@backstage/plugin-catalog-backend 1.26.0-next.2 → 1.26.0

package/CHANGELOG.md

@@ -1,5 +1,40 @@
 # @backstage/plugin-catalog-backend
 
+## 1.26.0
+
+### Minor Changes
+
+- 74acf06: Add `dependencyOf` prop to catalog model for Component kind to enable building relationship graphs with both directions using `dependsOn` and `dependencyOf`.
+- 78475c3: Allow offset mode paging in entity list provider
+- bd35cdb: The `analyze-location` endpoint is now protected by the `catalog.location.analyze` permission.
+  The `validate-entity` endpoint is now protected by the `catalog.entity.validate` permission.
+
+### Patch Changes
+
+- 1882cfe: Moved `getEntities` ordering to utilize database instead of having it inside catalog client
+
+  Please note that the latest version of `@backstage/catalog-client` will not order the entities in the same way as before. This is because the ordering is now done in the database query instead of in the client. If you rely on the ordering of the entities, you may need to update your backend plugin or code to handle this change.
+
+- d425fc4: Modules, plugins, and services are now `BackendFeature`, not a function that returns a feature.
+- c2b63ab: Updated dependency `supertest` to `^7.0.0`.
+- 53cce86: Fixed an issue with the by-query call, where ordering by a field that does not exist on all entities led to not all results being returned
+- Updated dependencies
+  - @backstage/backend-common@0.25.0
+  - @backstage/backend-plugin-api@1.0.0
+  - @backstage/catalog-model@1.7.0
+  - @backstage/catalog-client@1.7.0
+  - @backstage/plugin-search-backend-module-catalog@0.2.2
+  - @backstage/plugin-permission-node@0.8.3
+  - @backstage/plugin-catalog-common@1.1.0
+  - @backstage/plugin-catalog-node@1.13.0
+  - @backstage/integration@1.15.0
+  - @backstage/backend-openapi-utils@0.1.18
+  - @backstage/plugin-events-node@0.4.0
+  - @backstage/config@1.2.0
+  - @backstage/errors@1.2.4
+  - @backstage/types@1.1.1
+  - @backstage/plugin-permission-common@0.8.1
+
 ## 1.26.0-next.2
 
 ### Minor Changes

package/alpha/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@backstage/plugin-catalog-backend__alpha",
-  "version": "1.26.0-next.2",
+  "version": "1.26.0",
   "main": "../dist/alpha.cjs.js",
   "types": "../dist/alpha.d.ts"
 }

package/dist/alpha.cjs.js

@@ -4,7 +4,7 @@ Object.defineProperty(exports, '__esModule', { value: true });
 
 var alpha = require('@backstage/plugin-catalog-common/alpha');
 var pluginPermissionNode = require('@backstage/plugin-permission-node');
-var CatalogBuilder = require('./cjs/CatalogBuilder-DeLH-BIi.cjs.js');
+var CatalogBuilder = require('./cjs/CatalogBuilder-CGSl8LEN.cjs.js');
 var backendPluginApi = require('@backstage/backend-plugin-api');
 var pluginEventsNode = require('@backstage/plugin-events-node');
 var alpha$1 = require('@backstage/plugin-catalog-node/alpha');
@@ -25,6 +25,7 @@ require('util');
 require('yaml');
 require('p-limit');
 require('uuid');
+require('@backstage/plugin-permission-common');
 require('luxon');
 require('prom-client');
 require('@opentelemetry/api');
@@ -36,7 +37,6 @@ require('@backstage/types');
 require('@backstage/catalog-client');
 require('yn');
 require('@backstage/backend-openapi-utils');
-require('@backstage/plugin-permission-common');
 require('minimatch');
 require('@backstage/config');
 

package/dist/cjs/{CatalogBuilder-DeLH-BIi.cjs.js → CatalogBuilder-CGSl8LEN.cjs.js}

