@backstage-community/plugin-rbac 1.42.1 → 1.42.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"useRoles.esm.js","sources":["../../src/hooks/useRoles.ts"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport { useState, useEffect, useMemo } from 'react';\nimport { useAsync, useAsyncRetry, useInterval } from 'react-use';\n\nimport { useApi } from '@backstage/core-plugin-api';\nimport { usePermission } from '@backstage/plugin-permission-react';\n\nimport {\n PluginPermissionMetaData,\n policyEntityCreatePermission,\n Role,\n RoleBasedPolicy,\n} from '@backstage-community/plugin-rbac-common';\n\nimport { rbacApiRef } from '../api/RBACBackendClient';\nimport { RolesData } from '../types';\nimport {\n getPermissions,\n getPermissionsArray,\n getPluginInfo,\n} from '../utils/rbac-utils';\n\ntype RoleWithConditionalPoliciesCount = Role & {\n conditionalPoliciesCount: number;\n accessiblePlugins: string[];\n};\n\nexport const useRoles = (\n page = 0,\n pageSize = 5,\n pollInterval?: number,\n): {\n loading: boolean;\n data: RolesData[];\n createRoleLoading: boolean;\n createRoleAllowed: boolean;\n error: {\n rolesError: string;\n policiesError: string;\n roleConditionError: string;\n };\n retry: { roleRetry: () => void; policiesRetry: () => void };\n} => {\n const rbacApi = useApi(rbacApiRef);\n const [newRoles, setNewRoles] = useState<RoleWithConditionalPoliciesCount[]>(\n [],\n );\n const [firstLoad, setFirstLoad] = useState(true);\n const [roleConditionError, setRoleConditionError] = useState<string>('');\n const {\n loading: loadingRoles,\n value: roles,\n retry: roleRetry,\n error: rolesError,\n } = useAsyncRetry(async () => await rbacApi.getRoles());\n\n const {\n loading: loadingPolicies,\n value: policies,\n retry: policiesRetry,\n error: policiesError,\n } = useAsyncRetry(async () => await rbacApi.getPolicies(), []);\n\n const {\n loading: membersLoading,\n value: members,\n error: membersError,\n } = useAsync(async () => {\n return await rbacApi.getMembers(1, 1);\n });\n\n const {\n value: permissionPolicies,\n loading: loadingPermissionPolicies,\n error: permissionPoliciesError,\n } = useAsync(async () => {\n return await rbacApi.listPermissions();\n });\n\n const canReadUsersAndGroups =\n !membersLoading &&\n !membersError &&\n Array.isArray(members) &&\n members.length > 0;\n\n const policyEntityCreatePermissionResult = usePermission({\n permission: policyEntityCreatePermission,\n });\n\n const createRoleLoading =\n policyEntityCreatePermissionResult.loading || membersLoading;\n\n const createRoleAllowed =\n policyEntityCreatePermissionResult.allowed && canReadUsersAndGroups;\n\n const [loadingConditionalPermission, setLoadingConditionalPermission] =\n useState<boolean>(false);\n useEffect(() => {\n const fetchAllPermissionPolicies = async () => {\n if (!Array.isArray(roles)) return;\n setLoadingConditionalPermission(true);\n const failedFetchConditionRoles: string[] = [];\n\n const startIndex = page * pageSize;\n const endIndex = startIndex + pageSize;\n const paginatedRoles = roles.slice(startIndex, endIndex);\n const conditionPromises = paginatedRoles.map(async role => {\n try {\n const conditionalPolicies = await rbacApi.getRoleConditions(\n role.name,\n );\n\n if ((conditionalPolicies as any as Response)?.statusText) {\n failedFetchConditionRoles.push(role.name);\n throw new Error(\n (conditionalPolicies as any as Response).statusText,\n );\n }\n const accessiblePlugins =\n Array.isArray(conditionalPolicies) && conditionalPolicies.length > 0\n ? conditionalPolicies.map(c => c.pluginId)\n : [];\n return {\n ...role,\n conditionalPoliciesCount: Array.isArray(conditionalPolicies)\n ? conditionalPolicies.length\n : 0,\n accessiblePlugins,\n };\n } catch (error) {\n setRoleConditionError(\n `Error fetching role conditions for ${\n failedFetchConditionRoles.length > 1 ? 'roles' : 'role'\n } ${failedFetchConditionRoles.join(', ')}, please try again later.`,\n );\n return {\n ...role,\n conditionalPoliciesCount: 0,\n accessiblePlugins: [],\n };\n }\n });\n\n const settledResults = await Promise.allSettled(conditionPromises);\n const updatedPageRoles = settledResults.map((result, index) => {\n if (result.status === 'fulfilled') {\n return result.value;\n }\n const role = paginatedRoles[index];\n return {\n ...role,\n conditionalPoliciesCount: 0,\n accessiblePlugins: [],\n };\n });\n const updatedRoles = roles.map(role => {\n const updated = updatedPageRoles.find(r => r.name === role.name);\n return updated\n ? updated\n : { ...role, conditionalPoliciesCount: 0, accessiblePlugins: [] };\n });\n\n setNewRoles(updatedRoles);\n setLoadingConditionalPermission(false);\n };\n\n fetchAllPermissionPolicies();\n }, [roles, rbacApi, page, pageSize]);\n\n const data: RolesData[] = useMemo(\n () =>\n Array.isArray(newRoles) && newRoles?.length > 0\n ? newRoles.reduce(\n (acc: RolesData[], role: RoleWithConditionalPoliciesCount) => {\n const permissions = getPermissions(\n role.name,\n policies as RoleBasedPolicy[],\n );\n\n let accPls = role.accessiblePlugins;\n if (\n !loadingPermissionPolicies &&\n !permissionPoliciesError &&\n (permissionPolicies as PluginPermissionMetaData[])?.length > 0\n ) {\n const pls = getPermissionsArray(\n role.name,\n policies as RoleBasedPolicy[],\n ).map(\n po =>\n getPluginInfo(\n permissionPolicies as PluginPermissionMetaData[],\n po,\n ).pluginId,\n );\n accPls = [...accPls, ...pls].filter(val => !!val) as string[];\n }\n const accessiblePlugins = accPls\n .filter((val, index, plugins) => plugins.indexOf(val) === index)\n .sort();\n\n return [\n ...acc,\n {\n id: role.name,\n name: role.name,\n description: role.metadata?.description ?? '-',\n members: role.memberReferences,\n permissions: role.conditionalPoliciesCount + permissions,\n modifiedBy: '-',\n lastModified: '-',\n actionsPermissionResults: {\n edit: {\n allowed: canReadUsersAndGroups,\n },\n },\n accessiblePlugins,\n },\n ];\n },\n [],\n )\n : [],\n [\n newRoles,\n policies,\n loadingPermissionPolicies,\n permissionPoliciesError,\n permissionPolicies,\n canReadUsersAndGroups,\n ],\n );\n const loading =\n firstLoad &&\n (loadingPolicies ||\n loadingRoles ||\n membersLoading ||\n loadingPermissionPolicies ||\n loadingConditionalPermission);\n\n useInterval(\n () => {\n roleRetry();\n policiesRetry();\n setFirstLoad(false);\n },\n loading ? null : pollInterval || 10000,\n );\n\n return {\n loading,\n data,\n error: {\n rolesError: (rolesError?.message ||\n (typeof roles === 'object'\n ? (roles as any as Response)?.statusText\n : '')) as string,\n policiesError: (policiesError?.message ||\n (typeof policies === 'object'\n ? (policies as any as Response)?.statusText\n : '')) as string,\n roleConditionError,\n },\n createRoleLoading,\n createRoleAllowed,\n retry: { roleRetry, policiesRetry },\n };\n};\n"],"names":[],"mappings":";;;;;;;;AAyCO,MAAM,WAAW,CACtB,IAAA,GAAO,CACP,EAAA,QAAA,GAAW,GACX,YAYG,KAAA;AACH,EAAM,MAAA,OAAA,GAAU,OAAO,UAAU,CAAA;AACjC,EAAM,MAAA,CAAC,QAAU,EAAA,WAAW,CAAI,GAAA,QAAA;AAAA,IAC9B;AAAC,GACH;AACA,EAAA,MAAM,CAAC,SAAA,EAAW,YAAY,CAAA,GAAI,SAAS,IAAI,CAAA;AAC/C,EAAA,MAAM,CAAC,kBAAA,EAAoB,qBAAqB,CAAA,GAAI,SAAiB,EAAE,CAAA;AACvE,EAAM,MAAA;AAAA,IACJ,OAAS,EAAA,YAAA;AAAA,IACT,KAAO,EAAA,KAAA;AAAA,IACP,KAAO,EAAA,SAAA;AAAA,IACP,KAAO,EAAA;AAAA,MACL,aAAc,CAAA,YAAY,MAAM,OAAA,CAAQ,UAAU,CAAA;AAEtD,EAAM,MAAA;AAAA,IACJ,OAAS,EAAA,eAAA;AAAA,IACT,KAAO,EAAA,QAAA;AAAA,IACP,KAAO,EAAA,aAAA;AAAA,IACP,KAAO,EAAA;AAAA,GACT,GAAI,cAAc,YAAY,MAAM,QAAQ,WAAY,EAAA,EAAG,EAAE,CAAA;AAE7D,EAAM,MAAA;AAAA,IACJ,OAAS,EAAA,cAAA;AAAA,IACT,KAAO,EAAA,OAAA;AAAA,IACP,KAAO,EAAA;AAAA,GACT,GAAI,SAAS,YAAY;AACvB,IAAA,OAAO,MAAM,OAAA,CAAQ,UAAW,CAAA,CAAA,EAAG,CAAC,CAAA;AAAA,GACrC,CAAA;AAED,EAAM,MAAA;AAAA,IACJ,KAAO,EAAA,kBAAA;AAAA,IACP,OAAS,EAAA,yBAAA;AAAA,IACT,KAAO,EAAA;AAAA,GACT,GAAI,SAAS,YAAY;AACvB,IAAO,OAAA,MAAM,QAAQ,eAAgB,EAAA;AAAA,GACtC,CAAA;AAED,EAAM,MAAA,qBAAA,GACJ,CAAC,cAAA,IACD,CAAC,YAAA,IACD,MAAM,OAAQ,CAAA,OAAO,CACrB,IAAA,OAAA,CAAQ,MAAS,GAAA,CAAA;AAEnB,EAAA,MAAM,qCAAqC,aAAc,CAAA;AAAA,IACvD,UAAY,EAAA;AAAA,GACb,CAAA;AAED,EAAM,MAAA,iBAAA,GACJ,mCAAmC,OAAW,IAAA,cAAA;AAEhD,EAAM,MAAA,iBAAA,GACJ,mCAAmC,OAAW,IAAA,qBAAA;AAEhD,EAAA,MAAM,CAAC,4BAAA,EAA8B,+BAA+B,CAAA,GAClE,SAAkB,KAAK,CAAA;AACzB,EAAA,SAAA,CAAU,MAAM;AACd,IAAA,MAAM,6BAA6B,YAAY;AAC7C,MAAA,IAAI,CAAC,KAAA,CAAM,OAAQ,CAAA,KAAK,CAAG,EAAA;AAC3B,MAAA,+BAAA,CAAgC,IAAI,CAAA;AACpC,MAAA,MAAM,4BAAsC,EAAC;AAE7C,MAAA,MAAM,aAAa,IAAO,GAAA,QAAA;AAC1B,MAAA,MAAM,WAAW,UAAa,GAAA,QAAA;AAC9B,MAAA,MAAM,cAAiB,GAAA,KAAA,CAAM,KAAM,CAAA,UAAA,EAAY,QAAQ,CAAA;AACvD,MAAA,MAAM,iBAAoB,GAAA,cAAA,CAAe,GAAI,CAAA,OAAM,IAAQ,KAAA;AACzD,QAAI,IAAA;AACF,UAAM,MAAA,mBAAA,GAAsB,MAAM,OAAQ,CAAA,iBAAA;AAAA,YACxC,IAAK,CAAA;AAAA,WACP;AAEA,UAAA,IAAK,qBAAyC,UAAY,EAAA;AACxD,YAA0B,yBAAA,CAAA,IAAA,CAAK,KAAK,IAAI,CAAA;AACxC,YAAA,MAAM,IAAI,KAAA;AAAA,cACP,mBAAwC,CAAA;AAAA,aAC3C;AAAA;AAEF,UAAA,MAAM,iBACJ,GAAA,KAAA,CAAM,OAAQ,CAAA,mBAAmB,KAAK,mBAAoB,CAAA,MAAA,GAAS,CAC/D,GAAA,mBAAA,CAAoB,GAAI,CAAA,CAAA,CAAA,KAAK,CAAE,CAAA,QAAQ,IACvC,EAAC;AACP,UAAO,OAAA;AAAA,YACL,GAAG,IAAA;AAAA,YACH,0BAA0B,KAAM,CAAA,OAAA,CAAQ,mBAAmB,CAAA,GACvD,oBAAoB,MACpB,GAAA,CAAA;AAAA,YACJ;AAAA,WACF;AAAA,iBACO,KAAO,EAAA;AACd,UAAA,qBAAA;AAAA,YACE,CAAA,mCAAA,EACE,yBAA0B,CAAA,MAAA,GAAS,CAAI,GAAA,OAAA,GAAU,MACnD,CAAI,CAAA,EAAA,yBAAA,CAA0B,IAAK,CAAA,IAAI,CAAC,CAAA,yBAAA;AAAA,WAC1C;AACA,UAAO,OAAA;AAAA,YACL,GAAG,IAAA;AAAA,YACH,wBAA0B,EAAA,CAAA;AAAA,YAC1B,mBAAmB;AAAC,WACtB;AAAA;AACF,OACD,CAAA;AAED,MAAA,MAAM,cAAiB,GAAA,MAAM,OAAQ,CAAA,UAAA,CAAW,iBAAiB,CAAA;AACjE,MAAA,MAAM,gBAAmB,GAAA,cAAA,CAAe,GAAI,CAAA,CAAC,QAAQ,KAAU,KAAA;AAC7D,QAAI,IAAA,MAAA,CAAO,WAAW,WAAa,EAAA;AACjC,UAAA,OAAO,MAAO,CAAA,KAAA;AAAA;AAEhB,QAAM,MAAA,IAAA,GAAO,eAAe,KAAK,CAAA;AACjC,QAAO,OAAA;AAAA,UACL,GAAG,IAAA;AAAA,UACH,wBAA0B,EAAA,CAAA;AAAA,UAC1B,mBAAmB;AAAC,SACtB;AAAA,OACD,CAAA;AACD,MAAM,MAAA,YAAA,GAAe,KAAM,CAAA,GAAA,CAAI,CAAQ,IAAA,KAAA;AACrC,QAAA,MAAM,UAAU,gBAAiB,CAAA,IAAA,CAAK,OAAK,CAAE,CAAA,IAAA,KAAS,KAAK,IAAI,CAAA;AAC/D,QAAO,OAAA,OAAA,GACH,UACA,EAAE,GAAG,MAAM,wBAA0B,EAAA,CAAA,EAAG,iBAAmB,EAAA,EAAG,EAAA;AAAA,OACnE,CAAA;AAED,MAAA,WAAA,CAAY,YAAY,CAAA;AACxB,MAAA,+BAAA,CAAgC,KAAK,CAAA;AAAA,KACvC;AAEA,IAA2B,0BAAA,EAAA;AAAA,KAC1B,CAAC,KAAA,EAAO,OAAS,EAAA,IAAA,EAAM,QAAQ,CAAC,CAAA;AAEnC,EAAA,MAAM,IAAoB,GAAA,OAAA;AAAA,IACxB,MACE,MAAM,OAAQ,CAAA,QAAQ,KAAK,QAAU,EAAA,MAAA,GAAS,IAC1C,QAAS,CAAA,MAAA;AAAA,MACP,CAAC,KAAkB,IAA2C,KAAA;AAC5D,QAAA,MAAM,WAAc,GAAA,cAAA;AAAA,UAClB,IAAK,CAAA,IAAA;AAAA,UACL;AAAA,SACF;AAEA,QAAA,IAAI,SAAS,IAAK,CAAA,iBAAA;AAClB,QAAA,IACE,CAAC,yBACD,IAAA,CAAC,uBACA,IAAA,kBAAA,EAAmD,SAAS,CAC7D,EAAA;AACA,UAAA,MAAM,GAAM,GAAA,mBAAA;AAAA,YACV,IAAK,CAAA,IAAA;AAAA,YACL;AAAA,WACA,CAAA,GAAA;AAAA,YACA,CACE,EAAA,KAAA,aAAA;AAAA,cACE,kBAAA;AAAA,cACA;AAAA,aACA,CAAA;AAAA,WACN;AACA,UAAS,MAAA,GAAA,CAAC,GAAG,MAAA,EAAQ,GAAG,GAAG,EAAE,MAAO,CAAA,CAAA,GAAA,KAAO,CAAC,CAAC,GAAG,CAAA;AAAA;AAElD,QAAA,MAAM,iBAAoB,GAAA,MAAA,CACvB,MAAO,CAAA,CAAC,GAAK,EAAA,KAAA,EAAO,OAAY,KAAA,OAAA,CAAQ,OAAQ,CAAA,GAAG,CAAM,KAAA,KAAK,EAC9D,IAAK,EAAA;AAER,QAAO,OAAA;AAAA,UACL,GAAG,GAAA;AAAA,UACH;AAAA,YACE,IAAI,IAAK,CAAA,IAAA;AAAA,YACT,MAAM,IAAK,CAAA,IAAA;AAAA,YACX,WAAA,EAAa,IAAK,CAAA,QAAA,EAAU,WAAe,IAAA,GAAA;AAAA,YAC3C,SAAS,IAAK,CAAA,gBAAA;AAAA,YACd,WAAA,EAAa,KAAK,wBAA2B,GAAA,WAAA;AAAA,YAC7C,UAAY,EAAA,GAAA;AAAA,YACZ,YAAc,EAAA,GAAA;AAAA,YACd,wBAA0B,EAAA;AAAA,cACxB,IAAM,EAAA;AAAA,gBACJ,OAAS,EAAA;AAAA;AACX,aACF;AAAA,YACA;AAAA;AACF,SACF;AAAA,OACF;AAAA,MACA;AAAC,QAEH,EAAC;AAAA,IACP;AAAA,MACE,QAAA;AAAA,MACA,QAAA;AAAA,MACA,yBAAA;AAAA,MACA,uBAAA;AAAA,MACA,kBAAA;AAAA,MACA;AAAA;AACF,GACF;AACA,EAAA,MAAM,OACJ,GAAA,SAAA,KACC,eACC,IAAA,YAAA,IACA,kBACA,yBACA,IAAA,4BAAA,CAAA;AAEJ,EAAA,WAAA;AAAA,IACE,MAAM;AACJ,MAAU,SAAA,EAAA;AACV,MAAc,aAAA,EAAA;AACd,MAAA,YAAA,CAAa,KAAK,CAAA;AAAA,KACpB;AAAA,IACA,OAAA,GAAU,OAAuB;AAAA,GACnC;AAEA,EAAO,OAAA;AAAA,IACL,OAAA;AAAA,IACA,IAAA;AAAA,IACA,KAAO,EAAA;AAAA,MACL,YAAa,UAAY,EAAA,OAAA,KACtB,OAAO,KAAU,KAAA,QAAA,GACb,OAA2B,UAC5B,GAAA,EAAA,CAAA;AAAA,MACN,eAAgB,aAAe,EAAA,OAAA,KAC5B,OAAO,QAAa,KAAA,QAAA,GAChB,UAA8B,UAC/B,GAAA,EAAA,CAAA;AAAA,MACN;AAAA,KACF;AAAA,IACA,iBAAA;AAAA,IACA,iBAAA;AAAA,IACA,KAAA,EAAO,EAAE,SAAA,EAAW,aAAc;AAAA,GACpC;AACF;;;;"}
|
|
1
|
+
{"version":3,"file":"useRoles.esm.js","sources":["../../src/hooks/useRoles.ts"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport { useState, useEffect, useMemo } from 'react';\nimport { useAsync, useAsyncRetry, useInterval } from 'react-use';\n\nimport { useApi } from '@backstage/core-plugin-api';\nimport { usePermission } from '@backstage/plugin-permission-react';\n\nimport {\n PluginPermissionMetaData,\n policyEntityCreatePermission,\n Role,\n RoleBasedPolicy,\n} from '@backstage-community/plugin-rbac-common';\n\nimport { rbacApiRef } from '../api/RBACBackendClient';\nimport { RolesData } from '../types';\nimport {\n getPermissions,\n getPermissionsArray,\n getPluginInfo,\n} from '../utils/rbac-utils';\n\ntype RoleWithConditionalPoliciesCount = Role & {\n conditionalPoliciesCount: number;\n accessiblePlugins: string[];\n};\n\nexport const useRoles = (\n page = 0,\n pageSize = 5,\n pollInterval?: number,\n): {\n loading: boolean;\n data: RolesData[];\n createRoleLoading: boolean;\n createRoleAllowed: boolean;\n error: {\n rolesError: string;\n policiesError: string;\n roleConditionError: string;\n };\n retry: { roleRetry: () => void; policiesRetry: () => void };\n} => {\n const rbacApi = useApi(rbacApiRef);\n const [newRoles, setNewRoles] = useState<RoleWithConditionalPoliciesCount[]>(\n [],\n );\n const [firstLoad, setFirstLoad] = useState(true);\n const [roleConditionError, setRoleConditionError] = useState<string>('');\n const {\n loading: loadingRoles,\n value: roles,\n retry: roleRetry,\n error: rolesError,\n } = useAsyncRetry(async () => await rbacApi.getRoles());\n\n const {\n loading: loadingPolicies,\n value: policies,\n retry: policiesRetry,\n error: policiesError,\n } = useAsyncRetry(async () => await rbacApi.getPolicies(), []);\n\n const {\n loading: membersLoading,\n value: members,\n error: membersError,\n } = useAsync(async () => {\n return await rbacApi.getMembers(1, 1);\n });\n\n const {\n value: permissionPolicies,\n loading: loadingPermissionPolicies,\n error: permissionPoliciesError,\n } = useAsync(async () => {\n return await rbacApi.listPermissions();\n });\n\n const canReadUsersAndGroups =\n !membersLoading &&\n !membersError &&\n Array.isArray(members) &&\n members.length > 0;\n\n const policyEntityCreatePermissionResult = usePermission({\n permission: policyEntityCreatePermission,\n });\n\n const createRoleLoading =\n policyEntityCreatePermissionResult.loading || membersLoading;\n\n const createRoleAllowed =\n policyEntityCreatePermissionResult.allowed && canReadUsersAndGroups;\n\n const [loadingConditionalPermission, setLoadingConditionalPermission] =\n useState<boolean>(false);\n useEffect(() => {\n const fetchAllPermissionPolicies = async () => {\n if (!Array.isArray(roles)) return;\n setLoadingConditionalPermission(true);\n const failedFetchConditionRoles: string[] = [];\n\n const startIndex = page * pageSize;\n const endIndex = startIndex + pageSize;\n const paginatedRoles = roles.slice(startIndex, endIndex);\n const conditionPromises = paginatedRoles.map(async role => {\n try {\n const conditionalPolicies = await rbacApi.getRoleConditions(\n role.name,\n );\n\n if ((conditionalPolicies as any as Response)?.statusText) {\n failedFetchConditionRoles.push(role.name);\n throw new Error(\n (conditionalPolicies as any as Response).statusText,\n );\n }\n const accessiblePlugins =\n Array.isArray(conditionalPolicies) && conditionalPolicies.length > 0\n ? conditionalPolicies.map(c => c.pluginId)\n : [];\n return {\n ...role,\n conditionalPoliciesCount: Array.isArray(conditionalPolicies)\n ? conditionalPolicies.length\n : 0,\n accessiblePlugins,\n };\n } catch (error) {\n setRoleConditionError(\n `Error fetching role conditions for ${\n failedFetchConditionRoles.length > 1 ? 'roles' : 'role'\n } ${failedFetchConditionRoles.join(', ')}, please try again later.