@backstage/plugin-search-backend 0.4.7 → 0.5.0-next.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +43 -0
- package/dist/index.cjs.js +14 -1
- package/dist/index.cjs.js.map +1 -1
- package/package.json +12 -12
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,48 @@
|
|
|
1
1
|
# @backstage/plugin-search-backend
|
|
2
2
|
|
|
3
|
+
## 0.5.0-next.1
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- 30f9884359: Check for non-resource permissions when authorizing result-by-result in AuthorizedSearchEngine.
|
|
8
|
+
- c98d271466: Use updated types from `@backstage/plugin-permission-common`
|
|
9
|
+
- Updated dependencies
|
|
10
|
+
- @backstage/plugin-permission-common@0.6.0-next.0
|
|
11
|
+
- @backstage/plugin-permission-node@0.6.0-next.1
|
|
12
|
+
- @backstage/backend-common@0.13.2-next.1
|
|
13
|
+
- @backstage/plugin-search-common@0.3.3-next.1
|
|
14
|
+
|
|
15
|
+
## 0.5.0-next.0
|
|
16
|
+
|
|
17
|
+
### Minor Changes
|
|
18
|
+
|
|
19
|
+
- 94ccd772d4: **BREAKING**: The `authorization` property is no longer returned on search results when queried. Note: this will only result in a breaking change if you have custom code in your frontend that relies on the `authorization.resourceRef` property on documents.
|
|
20
|
+
|
|
21
|
+
### Patch Changes
|
|
22
|
+
|
|
23
|
+
- 62ee65422c: Use new `IndexableResultSet` type as return type of query method in `SearchEngine` implementation.
|
|
24
|
+
- Updated dependencies
|
|
25
|
+
- @backstage/plugin-auth-node@0.2.0-next.0
|
|
26
|
+
- @backstage/plugin-search-common@0.3.3-next.0
|
|
27
|
+
- @backstage/plugin-search-backend-node@0.5.3-next.0
|
|
28
|
+
- @backstage/backend-common@0.13.2-next.0
|
|
29
|
+
- @backstage/plugin-permission-node@0.5.6-next.0
|
|
30
|
+
|
|
31
|
+
## 0.4.8
|
|
32
|
+
|
|
33
|
+
### Patch Changes
|
|
34
|
+
|
|
35
|
+
- Updated dependencies
|
|
36
|
+
- @backstage/backend-common@0.13.1
|
|
37
|
+
- @backstage/config@1.0.0
|
|
38
|
+
- @backstage/errors@1.0.0
|
|
39
|
+
- @backstage/types@1.0.0
|
|
40
|
+
- @backstage/plugin-permission-common@0.5.3
|
|
41
|
+
- @backstage/plugin-search-backend-node@0.5.2
|
|
42
|
+
- @backstage/plugin-auth-node@0.1.6
|
|
43
|
+
- @backstage/plugin-permission-node@0.5.5
|
|
44
|
+
- @backstage/plugin-search-common@0.3.2
|
|
45
|
+
|
|
3
46
|
## 0.4.7
|
|
4
47
|
|
|
5
48
|
### Patch Changes
|
package/dist/index.cjs.js
CHANGED
|
@@ -101,6 +101,9 @@ class AuthorizedSearchEngine {
|
|
|
101
101
|
if (!permission || !resourceRef) {
|
|
102
102
|
return result;
|
|
103
103
|
}
|
|
104
|
+
if (!pluginPermissionCommon.isResourcePermission(permission)) {
|
|
105
|
+
throw new Error(`Unexpected conditional decision returned for non-resource permission "${permission.name}"`);
|
|
106
|
+
}
|
|
104
107
|
return authorizer.load({ permission, resourceRef }).then((decision) => decision.result === pluginPermissionCommon.AuthorizeResult.ALLOW ? result : void 0);
|
|
105
108
|
})));
|
|
106
109
|
}
|
|
@@ -138,6 +141,16 @@ async function createRouter(options) {
|
|
|
138
141
|
return isAllowed;
|
|
139
142
|
})
|
|
140
143
|
});
|
|
144
|
+
const toSearchResults = (resultSet) => ({
|
|
145
|
+
...resultSet,
|
|
146
|
+
results: resultSet.results.map((result) => ({
|
|
147
|
+
...result,
|
|
148
|
+
document: {
|
|
149
|
+
...result.document,
|
|
150
|
+
authorization: void 0
|
|
151
|
+
}
|
|
152
|
+
}))
|
|
153
|
+
});
|
|
141
154
|
const router = Router__default["default"]();
|
|
142
155
|
router.get("/query", async (req, res) => {
|
|
143
156
|
var _a;
|
|
@@ -150,7 +163,7 @@ async function createRouter(options) {
|
|
|
150
163
