@backstage/plugin-permission-node 0.8.8-next.2 → 0.8.9-next.0

package/CHANGELOG.md

@@ -1,5 +1,28 @@
 # @backstage/plugin-permission-node
 
+## 0.8.9-next.0
+
+### Patch Changes
+
+- 728e3e1: Improved type inference when passing a `PermissionResourceRef` to `createPermissionRule`.
+- Updated dependencies
+  - @backstage/plugin-auth-node@0.6.1-next.0
+  - @backstage/backend-plugin-api@1.2.1-next.0
+
+## 0.8.8
+
+### Patch Changes
+
+- 049d5d4: The returned router from `createPermissionIntegrationRouter` is now mutable, allowing for permissions and resources to be added after creation of the router.
+- b71f634: Added a new `PermissionRuleset` type that encapsulates a lookup function for permission rules, which can be created by the new `PermissionsRegistryService` via the `getPermissionRuleset` method. The `createConditionTransformer` and `createConditionAuthorizer` functions have been adapted to receive these accessors as arguments, with their older counterparts being deprecated.
+- a9621de: Added a new `createPermissionResourceRef` utility that encapsulates the constants and types related to a permission resource types. The `createConditionExports` and `createPermissionRule` functions have also been adapted to accept these references as arguments, deprecating their older counterparts.
+- Updated dependencies
+  - @backstage/backend-plugin-api@1.2.0
+  - @backstage/plugin-auth-node@0.6.0
+  - @backstage/config@1.3.2
+  - @backstage/errors@1.2.7
+  - @backstage/plugin-permission-common@0.8.4
+
 ## 0.8.8-next.2
 
 ### Patch Changes

package/dist/index.d.ts

@@ -360,10 +360,10 @@ declare function createPermissionIntegrationRouter<TResourceType1 extends string
 /**
  * @public
  */
-type CreatePermissionRuleOptions<TResource, TQuery, TQueryOutput extends TQuery, TResourceType extends string, TParams extends PermissionRuleParams> = {
+type CreatePermissionRuleOptions<TRef extends PermissionResourceRef, TParams extends PermissionRuleParams> = TRef extends PermissionResourceRef<infer IResource, infer IQuery, any> ? {
     name: string;
     description: string;
-    resourceRef: PermissionResourceRef<TResource, TQuery, TResourceType>;
+    resourceRef: TRef;
     /**
      * A ZodSchema that reflects the structure of the parameters that are passed to
      */
@@ -373,20 +373,20 @@ type CreatePermissionRuleOptions<TResource, TQuery, TQueryOutput extends TQuery,
      * arguments supplied for the rule; for example, a rule could be `isOwner` with entityRefs as the
      * params.
      */
-    apply(resource: TResource, params: NoInfer<TParams>): boolean;
+    apply(resource: IResource, params: NoInfer<TParams>): boolean;
     /**
      * Translate this rule to criteria suitable for use in querying a backing data store. The criteria
      * can be used for loading a collection of resources efficiently with conditional criteria already
      * applied.
      */
-    toQuery(params: NoInfer<TParams>): PermissionCriteria<TQueryOutput>;
-};
+    toQuery(params: NoInfer<TParams>): PermissionCriteria<IQuery>;
+} : never;
 /**
  * Helper function to create a {@link PermissionRule} for a specific resource type using a {@link PermissionResourceRef}.
  *
  * @public
  */
-declare function createPermissionRule<TResource, TQuery, TQueryOutput extends TQuery, TResourceType extends string, TParams extends PermissionRuleParams = undefined>(rule: CreatePermissionRuleOptions<TResource, TQuery, TQueryOutput, TResourceType, TParams>): PermissionRule<TResource, TQuery, TResourceType, TParams>;
+declare function createPermissionRule<TRef extends PermissionResourceRef, TParams extends PermissionRuleParams = undefined>(rule: CreatePermissionRuleOptions<TRef, TParams>): PermissionRule<TRef['TResource'], TRef['TQuery'], TRef['resourceType'], TParams>;
 /**
  * Helper function to ensure that {@link PermissionRule} definitions are typed correctly.
  *

package/dist/integration/createPermissionRule.cjs.js

@@ -2,7 +2,10 @@
 
 function createPermissionRule(rule) {
   if ("resourceRef" in rule) {
-    return { ...rule, resourceType: rule.resourceRef.resourceType };
+    return {
+      ...rule,
+      resourceType: rule.resourceRef.resourceType
+    };
   }
   return rule;
 }