`,\n );\n return {\n ...role,\n conditionalPoliciesCount: 0,\n accessiblePlugins: [],\n };\n }\n });\n\n const settledResults = await Promise.allSettled(conditionPromises);\n const updatedPageRoles = settledResults.map((result, index) => {\n if (result.status === 'fulfilled') {\n return result.value;\n }\n const role = paginatedRoles[index];\n return {\n ...role,\n conditionalPoliciesCount: 0,\n accessiblePlugins: [],\n };\n });\n const updatedRoles = roles.map(role => {\n const updated = updatedPageRoles.find(r => r.name === role.name);\n return updated\n ? updated\n : { ...role, conditionalPoliciesCount: 0, accessiblePlugins: [] };\n });\n\n setNewRoles(updatedRoles);\n setLoadingConditionalPermission(false);\n };\n\n fetchAllPermissionPolicies();\n }, [roles, rbacApi, page, pageSize]);\n\n const data: RolesData[] = useMemo(\n () =>\n Array.isArray(newRoles) && newRoles?.length > 0\n ? newRoles.reduce(\n (acc: RolesData[], role: RoleWithConditionalPoliciesCount) => {\n const permissions = getPermissions(\n role.name,\n policies as RoleBasedPolicy[],\n );\n\n let accPls = role.accessiblePlugins;\n if (\n !loadingPermissionPolicies &&\n !permissionPoliciesError &&\n (permissionPolicies as PluginPermissionMetaData[])?.length > 0\n ) {\n const pls = getPermissionsArray(\n role.name,\n policies as RoleBasedPolicy[],\n ).map(\n po =>\n getPluginInfo(\n permissionPolicies as PluginPermissionMetaData[],\n po,\n )?.pluginId,\n );\n accPls = [...accPls, ...pls].filter(val => !!val) as string[];\n }\n const accessiblePlugins = accPls\n .filter((val, index, plugins) => plugins.indexOf(val) === index)\n .sort();\n\n return [\n ...acc,\n {\n id: role.name,\n name: role.name,\n description: role.metadata?.description ?? '-',\n members: role.memberReferences,\n permissions: role.conditionalPoliciesCount + permissions,\n modifiedBy: '-',\n lastModified: '-',\n actionsPermissionResults: {\n edit: {\n allowed: canReadUsersAndGroups,\n },\n },\n accessiblePlugins,\n },\n ];\n },\n [],\n )\n : [],\n [\n newRoles,\n policies,\n loadingPermissionPolicies,\n permissionPoliciesError,\n permissionPolicies,\n canReadUsersAndGroups,\n ],\n );\n const loading =\n firstLoad &&\n (loadingPolicies ||\n loadingRoles ||\n membersLoading ||\n loadingPermissionPolicies ||\n loadingConditionalPermission);\n\n useInterval(\n () => {\n roleRetry();\n policiesRetry();\n setFirstLoad(false);\n },\n loading ? null : pollInterval || 10000,\n );\n\n return {\n loading,\n data,\n error: {\n rolesError: (rolesError?.message ||\n (typeof roles === 'object'\n ? (roles as any as Response)?.statusText\n : '')) as string,\n policiesError: (policiesError?.message ||\n (typeof policies === 'object'\n ? (policies as any as Response)?.statusText\n : '')) as string,\n roleConditionError,\n },\n createRoleLoading,\n createRoleAllowed,\n retry: { roleRetry, policiesRetry },\n };\n};\n"],"names":[],"mappings":";;;;;;;;AAyCO,MAAM,WAAW,CACtB,IAAA,GAAO,CACP,EAAA,QAAA,GAAW,GACX,YAYG,KAAA;AACH,EAAM,MAAA,OAAA,GAAU,OAAO,UAAU,CAAA;AACjC,EAAM,MAAA,CAAC,QAAU,EAAA,WAAW,CAAI,GAAA,QAAA;AAAA,IAC9B;AAAC,GACH;AACA,EAAA,MAAM,CAAC,SAAA,EAAW,YAAY,CAAA,GAAI,SAAS,IAAI,CAAA;AAC/C,EAAA,MAAM,CAAC,kBAAA,EAAoB,qBAAqB,CAAA,GAAI,SAAiB,EAAE,CAAA;AACvE,EAAM,MAAA;AAAA,IACJ,OAAS,EAAA,YAAA;AAAA,IACT,KAAO,EAAA,KAAA;AAAA,IACP,KAAO,EAAA,SAAA;AAAA,IACP,KAAO,EAAA;AAAA,MACL,aAAc,CAAA,YAAY,MAAM,OAAA,CAAQ,UAAU,CAAA;AAEtD,EAAM,MAAA;AAAA,IACJ,OAAS,EAAA,eAAA;AAAA,IACT,KAAO,EAAA,QAAA;AAAA,IACP,KAAO,EAAA,aAAA;AAAA,IACP,KAAO,EAAA;AAAA,GACT,GAAI,cAAc,YAAY,MAAM,QAAQ,WAAY,EAAA,EAAG,EAAE,CAAA;AAE7D,EAAM,MAAA;AAAA,IACJ,OAAS,EAAA,cAAA;AAAA,IACT,KAAO,EAAA,OAAA;AAAA,IACP,KAAO,EAAA;AAAA,GACT,GAAI,SAAS,YAAY;AACvB,IAAA,OAAO,MAAM,OAAA,CAAQ,UAAW,CAAA,CAAA,EAAG,CAAC,CAAA;AAAA,GACrC,CAAA;AAED,EAAM,MAAA;AAAA,IACJ,KAAO,EAAA,kBAAA;AAAA,IACP,OAAS,EAAA,yBAAA;AAAA,IACT,KAAO,EAAA;AAAA,GACT,GAAI,SAAS,YAAY;AACvB,IAAO,OAAA,MAAM,QAAQ,eAAgB,EAAA;AAAA,GACtC,CAAA;AAED,EAAM,MAAA,qBAAA,GACJ,CAAC,cAAA,IACD,CAAC,YAAA,IACD,MAAM,OAAQ,CAAA,OAAO,CACrB,IAAA,OAAA,CAAQ,MAAS,GAAA,CAAA;AAEnB,EAAA,MAAM,qCAAqC,aAAc,CAAA;AAAA,IACvD,UAAY,EAAA;AAAA,GACb,CAAA;AAED,EAAM,MAAA,iBAAA,GACJ,mCAAmC,OAAW,IAAA,cAAA;AAEhD,EAAM,MAAA,iBAAA,GACJ,mCAAmC,OAAW,IAAA,qBAAA;AAEhD,EAAA,MAAM,CAAC,4BAAA,EAA8B,+BAA+B,CAAA,GAClE,SAAkB,KAAK,CAAA;AACzB,EAAA,SAAA,CAAU,MAAM;AACd,IAAA,MAAM,6BAA6B,YAAY;AAC7C,MAAA,IAAI,CAAC,KAAA,CAAM,OAAQ,CAAA,KAAK,CAAG,EAAA;AAC3B,MAAA,+BAAA,CAAgC,IAAI,CAAA;AACpC,MAAA,MAAM,4BAAsC,EAAC;AAE7C,MAAA,MAAM,aAAa,IAAO,GAAA,QAAA;AAC1B,MAAA,MAAM,WAAW,UAAa,GAAA,QAAA;AAC9B,MAAA,MAAM,cAAiB,GAAA,KAAA,CAAM,KAAM,CAAA,UAAA,EAAY,QAAQ,CAAA;AACvD,MAAA,MAAM,iBAAoB,GAAA,cAAA,CAAe,GAAI,CAAA,OAAM,IAAQ,KAAA;AACzD,QAAI,IAAA;AACF,UAAM,MAAA,mBAAA,GAAsB,MAAM,OAAQ,CAAA,iBAAA;AAAA,YACxC,IAAK,CAAA;AAAA,WACP;AAEA,UAAA,IAAK,qBAAyC,UAAY,EAAA;AACxD,YAA0B,yBAAA,CAAA,IAAA,CAAK,KAAK,IAAI,CAAA;AACxC,YAAA,MAAM,IAAI,KAAA;AAAA,cACP,mBAAwC,CAAA;AAAA,aAC3C;AAAA;AAEF,UAAA,MAAM,iBACJ,GAAA,KAAA,CAAM,OAAQ,CAAA,mBAAmB,KAAK,mBAAoB,CAAA,MAAA,GAAS,CAC/D,GAAA,mBAAA,CAAoB,GAAI,CAAA,CAAA,CAAA,KAAK,CAAE,CAAA,QAAQ,IACvC,EAAC;AACP,UAAO,OAAA;AAAA,YACL,GAAG,IAAA;AAAA,YACH,0BAA0B,KAAM,CAAA,OAAA,CAAQ,mBAAmB,CAAA,GACvD,oBAAoB,MACpB,GAAA,CAAA;AAAA,YACJ;AAAA,WACF;AAAA,iBACO,KAAO,EAAA;AACd,UAAA,qBAAA;AAAA,YACE,CAAA,mCAAA,EACE,yBAA0B,CAAA,MAAA,GAAS,CAAI,GAAA,OAAA,GAAU,MACnD,CAAI,CAAA,EAAA,yBAAA,CAA0B,IAAK,CAAA,IAAI,CAAC,CAAA,yBAAA;AAAA,WAC1C;AACA,UAAO,OAAA;AAAA,YACL,GAAG,IAAA;AAAA,YACH,wBAA0B,EAAA,CAAA;AAAA,YAC1B,mBAAmB;AAAC,WACtB;AAAA;AACF,OACD,CAAA;AAED,MAAA,MAAM,cAAiB,GAAA,MAAM,OAAQ,CAAA,UAAA,CAAW,iBAAiB,CAAA;AACjE,MAAA,MAAM,gBAAmB,GAAA,cAAA,CAAe,GAAI,CAAA,CAAC,QAAQ,KAAU,KAAA;AAC7D,QAAI,IAAA,MAAA,CAAO,WAAW,WAAa,EAAA;AACjC,UAAA,OAAO,MAAO,CAAA,KAAA;AAAA;AAEhB,QAAM,MAAA,IAAA,GAAO,eAAe,KAAK,CAAA;AACjC,QAAO,OAAA;AAAA,UACL,GAAG,IAAA;AAAA,UACH,wBAA0B,EAAA,CAAA;AAAA,UAC1B,mBAAmB;AAAC,SACtB;AAAA,OACD,CAAA;AACD,MAAM,MAAA,YAAA,GAAe,KAAM,CAAA,GAAA,CAAI,CAAQ,IAAA,KAAA;AACrC,QAAA,MAAM,UAAU,gBAAiB,CAAA,IAAA,CAAK,OAAK,CAAE,CAAA,IAAA,KAAS,KAAK,IAAI,CAAA;AAC/D,QAAO,OAAA,OAAA,GACH,UACA,EAAE,GAAG,MAAM,wBAA0B,EAAA,CAAA,EAAG,iBAAmB,EAAA,EAAG,EAAA;AAAA,OACnE,CAAA;AAED,MAAA,WAAA,CAAY,YAAY,CAAA;AACxB,MAAA,+BAAA,CAAgC,KAAK,CAAA;AAAA,KACvC;AAEA,IAA2B,0BAAA,EAAA;AAAA,KAC1B,CAAC,KAAA,EAAO,OAAS,EAAA,IAAA,EAAM,QAAQ,CAAC,CAAA;AAEnC,EAAA,MAAM,IAAoB,GAAA,OAAA;AAAA,IACxB,MACE,MAAM,OAAQ,CAAA,QAAQ,KAAK,QAAU,EAAA,MAAA,GAAS,IAC1C,QAAS,CAAA,MAAA;AAAA,MACP,CAAC,KAAkB,IAA2C,KAAA;AAC5D,QAAA,MAAM,WAAc,GAAA,cAAA;AAAA,UAClB,IAAK,CAAA,IAAA;AAAA,UACL;AAAA,SACF;AAEA,QAAA,IAAI,SAAS,IAAK,CAAA,iBAAA;AAClB,QAAA,IACE,CAAC,yBACD,IAAA,CAAC,uBACA,IAAA,kBAAA,EAAmD,SAAS,CAC7D,EAAA;AACA,UAAA,MAAM,GAAM,GAAA,mBAAA;AAAA,YACV,IAAK,CAAA,IAAA;AAAA,YACL;AAAA,WACA,CAAA,GAAA;AAAA,YACA,CACE,EAAA,KAAA,aAAA;AAAA,cACE,kBAAA;AAAA,cACA;AAAA,aACC,EAAA;AAAA,WACP;AACA,UAAS,MAAA,GAAA,CAAC,GAAG,MAAA,EAAQ,GAAG,GAAG,EAAE,MAAO,CAAA,CAAA,GAAA,KAAO,CAAC,CAAC,GAAG,CAAA;AAAA;AAElD,QAAA,MAAM,iBAAoB,GAAA,MAAA,CACvB,MAAO,CAAA,CAAC,GAAK,EAAA,KAAA,EAAO,OAAY,KAAA,OAAA,CAAQ,OAAQ,CAAA,GAAG,CAAM,KAAA,KAAK,EAC9D,IAAK,EAAA;AAER,QAAO,OAAA;AAAA,UACL,GAAG,GAAA;AAAA,UACH;AAAA,YACE,IAAI,IAAK,CAAA,IAAA;AAAA,YACT,MAAM,IAAK,CAAA,IAAA;AAAA,YACX,WAAA,EAAa,IAAK,CAAA,QAAA,EAAU,WAAe,IAAA,GAAA;AAAA,YAC3C,SAAS,IAAK,CAAA,gBAAA;AAAA,YACd,WAAA,EAAa,KAAK,wBAA2B,GAAA,WAAA;AAAA,YAC7C,UAAY,EAAA,GAAA;AAAA,YACZ,YAAc,EAAA,GAAA;AAAA,YACd,wBAA0B,EAAA;AAAA,cACxB,IAAM,EAAA;AAAA,gBACJ,OAAS,EAAA;AAAA;AACX,aACF;AAAA,YACA;AAAA;AACF,SACF;AAAA,OACF;AAAA,MACA;AAAC,QAEH,EAAC;AAAA,IACP;AAAA,MACE,QAAA;AAAA,MACA,QAAA;AAAA,MACA,yBAAA;AAAA,MACA,uBAAA;AAAA,MACA,kBAAA;AAAA,MACA;AAAA;AACF,GACF;AACA,EAAA,MAAM,OACJ,GAAA,SAAA,KACC,eACC,IAAA,YAAA,IACA,kBACA,yBACA,IAAA,4BAAA,CAAA;AAEJ,EAAA,WAAA;AAAA,IACE,MAAM;AACJ,MAAU,SAAA,EAAA;AACV,MAAc,aAAA,EAAA;AACd,MAAA,YAAA,CAAa,KAAK,CAAA;AAAA,KACpB;AAAA,IACA,OAAA,GAAU,OAAuB;AAAA,GACnC;AAEA,EAAO,OAAA;AAAA,IACL,OAAA;AAAA,IACA,IAAA;AAAA,IACA,KAAO,EAAA;AAAA,MACL,YAAa,UAAY,EAAA,OAAA,KACtB,OAAO,KAAU,KAAA,QAAA,GACb,OAA2B,UAC5B,GAAA,EAAA,CAAA;AAAA,MACN,eAAgB,aAAe,EAAA,OAAA,KAC5B,OAAO,QAAa,KAAA,QAAA,GAChB,UAA8B,UAC/B,GAAA,EAAA,CAAA;AAAA,MACN;AAAA,KACF;AAAA,IACA,iBAAA;AAAA,IACA,iBAAA;AAAA,IACA,KAAA,EAAO,EAAE,SAAA,EAAW,aAAc;AAAA,GACpC;AACF;;;;"}
|
|
@@ -79,9 +79,9 @@ const getPluginInfo = (permissions, policy) => permissions.reduce(
|
|
|
79
79
|
}
|
|
80
80
|
return false;
|
|
81
81
|
});
|
|
82
|
-
if (policyData) {
|
|
82
|
+
if (p.pluginId && policyData) {
|
|
83
83
|
return {
|
|
84
|
-
pluginId: p.pluginId
|
|
84
|
+
pluginId: p.pluginId,
|
|
85
85
|
permissionName: policyData.name || "-",
|
|
86
86
|
isResourced: isResourcedPolicy(policyData) || false,
|
|
87
87
|
resourceType: isResourcedPolicy(policyData) ? policyData.resourceType : "",
|
|
@@ -90,7 +90,7 @@ const getPluginInfo = (permissions, policy) => permissions.reduce(
|
|
|
90
90
|
}
|
|
91
91
|
return acc;
|
|
92
92
|
},
|
|
93