|
const token = pluginAuthNode.getBearerTokenFromAuthorizationHeader(req.header("authorization"));
|
|
151
164
|
try {
|
|
152
165
|
const resultSet = await (engine == null ? void 0 : engine.query(query, { token }));
|
|
153
|
-
res.send(filterResultSet(resultSet));
|
|
166
|
+
res.send(filterResultSet(toSearchResults(resultSet)));
|
|
154
167
|
} catch (err) {
|
|
155
168
|
throw new Error(`There was a problem performing the search query. ${err}`);
|
|
156
169
|
}
|
package/dist/index.cjs.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.cjs.js","sources":["../src/service/AuthorizedSearchEngine.ts","../src/service/router.ts"],"sourcesContent":["/*\n * Copyright 2022 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { compact, zipObject } from 'lodash';\nimport qs from 'qs';\nimport DataLoader from 'dataloader';\nimport {\n AuthorizeDecision,\n AuthorizeQuery,\n AuthorizeResult,\n PermissionAuthorizer,\n} from '@backstage/plugin-permission-common';\nimport {\n DocumentTypeInfo,\n QueryRequestOptions,\n QueryTranslator,\n SearchEngine,\n SearchQuery,\n SearchResult,\n SearchResultSet,\n} from '@backstage/plugin-search-common';\nimport { Config } from '@backstage/config';\nimport { InputError } from '@backstage/errors';\nimport { Writable } from 'stream';\n\nexport function decodePageCursor(pageCursor?: string): { page: number } {\n if (!pageCursor) {\n return { page: 0 };\n }\n\n const page = Number(Buffer.from(pageCursor, 'base64').toString('utf-8'));\n if (isNaN(page)) {\n throw new InputError('Invalid page cursor');\n }\n\n if (page < 0) {\n throw new InputError('Invalid page cursor');\n }\n\n return {\n page,\n };\n}\n\nexport function encodePageCursor({ page }: { page: number }): string {\n return Buffer.from(`${page}`, 'utf-8').toString('base64');\n}\n\nexport class AuthorizedSearchEngine implements SearchEngine {\n private readonly pageSize = 25;\n private readonly queryLatencyBudgetMs: number;\n\n constructor(\n private readonly searchEngine: SearchEngine,\n private readonly types: Record<string, DocumentTypeInfo>,\n private readonly permissions: PermissionAuthorizer,\n config: Config,\n ) {\n this.queryLatencyBudgetMs =\n config.getOptionalNumber('search.permissions.queryLatencyBudgetMs') ??\n 1000;\n }\n\n setTranslator(translator: QueryTranslator): void {\n this.searchEngine.setTranslator(translator);\n }\n\n async getIndexer(type: string): Promise<Writable> {\n return this.searchEngine.getIndexer(type);\n }\n\n async query(\n query: SearchQuery,\n options: QueryRequestOptions,\n ): Promise<SearchResultSet> {\n const queryStartTime = Date.now();\n\n const authorizer = new DataLoader(\n (requests: readonly AuthorizeQuery[]) =>\n this.permissions.authorize(requests.slice(), options),\n {\n // Serialize the permission name and resourceRef as\n // a query string to avoid collisions from overlapping\n // permission names and resourceRefs.\n cacheKeyFn: ({ permission: { name }, resourceRef }) =>\n qs.stringify({ name, resourceRef }),\n },\n );\n const requestedTypes = query.types || Object.keys(this.types);\n\n const typeDecisions = zipObject(\n requestedTypes,\n await Promise.all(\n requestedTypes.map(type => {\n const permission = this.types[type]?.visibilityPermission;\n\n return permission\n ? authorizer.load({ permission })\n : { result: AuthorizeResult.ALLOW as const };\n }),\n ),\n );\n\n const authorizedTypes = requestedTypes.filter(\n type => typeDecisions[type]?.result !