package/dist/integration/createPermissionRule.cjs.js.map

@@ -1 +1 @@
-{"version":3,"file":"createPermissionRule.cjs.js","sources":["../../src/integration/createPermissionRule.ts"],"sourcesContent":["/*\n * Copyright 2022 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  PermissionCriteria,\n  PermissionRuleParams,\n} from '@backstage/plugin-permission-common';\nimport { PermissionRule } from '../types';\nimport { z } from 'zod';\nimport { PermissionResourceRef } from './createPermissionResourceRef';\nimport { NoInfer } from './util';\n\n/**\n * @public\n */\nexport type CreatePermissionRuleOptions<\n  TResource,\n  TQuery,\n  TQueryOutput extends TQuery,\n  TResourceType extends string,\n  TParams extends PermissionRuleParams,\n> = {\n  name: string;\n  description: string;\n\n  resourceRef: PermissionResourceRef<TResource, TQuery, TResourceType>;\n\n  /**\n   * A ZodSchema that reflects the structure of the parameters that are passed to\n   */\n  paramsSchema?: z.ZodSchema<TParams>;\n\n  /**\n   * Apply this rule to a resource already loaded from a backing data source. The params are\n   * arguments supplied for the rule; for example, a rule could be `isOwner` with entityRefs as the\n   * params.\n   */\n  apply(resource: TResource, params: NoInfer<TParams>): boolean;\n\n  /**\n   * Translate this rule to criteria suitable for use in querying a backing data store. The criteria\n   * can be used for loading a collection of resources efficiently with conditional criteria already\n   * applied.\n   */\n  toQuery(params: NoInfer<TParams>): PermissionCriteria<TQueryOutput>;\n};\n\n/**\n * Helper function to create a {@link PermissionRule} for a specific resource type using a {@link PermissionResourceRef}.\n *\n * @public\n */\nexport function createPermissionRule<\n  TResource,\n  TQuery,\n  TQueryOutput extends TQuery,\n  TResourceType extends string,\n  TParams extends PermissionRuleParams = undefined,\n>(\n  rule: CreatePermissionRuleOptions<\n    TResource,\n    TQuery,\n    TQueryOutput,\n    TResourceType,\n    TParams\n  >,\n): PermissionRule<TResource, TQuery, TResourceType, TParams>;\n/**\n * Helper function to ensure that {@link PermissionRule} definitions are typed correctly.\n *\n * @deprecated Use the version of `createPermissionRule` that accepts a `resourceRef` option instead.\n * @public\n */\nexport function createPermissionRule<\n  TResource,\n  TQuery,\n  TResourceType extends string,\n  TParams extends PermissionRuleParams = undefined,\n>(\n  rule: PermissionRule<TResource, TQuery, TResourceType, TParams>,\n): PermissionRule<TResource, TQuery, TResourceType, TParams>;\nexport function createPermissionRule<\n  TResource,\n  TQuery,\n  TQueryOutput extends TQuery,\n  TResourceType extends string,\n  TParams extends PermissionRuleParams = undefined,\n>(\n  rule:\n    | PermissionRule<TResource, TQuery, TResourceType, TParams>\n    | CreatePermissionRuleOptions<\n        TResource,\n        TQuery,\n        TQueryOutput,\n        TResourceType,\n        TParams\n      >,\n): PermissionRule<TResource, TQuery, TResourceType, TParams> {\n  if ('resourceRef' in rule) {\n    return { ...rule, resourceType: rule.resourceRef.resourceType };\n  }\n  return rule;\n}\n\n/**\n * Helper for making plugin-specific createPermissionRule functions, that have\n * the TResource and TQuery type parameters populated but infer the params from\n * the supplied rule. This helps ensure that rules created for this plugin use\n * consistent types for the resource and query.\n *\n * @public\n * @deprecated Use {@link (createPermissionRule:1)} directly instead with the resourceRef option.\n */\nexport const makeCreatePermissionRule =\n  <TResource, TQuery, TResourceType extends string>() =>\n  <TParams extends PermissionRuleParams = undefined>(\n    rule: PermissionRule<TResource, TQuery, TResourceType, TParams>,\n  ) =>\n    createPermissionRule(rule);\n"],"names":[],"mappings":";;AA8FO,SAAS,qBAOd,IAS2D,EAAA;AAC3D,EAAA,IAAI,iBAAiB,IAAM,EAAA;AACzB,IAAA,OAAO,EAAE,GAAG,IAAA,EAAM,YAAc,EAAA,IAAA,CAAK,YAAY,YAAa,EAAA;AAAA;AAEhE,EAAO,OAAA,IAAA;AACT;AAWO,MAAM,wBACX,GAAA,MACA,CACE,IAAA,KAEA,qBAAqB,IAAI;;;;;"}