@@ -17,6 +17,8 @@ var util = require('util');
 var yaml = require('yaml');
 var limiterFactory = require('p-limit');
 var uuid = require('uuid');
+var alpha = require('@backstage/plugin-catalog-common/alpha');
+var pluginPermissionCommon = require('@backstage/plugin-permission-common');
 var backendPluginApi = require('@backstage/backend-plugin-api');
 var luxon = require('luxon');
 var promClient = require('prom-client');
@@ -29,8 +31,6 @@ var types = require('@backstage/types');
 var catalogClient = require('@backstage/catalog-client');
 var yn = require('yn');
 var backendOpenapiUtils = require('@backstage/backend-openapi-utils');
-var alpha = require('@backstage/plugin-catalog-common/alpha');
-var pluginPermissionCommon = require('@backstage/plugin-permission-common');
 var minimatch = require('minimatch');
 var config = require('@backstage/config');
 var pluginPermissionNode = require('@backstage/plugin-permission-node');
@@ -317,6 +317,12 @@ class BuiltinKindsEntityProcessor {
         catalogModel.RELATION_DEPENDS_ON,
         catalogModel.RELATION_DEPENDENCY_OF
       );
+      doEmit(
+        component.spec.dependencyOf,
+        { defaultNamespace: selfRef.namespace },
+        catalogModel.RELATION_DEPENDENCY_OF,
+        catalogModel.RELATION_DEPENDS_ON
+      );
       doEmit(
         component.spec.system,
         { defaultKind: "System", defaultNamespace: selfRef.namespace },
@@ -1045,6 +1051,27 @@ class RepoLocationAnalyzer {
   }
 }
 
+class AuthorizedLocationAnalyzer {
+  constructor(service, permissionApi) {
+    this.service = service;
+    this.permissionApi = permissionApi;
+  }
+  async analyzeLocation(request, credentials) {
+    const authorizeDecision = (await this.permissionApi.authorize(
+      [
+        {
+          permission: alpha.catalogLocationAnalyzePermission
+        }
+      ],
+      { credentials }
+    ))[0];
+    if (authorizeDecision.result !== pluginPermissionCommon.AuthorizeResult.ALLOW) {
+      throw new errors.NotAllowedError();
+    }
+    return this.service.analyzeLocation(request, credentials);
+  }
+}
+
 function timestampToDateTime(input) {
   try {
     if (typeof input === "object") {
@@ -3768,7 +3795,7 @@ function parseEntityFilterString(filterString) {
   if (!statements.length) {
     return void 0;
   }
-  const filtersByKey = {};
+  const filtersByKey = /* @__PURE__ */ new Map();
   for (const statement of statements) {
     const equalsIndex = statement.indexOf("=");
     const key = equalsIndex === -1 ? statement : statement.substring(0, equalsIndex).trim();
@@ -3778,13 +3805,17 @@ function parseEntityFilterString(filterString) {
         `Invalid filter, '${statement}' is not a valid statement (expected a string on the form a=b or a= or a)`
       );
     }
-    const f = key in filtersByKey ? filtersByKey[key] : filtersByKey[key] = { key };
+    let f = filtersByKey.get(key);
+    if (!f) {
+      f = { key };
+      filtersByKey.set(key, f);
+    }
     if (value !== void 0) {
       f.values = f.values || [];
       f.values.push(value);
     }
   }
-  return Object.values(filtersByKey);
+  return Array.from(filtersByKey.values());
 }
 
 function getPathArrayAndValue(input, field) {
@@ -5465,6 +5496,27 @@ function parseEntityPaginationParams({
   };
 }
 