== AuthorizeResult.DENY,\n );\n\n const resultByResultFilteringRequired = authorizedTypes.some(\n type => typeDecisions[type]?.result === AuthorizeResult.CONDITIONAL,\n );\n\n // When there are no CONDITIONAL decisions for any of the requested\n // result types, we can skip filtering result by result by simply\n // skipping the types the user is not permitted to see, which will\n // be much more efficient.\n //\n // Since it's not currently possible to configure the page size used\n // by search engines, this detail means that a single user might see\n // a different page size depending on whether their search required\n // result-by-result filtering or not. We can fix this minor\n // inconsistency by introducing a configurable page size.\n //\n // cf. https://github.com/backstage/backstage/issues/9162\n if (!resultByResultFilteringRequired) {\n return this.searchEngine.query(\n { ...query, types: authorizedTypes },\n options,\n );\n }\n\n const { page } = decodePageCursor(query.pageCursor);\n const targetResults = (page + 1) * this.pageSize;\n\n let filteredResults: SearchResult[] = [];\n let nextPageCursor: string | undefined;\n let latencyBudgetExhausted = false;\n\n do {\n const nextPage = await this.searchEngine.query(\n { ...query, types: authorizedTypes, pageCursor: nextPageCursor },\n options,\n );\n\n filteredResults = filteredResults.concat(\n await this.filterResults(nextPage.results, typeDecisions, authorizer),\n );\n\n nextPageCursor = nextPage.nextPageCursor;\n latencyBudgetExhausted =\n Date.now() - queryStartTime > this.queryLatencyBudgetMs;\n } while (\n nextPageCursor &&\n filteredResults.length < targetResults &&\n !latencyBudgetExhausted\n );\n\n return {\n results: filteredResults.slice(\n page * this.pageSize,\n (page + 1) * this.pageSize,\n ),\n previousPageCursor:\n page === 0 ? undefined : encodePageCursor({ page: page - 1 }),\n nextPageCursor:\n !latencyBudgetExhausted &&\n (nextPageCursor || filteredResults.length > targetResults)\n ? encodePageCursor({ page: page + 1 })\n : undefined,\n };\n }\n\n private async filterResults(\n results: SearchResult[],\n typeDecisions: Record<string, AuthorizeDecision>,\n authorizer: DataLoader<AuthorizeQuery, AuthorizeDecision>,\n ) {\n return compact(\n await Promise.all(\n results.map(result => {\n if (typeDecisions[result.type]?.result === AuthorizeResult.ALLOW) {\n return result;\n }\n\n const permission = this.types[result.type]?.visibilityPermission;\n const resourceRef = result.document.authorization?.resourceRef;\n\n if (!permission || !resourceRef) {\n return result;\n }\n\n return authorizer\n .load({ permission, resourceRef })\n .then(decision =>\n decision.result === AuthorizeResult.ALLOW ? result : undefined,\n );\n }),\n ),\n );\n }\n}\n","/*\n * Copyright 2021 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport express from 'express';\nimport Router from 'express-promise-router';\nimport { Logger } from 'winston';\nimport { z } from 'zod';\nimport { errorHandler } from '@backstage/backend-common';\nimport { InputError } from '@backstage/errors';\nimport { Config } from '@backstage/config';\nimport { JsonObject, JsonValue } from '@backstage/types';\nimport { getBearerTokenFromAuthorizationHeader } from '@backstage/plugin-auth-node';\nimport { PermissionAuthorizer } from '@backstage/plugin-permission-common';\nimport {\n DocumentTypeInfo,\n SearchResultSet,\n} from '@backstage/plugin-search-common';\nimport { SearchEngine } from '@backstage/plugin-search-backend-node';\nimport { AuthorizedSearchEngine } from './AuthorizedSearchEngine';\n\nconst jsonObjectSchema: z.ZodSchema<JsonObject> = z.lazy(() => {\n const jsonValueSchema: z.ZodSchema<JsonValue> = z.lazy(() =>\n z.union([\n z.string(),\n