+{"version":3,"file":"createPermissionRule.cjs.js","sources":["../../src/integration/createPermissionRule.ts"],"sourcesContent":["/*\n * Copyright 2022 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  PermissionCriteria,\n  PermissionRuleParams,\n} from '@backstage/plugin-permission-common';\nimport { PermissionRule } from '../types';\nimport { z } from 'zod';\nimport { PermissionResourceRef } from './createPermissionResourceRef';\nimport { NoInfer } from './util';\n\n/**\n * @public\n */\nexport type CreatePermissionRuleOptions<\n  TRef extends PermissionResourceRef,\n  TParams extends PermissionRuleParams,\n> = TRef extends PermissionResourceRef<infer IResource, infer IQuery, any>\n  ? {\n      name: string;\n      description: string;\n\n      resourceRef: TRef;\n\n      /**\n       * A ZodSchema that reflects the structure of the parameters that are passed to\n       */\n      paramsSchema?: z.ZodSchema<TParams>;\n\n      /**\n       * Apply this rule to a resource already loaded from a backing data source. The params are\n       * arguments supplied for the rule; for example, a rule could be `isOwner` with entityRefs as the\n       * params.\n       */\n      apply(resource: IResource, params: NoInfer<TParams>): boolean;\n\n      /**\n       * Translate this rule to criteria suitable for use in querying a backing data store. The criteria\n       * can be used for loading a collection of resources efficiently with conditional criteria already\n       * applied.\n       */\n      toQuery(params: NoInfer<TParams>): PermissionCriteria<IQuery>;\n    }\n  : never;\n\n/**\n * Helper function to create a {@link PermissionRule} for a specific resource type using a {@link PermissionResourceRef}.\n *\n * @public\n */\nexport function createPermissionRule<\n  TRef extends PermissionResourceRef,\n  TParams extends PermissionRuleParams = undefined,\n>(\n  rule: CreatePermissionRuleOptions<TRef, TParams>,\n): PermissionRule<\n  TRef['TResource'],\n  TRef['TQuery'],\n  TRef['resourceType'],\n  TParams\n>;\n/**\n * Helper function to ensure that {@link PermissionRule} definitions are typed correctly.\n *\n * @deprecated Use the version of `createPermissionRule` that accepts a `resourceRef` option instead.\n * @public\n */\nexport function createPermissionRule<\n  TResource,\n  TQuery,\n  TResourceType extends string,\n  TParams extends PermissionRuleParams = undefined,\n>(\n  rule: PermissionRule<TResource, TQuery, TResourceType, TParams>,\n): PermissionRule<TResource, TQuery, TResourceType, TParams>;\nexport function createPermissionRule<\n  TResource,\n  TQuery,\n  TResourceType extends string,\n  TRef extends PermissionResourceRef,\n  TParams extends PermissionRuleParams = undefined,\n>(\n  rule:\n    | PermissionRule<TResource, TQuery, TResourceType, TParams>\n    | CreatePermissionRuleOptions<TRef, TParams>,\n): PermissionRule<TResource, TQuery, TResourceType, TParams> {\n  if ('resourceRef' in rule) {\n    return {\n      ...rule,\n      resourceType: rule.resourceRef.resourceType as TResourceType,\n    } as PermissionRule<TResource, TQuery, TResourceType, TParams>;\n  }\n  return rule;\n}\n\n/**\n * Helper for making plugin-specific createPermissionRule functions, that have\n * the TResource and TQuery type parameters populated but infer the params from\n * the supplied rule. This helps ensure that rules created for this plugin use\n * consistent types for the resource and query.\n *\n * @public\n * @deprecated Use {@link (createPermissionRule:1)} directly instead with the resourceRef option.\n */\nexport const makeCreatePermissionRule =\n  <TResource, TQuery, TResourceType extends string>() =>\n  <TParams extends PermissionRuleParams = undefined>(\n    rule: PermissionRule<TResource, TQuery, TResourceType, TParams>,\n  ) =>\n    createPermissionRule(rule);\n"],"names":[],"mappings":";;AAyFO,SAAS,qBAOd,IAG2D,EAAA;AAC3D,EAAA,IAAI,iBAAiB,IAAM,EAAA;AACzB,IAAO,OAAA;AAAA,MACL,GAAG,IAAA;AAAA,MACH,YAAA,EAAc,KAAK,WAAY,CAAA;AAAA,KACjC;AAAA;AAEF,EAAO,OAAA,IAAA;AACT;AAWO,MAAM,wBACX,GAAA,MACA,CACE,IAAA,KAEA,qBAAqB,IAAI;;;;;"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@backstage/plugin-permission-node",
-  "version": "0.8.8-next.2",
+  "version": "0.8.9-next.0",
   "description": "Common permission and authorization utilities for backend plugins",
   "backstage": {
     "role": "node-library",
@@ -65,10 +65,10 @@
   },
   "dependencies": {
     "@backstage/backend-common": "^0.25.0",
-    "@backstage/backend-plugin-api": "1.2.0-next.2",
+    "@backstage/backend-plugin-api": "1.2.1-next.0",
     "@backstage/config": "1.3.2",
     "@backstage/errors": "1.2.7",
-    "@backstage/plugin-auth-node": "0.6.0-next.2",
+    "@backstage/plugin-auth-node": "0.6.1-next.0",
     "@backstage/plugin-permission-common": "0.8.4",
     "@types/express": "^4.17.6",
     "express": "^4.17.1",
@@ -77,9 +77,9 @@
     "zod-to-json-schema": "^3.20.4"
   },
   "devDependencies": {
-    "@backstage/backend-defaults": "0.8.0-next.3",
-    "@backstage/backend-test-utils": "1.3.0-next.3",
-    "@backstage/cli": "0.30.0-next.3",
+    "@backstage/backend-defaults": "0.8.2-next.0",
+    "@backstage/backend-test-utils": "1.3.1-next.0",
+    "@backstage/cli": "0.30.0",
     "@types/supertest": "^2.0.8",
     "msw": "^1.0.0",
     "supertest": "^7.0.0"