.reduce((acc, condition) => {\n return acc + getRulesNumber(condition as ConditionsData);\n }, 0);\n }\n\n if (conditions.not) {\n rulesNumber += getRulesNumber(conditions.not as ConditionsData);\n }\n\n if (conditions.condition || Object.keys(conditions).includes('rule')) {\n rulesNumber += 1;\n }\n\n return rulesNumber;\n};\n"],"names":[],"mappings":";;;;;AA0Ca,MAAA,MAAA,GAAS,CAAC,GAAA,EAAe,QAAmC,KAAA;AACvE,EAAA,OAAO,GAAI,CAAA,MAAA;AAAA,IACT,CAAC,CAAA,EAAG,CAAG,EAAA,IAAA,KAAS,CAAM,KAAA,IAAA,CAAK,SAAU,CAAA,CAAA,CAAA,KAAK,QAAS,CAAA,CAAC,CAAM,KAAA,QAAA,CAAS,CAAC,CAAC;AAAA,GACvE;AACF;AAEa,MAAA,WAAA,GAAc,CAAC,MAAiC,KAAA;AAC3D,EAAO,OAAA;AAAA,IACL,gBAAA,EAAkB,OAAO,eAAgB,CAAA,GAAA;AAAA,MACvC,CAAC,QAAwB,GAAI,CAAA;AAAA,KAC/B;AAAA,IACA,IAAA,EAAM,GAAG,MAAO,CAAA,IAAI,IAAI,MAAO,CAAA,SAAS,CAAI,CAAA,EAAA,MAAA,CAAO,IAAI,CAAA,CAAA;AAAA,IACvD,QAAU,EAAA;AAAA,MACR,aAAa,MAAO,CAAA;AAAA;AACtB,GACF;AACF;AAEa,MAAA,gBAAA,GAAmB,IAAI,MAAO,CAAA;AAAA,EACzC,IAAM,EAAA,GAAA,CAAI,MAAO,EAAA,CAAE,SAAS,kBAAkB,CAAA;AAAA,EAC9C,iBAAiB,GAAI,CAAA,KAAA,EAAQ,CAAA,GAAA,CAAI,GAAG,oBAAoB,CAAA;AAAA,EACxD,iBAAiB,GAAI,CAAA,KAAA,EAAQ,CAAA,GAAA,CAAI,GAAG,oBAAoB,CAAA;AAAA,EACxD,sBAAA,EAAwB,GACrB,CAAA,KAAA,EACA,CAAA,EAAA;AAAA,IACC,GAAA,CAAI,MAAO,EAAA,CAAE,KAAM,CAAA;AAAA,MACjB,MAAQ,EAAA,GAAA,CAAI,MAAO,EAAA,CAAE,SAAS,oBAAoB,CAAA;AAAA,MAClD,UAAY,EAAA,GAAA,CAAI,MAAO,EAAA,CAAE,SAAS,wBAAwB,CAAA;AAAA,MAC1D,UAAU,GACP,CAAA,KAAA,EACA,CAAA,GAAA,CAAI,CAAC,CACL,CAAA,EAAA;AAAA,QACC,IACG,MAAO,EAAA,CACP,MAAM,EAAE,MAAA,EAAQ,IAAI,MAAO,EAAA,EAAG,QAAQ,GAAI,CAAA,MAAA,IAAU,CAAA,CACpD,KAAK,CAAK,CAAA,KAAA,CAAA,CAAE,WAAW,OAAO;AAAA;AACnC,KACH;AAAA,GACH,CACC,IAAI,CAAC;AACV,CAAC;AAEY,MAAA,eAAA,GAAkB,CAAC,MAAyB,KAAA;AACvD,EAAO,OAAA,MAAA,CAAO,SAAS,OACnB,GAAA,MAAA,CAAO,WAAW,MAAO,CAAA,CAAC,KAAU,QAA+B,KAAA;AACjE,IAAA,IAAI,IAAO,GAAA,GAAA;AACX,IAAI,IAAA,QAAA,CAAS,SAAS,WAAa,EAAA;AACjC,MAAA,IAAA,EAAA;AAAA;AAEF,IAAO,OAAA,IAAA;AAAA,GACT,EAAG,CAAC,CACJ,GAAA,SAAA;AACN;AAEa,MAAA,oBAAA,GAAuB,CAAC,MAAyB,KAAA;AAC5D,EAAO,OAAA,MAAA,CAAO,SAAS,OACnB,GAAA,MAAA,CAAO,WAAW,MAAO,CAAA,CAAC,KAAU,QAA+B,KAAA;AACjE,IAAA,IAAI,IAAO,GAAA,GAAA;AACX,IAAI,IAAA,QAAA,CAAS,SAAS,SAAW,EAAA;AAC/B,MAAA,IAAA,EAAA;AAAA;AAEF,IAAO,OAAA,IAAA;AAAA,GACT,EAAG,CAAC,CACJ,GAAA,SAAA;AACN;AAEa,MAAA,mBAAA,GAAsB,CAAC,MAAyB,KAAA;AAC3D,EAAO,OAAA,MAAA,CAAO,SAAS,OACnB,GAAA,MAAA,CAAO,WAAW,MAAO,CAAA,CAAC,KAAU,QAA+B,KAAA;AACjE,IAAA,IAAI,IAAO,GAAA,GAAA;AACX,IAAI,IAAA,QAAA,CAAS,SAAS,UAAY,EAAA;AAChC,MAAA,IAAA,EAAA;AAAA;AAEF,IAAO,OAAA,IAAA;AAAA,GACT,EAAG,CAAC,CACJ,GAAA,SAAA;AACN;AAEa,MAAA,qBAAA,GAAwB,CACnC,QACuB,KAAA;AACvB,EAAA,OAAO,QAAS,CAAA,MAAA;AAAA,IACd,CAAC,QAA4B,MAA0B,KAAA;AACrD,MAAA,MAAM,aAAa,MAAO,CAAA,IAAA;AAC1B,MAAO,OAAA;AAAA,QACL,GAAG,MAAA;AAAA,QACH,CAAC,UAAU,GAAG,QAAS,CAAA,MAAA;AAAA,UACrB,CAAC,aAA2D,GAAQ,KAAA;AAClE,YAAA,MAAM,OAAO,GAAI,CAAA,IAAA;AACjB,YAAA,IAAI,UAAe,KAAA,IAAA;AACjB,cAAO,OAAA;AAAA,gBACL,QAAU,EAAA,MAAA;AAAA,kBACR,CAAC,GAAG,WAAA,CAAY,UAAU,YAAa,CAAA,GAAA,CAAI,MAAgB,CAAC,CAAA;AAAA,kBAC5D,CAAO,GAAA,KAAA;AAAA,iBACT;AAAA,gBACA,WAAA,EAAa,kBAAkB,GAAG,CAAA;AAAA,gBAClC,YAAc,EAAA,iBAAA,CAAkB,GAAG,CAAA,GAAI,IAAI,YAAe,GAAA;AAAA,eAC5D;AACF,YAAO,OAAA,WAAA;AAAA,WACT;AAAA,UACA,EAAE,QAAA,EAAU,EAAC,EAAG,aAAa,KAAM;AAAA;AACrC,OACF;AAAA,KACF;AAAA,IACA;AAAC,GACH;AACF;AAEa,MAAA,gCAAA,GAAmC,CAC9C,yBACkC,KAAA;AAClC,EAAA,MAAM,UAAoB,yBAA0B,CAAA,GAAA;AAAA,IAClD,cAAY,QAAS,CAAA;AAAA,GACvB;AACA,EAAA,MAAM,qBAAqB,yBAA0B,CAAA,MAAA;AAAA,IACnD,CAAC,GAAyB,EAAA,EAAA,EAAI,KAAU,KAAA;AACtC,MAAA,MAAM,cAAc,EAAG,CAAA,QAAA,CAAS,MAAO,CAAA,CAAC,QAAkB,GAAQ,KAAA;AAChE,QAAA,MAAM,aAAa,GAAI,CAAA,IAAA;AACvB,QAAO,OAAA,CAAC,GAAG,MAAA,EAAQ,UAAU,CAAA;AAAA,OAC/B,EAAG,EAAE,CAAA;AACL,MAAO,OAAA;AAAA,QACL,GAAG,GAAA;AAAA,QACH,CAAC,OAAA,CAAQ,KAAK,CAAC,GAAG;AAAA,UAChB,WAAA,EAAa,eAAe,EAAC;AAAA,UAC7B,QAAU,EAAA;AAAA,YACR,GAAI,EAAG,CAAA,QAAA,GAAW,sBAAsB,EAAG,CAAA,QAAQ,IAAI;AAAC;AAC1D;AACF,OACF;AAAA,KACF;AAAA,IACA;AAAC,GACH;AACA,EAAO,OAAA,EAAE,SAAS,kBAAmB,EAAA;AACvC;AAEa,MAAA,yBAAA,GAA4B,CACvC,MACsB,KAAA;AACtB,EAAA,MAAM,EAAE,IAAA,EAAM,IAAM,EAAA,SAAA,EAAW,wBAA2B,GAAA,MAAA;AAE1D,EAAA,OAAO,sBAAuB,CAAA,MAAA;AAAA,IAC5B,CAAC,KAAwB,mBAAwB,KAAA;AAC/C,MAAA,MAAM,EAAE,UAAA,EAAY,QAAU,EAAA,UAAA,EAAe,GAAA,mBAAA;AAC7C,MAAA,MAAM,yBAAyB,QAAS,CAAA,MAAA;AAAA,QACtC,CAAC,MAAyB,MAAW,KAAA;AACnC,UAAA,IAAI,MAAO,CAAA,MAAA,KAAW,OAAW,IAAA,CAAC,UAAY,EAAA;AAC5C,YAAO,OAAA;AAAA,cACL,GAAG,IAAA;AAAA,cACH;AAAA,gBACE,iBAAiB,CAAG,EAAA,IAAI,CAAI,CAAA,EAAA,SAAS,IAAI,IAAI,CAAA,CAAA;AAAA,gBAC7C,UAAA,EAAY,GAAG,UAAU,CAAA,CAAA;AAAA,gBACzB,MAAQ,EAAA,MAAA,CAAO,MAAO,CAAA,iBAAA,CAAkB,OAAO,CAAA;AAAA,gBAC/C,MAAQ,EAAA;AAAA;AACV,aACF;AAAA;AAEF,UAAO,OAAA,IAAA;AAAA,SACT;AAAA,QACA;AAAC,OACH;AACA,MAAA,OAAO,CAAC,GAAG,GAAK,EAAA,GAAG,sBAAsB,CAAA;AAAA,KAC3C;AAAA,IACA;AAAC,GACH;AACF;AAEa,MAAA,oCAAA,GAAuC,CAClD,MACG,KAAA;AACH,EAAA,MAAM,EAAE,IAAA,EAAM,IAAM,EAAA,SAAA,EAAW,wBAA2B,GAAA,MAAA;AAE1D,EAAA,OAAO,sBAAuB,CAAA,MAAA;AAAA,IAC5B,CAAC,KAA4B,mBAAyC,KAAA;AACpE,MAAA,MAAM,EAAE,QAAU,EAAA,WAAA,EAAa,MAAQ,EAAA,UAAA,EAAY,cACjD,GAAA,mBAAA;AACF,MAAA,MAAM,iBAAoB,GAAA,QAAA,CAAS,MAAO,CAAA,CAAC,MAAgB,MAAW,KAAA;AACpE,QAAI,IAAA,MAAA,CAAO,WAAW,OAAS,EAAA;AAC7B,UAAA,OAAO,CAAC,GAAG,IAAA,EAAM,OAAO,MAAO,CAAA,iBAAA,CAAkB,OAAO,CAAC,CAAA;AAAA;AAE3D,QAAO,OAAA,IAAA;AAAA,OACT,EAAG,EAAE,CAAA;AACL,MAAA,OAAO,eAAe,UAClB,GAAA;AAAA,QACE,GAAG,GAAA;AAAA,QACH;AAAA,UACE,MAAQ,EAAA,aAAA;AAAA,UACR,eAAe,CAAG,EAAA,IAAI,CAAI,CAAA,EAAA,SAAS,IAAI,IAAI,CAAA,CAAA;AAAA,UAC3C,QAAA,EAAU,GAAG,MAAM,CAAA,CAAA;AAAA,UACnB,YAAA,EAAc,GAAG,YAAY,CAAA,CAAA;AAAA,UAC7B,iBAAA;AAAA,UACA,UACE,EAAA,MAAA,CAAO,IAAK,CAAA,UAAU,CAAE,CAAA,CAAC,CAAM,KAAA,SAAA,CAAU,SACrC,GAAA,EAAE,GAAG,UAAA,CAAW,WAChB,GAAA;AAAA;AACR,OAEF,GAAA,GAAA;AAAA,KACN;AAAA,IACA;AAAC,GACH;AACF;AAEa,MAAA,6BAAA,GAAgC,CAC3C,MAAA,EACA,aAC0B,KAAA;AAC1B,EAAM,MAAA,uBAAA,GAA0B,cAAc,sBAAuB,CAAA,MAAA;AAAA,IACnE,SAAO,GAAI,CAAA;AAAA,GACb;AAEA,EAAA,MAAM,mBAAmB,MAAO,CAAA,sBAAA,CAAuB,MAAO,CAAA,CAAA,GAAA,KAAO,IAAI,EAAE,CAAA;AAE3E,EAAO,OAAA,gBAAA,CAAiB,MAAS,GAAA,CAAA,GAC7B,gBAAiB,CAAA,MAAA;AAAA,IACf,CACE,KACA,SACG,KAAA;AACH,MAAA,MAAM,kBAAkB,uBAAwB,CAAA,IAAA;AAAA,QAC9C,CAAA,CAAA,KAAK,CAAE,CAAA,EAAA,KAAO,SAAU,CAAA;AAAA,OAC1B;AAEA,MAAA,IAAI,mBAAmB,SAAU,CAAA,EAAA;AAC/B,QAAO,OAAA;AAAA,UACL,GAAG,GAAA;AAAA,UACH;AAAA,YACE,IAAI,SAAU,CAAA,EAAA;AAAA,YACd,iBAAiB,oCAAqC,CAAA;AAAA,cACpD,GAAG,MAAA;AAAA,cACH,sBAAA,EAAwB,CAAC,SAAS;AAAA,aACnC,EAAE,CAAC;AAAA;AACN,SACF;AACF,MAAO,OAAA,GAAA;AAAA,KACT;AAAA,IACA;AAAC,MAEH,EAAC;AACP;AAEa,MAAA,yBAAA,GAA4B,CAAC,MAA2B,KAAA;AACnE,EAAM,MAAA,SAAA,GAAY,EAAE,GAAG,MAAO,EAAA;AAC9B,EAAM,MAAA,qBAAA,GAAwB,OAAO,sBAAuB,CAAA,MAAA;AAAA,IAC1D,CAAA,GAAA,KAAO,CAAC,GAAI,CAAA;AAAA,GACd;AACA,EAAA,SAAA,CAAU,sBAAyB,GAAA,qBAAA;AACnC,EAAA,OAAO,qCAAqC,SAAS,CAAA;AACvD;AAEa,MAAA,gCAAA,GAAmC,CAC9C,MAAA,EACA,aACG,KAAA;AACH,EAAM,MAAA,oBAAA,GAAuB,aAAc,CAAA,sBAAA,CACxC,GAAI,CAAA,CAAA,GAAA,KAAO,IAAI,EAAE,CAAA,CACjB,MAAO,CAAA,CAAA,EAAA,KAAM,EAAE,CAAA;AAElB,EAAM,MAAA,gBAAA,GAAmB,MAAO,CAAA,sBAAA,CAC7B,GAAI,CAAA,CAAA,GAAA,KAAO,IAAI,EAAE,CAAA,CACjB,MAAO,CAAA,CAAA,EAAA,KAAM,EAAE,CAAA;AAElB,EAAA,OAAO,qBAAqB,MAAS,GAAA,CAAA,GACjC,qBAAqB,MAAO,CAAA,CAAC,KAAe,KAAU,KAAA;AACpD,IAAM,MAAA,eAAA,GAAkB,gBAAiB,CAAA,QAAA,CAAS,KAAK,CAAA;AACvD,IAAA,IAAI,iBAAwB,OAAA,GAAA;AAC5B,IAAA,OAAO,KAAQ,GAAA,CAAC,GAAG,GAAA,EAAK,KAAK,CAAI,GAAA,GAAA;AAAA,GAChC,EAAA,EAAE,CAAA,GACL,EAAC;AACP;AAEa,MAAA,oBAAA,GAAuB,CAAC,MAA2B,KAAA;AAC9D,EAAA,OACE,0BAA0B,MAAM,CAAA,CAAE,MAClC,GAAA,oCAAA,CAAqC,MAAM,CAAE,CAAA,MAAA;AAEjD;AAMa,MAAA,cAAA,GAAiB,CAAC,UAAgC,KAAA;AAC7D,EAAI,IAAA,CAAC,YAAmB,OAAA,CAAA;AACxB,EAAA,IAAI,WAAc,GAAA,CAAA;AAElB,EAAA,IAAI,WAAW,KAAO,EAAA;AACpB,IAAA,WAAA,IAAe,UAAW,CAAA,KAAA,CAAM,MAAO,CAAA,CAAC,KAAK,SAAc,KAAA;AACzD,MAAO,OAAA,GAAA,GAAM,eAAe,SAA2B,CAAA;AAAA,OACtD,CAAC,CAAA;AAAA;AAGN,EAAA,IAAI,WAAW,KAAO,EAAA;AACpB,IAAA,WAAA,IAAe,UAAW,CAAA,KAAA,CAAM,MAAO,CAAA,CAAC,KAAK,SAAc,KAAA;AACzD,MAAO,OAAA,GAAA,GAAM,eAAe,SAA2B,CAAA;AAAA,OACtD,CAAC,CAAA;AAAA;AAGN,EAAA,IAAI,WAAW,GAAK,EAAA;AAClB,IAAe,WAAA,IAAA,cAAA,CAAe,WAAW,GAAqB,CAAA;AAAA;AAGhE,EAAI,IAAA,UAAA,CAAW,aAAa,MAAO,CAAA,IAAA,CAAK,UAAU,CAAE,CAAA,QAAA,CAAS,MAAM,CAAG,EAAA;AACpE,IAAe,WAAA,IAAA,CAAA;AAAA;AAGjB,EAAO,OAAA,WAAA;AACT;;;;"}