z.number(),\n z.boolean(),\n z.null(),\n z.array(jsonValueSchema),\n jsonObjectSchema,\n ]),\n );\n\n return z.record(jsonValueSchema);\n});\n\nexport type RouterOptions = {\n engine: SearchEngine;\n types: Record<string, DocumentTypeInfo>;\n permissions: PermissionAuthorizer;\n config: Config;\n logger: Logger;\n};\n\nconst allowedLocationProtocols = ['http:', 'https:'];\n\nexport async function createRouter(\n options: RouterOptions,\n): Promise<express.Router> {\n const { engine: inputEngine, types, permissions, config, logger } = options;\n\n const requestSchema = z.object({\n term: z.string().default(''),\n filters: jsonObjectSchema.optional(),\n types: z\n .array(z.string().refine(type => Object.keys(types).includes(type)))\n .optional(),\n pageCursor: z.string().optional(),\n });\n\n const engine = config.getOptionalBoolean('permission.enabled')\n ? new AuthorizedSearchEngine(inputEngine, types, permissions, config)\n : inputEngine;\n\n const filterResultSet = ({ results, ...resultSet }: SearchResultSet) => ({\n ...resultSet,\n results: results.filter(result => {\n const protocol = new URL(result.document.location, 'https://example.com')\n .protocol;\n const isAllowed = allowedLocationProtocols.includes(protocol);\n if (!isAllowed) {\n logger.info(\n `Rejected search result for \"${result.document.title}\" as location protocol \"${protocol}\" is unsafe`,\n );\n }\n return isAllowed;\n }),\n });\n\n const router = Router();\n router.get(\n '/query',\n async (req: express.Request, res: express.Response<SearchResultSet>) => {\n const parseResult = requestSchema.safeParse(req.query);\n\n if (!parseResult.success) {\n throw new InputError(`Invalid query string: ${parseResult.error}`);\n }\n\n const query = parseResult.data;\n\n logger.info(\n `Search request received: term=\"${\n query.term\n }\", filters=${JSON.stringify(query.filters)}, types=${\n query.types ? query.types.join(',') : ''\n }, pageCursor=${query.pageCursor ?? ''}`,\n );\n\n const token = getBearerTokenFromAuthorizationHeader(\n req.header('authorization'),\n );\n\n try {\n const resultSet = await engine?.query(query, { token });\n\n res.send(filterResultSet(resultSet));\n } catch (err) {\n throw new Error(\n `There was a problem performing the search query. ${err}`,\n );\n }\n },\n );\n\n router.use(errorHandler());\n\n return router;\n}\n"],"names":["InputError","DataLoader","qs","zipObject","AuthorizeResult","compact","z","Router","getBearerTokenFromAuthorizationHeader","errorHandler"],"mappings":";;;;;;;;;;;;;;;;;;;;0BAsCiC,YAAuC;AACtE,MAAI,CAAC,YAAY;AACf,WAAO,EAAE,MAAM;AAAA;AAGjB,QAAM,OAAO,OAAO,OAAO,KAAK,YAAY,UAAU,SAAS;AAC/D,MAAI,MAAM,OAAO;AACf,UAAM,IAAIA,kBAAW;AAAA;AAGvB,MAAI,OAAO,GAAG;AACZ,UAAM,IAAIA,kBAAW;AAAA;AAGvB,SAAO;AAAA,IACL;AAAA;AAAA;0BAI6B,EAAE,QAAkC;AACnE,SAAO,OAAO,KAAK,GAAG,QAAQ,SAAS,SAAS;AAAA;6BAGU;AAAA,EAI1D,YACmB,cACA,OACA,aACjB,QACA;AAJiB;AACA;AACA;AANF,oBAAW;AA9D9B;AAuEI,SAAK,uBACH,aAAO,kBAAkB,+CAAzB,YACA;AAAA;AAAA,EAGJ,cAAc,YAAmC;AAC/C,SAAK,aAAa,cAAc;AAAA;AAAA,QAG5B,WAAW,MAAiC;AAChD,WAAO,KAAK,aAAa,WAAW;AAAA;AAAA,QAGhC,MACJ,OACA,SAC0B;AAC1B,UAAM,iBAAiB,KAAK;AAE5B,UAAM,aAAa,IAAIC,+BACrB,CAAC,aACC,KAAK,YAAY,UAAU,SAAS,SAAS,UAC/C;AAAA,MAIE,YAAY,CAAC,EAAE,YAAY,EAAE,QAAQ,kBACnCC,uBAAG,UAAU,EAAE,MAAM;AAAA;AAG3B,UAAM,iBAAiB,MAAM,SAAS,OAAO,KAAK,KAAK;AAEvD,UAAM,gBAAgBC,iBACpB,gBACA,MAAM,QAAQ,IACZ,eAAe,IAAI,UAAQ;AA1GnC;AA2GU,YAAM,aAAa,WAAK,MAAM,UAAX,mBAAkB;AAErC,aAAO,aACH,WAAW,KAAK,EAAE,gBAClB,EAAE,QAAQC,uCAAgB;AAAA;AAKpC,UAAM,kBAAkB,eAAe,OACrC,UAAK;AArHX;AAqHc,kCAAc,UAAd,mBAAqB,YAAWA,uCAAgB;AAAA;AAG1D,UAAM,kCAAkC,gBAAgB,KACtD,UAAK;AAzHX;AAyHc,kCAAc,UAAd,mBAAqB,YAAWA,uCAAgB;AAAA;AAe1D,QAAI,CAAC,iCAAiC;AACpC,aAAO,KAAK,aAAa,MACvB,KAAK,OAAO,OAAO,mBACnB;AAAA;AAIJ,UAAM,EAAE,SAAS,iBAAiB,MAAM;AACxC,UAAM,gBAAiB,QAAO,KAAK,KAAK;AAExC,QAAI,kBAAkC;AACtC,QAAI;AACJ,QAAI,yBAAyB;AAE7B,OAAG;AACD,YAAM,WAAW,MAAM,KAAK,aAAa,MACvC,KAAK,OAAO,OAAO,iBAAiB,YAAY,kBAChD;AAGF,wBAAkB,gBAAgB,OAChC,MAAM,KAAK,cAAc,SAAS,SAAS,eAAe;AAG5D,uBAAiB,SAAS;AAC1B,+BACE,KAAK,QAAQ,iBAAiB,KAAK;AAAA,aAErC,kBACA,gBAAgB,SAAS,iBACzB,CAAC;AAGH,WAAO;AAAA,MACL,SAAS,gBAAgB,MACvB,OAAO,KAAK,UACX,QAAO,KAAK,KAAK;AAAA,MAEpB,oBACE,SAAS,IAAI,SAAY,iBAAiB,EAAE,MAAM,OAAO;AAAA,MAC3D,gBACE,CAAC,6CACkB,gBAAgB,SAAS,iBACxC,iBAAiB,EAAE,MAAM,OAAO,OAChC;AAAA;AAAA;AAAA,QAII,cACZ,SACA,eACA,YACA;AACA,WAAOC,eACL,MAAM,QAAQ,IACZ,QAAQ,IAAI,YAAU;AA/L9B;AAgMU,UAAI,qBAAc,OAAO,UAArB,mBAA4B,YAAWD,uCAAgB,OAAO;AAChE,eAAO;AAAA;AAGT,YAAM,aAAa,WAAK,MAAM,OAAO,UAAlB,mBAAyB;AAC5C,YAAM,cAAc,aAAO,SAAS,kBAAhB,mBAA+B;AAEnD,UAAI,CAAC,cAAc,CAAC,aAAa;AAC/B,eAAO;AAAA;AAGT,aAAO,WACJ,KAAK,EAAE,YAAY,eACnB,KAAK,cACJ,SAAS,WAAWA,uCAAgB,QAAQ,SAAS;AAAA;AAAA;AAAA;;AC7KnE,MAAM,mBAA4CE,MAAE,KAAK,MAAM;AAC7D,QAAM,kBAA0CA,MAAE,KAAK,MACrDA,MAAE,MAAM;AAAA,IACNA,MAAE;AAAA,IACFA,MAAE;AAAA,IACFA,MAAE;AAAA,IACFA,MAAE;AAAA,IACFA,MAAE,MAAM;AAAA,IACR;AAAA;AAIJ,SAAOA,MAAE,OAAO;AAAA;AAWlB,MAAM,2BAA2B,CAAC,SAAS;4BAGzC,SACyB;AACzB,QAAM,EAAE,QAAQ,aAAa,OAAO,aAAa,QAAQ,WAAW;AAEpE,QAAM,gBAAgBA,MAAE,OAAO;AAAA,IAC7B,MAAMA,MAAE,SAAS,QAAQ;AAAA,IACzB,SAAS,iBAAiB;AAAA,IAC1B,OAAOA,MACJ,MAAMA,MAAE,SAAS,OAAO,UAAQ,OAAO,KAAK,OAAO,SAAS,QAC5D;AAAA,IACH,YAAYA,MAAE,SAAS;AAAA;AAGzB,QAAM,SAAS,OAAO,mBAAmB,wBACrC,IAAI,uBAAuB,aAAa,OAAO,aAAa,UAC5D;AAEJ,QAAM,kBAAkB,CAAC,EAAE,YAAY;AAAkC,OACpE;AAAA,IACH,SAAS,QAAQ,OAAO,YAAU;AAChC,YAAM,WAAW,IAAI,IAAI,OAAO,SAAS,UAAU,uBAChD;AACH,YAAM,YAAY,yBAAyB,SAAS;AACpD,UAAI,CAAC,WAAW;AACd,eAAO,KACL,+BAA+B,OAAO,SAAS,gCAAgC;AAAA;AAGnF,aAAO;AAAA;AAAA;AAIX,QAAM,SAASC;AACf,SAAO,IACL,UACA,OAAO,KAAsB,QAA2C;AA9F5E;AA+FM,UAAM,cAAc,cAAc,UAAU,IAAI;AAEhD,QAAI,CAAC,YAAY,SAAS;AACxB,YAAM,IAAIP,kBAAW,yBAAyB,YAAY;AAAA;AAG5D,UAAM,QAAQ,YAAY;AAE1B,WAAO,KACL,kCACE,MAAM,kBACM,KAAK,UAAU,MAAM,mBACjC,MAAM,QAAQ,MAAM,MAAM,KAAK,OAAO,kBACxB,YAAM,eAAN,YAAoB;AAGtC,UAAM,QAAQQ,qDACZ,IAAI,OAAO;AAGb,QAAI;AACF,YAAM,YAAY,wCAAc,MAAM,OAAO,EAAE;AAE/C,UAAI,KAAK,gBAAgB;AAAA,aAClB,KAAP;AACA,YAAM,IAAI,MACR,oDAAoD;AAAA;AAAA;AAM5D,SAAO,IAAIC;AAEX,SAAO;AAAA;;;;"}
|
|
1
|
+
{"version":3,"file":"index.cjs.js","sources":["../src/service/AuthorizedSearchEngine.ts","../src/service/router.ts"],"sourcesContent":["/*\n * Copyright 2022 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { compact, zipObject } from 'lodash';\nimport qs from 'qs';\nimport DataLoader from 'dataloader';\nimport {\n EvaluatePermissionResponse,\n EvaluatePermissionRequest,\n AuthorizeResult,\n isResourcePermission,\n PermissionAuthorizer,\n} from '@backstage/plugin-permission-common';\nimport {\n DocumentTypeInfo,\n IndexableResult,\n IndexableResultSet,\n QueryRequestOptions,\n QueryTranslator,\n SearchEngine,\n SearchQuery,\n} from '@backstage/plugin-search-common';\nimport { Config } from '@backstage/config';\nimport { InputError } from '@backstage/errors';\nimport { Writable } from 'stream';\n\nexport function decodePageCursor(pageCursor?: string): { page: number } {\n if (!pageCursor) {\n return { page: 0 };\n }\n\n const page = Number(Buffer.from(pageCursor, 'base64').toString('utf-8'));\n if (isNaN(page)) {\n throw new InputError('Invalid page cursor');\n }\n\n if (page < 0) {\n throw new InputError('Invalid page cursor');\n }\n\n return {\n page,\n };\n}\n\nexport function encodePageCursor({ page }: { page: number }): string {\n return Buffer.from(`${page}`, 'utf-8').toString('base64');\n}\n\nexport class AuthorizedSearchEngine implements SearchEngine {\n private readonly pageSize = 25;\n private readonly queryLatencyBudgetMs: number;\n\n constructor(\n private readonly searchEngine: SearchEngine,\n private readonly types: Record<string, DocumentTypeInfo>,\n private readonly permissions: PermissionAuthorizer,\n config: Config,\n ) {\n this.queryLatencyBudgetMs =\n config.getOptionalNumber('search.permissions.queryLatencyBudgetMs') ??