|
-
|
|
93
|
+
null
|
|
94
94
|
);
|
|
95
95
|
const getPolicy = (str) => {
|
|
96
96
|
const arr = str.split(".");
|
|
@@ -119,25 +119,21 @@ const getPermissionsData = (policies, permissionPolicies) => {
|
|
|
119
119
|
const policyTitleCase = capitalizeFirstLetter(policyStr);
|
|
120
120
|
const policyString = /* @__PURE__ */ new Set();
|
|
121
121
|
const policiesSet = /* @__PURE__ */ new Set();
|
|
122
|
-
const
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
isResourced,
|
|
138
|
-
resourceType,
|
|
139
|
-
usingResourceType
|
|
140
|
-
});
|
|
122
|
+
const pluginInfo = getPluginInfo(permissionPolicies, policy);
|
|
123
|
+
if (pluginInfo?.pluginId) {
|
|
124
|
+
acc.push({
|
|
125
|
+
permission: pluginInfo.permissionName,
|
|
126
|
+
plugin: pluginInfo.pluginId,
|
|
127
|
+
policyString: policyString.add(policyTitleCase || "Use"),
|
|
128
|
+
policies: policiesSet.add({
|
|
129
|
+
policy: policyTitleCase || "Use",
|
|
130
|
+
effect: policy.effect
|
|
131
|
+
}),
|
|
132
|
+
isResourced: pluginInfo.isResourced,
|
|
133
|
+
resourceType: pluginInfo.resourceType,
|
|
134
|
+
usingResourceType: pluginInfo.usingResourceType
|
|
135
|
+
});
|
|
136
|
+
}
|
|
141
137
|
}
|
|
142
138
|
return acc;
|
|
143
139
|
},
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rbac-utils.esm.js","sources":["../../src/utils/rbac-utils.ts"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport {\n GroupEntity,\n isUserEntity,\n parseEntityRef,\n stringifyEntityRef,\n} from '@backstage/catalog-model';\nimport {\n AllOfCriteria,\n AnyOfCriteria,\n NotCriteria,\n PermissionCondition,\n PermissionCriteria,\n} from '@backstage/plugin-permission-common';\n\nimport { capitalizeFirstLetter } from './string-utils';\n\nimport {\n isResourcedPolicy,\n PermissionAction,\n PluginPermissionMetaData,\n PolicyDetails,\n RoleBasedPolicy,\n RoleConditionalPolicyDecision,\n} from '@backstage-community/plugin-rbac-common';\n\nimport { criterias } from '../components/ConditionalAccess/const';\nimport { ConditionsData } from '../components/ConditionalAccess/types';\nimport {\n PluginsPermissionPoliciesData,\n RowPolicy,\n SelectedMember,\n} from '../components/CreateRole/types';\nimport {\n MemberEntity,\n MembersData,\n PermissionsData,\n PermissionsDataSet,\n} from '../types';\nimport { getMembersCount } from './create-role-utils';\n\nexport const getPermissionsArray = (\n role: string,\n policies: RoleBasedPolicy[],\n): RoleBasedPolicy[] => {\n if (!policies || policies?.length === 0 || !Array.isArray(policies)) {\n return [];\n }\n return policies.filter(\n (policy: RoleBasedPolicy) =>\n policy.entityReference === role && policy.effect !== 'deny',\n );\n};\n\nexport const getPermissions = (\n role: string,\n policies: RoleBasedPolicy[],\n): number => {\n return getPermissionsArray(role, policies).length;\n};\n\nexport const getMembersString = (res: {\n users: number;\n groups: number;\n}): string => {\n let membersString = '';\n if (res.groups > 0) {\n membersString = `${res.groups} ${res.groups > 1 ? 'groups' : 'group'}`;\n }\n if (res.users > 0) {\n membersString = membersString.concat(\n membersString.length > 0 ? ', ' : '',\n `${res.users} ${res.users > 1 ? 'users' : 'user'}`,\n );\n }\n return membersString;\n};\n\nexport const getMembers = (\n members: (string | MembersData | SelectedMember)[],\n): string => {\n if (!members || members.length === 0) {\n return 'No members';\n }\n\n const res = members.reduce(\n (acc, member) => {\n if (typeof member === 'object') {\n if (member.type === 'User' || member.type === 'user') {\n acc.users++;\n } else {\n acc.groups++;\n }\n } else {\n const entity = parseEntityRef(member) as any;\n if (isUserEntity(entity)) {\n acc.users++;\n } else {\n acc.groups++;\n }\n }\n return acc;\n },\n { users: 0, groups: 0 },\n );\n\n return getMembersString(res);\n};\n\nexport const getMembersFromGroup = (group: GroupEntity): number => {\n const membersList = group.relations?.reduce((acc, relation) => {\n let temp = acc;\n if (relation.type === 'hasMember') {\n temp++;\n }\n return temp;\n }, 0);\n return membersList ?? 0;\n};\n\nexport const getPluginInfo = (\n permissions: PluginPermissionMetaData[],\n policy: RoleBasedPolicy,\n): {\n pluginId: string;\n isResourced: boolean;\n resourceType?: string;\n permissionName: string;\n usingResourceType?: boolean;\n} =>\n permissions.reduce(\n (\n acc: {\n pluginId: string;\n isResourced: boolean;\n resourceType?: string;\n permissionName: string;\n usingResourceType?: boolean;\n },\n p: PluginPermissionMetaData,\n ) => {\n const policyData = p.policies.find(pol => {\n if (pol.policy === policy.policy) {\n if (isResourcedPolicy(pol)) {\n if (pol.resourceType === policy.permission) {\n return true;\n }\n }\n if (pol.name === policy.permission) {\n return true;\n }\n }\n return false;\n });\n if (policyData) {\n return {\n pluginId: p.pluginId || '-',\n permissionName: policyData.name || '-',\n isResourced: isResourcedPolicy(policyData) || false,\n resourceType: isResourcedPolicy(policyData)\n ? policyData.resourceType\n : '',\n usingResourceType:\n isResourcedPolicy(policyData) &&\n policyData.resourceType === policy.permission,\n };\n }\n return acc;\n },\n { pluginId: '-', isResourced: false, permissionName: '-' },\n );\n\nconst getPolicy = (str: string) => {\n const arr = str.split('.');\n return arr[arr.length - 1];\n};\n\nconst getAllPolicies = (\n permission: string,\n allowedPolicies: RowPolicy[],\n policies: PolicyDetails[],\n) => {\n const deniedPolicies = policies?.reduce((acc, p) => {\n const perm = p.name;\n if (\n permission === perm &&\n !allowedPolicies.find(\n allowedPolicy =>\n allowedPolicy.policy.toLocaleLowerCase('en-US') ===\n p.policy?.toLocaleLowerCase('en-US'),\n )\n ) {\n acc.push({\n policy: capitalizeFirstLetter(p.policy) || 'Use',\n effect: 'deny',\n });\n }\n return acc;\n }, [] as RowPolicy[]);\n return [...(allowedPolicies || []), ...(deniedPolicies || [])];\n};\n\nexport const getPermissionsData = (\n policies: RoleBasedPolicy[],\n permissionPolicies: PluginPermissionMetaData[],\n): PermissionsData[] => {\n const data = policies.reduce(\n (acc: PermissionsDataSet[], policy: RoleBasedPolicy) => {\n if (policy?.effect === 'allow') {\n const policyStr =\n policy?.policy ?? getPolicy(policy.permission as string);\n const policyTitleCase = capitalizeFirstLetter(policyStr);\n const policyString = new Set<string>();\n const policiesSet = new Set<{ policy: string; effect: string }>();\n const {\n pluginId,\n isResourced,\n resourceType,\n permissionName,\n usingResourceType,\n } = getPluginInfo(permissionPolicies, policy);\n acc.push({\n permission: permissionName,\n plugin: pluginId,\n policyString: policyString.add(policyTitleCase || 'Use'),\n policies: policiesSet.add({\n policy: policyTitleCase || 'Use',\n effect: policy.effect,\n }),\n isResourced,\n resourceType,\n usingResourceType,\n });\n }\n return acc;\n },\n [],\n );\n return data.map((p: PermissionsDataSet) => ({\n ...p,\n ...(p.policyString ? { policyString: Array.from(p.policyString) } : {}),\n policies: getAllPolicies(\n p.permission,\n Array.from(p.policies),\n permissionPolicies.find(pp => pp.pluginId === p.plugin)\n ?.policies as PolicyDetails[],\n ),\n })) as PermissionsData[];\n};\n\nexport const getConditionUpperCriteria = (\n conditions: PermissionCriteria<PermissionCondition> | string,\n): string | undefined => {\n return Object.keys(conditions).find(key =>\n [criterias.allOf, criterias.anyOf, criterias.not].includes(\n key as keyof ConditionsData,\n ),\n );\n};\n\nexport const getConditionsData = (\n conditions: PermissionCriteria<PermissionCondition>,\n): ConditionsData | undefined => {\n const upperCriteria =\n getConditionUpperCriteria(conditions) ?? criterias.condition;\n\n switch (upperCriteria) {\n case criterias.allOf: {\n const allOfConditions = (conditions as AllOfCriteria<PermissionCondition>)\n .allOf;\n allOfConditions.map(aoc => {\n if (getConditionUpperCriteria(aoc)) {\n return getConditionsData(aoc);\n }\n return aoc;\n });\n return { allOf: allOfConditions as PermissionCondition[] };\n }\n case criterias.anyOf: {\n const anyOfConditions = (conditions as AnyOfCriteria<PermissionCondition>)\n .anyOf;\n anyOfConditions.map(aoc => {\n if (getConditionUpperCriteria(aoc)) {\n return getConditionsData(aoc);\n }\n return aoc;\n });\n return { anyOf: anyOfConditions as PermissionCondition[] };\n }\n case criterias.not: {\n const notCondition = (conditions as NotCriteria<PermissionCondition>).not;\n const nestedCondition = getConditionUpperCriteria(notCondition)\n ? getConditionsData(notCondition)\n : notCondition;\n return { not: nestedCondition as PermissionCondition };\n }\n default:\n return { condition: conditions as PermissionCondition };\n }\n};\n\nexport const getPoliciesData = (\n allowedPermissions: string[],\n policies: string[],\n): RowPolicy[] => {\n return policies.map(p => ({\n policy: p,\n ...