package/dist/utils/rbac-utils.esm.js CHANGED
@@ -70,15 +70,13 @@ const getPluginInfo = (permissions, permissionName) => permissions.reduce(
70
70
  if (pol.name === permissionName) {
71
71
  return true;
72
72
  }
73
- if (isResourcedPolicy(pol)) {
74
- return pol.resourceType === permissionName;
75
- }
76
73
  return false;
77
74
  });
78
75
  if (policy) {
79
76
  return {
80
77
  pluginId: p.pluginId || "-",
81
- isResourced: isResourcedPolicy(policy) || false
78
+ isResourced: isResourcedPolicy(policy) || false,
79
+ resourceType: isResourcedPolicy(policy) ? policy.resourceType : ""
82
80
  };
83
81
  }
84
82
  return acc;
@@ -91,7 +89,7 @@ const getPolicy = (str) => {
91
89
  };
92
90
  const getAllPolicies = (permission, allowedPolicies, policies) => {
93
91
  const deniedPolicies = policies?.reduce((acc, p) => {
94
- const perm = isResourcedPolicy(p) ? p.resourceType : p.name;
92
+ const perm = p.name;
95
93
  if (permission === perm && !allowedPolicies.find(
96
94
  (allowedPolicy) => allowedPolicy.policy.toLocaleLowerCase("en-US") === p.policy?.toLocaleLowerCase("en-US")
97
95
  )) {
@@ -135,7 +133,8 @@ const getPermissionsData = (policies, permissionPolicies) => {
135
133
  policy: policyTitleCase || "Use",
136
134
  effect: policy.effect
137
135
  }),
138
- isResourced: getPluginInfo(permissionPolicies, policy?.permission).isResourced
136
+ isResourced: getPluginInfo(permissionPolicies, policy?.permission).isResourced,
137
+ resourceType: getPluginInfo(permissionPolicies, policy?.permission).resourceType
139
138
  });
140
139
  }
141
140
  }
@@ -198,22 +197,34 @@ const getPoliciesData = (allowedPermissions, policies) => {
198
197
  ...allowedPermissions.includes(p.toLocaleLowerCase("en-US")) ? { effect: "allow" } : { effect: "deny" }
199
198
  }));
200
199
  };
201
- const getConditionalPermissionsData = (conditionalPermissions, permissionPolicies) => {
200
+ const getConditionalPermissionsData = (conditionalPermissions, permissionPolicies, allPermissionPolicies) => {
202
201
  return conditionalPermissions.reduce((acc, cp) => {
203
202
  const conditions = getConditionsData(cp.conditions);
204
- const allPolicies = permissionPolicies.pluginsPermissions?.[cp.pluginId]?.policies?.[cp.resourceType]?.policies ?? [];
205
203
  const allowedPermissions = cp.permissionMapping.map(
206
204
  (action) => action.toLocaleLowerCase("en-US")
207
205
  );
206
+ const perm = allPermissionPolicies.map((app) => {
207
+ if (app.pluginId === cp.pluginId) {
208
+ return app.policies.find(
209
+ (po) => isResourcedPolicy(po) && po.resourceType === cp.resourceType && po.policy === cp.permissionMapping[0]
210
+ )?.name ?? "";
211
+ }
212
+ return "";
213
+ }).filter((v) => !!v);
214
+ const allPolicies = (pm) => permissionPolicies.pluginsPermissions?.[cp.pluginId]?.policies?.[pm]?.policies ?? [];
208
215
  const policyString = allowedPermissions.map((p) => p[0].toLocaleUpperCase("en-US") + p.slice(1)).join(", ");
209
216
  return [
210
217
  ...acc,
211
218
  ...conditions ? [
212
219
  {
213
220
  plugin: cp.pluginId,
214
- permission: cp.resourceType,
221
+ permission: perm[0],
222
+ resourceType: cp.resourceType,
215
223
  isResourced: true,
216
- policies: getPoliciesData(allowedPermissions, allPolicies),
224
+ policies: getPoliciesData(
225
+ allowedPermissions,
226
+ allPolicies(perm[0])
227
+ ),
217
228
  policyString,
218
229
  conditions,
219
230
  id: cp.id
package/dist/utils/rbac-utils.esm.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"rbac-utils.esm.js","sources":["../../src/utils/rbac-utils.ts"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport {\n GroupEntity,\n isUserEntity,\n parseEntityRef,\n stringifyEntityRef,\n} from '@backstage/catalog-model';\nimport {\n AllOfCriteria,\n AnyOfCriteria,\n NotCriteria,\n PermissionCondition,\n PermissionCriteria,\n} from '@backstage/plugin-permission-common';\n\nimport { getTitleCase } from '@janus-idp/shared-react';\n\nimport {\n isResourcedPolicy,\n PermissionAction,\n PluginPermissionMetaData,\n PolicyDetails,\n RoleBasedPolicy,\n RoleConditionalPolicyDecision,\n} from '@backstage-community/plugin-rbac-common';\n\nimport { criterias } from '../components/ConditionalAccess/const';\nimport { ConditionsData } from '../components/ConditionalAccess/types';\nimport {\n PluginsPermissionPoliciesData,\n RowPolicy,\n SelectedMember,\n} from '../components/CreateRole/types';\nimport {\n MemberEntity,\n MembersData,\n PermissionsData,\n PermissionsDataSet,\n} from '../types';\nimport { getMembersCount } from './create-role-utils';\n\nexport const getPermissionsArray = (\n role: string,\n policies: RoleBasedPolicy[],\n): RoleBasedPolicy[] => {\n if (!policies || policies?.length === 0 || !Array.isArray(policies)) {\n return [];\n }\n return policies.filter(\n (policy: RoleBasedPolicy) =>\n policy.entityReference === role && policy.effect !== 'deny',\n );\n};\n\nexport const getPermissions = (\n role: string,\n policies: RoleBasedPolicy[],\n): number => {\n return getPermissionsArray(role, policies).length;\n};\n\nexport const getMembersString = (res: {\n users: number;\n groups: number;\n}): string => {\n let membersString = '';\n if (res.groups > 0) {\n membersString = `${res.groups} ${res.groups > 1 ? 'groups' : 'group'}`;\n }\n if (res.users > 0) {\n membersString = membersString.concat(\n membersString.length > 0 ? ', ' : '',\n `${res.users} ${res.users > 1 ? 'users' : 'user'}`,\n );\n }\n return membersString;\n};\n\nexport const getMembers = (\n members: (string | MembersData | SelectedMember)[],\n): string => {\n if (!members || members.length === 0) {\n return 'No members';\n }\n\n const res = members.reduce(\n (acc, member) => {\n if (typeof member === 'object') {\n if (member.type === 'User' || member.type === 'user') {\n acc.users++;\n } else {\n acc.groups++;\n }\n } else {\n const entity = parseEntityRef(member) as any;\n if (isUserEntity(entity)) {\n acc.users++;\n } else {\n acc.groups++;\n }\n }\n return acc;\n },\n { users: 0, groups: 0 },\n );\n\n return getMembersString(res);\n};\n\nexport const getMembersFromGroup = (group: GroupEntity): number => {\n const membersList = group.relations?.reduce((acc, relation) => {\n let temp = acc;\n if (relation.type === 'hasMember') {\n temp++;\n }\n return temp;\n }, 0);\n return membersList ?? 