\n 1000;\n }\n\n setTranslator(translator: QueryTranslator): void {\n this.searchEngine.setTranslator(translator);\n }\n\n async getIndexer(type: string): Promise<Writable> {\n return this.searchEngine.getIndexer(type);\n }\n\n async query(\n query: SearchQuery,\n options: QueryRequestOptions,\n ): Promise<IndexableResultSet> {\n const queryStartTime = Date.now();\n\n const authorizer = new DataLoader(\n (requests: readonly EvaluatePermissionRequest[]) =>\n this.permissions.authorize(requests.slice(), options),\n {\n // Serialize the permission name and resourceRef as\n // a query string to avoid collisions from overlapping\n // permission names and resourceRefs.\n cacheKeyFn: ({ permission: { name }, resourceRef }) =>\n qs.stringify({ name, resourceRef }),\n },\n );\n const requestedTypes = query.types || Object.keys(this.types);\n\n const typeDecisions = zipObject(\n requestedTypes,\n await Promise.all(\n requestedTypes.map(type => {\n const permission = this.types[type]?.visibilityPermission;\n\n return permission\n ? authorizer.load({ permission })\n : { result: AuthorizeResult.ALLOW as const };\n }),\n ),\n );\n\n const authorizedTypes = requestedTypes.filter(\n type => typeDecisions[type]?.result !== AuthorizeResult.DENY,\n );\n\n const resultByResultFilteringRequired = authorizedTypes.some(\n type => typeDecisions[type]?.result === AuthorizeResult.CONDITIONAL,\n );\n\n // When there are no CONDITIONAL decisions for any of the requested\n // result types, we can skip filtering result by result by simply\n // skipping the types the user is not permitted to see, which will\n // be much more efficient.\n //\n // Since it's not currently possible to configure the page size used\n // by search engines, this detail means that a single user might see\n // a different page size depending on whether their search required\n // result-by-result filtering or not. We can fix this minor\n // inconsistency by introducing a configurable page size.\n //\n // cf. https://github.com/backstage/backstage/issues/9162\n if (!resultByResultFilteringRequired) {\n return this.searchEngine.query(\n { ...query, types: authorizedTypes },\n options,\n );\n }\n\n const { page } = decodePageCursor(query.pageCursor);\n const targetResults = (page + 1) * this.pageSize;\n\n let filteredResults: IndexableResult[] = [];\n let nextPageCursor: string | undefined;\n let latencyBudgetExhausted = false;\n\n do {\n const nextPage = await this.searchEngine.query(\n { ...query, types: authorizedTypes, pageCursor: nextPageCursor },\n options,\n );\n\n filteredResults = filteredResults.concat(\n await this.filterResults(nextPage.results, typeDecisions, authorizer),\n );\n\n nextPageCursor = nextPage.nextPageCursor;\n latencyBudgetExhausted =\n Date.now() - queryStartTime > this.queryLatencyBudgetMs;\n } while (\n nextPageCursor &&\n filteredResults.length < targetResults &&\n !latencyBudgetExhausted\n );\n\n return {\n results: filteredResults.slice(\n page * this.pageSize,\n (page + 1) * this.pageSize,\n ),\n previousPageCursor:\n page === 0 ? undefined : encodePageCursor({ page: page - 1 }),\n