(allowedPermissions.includes(p.toLocaleLowerCase('en-US'))\n ? { effect: 'allow' }\n : { effect: 'deny' }),\n }));\n};\n\nexport const getPolicyString = (policies: RowPolicy[]) => {\n const policyStr = policies.reduce((acc: string, p) => {\n if (p.effect === 'allow') return acc.concat(`${p.policy}, `);\n return acc;\n }, '');\n return policyStr.slice(0, policyStr.length - 2);\n};\n\nexport const getConditionalPermissionsData = (\n conditionalPermissions: RoleConditionalPolicyDecision<PermissionAction>[],\n permissionPolicies: PluginsPermissionPoliciesData,\n allPermissionPolicies: PluginPermissionMetaData[],\n): PermissionsData[] => {\n return conditionalPermissions.reduce((acc: any, cp) => {\n const conditions = getConditionsData(cp.conditions);\n const allowedPermissions = cp.permissionMapping.map(action =>\n action.toLocaleLowerCase('en-US'),\n );\n\n const pluginPermissionMetaData = allPermissionPolicies.find(\n pp => pp.pluginId === cp.pluginId,\n );\n\n const perms =\n pluginPermissionMetaData?.policies.filter(\n po =>\n isResourcedPolicy(po) &&\n po.resourceType === cp.resourceType &&\n allowedPermissions.includes(po.policy.toLocaleLowerCase('en-US')),\n ) ?? [];\n\n const allPolicies = (pm: string) =>\n permissionPolicies.pluginsPermissions?.[cp.pluginId]?.policies?.[pm]\n ?.policies ?? [];\n\n return [\n ...acc,\n ...(conditions\n ? perms.map((perm, index, arr) => {\n const policies = getPoliciesData(\n allowedPermissions,\n allPolicies(perm.name),\n );\n return {\n plugin: cp.pluginId,\n permission: perm.name,\n resourceType: cp.resourceType,\n isResourced: true,\n policies,\n policyString: getPolicyString(policies),\n conditions,\n ...(index === 0 ||\n !!policies.find(\n pl =>\n pl.policy.toLocaleLowerCase('en-US') ===\n arr[index - 1].policy && pl.effect === 'allow',\n )\n ? { id: cp.id }\n : {}),\n };\n })\n : []),\n ];\n }, []);\n};\n\nexport const getSelectedMember = (\n memberResource: MemberEntity | undefined,\n ref: string,\n): SelectedMember => {\n if (memberResource) {\n return {\n id: memberResource.metadata.etag as string,\n ref: stringifyEntityRef(memberResource),\n label:\n memberResource.spec.profile?.displayName ??\n memberResource.metadata.name,\n etag: memberResource.metadata.etag as string,\n type: memberResource.kind,\n namespace: memberResource.metadata.namespace as string,\n members: getMembersCount(memberResource),\n };\n } else if (ref) {\n const { kind, namespace, name } = parseEntityRef(ref);\n return {\n id: `${kind}-${namespace}-${name}`,\n ref,\n label: name,\n etag: `${kind}-${namespace}-${name}`,\n type: kind,\n namespace: namespace,\n members: kind === 'group' ? 0 : undefined,\n };\n }\n return {} as SelectedMember;\n};\n\nexport const isSamePermissionPolicy = (\n a: RoleBasedPolicy,\n b: RoleBasedPolicy,\n) =>\n a.entityReference === b.entityReference &&\n a.permission === b.permission &&\n a.policy === b.policy &&\n a.effect === b.effect;\n\nexport const onlyInLeft = (\n left: RoleBasedPolicy[],\n right: RoleBasedPolicy[],\n compareFunction: (a: RoleBasedPolicy, b: RoleBasedPolicy) => boolean,\n) =>\n left.filter(\n leftValue =>\n !right.some(rightValue => compareFunction(leftValue, rightValue)),\n );\n"],"names":[],"mappings":";;;;;;AAuDa,MAAA,mBAAA,GAAsB,CACjC,IAAA,EACA,QACsB,KAAA;AACtB,EAAI,IAAA,CAAC,YAAY,QAAU,EAAA,MAAA,KAAW,KAAK,CAAC,KAAA,CAAM,OAAQ,CAAA,QAAQ,CAAG,EAAA;AACnE,IAAA,OAAO,EAAC;AAAA;AAEV,EAAA,OAAO,QAAS,CAAA,MAAA;AAAA,IACd,CAAC,MACC,KAAA,MAAA,CAAO,eAAoB,KAAA,IAAA,IAAQ,OAAO,MAAW,KAAA;AAAA,GACzD;AACF;AAEa,MAAA,cAAA,GAAiB,CAC5B,IAAA,EACA,QACW,KAAA;AACX,EAAO,OAAA,mBAAA,CAAoB,IAAM,EAAA,QAAQ,CAAE,CAAA,MAAA;AAC7C;AAEa,MAAA,gBAAA,GAAmB,CAAC,GAGnB,KAAA;AACZ,EAAA,IAAI,aAAgB,GAAA,EAAA;AACpB,EAAI,IAAA,GAAA,CAAI,SAAS,CAAG,EAAA;AAClB,IAAgB,aAAA,GAAA,CAAA,EAAG,IAAI,MAAM,CAAA,CAAA,EAAI,IAAI,MAAS,GAAA,CAAA,GAAI,WAAW,OAAO,CAAA,CAAA;AAAA;AAEtE,EAAI,IAAA,GAAA,CAAI,QAAQ,CAAG,EAAA;AACjB,IAAA,aAAA,GAAgB,aAAc,CAAA,MAAA;AAAA,MAC5B,aAAA,CAAc,MAAS,GAAA,CAAA,GAAI,IAAO,GAAA,EAAA;AAAA,MAClC,CAAA,EAAG,IAAI,KAAK,CAAA,CAAA,EAAI,IAAI,KAAQ,GAAA,CAAA,GAAI,UAAU,MAAM,CAAA;AAAA,KAClD;AAAA;AAEF,EAAO,OAAA,aAAA;AACT;AAEa,MAAA,UAAA,GAAa,CACxB,OACW,KAAA;AACX,EAAA,IAAI,CAAC,OAAA,IAAW,OAAQ,CAAA,MAAA,KAAW,CAAG,EAAA;AACpC,IAAO,OAAA,YAAA;AAAA;AAGT,EAAA,MAAM,MAAM,OAAQ,CAAA,MAAA;AAAA,IAClB,CAAC,KAAK,MAAW,KAAA;AACf,MAAI,IAAA,OAAO,WAAW,QAAU,EAAA;AAC9B,QAAA,IAAI,MAAO,CAAA,IAAA,KAAS,MAAU,IAAA,MAAA,CAAO,SAAS,MAAQ,EAAA;AACpD,UAAI,GAAA,CAAA,KAAA,EAAA;AAAA,SACC,MAAA;AACL,UAAI,GAAA,CAAA,MAAA,EAAA;AAAA;AACN,OACK,MAAA;AACL,QAAM,MAAA,MAAA,GAAS,eAAe,MAAM,CAAA;AACpC,QAAI,IAAA,YAAA,CAAa,MAAM,CAAG,EAAA;AACxB,UAAI,GAAA,CAAA,KAAA,EAAA;AAAA,SACC,MAAA;AACL,UAAI,GAAA,CAAA,MAAA,EAAA;AAAA;AACN;AAEF,MAAO,OAAA,GAAA;AAAA,KACT;AAAA,IACA,EAAE,KAAA,EAAO,CAAG,EAAA,MAAA,EAAQ,CAAE;AAAA,GACxB;AAEA,EAAA,OAAO,iBAAiB,GAAG,CAAA;AAC7B;AAEa,MAAA,mBAAA,GAAsB,CAAC,KAA+B,KAAA;AACjE,EAAA,MAAM,cAAc,KAAM,CAAA,SAAA,EAAW,MAAO,CAAA,CAAC,KAAK,QAAa,KAAA;AAC7D,IAAA,IAAI,IAAO,GAAA,GAAA;AACX,IAAI,IAAA,QAAA,CAAS,SAAS,WAAa,EAAA;AACjC,MAAA,IAAA,EAAA;AAAA;AAEF,IAAO,OAAA,IAAA;AAAA,KACN,CAAC,CAAA;AACJ,EAAA,OAAO,WAAe,IAAA,CAAA;AACxB;AAEO,MAAM,aAAgB,GAAA,CAC3B,WACA,EAAA,MAAA,KAQA,WAAY,CAAA,MAAA;AAAA,EACV,CACE,KAOA,CACG,KAAA;AACH,IAAA,MAAM,UAAa,GAAA,CAAA,CAAE,QAAS,CAAA,IAAA,CAAK,CAAO,GAAA,KAAA;AACxC,MAAI,IAAA,GAAA,CAAI,MAAW,KAAA,MAAA,CAAO,MAAQ,EAAA;AAChC,QAAI,IAAA,iBAAA,CAAkB,GAAG,CAAG,EAAA;AAC1B,UAAI,IAAA,GAAA,CAAI,YAAiB,KAAA,MAAA,CAAO,UAAY,EAAA;AAC1C,YAAO,OAAA,IAAA;AAAA;AACT;AAEF,QAAI,IAAA,GAAA,CAAI,IAAS,KAAA,MAAA,CAAO,UAAY,EAAA;AAClC,UAAO,OAAA,IAAA;AAAA;AACT;AAEF,MAAO,OAAA,KAAA;AAAA,KACR,CAAA;AACD,IAAA,IAAI,UAAY,EAAA;AACd,MAAO,OAAA;AAAA,QACL,QAAA,EAAU,EAAE,QAAY,IAAA,GAAA;AAAA,QACxB,cAAA,EAAgB,WAAW,IAAQ,IAAA,GAAA;AAAA,QACnC,WAAA,EAAa,iBAAkB,CAAA,UAAU,CAAK,IAAA,KAAA;AAAA,QAC9C,YAAc,EAAA,iBAAA,CAAkB,UAAU,CAAA,GACtC,WAAW,YACX,GAAA,EAAA;AAAA,QACJ,mBACE,iBAAkB,CAAA,UAAU,CAC5B,IAAA,UAAA,CAAW,iBAAiB,MAAO,CAAA;AAAA,OACvC;AAAA;AAEF,IAAO,OAAA,GAAA;AAAA,GACT;AAAA,EACA,EAAE,QAAU,EAAA,GAAA,EAAK,WAAa,EAAA,KAAA,EAAO,gBAAgB,GAAI;AAC3D;AAEF,MAAM,SAAA,GAAY,CAAC,GAAgB,KAAA;AACjC,EAAM,MAAA,GAAA,GAAM,GAAI,CAAA,KAAA,CAAM,GAAG,CAAA;AACzB,EAAO,OAAA,GAAA,CAAI,GAAI,CAAA,MAAA,GAAS,CAAC,CAAA;AAC3B,CAAA;AAEA,MAAM,cAAiB,GAAA,CACrB,UACA,EAAA,eAAA,EACA,QACG,KAAA;AACH,EAAA,MAAM,cAAiB,GAAA,QAAA,EAAU,MAAO,CAAA,CAAC,KAAK,CAAM,KAAA;AAClD,IAAA,MAAM,OAAO,CAAE,CAAA,IAAA;AACf,IACE,IAAA,UAAA,KAAe,IACf,IAAA,CAAC,eAAgB,CAAA,IAAA;AAAA,MACf,CAAA,aAAA,KACE,cAAc,MAAO,CAAA,iBAAA,CAAkB,OAAO,CAC9C,KAAA,CAAA,CAAE,MAAQ,EAAA,iBAAA,CAAkB,OAAO;AAAA,KAEvC,EAAA;AACA,MAAA,GAAA,CAAI,IAAK,CAAA;AAAA,QACP,MAAQ,EAAA,qBAAA,CAAsB,CAAE,CAAA,MAAM,CAAK,IAAA,KAAA;AAAA,QAC3C,MAAQ,EAAA;AAAA,OACT,CAAA;AAAA;AAEH,IAAO,OAAA,GAAA;AAAA,GACT,EAAG,EAAiB,CAAA;AACpB,EAAO,OAAA,CAAC,GAAI,eAAmB,IAAA,IAAK,GAAI,cAAA,IAAkB,EAAG,CAAA;AAC/D,CAAA;AAEa,MAAA,kBAAA,GAAqB,CAChC,QAAA,EACA,kBACsB,KAAA;AACtB,EAAA,MAAM,OAAO,QAAS,CAAA,MAAA;AAAA,IACpB,CAAC,KAA2B,MAA4B,KAAA;AACtD,MAAI,IAAA,MAAA,EAAQ,WAAW,OAAS,EAAA;AAC9B,QAAA,MAAM,SACJ,GAAA,MAAA,EAAQ,MAAU,IAAA,SAAA,CAAU,OAAO,UAAoB,CAAA;AACzD,QAAM,MAAA,eAAA,GAAkB,sBAAsB,SAAS,CAAA;AACvD,QAAM,MAAA,YAAA,uBAAmB,GAAY,EAAA;AACrC,QAAM,MAAA,WAAA,uBAAkB,GAAwC,EAAA;AAChE,QAAM,MAAA;AAAA,UACJ,QAAA;AAAA,UACA,WAAA;AAAA,UACA,YAAA;AAAA,UACA,cAAA;AAAA,UACA;AAAA,SACF,GAAI,aAAc,CAAA,kBAAA,EAAoB,MAAM,CAAA;AAC5C,QAAA,GAAA,CAAI,IAAK,CAAA;AAAA,UACP,UAAY,EAAA,cAAA;AAAA,UACZ,MAAQ,EAAA,QAAA;AAAA,UACR,YAAc,EAAA,YAAA,CAAa,GAAI,CAAA,eAAA,IAAmB,KAAK,CAAA;AAAA,UACvD,QAAA,EAAU,YAAY,GAAI,CAAA;AAAA,YACxB,QAAQ,eAAmB,IAAA,KAAA;AAAA,YAC3B,QAAQ,MAAO,CAAA;AAAA,WAChB,CAAA;AAAA,UACD,WAAA;AAAA,UACA,YAAA;AAAA,UACA;AAAA,SACD,CAAA;AAAA;AAEH,MAAO,OAAA,GAAA;AAAA,KACT;AAAA,IACA;AAAC,GACH;AACA,EAAO,OAAA,IAAA,CAAK,GAAI,CAAA,CAAC,CAA2B,MAAA;AAAA,IAC1C,GAAG,CAAA;AAAA,IACH,GAAI,CAAE,CAAA,YAAA,GAAe,EAAE,YAAA,EAAc,KAAM,CAAA,IAAA,CAAK,CAAE,CAAA,YAAY,CAAE,EAAA,GAAI,EAAC;AAAA,IACrE,QAAU,EAAA,cAAA;AAAA,MACR,CAAE,CAAA,UAAA;AAAA,MACF,KAAA,CAAM,IAAK,CAAA,CAAA,CAAE,QAAQ,CAAA;AAAA,MACrB,mBAAmB,IAAK,CAAA,CAAA,EAAA,KAAM,GAAG,QAAa,KAAA,CAAA,CAAE,MAAM,CAClD,EAAA;AAAA;AACN,GACA,CAAA,CAAA;AACJ;AAEa,MAAA,yBAAA,GAA4B,CACvC,UACuB,KAAA;AACvB,EAAO,OAAA,MAAA,CAAO,IAAK,CAAA,UAAU,CAAE,CAAA,IAAA;AAAA,IAAK,CAAA,GAAA,KAClC,CAAC,SAAU,CAAA,KAAA,EAAO,UAAU,KAAO,EAAA,SAAA,CAAU,GAAG,CAAE,CAAA,QAAA;AAAA,MAChD;AAAA;AACF,GACF;AACF;AAEa,MAAA,iBAAA,GAAoB,CAC/B,UAC+B,KAAA;AAC/B,EAAA,MAAM,aACJ,GAAA,yBAAA,CAA0B,UAAU,CAAA,IAAK,SAAU,CAAA,SAAA;AAErD,EAAA,QAAQ,aAAe;AAAA,IACrB,KAAK,UAAU,KAAO,EAAA;AACpB,MAAA,MAAM,kBAAmB,UACtB,CAAA,KAAA;AACH,MAAA,eAAA,CAAgB,IAAI,CAAO,GAAA,KAAA;AACzB,QAAI,IAAA,yBAAA,CAA0B,GAAG,CAAG,EAAA;AAClC,UAAA,OAAO,kBAAkB,GAAG,CAAA;AAAA;AAE9B,QAAO,OAAA,GAAA;AAAA,OACR,CAAA;AACD,MAAO,OAAA,EAAE,OAAO,eAAyC,EAAA;AAAA;AAC3D,IACA,KAAK,UAAU,KAAO,EAAA;AACpB,MAAA,MAAM,kBAAmB,UACtB,CAAA,KAAA;AACH,MAAA,eAAA,CAAgB,IAAI,CAAO,GAAA,KAAA;AACzB,QAAI,IAAA,yBAAA,CAA0B,GAAG,CAAG,EAAA;AAClC,UAAA,OAAO,kBAAkB,GAAG,CAAA;AAAA;AAE9B,QAAO,OAAA,GAAA;AAAA,OACR,CAAA;AACD,MAAO,OAAA,EAAE,OAAO,eAAyC,EAAA;AAAA;AAC3D,IACA,KAAK,UAAU,GAAK,EAAA;AAClB,MAAA,MAAM,eAAgB,UAAgD,CAAA,GAAA;AACtE,MAAA,MAAM,kBAAkB,yBAA0B,CAAA,YAAY,CAC1D,GAAA,iBAAA,CAAkB,YAAY,CAC9B,GAAA,YAAA;AACJ,MAAO,OAAA,EAAE,KAAK,eAAuC,EAAA;AAAA;AACvD,IACA;AACE,MAAO,OAAA,EAAE,WAAW,UAAkC,EAAA;AAAA;AAE5D;AAEa,MAAA,eAAA,GAAkB,CAC7B,kBAAA,EACA,QACgB,KAAA;AAChB,EAAO,OAAA,QAAA,CAAS,IAAI,CAAM,CAAA,MAAA;AAAA,IACxB,MAAQ,EAAA,CAAA;AAAA,IACR,GAAI,kBAAA,CAAmB,QAAS,CAAA,CAAA,CAAE,kBAAkB,OAAO,CAAC,CACxD,GAAA,EAAE,MAAQ,EAAA,OAAA,EACV,GAAA,EAAE,QAAQ,MAAO;AAAA,GACrB,CAAA,CAAA;AACJ;AAEa,MAAA,eAAA,GAAkB,CAAC,QAA0B,KAAA;AACxD,EAAA,MAAM,SAAY,GAAA,QAAA,CAAS,MAAO,CAAA,CAAC,KAAa,CAAM,KAAA;AACpD,IAAI,IAAA,CAAA,CAAE,WAAW,OAAS,EAAA,OAAO,IAAI,MAAO,CAAA,CAAA,EAAG,CAAE,CAAA,MAAM,CAAI,EAAA,CAAA,CAAA;AAC3D,IAAO,OAAA,GAAA;AAAA,KACN,EAAE,CAAA;AACL,EAAA,OAAO,SAAU,CAAA,KAAA,CAAM,CAAG,EAAA,SAAA,CAAU,SAAS,CAAC,CAAA;AAChD;AAEO,MAAM,6BAAgC,GAAA,CAC3C,sBACA,EAAA,kBAAA,EACA,qBACsB,KAAA;AACtB,EAAA,OAAO,sBAAuB,CAAA,MAAA,CAAO,CAAC,GAAA,EAAU,EAAO,KAAA;AACrD,IAAM,MAAA,UAAA,GAAa,iBAAkB,CAAA,EAAA,CAAG,UAAU,CAAA;AAClD,IAAM,MAAA,kBAAA,GAAqB,GAAG,iBAAkB,CAAA,GAAA;AAAA,MAAI,CAAA,MAAA,KAClD,MAAO,CAAA,iBAAA,CAAkB,OAAO;AAAA,KAClC;AAEA,IAAA,MAAM,2BAA2B,qBAAsB,CAAA,IAAA;AAAA,MACrD,CAAA,EAAA,KAAM,EAAG,CAAA,QAAA,KAAa,EAAG,CAAA;AAAA,KAC3B;AAEA,IAAM,MAAA,KAAA,GACJ,0BAA0B,QAAS,CAAA,MAAA;AAAA,MACjC,CACE,EAAA,KAAA,iBAAA,CAAkB,EAAE,CAAA,IACpB,GAAG,YAAiB,KAAA,EAAA,CAAG,YACvB,IAAA,kBAAA,CAAmB,QAAS,CAAA,EAAA,CAAG,MAAO,CAAA,iBAAA,CAAkB,OAAO,CAAC;AAAA,SAC/D,EAAC;AAER,IAAA,MAAM,WAAc,GAAA,CAAC,EACnB,KAAA,kBAAA,CAAmB,kBAAqB,GAAA,EAAA,CAAG,QAAQ,CAAA,EAAG,QAAW,GAAA,EAAE,CAC/D,EAAA,QAAA,IAAY,EAAC;AAEnB,IAAO,OAAA;AAAA,MACL,GAAG,GAAA;AAAA,MACH,GAAI,UACA,GAAA,KAAA,CAAM,IAAI,CAAC,IAAA,EAAM,OAAO,GAAQ,KAAA;AAC9B,QAAA,MAAM,QAAW,GAAA,eAAA;AAAA,UACf,kBAAA;AAAA,UACA,WAAA,CAAY,KAAK,IAAI;AAAA,SACvB;AACA,QAAO,OAAA;AAAA,UACL,QAAQ,EAAG,CAAA,QAAA;AAAA,UACX,YAAY,IAAK,CAAA,IAAA;AAAA,UACjB,cAAc,EAAG,CAAA,YAAA;AAAA,UACjB,WAAa,EAAA,IAAA;AAAA,UACb,QAAA;AAAA,UACA,YAAA,EAAc,gBAAgB,QAAQ,CAAA;AAAA,UACtC,UAAA;AAAA,UACA,GAAI,KAAA,KAAU,CACd,IAAA,CAAC,CAAC,QAAS,CAAA,IAAA;AAAA,YACT,CACE,EAAA,KAAA,EAAA,CAAG,MAAO,CAAA,iBAAA,CAAkB,OAAO,CAAA,KACjC,GAAI,CAAA,KAAA,GAAQ,CAAC,CAAA,CAAE,MAAU,IAAA,EAAA,CAAG,MAAW,KAAA;AAAA,cAEzC,EAAE,EAAA,EAAI,EAAG,CAAA,EAAA,KACT;AAAC,SACP;AAAA,OACD,IACD;AAAC,KACP;AAAA,GACF,EAAG,EAAE,CAAA;AACP;AAEa,MAAA,iBAAA,GAAoB,CAC/B,cAAA,EACA,GACmB,KAAA;AACnB,EAAA,IAAI,cAAgB,EAAA;AAClB,IAAO,OAAA;AAAA,MACL,EAAA,EAAI,eAAe,QAAS,CAAA,IAAA;AAAA,MAC5B,GAAA,EAAK,mBAAmB,cAAc,CAAA;AAAA,MACtC,OACE,cAAe,CAAA,IAAA,CAAK,OAAS,EAAA,WAAA,IAC7B,eAAe,QAAS,CAAA,IAAA;AAAA,MAC1B,IAAA,EAAM,eAAe,QAAS,CAAA,IAAA;AAAA,MAC9B,MAAM,cAAe,CAAA,IAAA;AAAA,MACrB,SAAA,EAAW,eAAe,QAAS,CAAA,SAAA;AAAA,MACnC,OAAA,EAAS,gBAAgB,cAAc;AAAA,KACzC;AAAA,aACS,GAAK,EAAA;AACd,IAAA,MAAM,EAAE,IAAM,EAAA,SAAA,EAAW,IAAK,EAAA,GAAI,eAAe,GAAG,CAAA;AACpD,IAAO,OAAA;AAAA,MACL,IAAI,CAAG,EAAA,IAAI,CAAI,CAAA,EAAA,SAAS,IAAI,IAAI,CAAA,CAAA;AAAA,MAChC,GAAA;AAAA,MACA,KAAO,EAAA,IAAA;AAAA,MACP,MAAM,CAAG,EAAA,IAAI,CAAI,CAAA,EAAA,SAAS,IAAI,IAAI,CAAA,CAAA;AAAA,MAClC,IAAM,EAAA,IAAA;AAAA,MACN,SAAA;AAAA,MACA,OAAA,EAAS,IAAS,KAAA,OAAA,GAAU,CAAI,GAAA;AAAA,KAClC;AAAA;AAEF,EAAA,OAAO,EAAC;AACV;AAEO,MAAM,yBAAyB,CACpC,CAAA,EACA,MAEA,CAAE,CAAA,eAAA,KAAoB,EAAE,eACxB,IAAA,CAAA,CAAE,UAAe,KAAA,CAAA,CAAE,cACnB,CAAE,CAAA,MAAA,KAAW,EAAE,MACf,IAAA,CAAA,CAAE,WAAW,CAAE,CAAA;AAEV,MAAM,UAAa,GAAA,CACxB,IACA,EAAA,KAAA,EACA,oBAEA,IAAK,CAAA,MAAA;AAAA,EACH,CAAA,SAAA,KACE,CAAC,KAAM,CAAA,IAAA,CAAK,gBAAc,eAAgB,CAAA,SAAA,EAAW,UAAU,CAAC;AACpE;;;;"}
|
|
1
|
+
{"version":3,"file":"rbac-utils.esm.js","sources":["../../src/utils/rbac-utils.ts"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport {\n GroupEntity,\n isUserEntity,\n parseEntityRef,\n stringifyEntityRef,\n} from '@backstage/catalog-model';\nimport {\n AllOfCriteria,\n AnyOfCriteria,\n NotCriteria,\n PermissionCondition,\n PermissionCriteria,\n} from '@backstage/plugin-permission-common';\n\nimport { capitalizeFirstLetter } from './string-utils';\n\nimport {\n isResourcedPolicy,\n PermissionAction,\n PluginPermissionMetaData,\n PolicyDetails,\n RoleBasedPolicy,\n RoleConditionalPolicyDecision,\n} from '@backstage-community/plugin-rbac-common';\n\nimport { criterias } from '../components/ConditionalAccess/const';\nimport { ConditionsData } from '../components/ConditionalAccess/types';\nimport {\n PluginsPermissionPoliciesData,\n RowPolicy,\n SelectedMember,\n} from '../components/CreateRole/types';\nimport {\n MemberEntity,\n MembersData,\n PermissionsData,\n PermissionsDataSet,\n PluginInfoType,\n} from '../types';\nimport { getMembersCount } from './create-role-utils';\n\nexport const getPermissionsArray = (\n role: string,\n policies: RoleBasedPolicy[],\n): RoleBasedPolicy[] => {\n if (!policies || policies?.length === 0 || !Array.isArray(policies)) {\n return [];\n }\n return policies.filter(\n (policy: RoleBasedPolicy) =>\n policy.entityReference === role && policy.effect !== 'deny',\n );\n};\n\nexport const getPermissions = (\n role: string,\n policies: RoleBasedPolicy[],\n): number => {\n return getPermissionsArray(role, policies).length;\n};\n\nexport const getMembersString = (res: {\n users: number;\n groups: number;\n}): string => {\n let membersString = '';\n if (res.groups > 0) {\n membersString = `${res.groups} ${res.groups > 1 ? 'groups' : 'group'}`;\n }\n if (res.users > 0) {\n membersString = membersString.concat(\n membersString.length > 0 ? ', ' : '',\n `${res.users} ${res.users > 1 ? 'users' : 'user'}`,\n );\n }\n return membersString;\n};\n\nexport const getMembers = (\n members: (string | MembersData | SelectedMember)[],\n): string => {\n if (!members || members.length === 0) {\n return 'No members';\n }\n\n const res = members.reduce(\n (acc, member) => {\n if (typeof member === 'object') {\n if (member.type === 'User' || member.type === 'user') {\n acc.users++;\n } else {\n acc.groups++;\n }\n } else {\n const entity = parseEntityRef(member) as any;\n if (isUserEntity(entity)) {\n acc.users++;\n } else {\n acc.groups++;\n }\n }\n return acc;\n },\n { users: 0, groups: 0 },\n );\n\n return getMembersString(res);\n};\n\nexport const getMembersFromGroup = (group: GroupEntity): number => {\n const membersList = group.relations?.reduce((acc, relation) => {\n let temp = acc;\n if (relation.type === 'hasMember') {\n temp++;\n }\n return temp;\n }, 0);\n return membersList ?? 