0;\n};\n\nexport const getPluginInfo = (\n permissions: PluginPermissionMetaData[],\n permissionName?: string,\n): { pluginId: string; isResourced: boolean } =>\n permissions.reduce(\n (\n acc: { pluginId: string; isResourced: boolean },\n p: PluginPermissionMetaData,\n ) => {\n const policy = p.policies.find(pol => {\n if (pol.name === permissionName) {\n return true;\n }\n if (isResourcedPolicy(pol)) {\n return pol.resourceType === permissionName;\n }\n return false;\n });\n if (policy) {\n return {\n pluginId: p.pluginId || '-',\n isResourced: isResourcedPolicy(policy) || false,\n };\n }\n return acc;\n },\n { pluginId: '-', isResourced: false },\n );\n\nconst getPolicy = (str: string) => {\n const arr = str.split('.');\n return arr[arr.length - 1];\n};\n\nconst getAllPolicies = (\n permission: string,\n allowedPolicies: RowPolicy[],\n policies: PolicyDetails[],\n) => {\n const deniedPolicies = policies?.reduce((acc, p) => {\n const perm = isResourcedPolicy(p) ? p.resourceType : p.name;\n if (\n permission === perm &&\n !allowedPolicies.find(\n allowedPolicy =>\n allowedPolicy.policy.toLocaleLowerCase('en-US') ===\n p.policy?.toLocaleLowerCase('en-US'),\n )\n ) {\n acc.push({\n policy: getTitleCase(p.policy) || 'Use',\n effect: 'deny',\n });\n }\n return acc;\n }, [] as RowPolicy[]);\n return [...(allowedPolicies || []), ...(deniedPolicies || [])];\n};\n\nexport const getPermissionsData = (\n policies: RoleBasedPolicy[],\n permissionPolicies: PluginPermissionMetaData[],\n): PermissionsData[] => {\n const data = policies.reduce(\n (acc: PermissionsDataSet[], policy: RoleBasedPolicy) => {\n if (policy?.effect === 'allow') {\n const policyStr =\n policy?.policy ?? getPolicy(policy.permission as string);\n const policyTitleCase = getTitleCase(policyStr);\n const permission = acc.find(\n plugin =>\n plugin.permission === policy.permission &&\n !plugin.policies.has({\n policy: policyTitleCase || 'Use',\n effect: 'allow',\n }),\n );\n if (permission) {\n permission.policyString?.add(\n policyTitleCase ? `, ${policyTitleCase}` : ', Use',\n );\n permission.policies.add({\n policy: policyTitleCase || 'Use',\n effect: policy.effect,\n });\n } else {\n const policyString = new Set<string>();\n const policiesSet = new Set<{ policy: string; effect: string }>();\n acc.push({\n permission: policy.permission ?? '-',\n plugin: getPluginInfo(permissionPolicies, policy?.permission)\n .pluginId,\n policyString: policyString.add(policyTitleCase || 'Use'),\n policies: policiesSet.add({\n policy: policyTitleCase || 'Use',\n effect: policy.effect,\n }),\n isResourced: getPluginInfo(permissionPolicies, policy?.permission)\n .isResourced,\n });\n }\n }\n return acc;\n },\n [],\n );\n return data.map((p: PermissionsDataSet) => ({\n ...p,\n ...(p.policyString ? { policyString: Array.from(p.policyString) } : {}),\n policies: getAllPolicies(\n p.permission,\n Array.from(p.policies),\n permissionPolicies.find(pp => pp.pluginId === p.plugin)\n ?.policies as PolicyDetails[],\n ),\n })) as PermissionsData[];\n};\n\nexport const getConditionUpperCriteria = (\n conditions: PermissionCriteria<PermissionCondition> | string,\n): string | undefined => {\n return Object.keys(conditions).find(key =>\n [criterias.allOf, criterias.anyOf, criterias.not].includes(\n key as keyof ConditionsData,\n ),\n );\n};\n\nexport const getConditionsData = (\n conditions: PermissionCriteria<PermissionCondition>,\n): ConditionsData | undefined => {\n const upperCriteria =\n getConditionUpperCriteria(conditions) ?? criterias.condition;\n\n switch (upperCriteria) {\n case criterias.allOf: {\n const allOfConditions = (conditions as AllOfCriteria<PermissionCondition>)\n .allOf;\n allOfConditions.map(aoc => {\n if (getConditionUpperCriteria(aoc)) {\n return getConditionsData(aoc);\n }\n return aoc;\n });\n return { allOf: allOfConditions as PermissionCondition[] };\n }\n case criterias.anyOf: {\n const anyOfConditions = (conditions as AnyOfCriteria<PermissionCondition>)\n .anyOf;\n anyOfConditions.map(aoc => {\n if (getConditionUpperCriteria(aoc)) {\n return getConditionsData(aoc);\n }\n return aoc;\n });\n return { anyOf: anyOfConditions as PermissionCondition[] };\n }\n case criterias.not: {\n const notCondition = (conditions as NotCriteria<PermissionCondition>).not;\n const nestedCondition = getConditionUpperCriteria(notCondition)\n ? getConditionsData(notCondition)\n : notCondition;\n return { not: nestedCondition as PermissionCondition };\n }\n default:\n return { condition: conditions as PermissionCondition };\n }\n};\n\nexport const getPoliciesData = (\n allowedPermissions: string[],\n policies: string[],\n): RowPolicy[] => {\n return policies.map(p => ({\n policy: p,\n ...(allowedPermissions.includes(p.toLocaleLowerCase('en-US'))\n ? { effect: 'allow' }\n : { effect: 'deny' }),\n }));\n};\n\nexport const getConditionalPermissionsData = (\n conditionalPermissions: RoleConditionalPolicyDecision<PermissionAction>[],\n permissionPolicies: PluginsPermissionPoliciesData,\n): PermissionsData[] => {\n return conditionalPermissions.reduce((acc: any, cp) => {\n const conditions = getConditionsData(cp.conditions);\n const allPolicies =\n permissionPolicies.pluginsPermissions?.[cp.pluginId]?.policies?.[\n cp.resourceType\n ]?.policies ?? [];\n const allowedPermissions = cp.permissionMapping.map(action =>\n action.toLocaleLowerCase('en-US'),\n );\n const policyString = allowedPermissions\n .map(p => p[0].toLocaleUpperCase('en-US') + p.slice(1))\n .join(', ');\n\n return [\n ...acc,\n ...(conditions\n ? [\n {\n plugin: cp.pluginId,\n permission: cp.resourceType,\n isResourced: true,\n policies: getPoliciesData(allowedPermissions, allPolicies),\n policyString,\n conditions,\n id: cp.id,\n },\n ]\n : []),\n ];\n }, []);\n};\n\nexport const getSelectedMember = (\n memberResource: MemberEntity | undefined,\n ref: string,\n): SelectedMember => {\n if (memberResource) {\n return {\n id: memberResource.metadata.etag as string,\n ref: stringifyEntityRef(memberResource),\n label:\n memberResource.spec.profile?.displayName ??\n memberResource.metadata.name,\n etag: memberResource.metadata.etag as string,\n type: memberResource.kind,\n namespace: memberResource.metadata.namespace as string,\n members: getMembersCount(memberResource),\n };\n } else if (ref) {\n const { kind, namespace, name } = parseEntityRef(ref);\n return {\n id: `${kind}-${namespace}-${name}`,\n ref,\n label: name,\n etag: `${kind}-${namespace}-${name}`,\n type: kind,\n namespace: namespace,\n members: kind === 'group' ? 