nextPageCursor:\n !latencyBudgetExhausted &&\n (nextPageCursor || filteredResults.length > targetResults)\n ? encodePageCursor({ page: page + 1 })\n : undefined,\n };\n }\n\n private async filterResults(\n results: IndexableResult[],\n typeDecisions: Record<string, EvaluatePermissionResponse>,\n authorizer: DataLoader<\n EvaluatePermissionRequest,\n EvaluatePermissionResponse\n >,\n ) {\n return compact(\n await Promise.all(\n results.map(result => {\n if (typeDecisions[result.type]?.result === AuthorizeResult.ALLOW) {\n return result;\n }\n\n const permission = this.types[result.type]?.visibilityPermission;\n const resourceRef = result.document.authorization?.resourceRef;\n\n if (!permission || !resourceRef) {\n return result;\n }\n\n // We only reach this point in the code for types where the initial\n // authorization returned CONDITIONAL -- ALLOWs return early\n // immediately above, and types where the decision was DENY get\n // filtered out entirely when querying.\n //\n // This means the call to isResourcePermission here is mostly about\n // narrowing the type of permission - the only way to get here with a\n // non-resource permission is if the PermissionPolicy returns a\n // CONDITIONAL decision for a non-resource permission, which can't\n // happen - it would throw an error during validation in the\n // permission-backend.\n if (!isResourcePermission(permission)) {\n throw new Error(\n `Unexpected conditional decision returned for non-resource permission \"${permission.name}\"`,\n );\n }\n\n return authorizer\n .load({ permission, resourceRef })\n .then(decision =>\n decision.result === AuthorizeResult.ALLOW ? result : undefined,\n );\n }),\n ),\n );\n }\n}\n","/*\n * Copyright 2021 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport express from 'express';\nimport Router from 'express-promise-router';\nimport { Logger } from 'winston';\nimport { z } from 'zod';\nimport { errorHandler } from '@backstage/backend-common';\nimport { InputError } from '@backstage/errors';\nimport { Config } from '@backstage/config';\nimport { JsonObject, JsonValue } from '@backstage/types';\nimport { getBearerTokenFromAuthorizationHeader } from '@backstage/plugin-auth-node';\nimport { PermissionAuthorizer } from '@backstage/plugin-permission-common';\nimport {\n DocumentTypeInfo,\n IndexableResultSet,\n SearchResultSet,\n} from '@backstage/plugin-search-common';\nimport { SearchEngine } from '@backstage/plugin-search-backend-node';\nimport { AuthorizedSearchEngine } from './AuthorizedSearchEngine';\n\nconst jsonObjectSchema: z.ZodSchema<JsonObject> = z.lazy(() => {\n const jsonValueSchema: z.ZodSchema<JsonValue> = z.lazy(() =>\n z.union([\n z.string(),\n z.number(),\n z.boolean(),\n z.null(),\n z.array(jsonValueSchema),\n jsonObjectSchema,\n ]),\n );\n\n return z.record(jsonValueSchema);\n});\n\nexport type RouterOptions = {\n engine: SearchEngine;\n types: Record<string, DocumentTypeInfo>;\n permissions: PermissionAuthorizer;\n config: Config;\n logger: Logger;\n};\n\nconst allowedLocationProtocols = ['http:', 'https:'];\n\nexport async function createRouter(\n options: RouterOptions,\n): Promise<express.Router> {\n const { engine: inputEngine, types, permissions, config, logger } = options;\n\n const requestSchema = z.object({\n term: z.string().default(''),\n filters: jsonObjectSchema.optional(),\n types: z\n .array(z.string().refine(type => Object.keys(types).includes(type)))\n .optional(),\n pageCursor: z.string().optional(),\n });\n\n const engine = config.getOptionalBoolean('permission.enabled')\n ? new