0;\n};\n\nexport const getPluginInfo = (\n permissions: PluginPermissionMetaData[],\n policy: RoleBasedPolicy,\n): PluginInfoType | null =>\n permissions.reduce(\n (acc: PluginInfoType | null, p: PluginPermissionMetaData) => {\n const policyData = p.policies.find(pol => {\n if (pol.policy === policy.policy) {\n if (isResourcedPolicy(pol)) {\n if (pol.resourceType === policy.permission) {\n return true;\n }\n }\n if (pol.name === policy.permission) {\n return true;\n }\n }\n return false;\n });\n if (p.pluginId && policyData) {\n return {\n pluginId: p.pluginId,\n permissionName: policyData.name || '-',\n isResourced: isResourcedPolicy(policyData) || false,\n resourceType: isResourcedPolicy(policyData)\n ? policyData.resourceType\n : '',\n usingResourceType:\n isResourcedPolicy(policyData) &&\n policyData.resourceType === policy.permission,\n };\n }\n return acc;\n },\n null,\n );\n\nconst getPolicy = (str: string) => {\n const arr = str.split('.');\n return arr[arr.length - 1];\n};\n\nconst getAllPolicies = (\n permission: string,\n allowedPolicies: RowPolicy[],\n policies: PolicyDetails[],\n) => {\n const deniedPolicies = policies?.reduce((acc, p) => {\n const perm = p.name;\n if (\n permission === perm &&\n !allowedPolicies.find(\n allowedPolicy =>\n allowedPolicy.policy.toLocaleLowerCase('en-US') ===\n p.policy?.toLocaleLowerCase('en-US'),\n )\n ) {\n acc.push({\n policy: capitalizeFirstLetter(p.policy) || 'Use',\n effect: 'deny',\n });\n }\n return acc;\n }, [] as RowPolicy[]);\n return [...(allowedPolicies || []), ...(deniedPolicies || [])];\n};\n\nexport const getPermissionsData = (\n policies: RoleBasedPolicy[],\n permissionPolicies: PluginPermissionMetaData[],\n): PermissionsData[] => {\n const data = policies.reduce(\n (acc: PermissionsDataSet[], policy: RoleBasedPolicy) => {\n if (policy?.effect === 'allow') {\n const policyStr =\n policy?.policy ?? getPolicy(policy.permission as string);\n const policyTitleCase = capitalizeFirstLetter(policyStr);\n const policyString = new Set<string>();\n const policiesSet = new Set<{ policy: string; effect: string }>();\n const pluginInfo = getPluginInfo(permissionPolicies, policy);\n if (pluginInfo?.pluginId) {\n acc.push({\n permission: pluginInfo.permissionName,\n plugin: pluginInfo.pluginId,\n policyString: policyString.add(policyTitleCase || 'Use'),\n policies: policiesSet.add({\n policy: policyTitleCase || 'Use',\n effect: policy.effect,\n }),\n isResourced: pluginInfo.isResourced,\n resourceType: pluginInfo.resourceType,\n usingResourceType: pluginInfo.usingResourceType,\n });\n }\n }\n return acc;\n },\n [],\n );\n return data.map((p: PermissionsDataSet) => ({\n ...p,\n ...(p.policyString ? { policyString: Array.from(p.policyString) } : {}),\n policies: getAllPolicies(\n p.permission,\n Array.from(p.policies),\n permissionPolicies.find(pp => pp.pluginId === p.plugin)\n ?.policies as PolicyDetails[],\n ),\n })) as PermissionsData[];\n};\n\nexport const getConditionUpperCriteria = (\n conditions: PermissionCriteria<PermissionCondition> | string,\n): string | undefined => {\n return Object.keys(conditions).find(key =>\n [criterias.allOf, criterias.anyOf, criterias.not].includes(\n key as keyof ConditionsData,\n ),\n );\n};\n\nexport const getConditionsData = (\n conditions: PermissionCriteria<PermissionCondition>,\n): ConditionsData | undefined => {\n const upperCriteria =\n getConditionUpperCriteria(conditions) ?? criterias.condition;\n\n switch (upperCriteria) {\n case criterias.allOf: {\n const allOfConditions = (conditions as AllOfCriteria<PermissionCondition>)\n .allOf;\n allOfConditions.map(aoc => {\n if (getConditionUpperCriteria(aoc)) {\n return getConditionsData(aoc);\n }\n return aoc;\n });\n return { allOf: allOfConditions as PermissionCondition[] };\n }\n case criterias.anyOf: {\n const anyOfConditions = (conditions as AnyOfCriteria<PermissionCondition>)\n .anyOf;\n anyOfConditions.map(aoc => {\n if (getConditionUpperCriteria(aoc)) {\n return getConditionsData(aoc);\n }\n return aoc;\n });\n return { anyOf: anyOfConditions as PermissionCondition[] };\n }\n case criterias.not: {\n const notCondition = (conditions as NotCriteria<PermissionCondition>).not;\n const nestedCondition = getConditionUpperCriteria(notCondition)\n ? getConditionsData(notCondition)\n : notCondition;\n return { not: nestedCondition as PermissionCondition };\n }\n default:\n return { condition: conditions as PermissionCondition };\n }\n};\n\nexport const getPoliciesData = (\n allowedPermissions: string[],\n policies: string[],\n): RowPolicy[] => {\n return policies.map(p => ({\n policy: p,\n ...(allowedPermissions.includes(p.toLocaleLowerCase('en-US'))\n ? { effect: 'allow' }\n : { effect: 'deny' }),\n }));\n};\n\nexport const getPolicyString = (policies: RowPolicy[]) => {\n const policyStr = policies.reduce((acc: string, p) => {\n if (p.effect === 'allow') return acc.concat(`${p.policy}, `);\n return acc;\n }, '');\n return policyStr.slice(0, policyStr.length - 2);\n};\n\nexport const getConditionalPermissionsData = (\n conditionalPermissions: RoleConditionalPolicyDecision<PermissionAction>[],\n permissionPolicies: PluginsPermissionPoliciesData,\n allPermissionPolicies: PluginPermissionMetaData[],\n): PermissionsData[] => {\n return conditionalPermissions.reduce((acc: any, cp) => {\n const conditions = getConditionsData(cp.conditions);\n const allowedPermissions = cp.permissionMapping.map(action =>\n action.toLocaleLowerCase('en-US'),\n );\n\n const pluginPermissionMetaData = allPermissionPolicies.find(\n pp => pp.pluginId === cp.pluginId,\n );\n\n const perms =\n pluginPermissionMetaData?.policies.filter(\n po =>\n isResourcedPolicy(po) &&\n po.resourceType === cp.resourceType &&\n allowedPermissions.includes(po.policy.toLocaleLowerCase('en-US')),\n ) ?? [];\n\n const allPolicies = (pm: string) =>\n permissionPolicies.pluginsPermissions?.[cp.pluginId]?.policies?.[pm]\n ?.policies ?? [];\n\n return [\n ...acc,\n ...(conditions\n ? perms.map((perm, index, arr) => {\n const policies = getPoliciesData(\n allowedPermissions,\n allPolicies(perm.name),\n );\n return {\n plugin: cp.pluginId,\n permission: perm.name,\n resourceType: cp.resourceType,\n isResourced: true,\n policies,\n policyString: getPolicyString(policies),\n conditions,\n ...(index === 0 ||\n !!policies.find(\n pl =>\n pl.policy.toLocaleLowerCase('en-US') ===\n arr[index - 1].policy && pl.effect === 'allow',\n )\n ? { id: cp.id }\n : {}),\n };\n })\n : []),\n ];\n }, []);\n};\n\nexport const getSelectedMember = (\n memberResource: MemberEntity | undefined,\n ref: string,\n): SelectedMember => {\n if (memberResource) {\n return {\n id: memberResource.metadata.etag as string,\n ref: stringifyEntityRef(memberResource),\n label:\n memberResource.spec.profile?.displayName ??\n memberResource.metadata.name,\n etag: memberResource.metadata.etag as string,\n type: memberResource.kind,\n namespace: memberResource.metadata.namespace as string,\n members: getMembersCount(memberResource),\n };\n } else if (ref) {\n const { kind, namespace, name } = parseEntityRef(ref);\n return {\n id: `${kind}-${namespace}-${name}`,\n ref,\n label: name,\n etag: `${kind}-${namespace}-${name}`,\n type: kind,\n namespace: namespace,\n members: kind === 'group' ? 0 : undefined,\n };\n }\n return {} as SelectedMember;\n};\n\nexport const isSamePermissionPolicy = (\n a: RoleBasedPolicy,\n b: RoleBasedPolicy,\n) =>\n a.entityReference === b.entityReference &&\n a.permission === b.permission &&\n a.policy === b.policy &&\n a.effect === b.effect;\n\nexport const onlyInLeft = (\n left: RoleBasedPolicy[],\n right: RoleBasedPolicy[],\n compareFunction: (a: RoleBasedPolicy, b: RoleBasedPolicy) => boolean,\n) =>\n left.filter(\n leftValue =>\n !right.some(rightValue => compareFunction(leftValue, rightValue)),\n );\n"],"names":[],"mappings":";;;;;;AAwDa,MAAA,mBAAA,GAAsB,CACjC,IAAA,EACA,QACsB,KAAA;AACtB,EAAI,IAAA,CAAC,YAAY,QAAU,EAAA,MAAA,KAAW,KAAK,CAAC,KAAA,CAAM,OAAQ,CAAA,QAAQ,CAAG,EAAA;AACnE,IAAA,OAAO,EAAC;AAAA;AAEV,EAAA,OAAO,QAAS,CAAA,MAAA;AAAA,IACd,CAAC,MACC,KAAA,MAAA,CAAO,eAAoB,KAAA,IAAA,IAAQ,OAAO,MAAW,KAAA;AAAA,GACzD;AACF;AAEa,MAAA,cAAA,GAAiB,CAC5B,IAAA,EACA,QACW,KAAA;AACX,EAAO,OAAA,mBAAA,CAAoB,IAAM,EAAA,QAAQ,CAAE,CAAA,MAAA;AAC7C;AAEa,MAAA,gBAAA,GAAmB,CAAC,GAGnB,KAAA;AACZ,EAAA,IAAI,aAAgB,GAAA,EAAA;AACpB,EAAI,IAAA,GAAA,CAAI,SAAS,CAAG,EAAA;AAClB,IAAgB,aAAA,GAAA,CAAA,EAAG,IAAI,MAAM,CAAA,CAAA,EAAI,IAAI,MAAS,GAAA,CAAA,GAAI,WAAW,OAAO,CAAA,CAAA;AAAA;AAEtE,EAAI,IAAA,GAAA,CAAI,QAAQ,CAAG,EAAA;AACjB,IAAA,aAAA,GAAgB,aAAc,CAAA,MAAA;AAAA,MAC5B,aAAA,CAAc,MAAS,GAAA,CAAA,GAAI,IAAO,GAAA,EAAA;AAAA,MAClC,CAAA,EAAG,IAAI,KAAK,CAAA,CAAA,EAAI,IAAI,KAAQ,GAAA,CAAA,GAAI,UAAU,MAAM,CAAA;AAAA,KAClD;AAAA;AAEF,EAAO,OAAA,aAAA;AACT;AAEa,MAAA,UAAA,GAAa,CACxB,OACW,KAAA;AACX,EAAA,IAAI,CAAC,OAAA,IAAW,OAAQ,CAAA,MAAA,KAAW,CAAG,EAAA;AACpC,IAAO,OAAA,YAAA;AAAA;AAGT,EAAA,MAAM,MAAM,OAAQ,CAAA,MAAA;AAAA,IAClB,CAAC,KAAK,MAAW,KAAA;AACf,MAAI,IAAA,OAAO,WAAW,QAAU,EAAA;AAC9B,QAAA,IAAI,MAAO,CAAA,IAAA,KAAS,MAAU,IAAA,MAAA,CAAO,SAAS,MAAQ,EAAA;AACpD,UAAI,GAAA,CAAA,KAAA,EAAA;AAAA,SACC,MAAA;AACL,UAAI,GAAA,CAAA,MAAA,EAAA;AAAA;AACN,OACK,MAAA;AACL,QAAM,MAAA,MAAA,GAAS,eAAe,MAAM,CAAA;AACpC,QAAI,IAAA,YAAA,CAAa,MAAM,CAAG,EAAA;AACxB,UAAI,GAAA,CAAA,KAAA,EAAA;AAAA,SACC,MAAA;AACL,UAAI,GAAA,CAAA,MAAA,EAAA;AAAA;AACN;AAEF,MAAO,OAAA,GAAA;AAAA,KACT;AAAA,IACA,EAAE,KAAA,EAAO,CAAG,EAAA,MAAA,EAAQ,CAAE;AAAA,GACxB;AAEA,EAAA,OAAO,iBAAiB,GAAG,CAAA;AAC7B;AAEa,MAAA,mBAAA,GAAsB,CAAC,KAA+B,KAAA;AACjE,EAAA,MAAM,cAAc,KAAM,CAAA,SAAA,EAAW,MAAO,CAAA,CAAC,KAAK,QAAa,KAAA;AAC7D,IAAA,IAAI,IAAO,GAAA,GAAA;AACX,IAAI,IAAA,QAAA,CAAS,SAAS,WAAa,EAAA;AACjC,MAAA,IAAA,EAAA;AAAA;AAEF,IAAO,OAAA,IAAA;AAAA,KACN,CAAC,CAAA;AACJ,EAAA,OAAO,WAAe,IAAA,CAAA;AACxB;AAEO,MAAM,aAAgB,GAAA,CAC3B,WACA,EAAA,MAAA,KAEA,WAAY,CAAA,MAAA;AAAA,EACV,CAAC,KAA4B,CAAgC,KAAA;AAC3D,IAAA,MAAM,UAAa,GAAA,CAAA,CAAE,QAAS,CAAA,IAAA,CAAK,CAAO,GAAA,KAAA;AACxC,MAAI,IAAA,GAAA,CAAI,MAAW,KAAA,MAAA,CAAO,MAAQ,EAAA;AAChC,QAAI,IAAA,iBAAA,CAAkB,GAAG,CAAG,EAAA;AAC1B,UAAI,IAAA,GAAA,CAAI,YAAiB,KAAA,MAAA,CAAO,UAAY,EAAA;AAC1C,YAAO,OAAA,IAAA;AAAA;AACT;AAEF,QAAI,IAAA,GAAA,CAAI,IAAS,KAAA,MAAA,CAAO,UAAY,EAAA;AAClC,UAAO,OAAA,IAAA;AAAA;AACT;AAEF,MAAO,OAAA,KAAA;AAAA,KACR,CAAA;AACD,IAAI,IAAA,CAAA,CAAE,YAAY,UAAY,EAAA;AAC5B,MAAO,OAAA;AAAA,QACL,UAAU,CAAE,CAAA,QAAA;AAAA,QACZ,cAAA,EAAgB,WAAW,IAAQ,IAAA,GAAA;AAAA,QACnC,WAAA,EAAa,iBAAkB,CAAA,UAAU,CAAK,IAAA,KAAA;AAAA,QAC9C,YAAc,EAAA,iBAAA,CAAkB,UAAU,CAAA,GACtC,WAAW,YACX,GAAA,EAAA;AAAA,QACJ,mBACE,iBAAkB,CAAA,UAAU,CAC5B,IAAA,UAAA,CAAW,iBAAiB,MAAO,CAAA;AAAA,OACvC;AAAA;AAEF,IAAO,OAAA,GAAA;AAAA,GACT;AAAA,EACA;AACF;AAEF,MAAM,SAAA,GAAY,CAAC,GAAgB,KAAA;AACjC,EAAM,MAAA,GAAA,GAAM,GAAI,CAAA,KAAA,CAAM,GAAG,CAAA;AACzB,EAAO,OAAA,GAAA,CAAI,GAAI,CAAA,MAAA,GAAS,CAAC,CAAA;AAC3B,CAAA;AAEA,MAAM,cAAiB,GAAA,CACrB,UACA,EAAA,eAAA,EACA,QACG,KAAA;AACH,EAAA,MAAM,cAAiB,GAAA,QAAA,EAAU,MAAO,CAAA,CAAC,KAAK,CAAM,KAAA;AAClD,IAAA,MAAM,OAAO,CAAE,CAAA,IAAA;AACf,IACE,IAAA,UAAA,KAAe,IACf,IAAA,CAAC,eAAgB,CAAA,IAAA;AAAA,MACf,CAAA,aAAA,KACE,cAAc,MAAO,CAAA,iBAAA,CAAkB,OAAO,CAC9C,KAAA,CAAA,CAAE,MAAQ,EAAA,iBAAA,CAAkB,OAAO;AAAA,KAEvC,EAAA;AACA,MAAA,GAAA,CAAI,IAAK,CAAA;AAAA,QACP,MAAQ,EAAA,qBAAA,CAAsB,CAAE,CAAA,MAAM,CAAK,IAAA,KAAA;AAAA,QAC3C,MAAQ,EAAA;AAAA,OACT,CAAA;AAAA;AAEH,IAAO,OAAA,GAAA;AAAA,GACT,EAAG,EAAiB,CAAA;AACpB,EAAO,OAAA,CAAC,GAAI,eAAmB,IAAA,IAAK,GAAI,cAAA,IAAkB,EAAG,CAAA;AAC/D,CAAA;AAEa,MAAA,kBAAA,GAAqB,CAChC,QAAA,EACA,kBACsB,KAAA;AACtB,EAAA,MAAM,OAAO,QAAS,CAAA,MAAA;AAAA,IACpB,CAAC,KAA2B,MAA4B,KAAA;AACtD,MAAI,IAAA,MAAA,EAAQ,WAAW,OAAS,EAAA;AAC9B,QAAA,MAAM,SACJ,GAAA,MAAA,EAAQ,MAAU,IAAA,SAAA,CAAU,OAAO,UAAoB,CAAA;AACzD,QAAM,MAAA,eAAA,GAAkB,sBAAsB,SAAS,CAAA;AACvD,QAAM,MAAA,YAAA,uBAAmB,GAAY,EAAA;AACrC,QAAM,MAAA,WAAA,uBAAkB,GAAwC,EAAA;AAChE,QAAM,MAAA,UAAA,GAAa,aAAc,CAAA,kBAAA,EAAoB,MAAM,CAAA;AAC3D,QAAA,IAAI,YAAY,QAAU,EAAA;AACxB,UAAA,GAAA,CAAI,IAAK,CAAA;AAAA,YACP,YAAY,UAAW,CAAA,cAAA;AAAA,YACvB,QAAQ,UAAW,CAAA,QAAA;AAAA,YACnB,YAAc,EAAA,YAAA,CAAa,GAAI,CAAA,eAAA,IAAmB,KAAK,CAAA;AAAA,YACvD,QAAA,EAAU,YAAY,GAAI,CAAA;AAAA,cACxB,QAAQ,eAAmB,IAAA,KAAA;AAAA,cAC3B,QAAQ,MAAO,CAAA;AAAA,aAChB,CAAA;AAAA,YACD,aAAa,UAAW,CAAA,WAAA;AAAA,YACxB,cAAc,UAAW,CAAA,YAAA;AAAA,YACzB,mBAAmB,UAAW,CAAA;AAAA,WAC/B,CAAA;AAAA;AACH;AAEF,MAAO,OAAA,GAAA;AAAA,KACT;AAAA,IACA;AAAC,GACH;AACA,EAAO,OAAA,IAAA,CAAK,GAAI,CAAA,CAAC,CAA2B,MAAA;AAAA,IAC1C,GAAG,CAAA;AAAA,IACH,GAAI,CAAE,CAAA,YAAA,GAAe,EAAE,YAAA,EAAc,KAAM,CAAA,IAAA,CAAK,CAAE,CAAA,YAAY,CAAE,EAAA,GAAI,EAAC;AAAA,IACrE,QAAU,EAAA,cAAA;AAAA,MACR,CAAE,CAAA,UAAA;AAAA,MACF,KAAA,CAAM,IAAK,CAAA,CAAA,CAAE,QAAQ,CAAA;AAAA,MACrB,mBAAmB,IAAK,CAAA,CAAA,EAAA,KAAM,GAAG,QAAa,KAAA,CAAA,CAAE,MAAM,CAClD,EAAA;AAAA;AACN,GACA,CAAA,CAAA;AACJ;AAEa,MAAA,yBAAA,GAA4B,CACvC,UACuB,KAAA;AACvB,EAAO,OAAA,MAAA,CAAO,IAAK,CAAA,UAAU,CAAE,CAAA,IAAA;AAAA,IAAK,CAAA,GAAA,KAClC,CAAC,SAAU,CAAA,KAAA,EAAO,UAAU,KAAO,EAAA,SAAA,CAAU,GAAG,CAAE,CAAA,QAAA;AAAA,MAChD;AAAA;AACF,GACF;AACF;AAEa,MAAA,iBAAA,GAAoB,CAC/B,UAC+B,KAAA;AAC/B,EAAA,MAAM,aACJ,GAAA,yBAAA,CAA0B,UAAU,CAAA,IAAK,SAAU,CAAA,SAAA;AAErD,EAAA,QAAQ,aAAe;AAAA,IACrB,KAAK,UAAU,KAAO,EAAA;AACpB,MAAA,MAAM,kBAAmB,UACtB,CAAA,KAAA;AACH,MAAA,eAAA,CAAgB,IAAI,CAAO,GAAA,KAAA;AACzB,QAAI,IAAA,yBAAA,CAA0B,GAAG,CAAG,EAAA;AAClC,UAAA,OAAO,kBAAkB,GAAG,CAAA;AAAA;AAE9B,QAAO,OAAA,GAAA;AAAA,OACR,CAAA;AACD,MAAO,OAAA,EAAE,OAAO,eAAyC,EAAA;AAAA;AAC3D,IACA,KAAK,UAAU,KAAO,EAAA;AACpB,MAAA,MAAM,kBAAmB,UACtB,CAAA,KAAA;AACH,MAAA,eAAA,CAAgB,IAAI,CAAO,GAAA,KAAA;AACzB,QAAI,IAAA,yBAAA,CAA0B,GAAG,CAAG,EAAA;AAClC,UAAA,OAAO,kBAAkB,GAAG,CAAA;AAAA;AAE9B,QAAO,OAAA,GAAA;AAAA,OACR,CAAA;AACD,MAAO,OAAA,EAAE,OAAO,eAAyC,EAAA;AAAA;AAC3D,IACA,KAAK,UAAU,GAAK,EAAA;AAClB,MAAA,MAAM,eAAgB,UAAgD,CAAA,GAAA;AACtE,MAAA,MAAM,kBAAkB,yBAA0B,CAAA,YAAY,CAC1D,GAAA,iBAAA,CAAkB,YAAY,CAC9B,GAAA,YAAA;AACJ,MAAO,OAAA,EAAE,KAAK,eAAuC,EAAA;AAAA;AACvD,IACA;AACE,MAAO,OAAA,EAAE,WAAW,UAAkC,EAAA;AAAA;AAE5D;AAEa,MAAA,eAAA,GAAkB,CAC7B,kBAAA,EACA,QACgB,KAAA;AAChB,EAAO,OAAA,QAAA,CAAS,IAAI,CAAM,CAAA,MAAA;AAAA,IACxB,MAAQ,EAAA,CAAA;AAAA,IACR,GAAI,kBAAA,CAAmB,QAAS,CAAA,CAAA,CAAE,kBAAkB,OAAO,CAAC,CACxD,GAAA,EAAE,MAAQ,EAAA,OAAA,EACV,GAAA,EAAE,QAAQ,MAAO;AAAA,GACrB,CAAA,CAAA;AACJ;AAEa,MAAA,eAAA,GAAkB,CAAC,QAA0B,KAAA;AACxD,EAAA,MAAM,SAAY,GAAA,QAAA,CAAS,MAAO,CAAA,CAAC,KAAa,CAAM,KAAA;AACpD,IAAI,IAAA,CAAA,CAAE,WAAW,OAAS,EAAA,OAAO,IAAI,MAAO,CAAA,CAAA,EAAG,CAAE,CAAA,MAAM,CAAI,EAAA,CAAA,CAAA;AAC3D,IAAO,OAAA,GAAA;AAAA,KACN,EAAE,CAAA;AACL,EAAA,OAAO,SAAU,CAAA,KAAA,CAAM,CAAG,EAAA,SAAA,CAAU,SAAS,CAAC,CAAA;AAChD;AAEO,MAAM,6BAAgC,GAAA,CAC3C,sBACA,EAAA,kBAAA,EACA,qBACsB,KAAA;AACtB,EAAA,OAAO,sBAAuB,CAAA,MAAA,CAAO,CAAC,GAAA,EAAU,EAAO,KAAA;AACrD,IAAM,MAAA,UAAA,GAAa,iBAAkB,CAAA,EAAA,CAAG,UAAU,CAAA;AAClD,IAAM,MAAA,kBAAA,GAAqB,GAAG,iBAAkB,CAAA,GAAA;AAAA,MAAI,CAAA,MAAA,KAClD,MAAO,CAAA,iBAAA,CAAkB,OAAO;AAAA,KAClC;AAEA,IAAA,MAAM,2BAA2B,qBAAsB,CAAA,IAAA;AAAA,MACrD,CAAA,EAAA,KAAM,EAAG,CAAA,QAAA,KAAa,EAAG,CAAA;AAAA,KAC3B;AAEA,IAAM,MAAA,KAAA,GACJ,0BAA0B,QAAS,CAAA,MAAA;AAAA,MACjC,CACE,EAAA,KAAA,iBAAA,CAAkB,EAAE,CAAA,IACpB,GAAG,YAAiB,KAAA,EAAA,CAAG,YACvB,IAAA,kBAAA,CAAmB,QAAS,CAAA,EAAA,CAAG,MAAO,CAAA,iBAAA,CAAkB,OAAO,CAAC;AAAA,SAC/D,EAAC;AAER,IAAA,MAAM,WAAc,GAAA,CAAC,EACnB,KAAA,kBAAA,CAAmB,kBAAqB,GAAA,EAAA,CAAG,QAAQ,CAAA,EAAG,QAAW,GAAA,EAAE,CAC/D,EAAA,QAAA,IAAY,EAAC;AAEnB,IAAO,OAAA;AAAA,MACL,GAAG,GAAA;AAAA,MACH,GAAI,UACA,GAAA,KAAA,CAAM,IAAI,CAAC,IAAA,EAAM,OAAO,GAAQ,KAAA;AAC9B,QAAA,MAAM,QAAW,GAAA,eAAA;AAAA,UACf,kBAAA;AAAA,UACA,WAAA,CAAY,KAAK,IAAI;AAAA,SACvB;AACA,QAAO,OAAA;AAAA,UACL,QAAQ,EAAG,CAAA,QAAA;AAAA,UACX,YAAY,IAAK,CAAA,IAAA;AAAA,UACjB,cAAc,EAAG,CAAA,YAAA;AAAA,UACjB,WAAa,EAAA,IAAA;AAAA,UACb,QAAA;AAAA,UACA,YAAA,EAAc,gBAAgB,QAAQ,CAAA;AAAA,UACtC,UAAA;AAAA,UACA,GAAI,KAAA,KAAU,CACd,IAAA,CAAC,CAAC,QAAS,CAAA,IAAA;AAAA,YACT,CACE,EAAA,KAAA,EAAA,CAAG,MAAO,CAAA,iBAAA,CAAkB,OAAO,CAAA,KACjC,GAAI,CAAA,KAAA,GAAQ,CAAC,CAAA,CAAE,MAAU,IAAA,EAAA,CAAG,MAAW,KAAA;AAAA,cAEzC,EAAE,EAAA,EAAI,EAAG,CAAA,EAAA,KACT;AAAC,SACP;AAAA,OACD,IACD;AAAC,KACP;AAAA,GACF,EAAG,EAAE,CAAA;AACP;AAEa,MAAA,iBAAA,GAAoB,CAC/B,cAAA,EACA,GACmB,KAAA;AACnB,EAAA,IAAI,cAAgB,EAAA;AAClB,IAAO,OAAA;AAAA,MACL,EAAA,EAAI,eAAe,QAAS,CAAA,IAAA;AAAA,MAC5B,GAAA,EAAK,mBAAmB,cAAc,CAAA;AAAA,MACtC,OACE,cAAe,CAAA,IAAA,CAAK,OAAS,EAAA,WAAA,IAC7B,eAAe,QAAS,CAAA,IAAA;AAAA,MAC1B,IAAA,EAAM,eAAe,QAAS,CAAA,IAAA;AAAA,MAC9B,MAAM,cAAe,CAAA,IAAA;AAAA,MACrB,SAAA,EAAW,eAAe,QAAS,CAAA,SAAA;AAAA,MACnC,OAAA,EAAS,gBAAgB,cAAc;AAAA,KACzC;AAAA,aACS,GAAK,EAAA;AACd,IAAA,MAAM,EAAE,IAAM,EAAA,SAAA,EAAW,IAAK,EAAA,GAAI,eAAe,GAAG,CAAA;AACpD,IAAO,OAAA;AAAA,MACL,IAAI,CAAG,EAAA,IAAI,CAAI,CAAA,EAAA,SAAS,IAAI,IAAI,CAAA,CAAA;AAAA,MAChC,GAAA;AAAA,MACA,KAAO,EAAA,IAAA;AAAA,MACP,MAAM,CAAG,EAAA,IAAI,CAAI,CAAA,EAAA,SAAS,IAAI,IAAI,CAAA,CAAA;AAAA,MAClC,IAAM,EAAA,IAAA;AAAA,MACN,SAAA;AAAA,MACA,OAAA,EAAS,IAAS,KAAA,OAAA,GAAU,CAAI,GAAA;AAAA,KAClC;AAAA;AAEF,EAAA,OAAO,EAAC;AACV;AAEO,MAAM,yBAAyB,CACpC,CAAA,EACA,MAEA,CAAE,CAAA,eAAA,KAAoB,EAAE,eACxB,IAAA,CAAA,CAAE,UAAe,KAAA,CAAA,CAAE,cACnB,CAAE,CAAA,MAAA,KAAW,EAAE,MACf,IAAA,CAAA,CAAE,WAAW,CAAE,CAAA;AAEV,MAAM,UAAa,GAAA,CACxB,IACA,EAAA,KAAA,EACA,oBAEA,IAAK,CAAA,MAAA;AAAA,EACH,CAAA,SAAA,KACE,CAAC,KAAM,CAAA,IAAA,CAAK,gBAAc,eAAgB,CAAA,SAAA,EAAW,UAAU,CAAC;AACpE;;;;"}
|