0 : undefined,\n };\n }\n return {} as SelectedMember;\n};\n\nexport const isSamePermissionPolicy = (\n a: RoleBasedPolicy,\n b: RoleBasedPolicy,\n) =>\n a.entityReference === b.entityReference &&\n a.permission === b.permission &&\n a.policy === b.policy &&\n a.effect === b.effect;\n\nexport const onlyInLeft = (\n left: RoleBasedPolicy[],\n right: RoleBasedPolicy[],\n compareFunction: (a: RoleBasedPolicy, b: RoleBasedPolicy) => boolean,\n) =>\n left.filter(\n leftValue =>\n !right.some(rightValue => compareFunction(leftValue, rightValue)),\n );\n"],"names":[],"mappings":";;;;;;AAuDa,MAAA,mBAAA,GAAsB,CACjC,IAAA,EACA,QACsB,KAAA;AACtB,EAAI,IAAA,CAAC,YAAY,QAAU,EAAA,MAAA,KAAW,KAAK,CAAC,KAAA,CAAM,OAAQ,CAAA,QAAQ,CAAG,EAAA;AACnE,IAAA,OAAO,EAAC;AAAA;AAEV,EAAA,OAAO,QAAS,CAAA,MAAA;AAAA,IACd,CAAC,MACC,KAAA,MAAA,CAAO,eAAoB,KAAA,IAAA,IAAQ,OAAO,MAAW,KAAA;AAAA,GACzD;AACF;AAEa,MAAA,cAAA,GAAiB,CAC5B,IAAA,EACA,QACW,KAAA;AACX,EAAO,OAAA,mBAAA,CAAoB,IAAM,EAAA,QAAQ,CAAE,CAAA,MAAA;AAC7C;AAEa,MAAA,gBAAA,GAAmB,CAAC,GAGnB,KAAA;AACZ,EAAA,IAAI,aAAgB,GAAA,EAAA;AACpB,EAAI,IAAA,GAAA,CAAI,SAAS,CAAG,EAAA;AAClB,IAAgB,aAAA,GAAA,CAAA,EAAG,IAAI,MAAM,CAAA,CAAA,EAAI,IAAI,MAAS,GAAA,CAAA,GAAI,WAAW,OAAO,CAAA,CAAA;AAAA;AAEtE,EAAI,IAAA,GAAA,CAAI,QAAQ,CAAG,EAAA;AACjB,IAAA,aAAA,GAAgB,aAAc,CAAA,MAAA;AAAA,MAC5B,aAAA,CAAc,MAAS,GAAA,CAAA,GAAI,IAAO,GAAA,EAAA;AAAA,MAClC,CAAA,EAAG,IAAI,KAAK,CAAA,CAAA,EAAI,IAAI,KAAQ,GAAA,CAAA,GAAI,UAAU,MAAM,CAAA;AAAA,KAClD;AAAA;AAEF,EAAO,OAAA,aAAA;AACT;AAEa,MAAA,UAAA,GAAa,CACxB,OACW,KAAA;AACX,EAAA,IAAI,CAAC,OAAA,IAAW,OAAQ,CAAA,MAAA,KAAW,CAAG,EAAA;AACpC,IAAO,OAAA,YAAA;AAAA;AAGT,EAAA,MAAM,MAAM,OAAQ,CAAA,MAAA;AAAA,IAClB,CAAC,KAAK,MAAW,KAAA;AACf,MAAI,IAAA,OAAO,WAAW,QAAU,EAAA;AAC9B,QAAA,IAAI,MAAO,CAAA,IAAA,KAAS,MAAU,IAAA,MAAA,CAAO,SAAS,MAAQ,EAAA;AACpD,UAAI,GAAA,CAAA,KAAA,EAAA;AAAA,SACC,MAAA;AACL,UAAI,GAAA,CAAA,MAAA,EAAA;AAAA;AACN,OACK,MAAA;AACL,QAAM,MAAA,MAAA,GAAS,eAAe,MAAM,CAAA;AACpC,QAAI,IAAA,YAAA,CAAa,MAAM,CAAG,EAAA;AACxB,UAAI,GAAA,CAAA,KAAA,EAAA;AAAA,SACC,MAAA;AACL,UAAI,GAAA,CAAA,MAAA,EAAA;AAAA;AACN;AAEF,MAAO,OAAA,GAAA;AAAA,KACT;AAAA,IACA,EAAE,KAAA,EAAO,CAAG,EAAA,MAAA,EAAQ,CAAE;AAAA,GACxB;AAEA,EAAA,OAAO,iBAAiB,GAAG,CAAA;AAC7B;AAEa,MAAA,mBAAA,GAAsB,CAAC,KAA+B,KAAA;AACjE,EAAA,MAAM,cAAc,KAAM,CAAA,SAAA,EAAW,MAAO,CAAA,CAAC,KAAK,QAAa,KAAA;AAC7D,IAAA,IAAI,IAAO,GAAA,GAAA;AACX,IAAI,IAAA,QAAA,CAAS,SAAS,WAAa,EAAA;AACjC,MAAA,IAAA,EAAA;AAAA;AAEF,IAAO,OAAA,IAAA;AAAA,KACN,CAAC,CAAA;AACJ,EAAA,OAAO,WAAe,IAAA,CAAA;AACxB;AAEO,MAAM,aAAgB,GAAA,CAC3B,WACA,EAAA,cAAA,KAEA,WAAY,CAAA,MAAA;AAAA,EACV,CACE,KACA,CACG,KAAA;AACH,IAAA,MAAM,MAAS,GAAA,CAAA,CAAE,QAAS,CAAA,IAAA,CAAK,CAAO,GAAA,KAAA;AACpC,MAAI,IAAA,GAAA,CAAI,SAAS,cAAgB,EAAA;AAC/B,QAAO,OAAA,IAAA;AAAA;AAET,MAAI,IAAA,iBAAA,CAAkB,GAAG,CAAG,EAAA;AAC1B,QAAA,OAAO,IAAI,YAAiB,KAAA,cAAA;AAAA;AAE9B,MAAO,OAAA,KAAA;AAAA,KACR,CAAA;AACD,IAAA,IAAI,MAAQ,EAAA;AACV,MAAO,OAAA;AAAA,QACL,QAAA,EAAU,EAAE,QAAY,IAAA,GAAA;AAAA,QACxB,WAAA,EAAa,iBAAkB,CAAA,MAAM,CAAK,IAAA;AAAA,OAC5C;AAAA;AAEF,IAAO,OAAA,GAAA;AAAA,GACT;AAAA,EACA,EAAE,QAAA,EAAU,GAAK,EAAA,WAAA,EAAa,KAAM;AACtC;AAEF,MAAM,SAAA,GAAY,CAAC,GAAgB,KAAA;AACjC,EAAM,MAAA,GAAA,GAAM,GAAI,CAAA,KAAA,CAAM,GAAG,CAAA;AACzB,EAAO,OAAA,GAAA,CAAI,GAAI,CAAA,MAAA,GAAS,CAAC,CAAA;AAC3B,CAAA;AAEA,MAAM,cAAiB,GAAA,CACrB,UACA,EAAA,eAAA,EACA,QACG,KAAA;AACH,EAAA,MAAM,cAAiB,GAAA,QAAA,EAAU,MAAO,CAAA,CAAC,KAAK,CAAM,KAAA;AAClD,IAAA,MAAM,OAAO,iBAAkB,CAAA,CAAC,CAAI,GAAA,CAAA,CAAE,eAAe,CAAE,CAAA,IAAA;AACvD,IACE,IAAA,UAAA,KAAe,IACf,IAAA,CAAC,eAAgB,CAAA,IAAA;AAAA,MACf,CAAA,aAAA,KACE,cAAc,MAAO,CAAA,iBAAA,CAAkB,OAAO,CAC9C,KAAA,CAAA,CAAE,MAAQ,EAAA,iBAAA,CAAkB,OAAO;AAAA,KAEvC,EAAA;AACA,MAAA,GAAA,CAAI,IAAK,CAAA;AAAA,QACP,MAAQ,EAAA,YAAA,CAAa,CAAE,CAAA,MAAM,CAAK,IAAA,KAAA;AAAA,QAClC,MAAQ,EAAA;AAAA,OACT,CAAA;AAAA;AAEH,IAAO,OAAA,GAAA;AAAA,GACT,EAAG,EAAiB,CAAA;AACpB,EAAO,OAAA,CAAC,GAAI,eAAmB,IAAA,IAAK,GAAI,cAAA,IAAkB,EAAG,CAAA;AAC/D,CAAA;AAEa,MAAA,kBAAA,GAAqB,CAChC,QAAA,EACA,kBACsB,KAAA;AACtB,EAAA,MAAM,OAAO,QAAS,CAAA,MAAA;AAAA,IACpB,CAAC,KAA2B,MAA4B,KAAA;AACtD,MAAI,IAAA,MAAA,EAAQ,WAAW,OAAS,EAAA;AAC9B,QAAA,MAAM,SACJ,GAAA,MAAA,EAAQ,MAAU,IAAA,SAAA,CAAU,OAAO,UAAoB,CAAA;AACzD,QAAM,MAAA,eAAA,GAAkB,aAAa,SAAS,CAAA;AAC9C,QAAA,MAAM,aAAa,GAAI,CAAA,IAAA;AAAA,UACrB,CAAA,MAAA,KACE,OAAO,UAAe,KAAA,MAAA,CAAO,cAC7B,CAAC,MAAA,CAAO,SAAS,GAAI,CAAA;AAAA,YACnB,QAAQ,eAAmB,IAAA,KAAA;AAAA,YAC3B,MAAQ,EAAA;AAAA,WACT;AAAA,SACL;AACA,QAAA,IAAI,UAAY,EAAA;AACd,UAAA,UAAA,CAAW,YAAc,EAAA,GAAA;AAAA,YACvB,eAAA,GAAkB,CAAK,EAAA,EAAA,eAAe,CAAK,CAAA,GAAA;AAAA,WAC7C;AACA,UAAA,UAAA,CAAW,SAAS,GAAI,CAAA;AAAA,YACtB,QAAQ,eAAmB,IAAA,KAAA;AAAA,YAC3B,QAAQ,MAAO,CAAA;AAAA,WAChB,CAAA;AAAA,SACI,MAAA;AACL,UAAM,MAAA,YAAA,uBAAmB,GAAY,EAAA;AACrC,UAAM,MAAA,WAAA,uBAAkB,GAAwC,EAAA;AAChE,UAAA,GAAA,CAAI,IAAK,CAAA;AAAA,YACP,UAAA,EAAY,OAAO,UAAc,IAAA,GAAA;AAAA,YACjC,MAAQ,EAAA,aAAA,CAAc,kBAAoB,EAAA,MAAA,EAAQ,UAAU,CACzD,CAAA,QAAA;AAAA,YACH,YAAc,EAAA,YAAA,CAAa,GAAI,CAAA,eAAA,IAAmB,KAAK,CAAA;AAAA,YACvD,QAAA,EAAU,YAAY,GAAI,CAAA;AAAA,cACxB,QAAQ,eAAmB,IAAA,KAAA;AAAA,cAC3B,QAAQ,MAAO,CAAA;AAAA,aAChB,CAAA;AAAA,YACD,WAAa,EAAA,aAAA,CAAc,kBAAoB,EAAA,MAAA,EAAQ,UAAU,CAC9D,CAAA;AAAA,WACJ,CAAA;AAAA;AACH;AAEF,MAAO,OAAA,GAAA;AAAA,KACT;AAAA,IACA;AAAC,GACH;AACA,EAAO,OAAA,IAAA,CAAK,GAAI,CAAA,CAAC,CAA2B,MAAA;AAAA,IAC1C,GAAG,CAAA;AAAA,IACH,GAAI,CAAE,CAAA,YAAA,GAAe,EAAE,YAAA,EAAc,KAAM,CAAA,IAAA,CAAK,CAAE,CAAA,YAAY,CAAE,EAAA,GAAI,EAAC;AAAA,IACrE,QAAU,EAAA,cAAA;AAAA,MACR,CAAE,CAAA,UAAA;AAAA,MACF,KAAA,CAAM,IAAK,CAAA,CAAA,CAAE,QAAQ,CAAA;AAAA,MACrB,mBAAmB,IAAK,CAAA,CAAA,EAAA,KAAM,GAAG,QAAa,KAAA,CAAA,CAAE,MAAM,CAClD,EAAA;AAAA;AACN,GACA,CAAA,CAAA;AACJ;AAEa,MAAA,yBAAA,GAA4B,CACvC,UACuB,KAAA;AACvB,EAAO,OAAA,MAAA,CAAO,IAAK,CAAA,UAAU,CAAE,CAAA,IAAA;AAAA,IAAK,CAAA,GAAA,KAClC,CAAC,SAAU,CAAA,KAAA,EAAO,UAAU,KAAO,EAAA,SAAA,CAAU,GAAG,CAAE,CAAA,QAAA;AAAA,MAChD;AAAA;AACF,GACF;AACF;AAEa,MAAA,iBAAA,GAAoB,CAC/B,UAC+B,KAAA;AAC/B,EAAA,MAAM,aACJ,GAAA,yBAAA,CAA0B,UAAU,CAAA,IAAK,SAAU,CAAA,SAAA;AAErD,EAAA,QAAQ,aAAe;AAAA,IACrB,KAAK,UAAU,KAAO,EAAA;AACpB,MAAA,MAAM,kBAAmB,UACtB,CAAA,KAAA;AACH,MAAA,eAAA,CAAgB,IAAI,CAAO,GAAA,KAAA;AACzB,QAAI,IAAA,yBAAA,CAA0B,GAAG,CAAG,EAAA;AAClC,UAAA,OAAO,kBAAkB,GAAG,CAAA;AAAA;AAE9B,QAAO,OAAA,GAAA;AAAA,OACR,CAAA;AACD,MAAO,OAAA,EAAE,OAAO,eAAyC,EAAA;AAAA;AAC3D,IACA,KAAK,UAAU,KAAO,EAAA;AACpB,MAAA,MAAM,kBAAmB,UACtB,CAAA,KAAA;AACH,MAAA,eAAA,CAAgB,IAAI,CAAO,GAAA,KAAA;AACzB,QAAI,IAAA,yBAAA,CAA0B,GAAG,CAAG,EAAA;AAClC,UAAA,OAAO,kBAAkB,GAAG,CAAA;AAAA;AAE9B,QAAO,OAAA,GAAA;AAAA,OACR,CAAA;AACD,MAAO,OAAA,EAAE,OAAO,eAAyC,EAAA;AAAA;AAC3D,IACA,KAAK,UAAU,GAAK,EAAA;AAClB,MAAA,MAAM,eAAgB,UAAgD,CAAA,GAAA;AACtE,MAAA,MAAM,kBAAkB,yBAA0B,CAAA,YAAY,CAC1D,GAAA,iBAAA,CAAkB,YAAY,CAC9B,GAAA,YAAA;AACJ,MAAO,OAAA,EAAE,KAAK,eAAuC,EAAA;AAAA;AACvD,IACA;AACE,MAAO,OAAA,EAAE,WAAW,UAAkC,EAAA;AAAA;AAE5D;AAEa,MAAA,eAAA,GAAkB,CAC7B,kBAAA,EACA,QACgB,KAAA;AAChB,EAAO,OAAA,QAAA,CAAS,IAAI,CAAM,CAAA,MAAA;AAAA,IACxB,MAAQ,EAAA,CAAA;AAAA,IACR,GAAI,kBAAA,CAAmB,QAAS,CAAA,CAAA,CAAE,kBAAkB,OAAO,CAAC,CACxD,GAAA,EAAE,MAAQ,EAAA,OAAA,EACV,GAAA,EAAE,QAAQ,MAAO;AAAA,GACrB,CAAA,CAAA;AACJ;AAEa,MAAA,6BAAA,GAAgC,CAC3C,sBAAA,EACA,kBACsB,KAAA;AACtB,EAAA,OAAO,sBAAuB,CAAA,MAAA,CAAO,CAAC,GAAA,EAAU,EAAO,KAAA;AACrD,IAAM,MAAA,UAAA,GAAa,iBAAkB,CAAA,EAAA,CAAG,UAAU,CAAA;AAClD,IAAM,MAAA,WAAA,GACJ,kBAAmB,CAAA,kBAAA,GAAqB,EAAG,CAAA,QAAQ,CAAG,EAAA,QAAA,GACpD,EAAG,CAAA,YACL,CAAG,EAAA,QAAA,IAAY,EAAC;AAClB,IAAM,MAAA,kBAAA,GAAqB,GAAG,iBAAkB,CAAA,GAAA;AAAA,MAAI,CAAA,MAAA,KAClD,MAAO,CAAA,iBAAA,CAAkB,OAAO;AAAA,KAClC;AACA,IAAA,MAAM,eAAe,kBAClB,CAAA,GAAA,CAAI,CAAK,CAAA,KAAA,CAAA,CAAE,CAAC,CAAE,CAAA,iBAAA,CAAkB,OAAO,CAAA,GAAI,EAAE,KAAM,CAAA,CAAC,CAAC,CAAA,CACrD,KAAK,IAAI,CAAA;AAEZ,IAAO,OAAA;AAAA,MACL,GAAG,GAAA;AAAA,MACH,GAAI,UACA,GAAA;AAAA,QACE;AAAA,UACE,QAAQ,EAAG,CAAA,QAAA;AAAA,UACX,YAAY,EAAG,CAAA,YAAA;AAAA,UACf,WAAa,EAAA,IAAA;AAAA,UACb,QAAA,EAAU,eAAgB,CAAA,kBAAA,EAAoB,WAAW,CAAA;AAAA,UACzD,YAAA;AAAA,UACA,UAAA;AAAA,UACA,IAAI,EAAG,CAAA;AAAA;AACT,UAEF;AAAC,KACP;AAAA,GACF,EAAG,EAAE,CAAA;AACP;AAEa,MAAA,iBAAA,GAAoB,CAC/B,cAAA,EACA,GACmB,KAAA;AACnB,EAAA,IAAI,cAAgB,EAAA;AAClB,IAAO,OAAA;AAAA,MACL,EAAA,EAAI,eAAe,QAAS,CAAA,IAAA;AAAA,MAC5B,GAAA,EAAK,mBAAmB,cAAc,CAAA;AAAA,MACtC,OACE,cAAe,CAAA,IAAA,CAAK,OAAS,EAAA,WAAA,IAC7B,eAAe,QAAS,CAAA,IAAA;AAAA,MAC1B,IAAA,EAAM,eAAe,QAAS,CAAA,IAAA;AAAA,MAC9B,MAAM,cAAe,CAAA,IAAA;AAAA,MACrB,SAAA,EAAW,eAAe,QAAS,CAAA,SAAA;AAAA,MACnC,OAAA,EAAS,gBAAgB,cAAc;AAAA,KACzC;AAAA,aACS,GAAK,EAAA;AACd,IAAA,MAAM,EAAE,IAAM,EAAA,SAAA,EAAW,IAAK,EAAA,GAAI,eAAe,GAAG,CAAA;AACpD,IAAO,OAAA;AAAA,MACL,IAAI,CAAG,EAAA,IAAI,CAAI,CAAA,EAAA,SAAS,IAAI,IAAI,CAAA,CAAA;AAAA,MAChC,GAAA;AAAA,MACA,KAAO,EAAA,IAAA;AAAA,MACP,MAAM,CAAG,EAAA,IAAI,CAAI,CAAA,EAAA,SAAS,IAAI,IAAI,CAAA,CAAA;AAAA,MAClC,IAAM,EAAA,IAAA;AAAA,MACN,SAAA;AAAA,MACA,OAAA,EAAS,IAAS,KAAA,OAAA,GAAU,CAAI,GAAA;AAAA,KAClC;AAAA;AAEF,EAAA,OAAO,EAAC;AACV;AAEO,MAAM,yBAAyB,CACpC,CAAA,EACA,MAEA,CAAE,CAAA,eAAA,KAAoB,EAAE,eACxB,IAAA,CAAA,CAAE,UAAe,KAAA,CAAA,CAAE,cACnB,CAAE,CAAA,MAAA,KAAW,EAAE,MACf,IAAA,CAAA,CAAE,WAAW,CAAE,CAAA;AAEV,MAAM,UAAa,GAAA,CACxB,IACA,EAAA,KAAA,EACA,oBAEA,IAAK,CAAA,MAAA;AAAA,EACH,CAAA,SAAA,KACE,CAAC,KAAM,CAAA,IAAA,CAAK,gBAAc,eAAgB,CAAA,SAAA,EAAW,UAAU,CAAC;AACpE;;;;"}