+class AuthorizedValidationService {
+  constructor(service, permissionApi) {
+    this.service = service;
+    this.permissionApi = permissionApi;
+  }
+  async process(request, credentials) {
+    const authorizeDecision = (await this.permissionApi.authorize(
+      [
+        {
+          permission: alpha.catalogEntityValidatePermission
+        }
+      ],
+      { credentials }
+    ))[0];
+    if (authorizeDecision.result !== pluginPermissionCommon.AuthorizeResult.ALLOW) {
+      throw new errors.NotAllowedError();
+    }
+    return this.service.process(request);
+  }
+}
+
 async function createRouter(options) {
   const router = await createOpenApiRouter({
     validatorOptions: {
@@ -5482,6 +5534,7 @@ async function createRouter(options) {
     config,
     logger,
     permissionIntegrationRouter,
+    permissionsService,
     auth,
     httpAuth
   } = options;
@@ -5649,9 +5702,13 @@ async function createRouter(options) {
         location: locationInput,
         catalogFilename: zod.z.string().optional()
       });
+      const credentials = await httpAuth.credentials(req);
       const parsedBody = schema.parse(body);
       try {
-        const output = await locationAnalyzer.analyzeLocation(parsedBody);
+        const output = await locationAnalyzer.analyzeLocation(
+          parsedBody,
+          credentials
+        );
         res.status(200).json(output);
       } catch (err) {
         if (
@@ -5686,19 +5743,27 @@ async function createRouter(options) {
           errors: [errors.serializeError(err)]
         });
       }
-      const processingResult = await orchestrator.process({
-        entity: {
-          ...entity,
-          metadata: {
-            ...entity.metadata,
-            annotations: {
-              [catalogModel.ANNOTATION_LOCATION]: body.location,
-              [catalogModel.ANNOTATION_ORIGIN_LOCATION]: body.location,
-              ...entity.metadata.annotations
+      const credentials = await httpAuth.credentials(req);
+      const authorizedValidationService = new AuthorizedValidationService(
+        orchestrator,
+        permissionsService
+      );
+      const processingResult = await authorizedValidationService.process(
+        {
+          entity: {
+            ...entity,
+            metadata: {
+              ...entity.metadata,
+              annotations: {
+                [catalogModel.ANNOTATION_LOCATION]: body.location,
+                [catalogModel.ANNOTATION_ORIGIN_LOCATION]: body.location,
+                ...entity.metadata.annotations
+              }
             }
           }
-        }
-      });
+        },
+        credentials
+      );
       if (!processingResult.ok)
         res.status(400).json({
           errors: processingResult.errors.map((e) => errors.serializeError(e))
@@ -7016,15 +7081,6 @@ class CatalogBuilder {
     });
     const integrations = integration.ScmIntegrations.fromConfig(config);
     const rulesEnforcer = DefaultCatalogRulesEnforcer.fromConfig(config);
-    const orchestrator = new DefaultCatalogProcessingOrchestrator({
-      processors,
-      integrations,
-      rulesEnforcer,
-      logger,
-      parser,
-      policy,
-      legacySingleProcessorValidation: this.legacySingleProcessorValidation
-    });
     const unauthorizedEntitiesCatalog = new DefaultEntitiesCatalog({
       database: dbClient,
       logger,
@@ -7039,6 +7095,15 @@ class CatalogBuilder {
       );
       permissionsService = pluginPermissionCommon.toPermissionEvaluator(permissions);
     }
+    const orchestrator = new DefaultCatalogProcessingOrchestrator({
+      processors,
+      integrations,
+      rulesEnforcer,
+      logger,
+      parser,
+      policy,
+      legacySingleProcessorValidation: this.legacySingleProcessorValidation
+    });
     const entitiesCatalog = new AuthorizedEntitiesCatalog(
       unauthorizedEntitiesCatalog,
       permissionsService,
@@ -7089,7 +7154,10 @@ class CatalogBuilder {
       },
       eventBroker: this.eventBroker
     });
-    const locationAnalyzer = this.locationAnalyzer ?? new RepoLocationAnalyzer(logger, integrations, this.locationAnalyzers);
+    const locationAnalyzer = this.locationAnalyzer ?? new AuthorizedLocationAnalyzer(
+      new RepoLocationAnalyzer(logger, integrations, this.locationAnalyzers),
+      permissionsService
+    );
     const locationService = new AuthorizedLocationService(
       new DefaultLocationService(locationStore, orchestrator, {
         allowedLocationTypes: this.allowedLocationType
@@ -7110,7 +7178,8 @@ class CatalogBuilder {
       config,
       permissionIntegrationRouter,
       auth,
-      httpAuth
+      httpAuth,
+      permissionsService
     });
     await connectEntityProviders(providerDatabase, entityProviders);
     return {
@@ -7303,4 +7372,4 @@ exports.createCatalogPermissionRule = createCatalogPermissionRule;
 exports.createRandomProcessingInterval = createRandomProcessingInterval;
 exports.parseEntityYaml = parseEntityYaml;
 exports.permissionRules = permissionRules;
-//# sourceMappingURL=CatalogBuilder-DeLH-BIi.cjs.js.map
+//# sourceMappingURL=CatalogBuilder-CGSl8LEN.cjs.js.map