1
+ {"version":3,"file":"rbac-utils.esm.js","sources":["../../src/utils/rbac-utils.ts"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport {\n GroupEntity,\n isUserEntity,\n parseEntityRef,\n stringifyEntityRef,\n} from '@backstage/catalog-model';\nimport {\n AllOfCriteria,\n AnyOfCriteria,\n NotCriteria,\n PermissionCondition,\n PermissionCriteria,\n} from '@backstage/plugin-permission-common';\n\nimport { getTitleCase } from '@janus-idp/shared-react';\n\nimport {\n isResourcedPolicy,\n PermissionAction,\n PluginPermissionMetaData,\n PolicyDetails,\n RoleBasedPolicy,\n RoleConditionalPolicyDecision,\n} from '@backstage-community/plugin-rbac-common';\n\nimport { criterias } from '../components/ConditionalAccess/const';\nimport { ConditionsData } from '../components/ConditionalAccess/types';\nimport {\n PluginsPermissionPoliciesData,\n RowPolicy,\n SelectedMember,\n} from '../components/CreateRole/types';\nimport {\n MemberEntity,\n MembersData,\n PermissionsData,\n PermissionsDataSet,\n} from '../types';\nimport { getMembersCount } from './create-role-utils';\n\nexport const getPermissionsArray = (\n role: string,\n policies: RoleBasedPolicy[],\n): RoleBasedPolicy[] => {\n if (!policies || policies?.length === 0 || !Array.isArray(policies)) {\n return [];\n }\n return policies.filter(\n (policy: RoleBasedPolicy) =>\n policy.entityReference === role && policy.effect !== 'deny',\n );\n};\n\nexport const getPermissions = (\n role: string,\n policies: RoleBasedPolicy[],\n): number => {\n return getPermissionsArray(role, policies).length;\n};\n\nexport const getMembersString = (res: {\n users: number;\n groups: number;\n}): string => {\n let membersString = '';\n if (res.groups > 0) {\n membersString = `${res.groups} ${res.groups > 1 ? 'groups' : 'group'}`;\n }\n if (res.users > 0) {\n membersString = membersString.concat(\n membersString.length > 0 ? ', ' : '',\n `${res.users} ${res.users > 1 ? 'users' : 'user'}`,\n );\n }\n return membersString;\n};\n\nexport const getMembers = (\n members: (string | MembersData | SelectedMember)[],\n): string => {\n if (!members || members.length === 0) {\n return 'No members';\n }\n\n const res = members.reduce(\n (acc, member) => {\n if (typeof member === 'object') {\n if (member.type === 'User' || member.type === 'user') {\n acc.users++;\n } else {\n acc.groups++;\n }\n } else {\n const entity = parseEntityRef(member) as any;\n if (isUserEntity(entity)) {\n acc.users++;\n } else {\n acc.groups++;\n }\n }\n return acc;\n },\n { users: 0, groups: 0 },\n );\n\n return getMembersString(res);\n};\n\nexport const getMembersFromGroup = (group: GroupEntity): number => {\n const membersList = group.relations?.reduce((acc, relation) => {\n let temp = acc;\n if (relation.type === 'hasMember') {\n temp++;\n }\n return temp;\n }, 0);\n return membersList ?? 0;\n};\n\nexport const getPluginInfo = (\n permissions: PluginPermissionMetaData[],\n permissionName?: string,\n): { pluginId: string; isResourced: boolean; resourceType?: string } =>\n permissions.reduce(\n (\n acc: { pluginId: string; isResourced: boolean; resourceType?: string },\n p: PluginPermissionMetaData,\n ) => {\n const policy = p.policies.find(pol => {\n if (pol.name === permissionName) {\n return true;\n }\n return false;\n });\n if (policy) {\n return {\n pluginId: p.pluginId || '-',\n isResourced: isResourcedPolicy(policy) || false,\n resourceType: isResourcedPolicy(policy) ? policy.resourceType : '',\n };\n }\n return acc;\n },\n { pluginId: '-', isResourced: false },\n );\n\nconst getPolicy = (str: string) => {\n const arr = str.split('.');\n return arr[arr.length - 1];\n};\n\nconst getAllPolicies = (\n permission: string,\n allowedPolicies: RowPolicy[],\n policies: PolicyDetails[],\n) => {\n const deniedPolicies = policies?.reduce((acc, p) => {\n const perm = p.name;\n if (\n permission === perm &&\n !allowedPolicies.find(\n allowedPolicy =>\n allowedPolicy.policy.toLocaleLowerCase('en-US') ===\n p.policy?.toLocaleLowerCase('en-US'),\n )\n ) {\n acc.push({\n policy: getTitleCase(p.policy) || 'Use',\n effect: 'deny',\n });\n }\n return acc;\n }, [] as RowPolicy[]);\n return [...(allowedPolicies || []), ...(deniedPolicies || [])];\n};\n\nexport const getPermissionsData = (\n policies: RoleBasedPolicy[],\n permissionPolicies: PluginPermissionMetaData[],\n): PermissionsData[] => {\n const data = policies.reduce(\n (acc: PermissionsDataSet[], policy: RoleBasedPolicy) => {\n if (policy?.effect === 'allow') {\n const policyStr =\n policy?.policy ?? getPolicy(policy.permission as string);\n const policyTitleCase = getTitleCase(policyStr);\n const permission = acc.find(\n plugin =>\n plugin.permission === policy.permission &&\n !plugin.policies.has({\n policy: policyTitleCase || 'Use',\n effect: 'allow',\n }),\n );\n if (permission) {\n permission.policyString?.add(\n policyTitleCase ? `, ${policyTitleCase}` : ', Use',\n );\n permission.policies.add({\n policy: policyTitleCase || 'Use',\n effect: policy.effect,\n });\n } else {\n const policyString = new Set<string>();\n const policiesSet = new Set<{ policy: string; effect: string }>();\n acc.push({\n permission: policy.permission ?? '-',\n plugin: getPluginInfo(permissionPolicies, policy?.permission)\n .pluginId,\n policyString: policyString.add(policyTitleCase || 'Use'),\n policies: policiesSet.add({\n policy: policyTitleCase || 'Use',\n effect: policy.effect,\n }),\n isResourced: getPluginInfo(permissionPolicies, policy?.permission)\n .isResourced,\n resourceType: getPluginInfo(permissionPolicies, policy?.permission)\n .resourceType,\n });\n }\n }\n return acc;\n },\n [],\n );\n return data.map((p: PermissionsDataSet) => ({\n ...p,\n ...(p.policyString ? { policyString: Array.from(p.policyString) } : {}),\n policies: getAllPolicies(\n p.permission,\n Array.from(p.policies),\n permissionPolicies.find(pp => pp.pluginId === p.plugin)\n ?.policies as PolicyDetails[],\n ),\n })) as PermissionsData[];\n};\n\nexport const getConditionUpperCriteria = (\n conditions: PermissionCriteria<PermissionCondition> | string,\n): string | undefined => {\n return Object.keys(conditions).find(key =>\n [criterias.allOf, criterias.anyOf, criterias.not].includes(\n key as keyof ConditionsData,\n ),\n );\n};\n\nexport const getConditionsData = (\n conditions: PermissionCriteria<PermissionCondition>,\n): ConditionsData | undefined => {\n const upperCriteria =\n getConditionUpperCriteria(conditions) ?? criterias.condition;\n\n switch (upperCriteria) {\n case criterias.allOf: {\n const allOfConditions = (conditions as AllOfCriteria<PermissionCondition>)\n .allOf;\n allOfConditions.map(aoc => {\n if (getConditionUpperCriteria(aoc)) {\n return getConditionsData(aoc);\n }\n return aoc;\n });\n return { allOf: allOfConditions as PermissionCondition[] };\n }\n case criterias.anyOf: {\n const anyOfConditions = (conditions as AnyOfCriteria<PermissionCondition>)\n .anyOf;\n anyOfConditions.map(aoc => {\n if (getConditionUpperCriteria(aoc)) {\n return getConditionsData(aoc);\n }\n return aoc;\n });\n return { anyOf: anyOfConditions as PermissionCondition[] };\n }\n case criterias.not: {\n const notCondition = (conditions as NotCriteria<PermissionCondition>).not;\n const nestedCondition = getConditionUpperCriteria(notCondition)\n ? getConditionsData(notCondition)\n : notCondition;\n return { not: nestedCondition as PermissionCondition };\n }\n default:\n return { condition: conditions as PermissionCondition };\n }\n};\n\nexport const getPoliciesData = (\n allowedPermissions: string[],\n policies: string[],\n): RowPolicy[] => {\n return policies.map(p => ({\n policy: p,\n ...(allowedPermissions.includes(p.toLocaleLowerCase('en-US'))\n ? { effect: 'allow' }\n : { effect: 'deny' }),\n }));\n};\n\nexport const getConditionalPermissionsData = (\n conditionalPermissions: RoleConditionalPolicyDecision<PermissionAction>[],\n permissionPolicies: PluginsPermissionPoliciesData,\n allPermissionPolicies: PluginPermissionMetaData[],\n): PermissionsData[] => {\n return conditionalPermissions.reduce((acc: any, cp) => {\n const conditions = getConditionsData(cp.conditions);\n const allowedPermissions = cp.permissionMapping.map(action =>\n action.toLocaleLowerCase('en-US'),\n );\n\n const perm = allPermissionPolicies\n .map(app => {\n if (app.pluginId === cp.pluginId) {\n return (\n app.policies.find(\n po =>\n isResourcedPolicy(po) &&\n po.resourceType === cp.resourceType &&\n po.policy === cp.permissionMapping[0],\n )?.name ?? ''\n );\n }\n return '';\n })\n .filter(v => !!v);\n\n const allPolicies = (pm: string) =>\n permissionPolicies.pluginsPermissions?.[cp.pluginId]?.policies?.[pm]\n ?.policies ?? [];\n const policyString = allowedPermissions\n .map(p => p[0].toLocaleUpperCase('en-US') + p.slice(1))\n .join(', ');\n\n return [\n ...acc,\n ...(conditions\n ? [\n {\n plugin: cp.pluginId,\n permission: perm[0],\n resourceType: cp.resourceType,\n isResourced: true,\n policies: getPoliciesData(\n allowedPermissions,\n allPolicies(perm[0]),\n ),\n policyString,\n conditions,\n id: cp.id,\n },\n ]\n : []),\n ];\n }, []);\n};\n\nexport const getSelectedMember = (\n memberResource: MemberEntity | undefined,\n ref: string,\n): SelectedMember => {\n if (memberResource) {\n return {\n id: memberResource.metadata.etag as string,\n ref: stringifyEntityRef(memberResource),\n label:\n memberResource.spec.profile?.displayName ??\n memberResource.metadata.name,\n etag: memberResource.metadata.etag as string,\n type: memberResource.kind,\n namespace: memberResource.metadata.namespace as string,\n members: getMembersCount(memberResource),\n };\n } else if (ref) {\n const { kind, namespace, name } = parseEntityRef(ref);\n return {\n id: `${kind}-${namespace}-${name}`,\n ref,\n label: name,\n etag: `${kind}-${namespace}-${name}`,\n type: kind,\n namespace: namespace,\n members: kind === 'group' ? 0 : undefined,\n };\n }\n return {} as SelectedMember;\n};\n\nexport const isSamePermissionPolicy = (\n a: RoleBasedPolicy,\n b: RoleBasedPolicy,\n) =>\n a.entityReference === b.entityReference &&\n a.permission === b.permission &&\n a.policy === b.policy &&\n a.effect === b.effect;\n\nexport const onlyInLeft = (\n left: RoleBasedPolicy[],\n right: RoleBasedPolicy[],\n compareFunction: (a: RoleBasedPolicy, b: RoleBasedPolicy) => boolean,\n) =>\n left.filter(\n leftValue =>\n !right.some(rightValue => compareFunction(leftValue, rightValue)),\n );\n"],"names":[],"mappings":";;;;;;AAuDa,MAAA,mBAAA,GAAsB,CACjC,IAAA,EACA,QACsB,KAAA;AACtB,EAAI,IAAA,CAAC,YAAY,QAAU,EAAA,MAAA,KAAW,KAAK,CAAC,KAAA,CAAM,OAAQ,CAAA,QAAQ,CAAG,EAAA;AACnE,IAAA,OAAO,EAAC;AAAA;AAEV,EAAA,OAAO,QAAS,CAAA,MAAA;AAAA,IACd,CAAC,MACC,KAAA,MAAA,CAAO,eAAoB,KAAA,IAAA,IAAQ,OAAO,MAAW,KAAA;AAAA,GACzD;AACF;AAEa,MAAA,cAAA,GAAiB,CAC5B,IAAA,EACA,QACW,KAAA;AACX,EAAO,OAAA,mBAAA,CAAoB,IAAM,EAAA,QAAQ,CAAE,CAAA,MAAA;AAC7C;AAEa,MAAA,gBAAA,GAAmB,CAAC,GAGnB,KAAA;AACZ,EAAA,IAAI,aAAgB,GAAA,EAAA;AACpB,EAAI,IAAA,GAAA,CAAI,SAAS,CAAG,EAAA;AAClB,IAAgB,aAAA,GAAA,CAAA,EAAG,IAAI,MAAM,CAAA,CAAA,EAAI,IAAI,MAAS,GAAA,CAAA,GAAI,WAAW,OAAO,CAAA,CAAA;AAAA;AAEtE,EAAI,IAAA,GAAA,CAAI,QAAQ,CAAG,EAAA;AACjB,IAAA,aAAA,GAAgB,aAAc,CAAA,MAAA;AAAA,MAC5B,aAAA,CAAc,MAAS,GAAA,CAAA,GAAI,IAAO,GAAA,EAAA;AAAA,MAClC,CAAA,EAAG,IAAI,KAAK,CAAA,CAAA,EAAI,IAAI,KAAQ,GAAA,CAAA,GAAI,UAAU,MAAM,CAAA;AAAA,KAClD;AAAA;AAEF,EAAO,OAAA,aAAA;AACT;AAEa,MAAA,UAAA,GAAa,CACxB,OACW,KAAA;AACX,EAAA,IAAI,CAAC,OAAA,IAAW,OAAQ,CAAA,MAAA,KAAW,CAAG,EAAA;AACpC,IAAO,OAAA,YAAA;AAAA;AAGT,EAAA,MAAM,MAAM,OAAQ,CAAA,MAAA;AAAA,IAClB,CAAC,KAAK,MAAW,KAAA;AACf,MAAI,IAAA,OAAO,WAAW,QAAU,EAAA;AAC9B,QAAA,IAAI,MAAO,CAAA,IAAA,KAAS,MAAU,IAAA,MAAA,CAAO,SAAS,MAAQ,EAAA;AACpD,UAAI,GAAA,CAAA,KAAA,EAAA;AAAA,SACC,MAAA;AACL,UAAI,GAAA,CAAA,MAAA,EAAA;AAAA;AACN,OACK,MAAA;AACL,QAAM,MAAA,MAAA,GAAS,eAAe,MAAM,CAAA;AACpC,QAAI,IAAA,YAAA,CAAa,MAAM,CAAG,EAAA;AACxB,UAAI,GAAA,CAAA,KAAA,EAAA;AAAA,SACC,MAAA;AACL,UAAI,GAAA,CAAA,MAAA,EAAA;AAAA;AACN;AAEF,MAAO,OAAA,GAAA;AAAA,KACT;AAAA,IACA,EAAE,KAAA,EAAO,CAAG,EAAA,MAAA,EAAQ,CAAE;AAAA,GACxB;AAEA,EAAA,OAAO,iBAAiB,GAAG,CAAA;AAC7B;AAEa,MAAA,mBAAA,GAAsB,CAAC,KAA+B,KAAA;AACjE,EAAA,MAAM,cAAc,KAAM,CAAA,SAAA,EAAW,MAAO,CAAA,CAAC,KAAK,QAAa,KAAA;AAC7D,IAAA,IAAI,IAAO,GAAA,GAAA;AACX,IAAI,IAAA,QAAA,CAAS,SAAS,WAAa,EAAA;AACjC,MAAA,IAAA,EAAA;AAAA;AAEF,IAAO,OAAA,IAAA;AAAA,KACN,CAAC,CAAA;AACJ,EAAA,OAAO,WAAe,IAAA,CAAA;AACxB;AAEO,MAAM,aAAgB,GAAA,CAC3B,WACA,EAAA,cAAA,KAEA,WAAY,CAAA,MAAA;AAAA,EACV,CACE,KACA,CACG,KAAA;AACH,IAAA,MAAM,MAAS,GAAA,CAAA,CAAE,QAAS,CAAA,IAAA,CAAK,CAAO,GAAA,KAAA;AACpC,MAAI,IAAA,GAAA,CAAI,SAAS,cAAgB,EAAA;AAC/B,QAAO,OAAA,IAAA;AAAA;AAET,MAAO,OAAA,KAAA;AAAA,KACR,CAAA;AACD,IAAA,IAAI,MAAQ,EAAA;AACV,MAAO,OAAA;AAAA,QACL,QAAA,EAAU,EAAE,QAAY,IAAA,GAAA;AAAA,QACxB,WAAA,EAAa,iBAAkB,CAAA,MAAM,CAAK,IAAA,KAAA;AAAA,QAC1C,YAAc,EAAA,iBAAA,CAAkB,MAAM,CAAA,GAAI,OAAO,YAAe,GAAA;AAAA,OAClE;AAAA;AAEF,IAAO,OAAA,GAAA;AAAA,GACT;AAAA,EACA,EAAE,QAAA,EAAU,GAAK,EAAA,WAAA,EAAa,KAAM;AACtC;AAEF,MAAM,SAAA,GAAY,CAAC,GAAgB,KAAA;AACjC,EAAM,MAAA,GAAA,GAAM,GAAI,CAAA,KAAA,CAAM,GAAG,CAAA;AACzB,EAAO,OAAA,GAAA,CAAI,GAAI,CAAA,MAAA,GAAS,CAAC,CAAA;AAC3B,CAAA;AAEA,MAAM,cAAiB,GAAA,CACrB,UACA,EAAA,eAAA,EACA,QACG,KAAA;AACH,EAAA,MAAM,cAAiB,GAAA,QAAA,EAAU,MAAO,CAAA,CAAC,KAAK,CAAM,KAAA;AAClD,IAAA,MAAM,OAAO,CAAE,CAAA,IAAA;AACf,IACE,IAAA,UAAA,KAAe,IACf,IAAA,CAAC,eAAgB,CAAA,IAAA;AAAA,MACf,CAAA,aAAA,KACE,cAAc,MAAO,CAAA,iBAAA,CAAkB,OAAO,CAC9C,KAAA,CAAA,CAAE,MAAQ,EAAA,iBAAA,CAAkB,OAAO;AAAA,KAEvC,EAAA;AACA,MAAA,GAAA,CAAI,IAAK,CAAA;AAAA,QACP,MAAQ,EAAA,YAAA,CAAa,CAAE,CAAA,MAAM,CAAK,IAAA,KAAA;AAAA,QAClC,MAAQ,EAAA;AAAA,OACT,CAAA;AAAA;AAEH,IAAO,OAAA,GAAA;AAAA,GACT,EAAG,EAAiB,CAAA;AACpB,EAAO,OAAA,CAAC,GAAI,eAAmB,IAAA,IAAK,GAAI,cAAA,IAAkB,EAAG,CAAA;AAC/D,CAAA;AAEa,MAAA,kBAAA,GAAqB,CAChC,QAAA,EACA,kBACsB,KAAA;AACtB,EAAA,MAAM,OAAO,QAAS,CAAA,MAAA;AAAA,IACpB,CAAC,KAA2B,MAA4B,KAAA;AACtD,MAAI,IAAA,MAAA,EAAQ,WAAW,OAAS,EAAA;AAC9B,QAAA,MAAM,SACJ,GAAA,MAAA,EAAQ,MAAU,IAAA,SAAA,CAAU,OAAO,UAAoB,CAAA;AACzD,QAAM,MAAA,eAAA,GAAkB,aAAa,SAAS,CAAA;AAC9C,QAAA,MAAM,aAAa,GAAI,CAAA,IAAA;AAAA,UACrB,CAAA,MAAA,KACE,OAAO,UAAe,KAAA,MAAA,CAAO,cAC7B,CAAC,MAAA,CAAO,SAAS,GAAI,CAAA;AAAA,YACnB,QAAQ,eAAmB,IAAA,KAAA;AAAA,YAC3B,MAAQ,EAAA;AAAA,WACT;AAAA,SACL;AACA,QAAA,IAAI,UAAY,EAAA;AACd,UAAA,UAAA,CAAW,YAAc,EAAA,GAAA;AAAA,YACvB,eAAA,GAAkB,CAAK,EAAA,EAAA,eAAe,CAAK,CAAA,GAAA;AAAA,WAC7C;AACA,UAAA,UAAA,CAAW,SAAS,GAAI,CAAA;AAAA,YACtB,QAAQ,eAAmB,IAAA,KAAA;AAAA,YAC3B,QAAQ,MAAO,CAAA;AAAA,WAChB,CAAA;AAAA,SACI,MAAA;AACL,UAAM,MAAA,YAAA,uBAAmB,GAAY,EAAA;AACrC,UAAM,MAAA,WAAA,uBAAkB,GAAwC,EAAA;AAChE,UAAA,GAAA,CAAI,IAAK,CAAA;AAAA,YACP,UAAA,EAAY,OAAO,UAAc,IAAA,GAAA;AAAA,YACjC,MAAQ,EAAA,aAAA,CAAc,kBAAoB,EAAA,MAAA,EAAQ,UAAU,CACzD,CAAA,QAAA;AAAA,YACH,YAAc,EAAA,YAAA,CAAa,GAAI,CAAA,eAAA,IAAmB,KAAK,CAAA;AAAA,YACvD,QAAA,EAAU,YAAY,GAAI,CAAA;AAAA,cACxB,QAAQ,eAAmB,IAAA,KAAA;AAAA,cAC3B,QAAQ,MAAO,CAAA;AAAA,aAChB,CAAA;AAAA,YACD,WAAa,EAAA,aAAA,CAAc,kBAAoB,EAAA,MAAA,EAAQ,UAAU,CAC9D,CAAA,WAAA;AAAA,YACH,YAAc,EAAA,aAAA,CAAc,kBAAoB,EAAA,MAAA,EAAQ,UAAU,CAC/D,CAAA;AAAA,WACJ,CAAA;AAAA;AACH;AAEF,MAAO,OAAA,GAAA;AAAA,KACT;AAAA,IACA;AAAC,GACH;AACA,EAAO,OAAA,IAAA,CAAK,GAAI,CAAA,CAAC,CAA2B,MAAA;AAAA,IAC1C,GAAG,CAAA;AAAA,IACH,GAAI,CAAE,CAAA,YAAA,GAAe,EAAE,YAAA,EAAc,KAAM,CAAA,IAAA,CAAK,CAAE,CAAA,YAAY,CAAE,EAAA,GAAI,EAAC;AAAA,IACrE,QAAU,EAAA,cAAA;AAAA,MACR,CAAE,CAAA,UAAA;AAAA,MACF,KAAA,CAAM,IAAK,CAAA,CAAA,CAAE,QAAQ,CAAA;AAAA,MACrB,mBAAmB,IAAK,CAAA,CAAA,EAAA,KAAM,GAAG,QAAa,KAAA,CAAA,CAAE,MAAM,CAClD,EAAA;AAAA;AACN,GACA,CAAA,CAAA;AACJ;AAEa,MAAA,yBAAA,GAA4B,CACvC,UACuB,KAAA;AACvB,EAAO,OAAA,MAAA,CAAO,IAAK,CAAA,UAAU,CAAE,CAAA,IAAA;AAAA,IAAK,CAAA,GAAA,KAClC,CAAC,SAAU,CAAA,KAAA,EAAO,UAAU,KAAO,EAAA,SAAA,CAAU,GAAG,CAAE,CAAA,QAAA;AAAA,MAChD;AAAA;AACF,GACF;AACF;AAEa,MAAA,iBAAA,GAAoB,CAC/B,UAC+B,KAAA;AAC/B,EAAA,MAAM,aACJ,GAAA,yBAAA,CAA0B,UAAU,CAAA,IAAK,SAAU,CAAA,SAAA;AAErD,EAAA,QAAQ,aAAe;AAAA,IACrB,KAAK,UAAU,KAAO,EAAA;AACpB,MAAA,MAAM,kBAAmB,UACtB,CAAA,KAAA;AACH,MAAA,eAAA,CAAgB,IAAI,CAAO,GAAA,KAAA;AACzB,QAAI,IAAA,yBAAA,CAA0B,GAAG,CAAG,EAAA;AAClC,UAAA,OAAO,kBAAkB,GAAG,CAAA;AAAA;AAE9B,QAAO,OAAA,GAAA;AAAA,OACR,CAAA;AACD,MAAO,OAAA,EAAE,OAAO,eAAyC,EAAA;AAAA;AAC3D,IACA,KAAK,UAAU,KAAO,EAAA;AACpB,MAAA,MAAM,kBAAmB,UACtB,CAAA,KAAA;AACH,MAAA,eAAA,CAAgB,IAAI,CAAO,GAAA,KAAA;AACzB,QAAI,IAAA,yBAAA,CAA0B,GAAG,CAAG,EAAA;AAClC,UAAA,OAAO,kBAAkB,GAAG,CAAA;AAAA;AAE9B,QAAO,OAAA,GAAA;AAAA,OACR,CAAA;AACD,MAAO,OAAA,EAAE,OAAO,eAAyC,EAAA;AAAA;AAC3D,IACA,KAAK,UAAU,GAAK,EAAA;AAClB,MAAA,MAAM,eAAgB,UAAgD,CAAA,GAAA;AACtE,MAAA,MAAM,kBAAkB,yBAA0B,CAAA,YAAY,CAC1D,GAAA,iBAAA,CAAkB,YAAY,CAC9B,GAAA,YAAA;AACJ,MAAO,OAAA,EAAE,KAAK,eAAuC,EAAA;AAAA;AACvD,IACA;AACE,MAAO,OAAA,EAAE,WAAW,UAAkC,EAAA;AAAA;AAE5D;AAEa,MAAA,eAAA,GAAkB,CAC7B,kBAAA,EACA,QACgB,KAAA;AAChB,EAAO,OAAA,QAAA,CAAS,IAAI,CAAM,CAAA,MAAA;AAAA,IACxB,MAAQ,EAAA,CAAA;AAAA,IACR,GAAI,kBAAA,CAAmB,QAAS,CAAA,CAAA,CAAE,kBAAkB,OAAO,CAAC,CACxD,GAAA,EAAE,MAAQ,EAAA,OAAA,EACV,GAAA,EAAE,QAAQ,MAAO;AAAA,GACrB,CAAA,CAAA;AACJ;AAEO,MAAM,6BAAgC,GAAA,CAC3C,sBACA,EAAA,kBAAA,EACA,qBACsB,KAAA;AACtB,EAAA,OAAO,sBAAuB,CAAA,MAAA,CAAO,CAAC,GAAA,EAAU,EAAO,KAAA;AACrD,IAAM,MAAA,UAAA,GAAa,iBAAkB,CAAA,EAAA,CAAG,UAAU,CAAA;AAClD,IAAM,MAAA,kBAAA,GAAqB,GAAG,iBAAkB,CAAA,GAAA;AAAA,MAAI,CAAA,MAAA,KAClD,MAAO,CAAA,iBAAA,CAAkB,OAAO;AAAA,KAClC;AAEA,IAAM,MAAA,IAAA,GAAO,qBACV,CAAA,GAAA,CAAI,CAAO,GAAA,KAAA;AACV,MAAI,IAAA,GAAA,CAAI,QAAa,KAAA,EAAA,CAAG,QAAU,EAAA;AAChC,QAAA,OACE,IAAI,QAAS,CAAA,IAAA;AAAA,UACX,CACE,EAAA,KAAA,iBAAA,CAAkB,EAAE,CAAA,IACpB,EAAG,CAAA,YAAA,KAAiB,EAAG,CAAA,YAAA,IACvB,EAAG,CAAA,MAAA,KAAW,EAAG,CAAA,iBAAA,CAAkB,CAAC;AAAA,WACrC,IAAQ,IAAA,EAAA;AAAA;AAGf,MAAO,OAAA,EAAA;AAAA,KACR,CACA,CAAA,MAAA,CAAO,CAAK,CAAA,KAAA,CAAC,CAAC,CAAC,CAAA;AAElB,IAAA,MAAM,WAAc,GAAA,CAAC,EACnB,KAAA,kBAAA,CAAmB,kBAAqB,GAAA,EAAA,CAAG,QAAQ,CAAA,EAAG,QAAW,GAAA,EAAE,CAC/D,EAAA,QAAA,IAAY,EAAC;AACnB,IAAA,MAAM,eAAe,kBAClB,CAAA,GAAA,CAAI,CAAK,CAAA,KAAA,CAAA,CAAE,CAAC,CAAE,CAAA,iBAAA,CAAkB,OAAO,CAAA,GAAI,EAAE,KAAM,CAAA,CAAC,CAAC,CAAA,CACrD,KAAK,IAAI,CAAA;AAEZ,IAAO,OAAA;AAAA,MACL,GAAG,GAAA;AAAA,MACH,GAAI,UACA,GAAA;AAAA,QACE;AAAA,UACE,QAAQ,EAAG,CAAA,QAAA;AAAA,UACX,UAAA,EAAY,KAAK,CAAC,CAAA;AAAA,UAClB,cAAc,EAAG,CAAA,YAAA;AAAA,UACjB,WAAa,EAAA,IAAA;AAAA,UACb,QAAU,EAAA,eAAA;AAAA,YACR,kBAAA;AAAA,YACA,WAAA,CAAY,IAAK,CAAA,CAAC,CAAC;AAAA,WACrB;AAAA,UACA,YAAA;AAAA,UACA,UAAA;AAAA,UACA,IAAI,EAAG,CAAA;AAAA;AACT,UAEF;AAAC,KACP;AAAA,GACF,EAAG,EAAE,CAAA;AACP;AAEa,MAAA,iBAAA,GAAoB,CAC/B,cAAA,EACA,GACmB,KAAA;AACnB,EAAA,IAAI,cAAgB,EAAA;AAClB,IAAO,OAAA;AAAA,MACL,EAAA,EAAI,eAAe,QAAS,CAAA,IAAA;AAAA,MAC5B,GAAA,EAAK,mBAAmB,cAAc,CAAA;AAAA,MACtC,OACE,cAAe,CAAA,IAAA,CAAK,OAAS,EAAA,WAAA,IAC7B,eAAe,QAAS,CAAA,IAAA;AAAA,MAC1B,IAAA,EAAM,eAAe,QAAS,CAAA,IAAA;AAAA,MAC9B,MAAM,cAAe,CAAA,IAAA;AAAA,MACrB,SAAA,EAAW,eAAe,QAAS,CAAA,SAAA;AAAA,MACnC,OAAA,EAAS,gBAAgB,cAAc;AAAA,KACzC;AAAA,aACS,GAAK,EAAA;AACd,IAAA,MAAM,EAAE,IAAM,EAAA,SAAA,EAAW,IAAK,EAAA,GAAI,eAAe,GAAG,CAAA;AACpD,IAAO,OAAA;AAAA,MACL,IAAI,CAAG,EAAA,IAAI,CAAI,CAAA,EAAA,SAAS,IAAI,IAAI,CAAA,CAAA;AAAA,MAChC,GAAA;AAAA,MACA,KAAO,EAAA,IAAA;AAAA,MACP,MAAM,CAAG,EAAA,IAAI,CAAI,CAAA,EAAA,SAAS,IAAI,IAAI,CAAA,CAAA;AAAA,MAClC,IAAM,EAAA,IAAA;AAAA,MACN,SAAA;AAAA,MACA,OAAA,EAAS,IAAS,KAAA,OAAA,GAAU,CAAI,GAAA;AAAA,KAClC;AAAA;AAEF,EAAA,OAAO,EAAC;AACV;AAEO,MAAM,yBAAyB,CACpC,CAAA,EACA,MAEA,CAAE,CAAA,eAAA,KAAoB,EAAE,eACxB,IAAA,CAAA,CAAE,UAAe,KAAA,CAAA,CAAE,cACnB,CAAE,CAAA,MAAA,KAAW,EAAE,MACf,IAAA,CAAA,CAAE,WAAW,CAAE,CAAA;AAEV,MAAM,UAAa,GAAA,CACxB,IACA,EAAA,KAAA,EACA,oBAEA,IAAK,CAAA,MAAA;AAAA,EACH,CAAA,SAAA,KACE,CAAC,KAAM,CAAA,IAAA,CAAK,gBAAc,eAAgB,CAAA,SAAA,EAAW,UAAU,CAAC;AACpE;;;;"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@backstage-community/plugin-rbac",
3
- "version": "1.35.0",
3
+ "version": "1.36.0",
4
4
  "main": "dist/index.esm.js",
5
5
  "types": "dist/index.d.ts",
6
6
  "license": "Apache-2.0",
package/dist/components/CreateRole/PoliciesCheckboxGroup.esm.js DELETED
@@ -1,76 +0,0 @@
1
- import React from 'react';
2
- import Checkbox from '@mui/material/Checkbox';
3
- import FormControl from '@mui/material/FormControl';
4
- import FormControlLabel from '@mui/material/FormControlLabel';
5
- import FormGroup from '@mui/material/FormGroup';
6
- import FormLabel from '@mui/material/FormLabel';
7
-
8
- const PoliciesCheckboxGroup = ({
9
- permissionPoliciesRowData,
10
- rowName,
11
- onChangePolicy
12
- }) => {
13
- return /* @__PURE__ */ React.createElement(
14
- FormControl,
15
- {
16
- required: true,
17
- style: {
18
- justifyContent: "flex-start",
19
- gap: "1px",
20
- width: "402px",
21
- flexGrow: "1",
22
- marginBottom: "25px"
23
- }
24
- },
25
- /* @__PURE__ */ React.createElement(
26
- FormLabel,
27
- {
28
- style: {
29
- fontWeight: 800,
30
- fontSize: "0.8rem"
31
- }
32
- },
33
- "What actions they can do?"
34
- ),
35
- /* @__PURE__ */ React.createElement(
36
- FormGroup,
37
- {
38
- style: {
39
- display: "flex",
40
- gap: "7px",
41
- flexDirection: "row",
42
- paddingLeft: "9px"
43
- }
44
- },
45
- permissionPoliciesRowData.policies.map(
46
- (p, index, self) => {
47
- const labelCheckedArray = self.filter(
48
- (val) => val.effect === "allow"
49
- );
50
- const labelCheckedCount = labelCheckedArray.length;
51
- return /* @__PURE__ */ React.createElement(
52
- FormControlLabel,
53
- {
54
- key: p.policy,
55
- disabled: !(permissionPoliciesRowData.plugin && permissionPoliciesRowData.permission) || permissionPoliciesRowData.policies.length === 1 || labelCheckedCount === 1 && labelCheckedArray[0].policy === p.policy,
56
- label: p.policy,
57
- name: `${rowName}.policies[${index}].policy`,
58
- control: /* @__PURE__ */ React.createElement(
59
- Checkbox,
60
- {
61
- checked: p.effect === "allow",
62
- name: `${rowName}.policies[${index}].policy-${p.policy}`,
63
- onChange: (e) => onChangePolicy(e.target.checked, index),
64
- color: "primary"
65
- }
66
- )
67
- }
68
- );
69
- }
70
- )
71
- )
72
- );
73
- };
74
-
75
- export { PoliciesCheckboxGroup };
76
- //# sourceMappingURL=PoliciesCheckboxGroup.esm.js.map
package/dist/components/CreateRole/PoliciesCheckboxGroup.esm.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"PoliciesCheckboxGroup.esm.js","sources":["../../../src/components/CreateRole/PoliciesCheckboxGroup.tsx"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport React from 'react';\n\nimport Checkbox from '@mui/material/Checkbox';\nimport FormControl from '@mui/material/FormControl';\nimport FormControlLabel from '@mui/material/FormControlLabel';\nimport FormGroup from '@mui/material/FormGroup';\nimport FormLabel from '@mui/material/FormLabel';\n\nimport { PermissionsData } from '../../types';\nimport { RowPolicy } from './types';\n\nexport const PoliciesCheckboxGroup = ({\n permissionPoliciesRowData,\n rowName,\n onChangePolicy,\n}: {\n permissionPoliciesRowData: PermissionsData;\n rowName: string;\n\n onChangePolicy: (isChecked: boolean, policyIndex: number) => void;\n}) => {\n return (\n <FormControl\n required\n style={{\n justifyContent: 'flex-start',\n gap: '1px',\n width: '402px',\n flexGrow: '1',\n marginBottom: '25px',\n }}\n >\n <FormLabel\n style={{\n fontWeight: 800,\n fontSize: '0.8rem',\n }}\n >\n What actions they can do?\n </FormLabel>\n <FormGroup\n style={{\n display: 'flex',\n gap: '7px',\n flexDirection: 'row',\n paddingLeft: '9px',\n }}\n >\n {permissionPoliciesRowData.policies.map(\n (p: RowPolicy, index: number, self) => {\n const labelCheckedArray = self.filter(\n val => val.effect === 'allow',\n );\n const labelCheckedCount = labelCheckedArray.length;\n return (\n <FormControlLabel\n key={p.policy}\n disabled={\n !(\n permissionPoliciesRowData.plugin &&\n permissionPoliciesRowData.permission\n ) ||\n permissionPoliciesRowData.policies.length === 1 ||\n (labelCheckedCount === 1 &&\n labelCheckedArray[0].policy === p.policy)\n }\n label={p.policy}\n name={`${rowName}.policies[${index}].policy`}\n control={\n <Checkbox\n checked={p.effect === 'allow'}\n name={`${rowName}.policies[${index}].policy-${p.policy}`}\n onChange={e => onChangePolicy(e.target.checked, index)}\n color=\"primary\"\n />\n }\n />\n );\n },\n )}\n </FormGroup>\n </FormControl>\n );\n};\n"],"names":[],"mappings":";;;;;;;AA0BO,MAAM,wBAAwB,CAAC;AAAA,EACpC,yBAAA;AAAA,EACA,OAAA;AAAA,EACA;AACF,CAKM,KAAA;AACJ,EACE,uBAAA,KAAA,CAAA,aAAA;AAAA,IAAC,WAAA;AAAA,IAAA;AAAA,MACC,QAAQ,EAAA,IAAA;AAAA,MACR,KAAO,EAAA;AAAA,QACL,cAAgB,EAAA,YAAA;AAAA,QAChB,GAAK,EAAA,KAAA;AAAA,QACL,KAAO,EAAA,OAAA;AAAA,QACP,QAAU,EAAA,GAAA;AAAA,QACV,YAAc,EAAA;AAAA;AAChB,KAAA;AAAA,oBAEA,KAAA,CAAA,aAAA;AAAA,MAAC,SAAA;AAAA,MAAA;AAAA,QACC,KAAO,EAAA;AAAA,UACL,UAAY,EAAA,GAAA;AAAA,UACZ,QAAU,EAAA;AAAA;AACZ,OAAA;AAAA,MACD;AAAA,KAED;AAAA,oBACA,KAAA,CAAA,aAAA;AAAA,MAAC,SAAA;AAAA,MAAA;AAAA,QACC,KAAO,EAAA;AAAA,UACL,OAAS,EAAA,MAAA;AAAA,UACT,GAAK,EAAA,KAAA;AAAA,UACL,aAAe,EAAA,KAAA;AAAA,UACf,WAAa,EAAA;AAAA;AACf,OAAA;AAAA,MAEC,0BAA0B,QAAS,CAAA,GAAA;AAAA,QAClC,CAAC,CAAc,EAAA,KAAA,EAAe,IAAS,KAAA;AACrC,UAAA,MAAM,oBAAoB,IAAK,CAAA,MAAA;AAAA,YAC7B,CAAA,GAAA,KAAO,IAAI,MAAW,KAAA;AAAA,WACxB;AACA,UAAA,MAAM,oBAAoB,iBAAkB,CAAA,MAAA;AAC5C,UACE,uBAAA,KAAA,CAAA,aAAA;AAAA,YAAC,gBAAA;AAAA,YAAA;AAAA,cACC,KAAK,CAAE,CAAA,MAAA;AAAA,cACP,UACE,EACE,yBAAA,CAA0B,MAC1B,IAAA,yBAAA,CAA0B,eAE5B,yBAA0B,CAAA,QAAA,CAAS,MAAW,KAAA,CAAA,IAC7C,sBAAsB,CACrB,IAAA,iBAAA,CAAkB,CAAC,CAAA,CAAE,WAAW,CAAE,CAAA,MAAA;AAAA,cAEtC,OAAO,CAAE,CAAA,MAAA;AAAA,cACT,IAAM,EAAA,CAAA,EAAG,OAAO,CAAA,UAAA,EAAa,KAAK,CAAA,QAAA,CAAA;AAAA,cAClC,OACE,kBAAA,KAAA,CAAA,aAAA;AAAA,gBAAC,QAAA;AAAA,gBAAA;AAAA,kBACC,OAAA,EAAS,EAAE,MAAW,KAAA,OAAA;AAAA,kBACtB,MAAM,CAAG,EAAA,OAAO,aAAa,KAAK,CAAA,SAAA,EAAY,EAAE,MAAM,CAAA,CAAA;AAAA,kBACtD,UAAU,CAAK,CAAA,KAAA,cAAA,CAAe,CAAE,CAAA,MAAA,CAAO,SAAS,KAAK,CAAA;AAAA,kBACrD,KAAM,EAAA;AAAA;AAAA;AACR;AAAA,WAEJ;AAAA;AAEJ;AACF;AACF,GACF;AAEJ;;;;"}
package/dist/components/CreateRole/const.esm.js DELETED
@@ -1,14 +0,0 @@
1
- const initialPermissionPolicyRowValue = {
2
- plugin: "",
3
- permission: "",
4
- policies: [
5
- { policy: "Create", effect: "deny" },
6
- { policy: "Read", effect: "deny" },
7
- { policy: "Update", effect: "deny" },
8
- { policy: "Delete", effect: "deny" }
9
- ],
10
- isResourced: false
11
- };
12
-
13
- export { initialPermissionPolicyRowValue };
14
- //# sourceMappingURL=const.esm.js.map
package/dist/components/CreateRole/const.esm.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"const.esm.js","sources":["../../../src/components/CreateRole/const.ts"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport { PermissionsData } from '../../types';\n\nexport const initialPermissionPolicyRowValue: PermissionsData = {\n plugin: '',\n permission: '',\n policies: [\n { policy: 'Create', effect: 'deny' },\n { policy: 'Read', effect: 'deny' },\n { policy: 'Update', effect: 'deny' },\n { policy: 'Delete', effect: 'deny' },\n ],\n isResourced: false,\n};\n"],"names":[],"mappings":"AAiBO,MAAM,+BAAmD,GAAA;AAAA,EAC9D,MAAQ,EAAA,EAAA;AAAA,EACR,UAAY,EAAA,EAAA;AAAA,EACZ,QAAU,EAAA;AAAA,IACR,EAAE,MAAA,EAAQ,QAAU,EAAA,MAAA,EAAQ,MAAO,EAAA;AAAA,IACnC,EAAE,MAAA,EAAQ,MAAQ,EAAA,MAAA,EAAQ,MAAO,EAAA;AAAA,IACjC,EAAE,MAAA,EAAQ,QAAU,EAAA,MAAA,EAAQ,MAAO,EAAA;AAAA,IACnC,EAAE,MAAA,EAAQ,QAAU,EAAA,MAAA,EAAQ,MAAO;AAAA,GACrC;AAAA,EACA,WAAa,EAAA;AACf;;;;"}