AuthorizedSearchEngine(inputEngine, types, permissions, config)\n : inputEngine;\n\n const filterResultSet = ({ results, ...resultSet }: SearchResultSet) => ({\n ...resultSet,\n results: results.filter(result => {\n const protocol = new URL(result.document.location, 'https://example.com')\n .protocol;\n const isAllowed = allowedLocationProtocols.includes(protocol);\n if (!isAllowed) {\n logger.info(\n `Rejected search result for \"${result.document.title}\" as location protocol \"${protocol}\" is unsafe`,\n );\n }\n return isAllowed;\n }),\n });\n\n const toSearchResults = (resultSet: IndexableResultSet): SearchResultSet => ({\n ...resultSet,\n results: resultSet.results.map(result => ({\n ...result,\n document: {\n ...result.document,\n authorization: undefined,\n },\n })),\n });\n\n const router = Router();\n router.get(\n '/query',\n async (req: express.Request, res: express.Response<SearchResultSet>) => {\n const parseResult = requestSchema.safeParse(req.query);\n\n if (!parseResult.success) {\n throw new InputError(`Invalid query string: ${parseResult.error}`);\n }\n\n const query = parseResult.data;\n\n logger.info(\n `Search request received: term=\"${\n query.term\n }\", filters=${JSON.stringify(query.filters)}, types=${\n query.types ? query.types.join(',') : ''\n }, pageCursor=${query.pageCursor ?? ''}`,\n );\n\n const token = getBearerTokenFromAuthorizationHeader(\n req.header('authorization'),\n );\n\n try {\n const resultSet = await engine?.query(query, { token });\n\n res.send(filterResultSet(toSearchResults(resultSet)));\n } catch (err) {\n throw new Error(\n `There was a problem performing the search query. ${err}`,\n );\n }\n },\n );\n\n router.use(errorHandler());\n\n return router;\n}\n"],"names":["InputError","DataLoader","qs","zipObject","AuthorizeResult","compact","isResourcePermission","z","Router","getBearerTokenFromAuthorizationHeader","errorHandler"],"mappings":";;;;;;;;;;;;;;;;;;;;AAuCO,SAAA,gBAAA,CAA0B,UAAuC,EAAA;AACtE,EAAA,IAAI,CAAC,UAAY,EAAA;AACf,IAAO,OAAA,EAAE,MAAM,CAAE,EAAA,CAAA;AAAA,GACnB;AAEA,EAAM,MAAA,IAAA,GAAO,OAAO,MAAO,CAAA,IAAA,CAAK,YAAY,QAAQ,CAAA,CAAE,QAAS,CAAA,OAAO,CAAC,CAAA,CAAA;AACvE,EAAI,IAAA,KAAA,CAAM,IAAI,CAAG,EAAA;AACf,IAAM,MAAA,IAAIA,kBAAW,qBAAqB,CAAA,CAAA;AAAA,GAC5C;AAEA,EAAA,IAAI,OAAO,CAAG,EAAA;AACZ,IAAM,MAAA,IAAIA,kBAAW,qBAAqB,CAAA,CAAA;AAAA,GAC5C;AAEA,EAAO,OAAA;AAAA,IACL,IAAA;AAAA,GACF,CAAA;AACF,CAAA;AAEO,SAAA,gBAAA,CAA0B,EAAE,IAAkC,EAAA,EAAA;AACnE,EAAA,OAAO,OAAO,IAAK,CAAA,CAAA,EAAG,QAAQ,OAAO,CAAA,CAAE,SAAS,QAAQ,CAAA,CAAA;AAC1D,CAAA;AAEO,MAAM,sBAA+C,CAAA;AAAA,EAI1D,WACmB,CAAA,YAAA,EACA,KACA,EAAA,WAAA,EACjB,MACA,EAAA;AAJiB,IAAA,IAAA,CAAA,YAAA,GAAA,YAAA,CAAA;AACA,IAAA,IAAA,CAAA,KAAA,GAAA,KAAA,CAAA;AACA,IAAA,IAAA,CAAA,WAAA,GAAA,WAAA,CAAA;AANF,IAAW,IAAA,CAAA,QAAA,GAAA,EAAA,CAAA;AA/D9B,IAAA,IAAA,EAAA,CAAA;AAwEI,IAAA,IAAA,CAAK,oBACH,GAAA,CAAA,EAAA,GAAA,MAAA,CAAO,iBAAkB,CAAA,yCAAyC,MAAlE,IACA,GAAA,EAAA,GAAA,GAAA,CAAA;AAAA,GACJ;AAAA,EAEA,cAAc,UAAmC,EAAA;AAC/C,IAAK,IAAA,CAAA,YAAA,CAAa,cAAc,UAAU,CAAA,CAAA;AAAA,GAC5C;AAAA,EAAA,MAEM,WAAW,IAAiC,EAAA;AAChD,IAAO,OAAA,IAAA,CAAK,YAAa,CAAA,UAAA,CAAW,IAAI,CAAA,CAAA;AAAA,GAC1C;AAAA,EAEM,MAAA,KAAA,CACJ,OACA,OAC6B,EAAA;AAC7B,IAAM,MAAA,cAAA,GAAiB,KAAK,GAAI,EAAA,CAAA;AAEhC,IAAA,MAAM,UAAa,GAAA,IAAIC,8BACrB,CAAA,CAAC,QACC,KAAA,IAAA,CAAK,WAAY,CAAA,SAAA,CAAU,QAAS,CAAA,KAAA,EAAS,EAAA,OAAO,CACtD,EAAA;AAAA,MAIE,UAAY,EAAA,CAAC,EAAE,UAAA,EAAY,EAAE,IAAA,EAAA,EAAQ,WACnC,EAAA,KAAAC,sBAAA,CAAG,SAAU,CAAA,EAAE,IAAM,EAAA,WAAA,EAAa,CAAA;AAAA,KAExC,CAAA,CAAA;AACA,IAAA,MAAM,iBAAiB,KAAM,CAAA,KAAA,IAAS,MAAO,CAAA,IAAA,CAAK,KAAK,KAAK,CAAA,CAAA;AAE5D,IAAM,MAAA,aAAA,GAAgBC,iBACpB,cACA,EAAA,MAAM,QAAQ,GACZ,CAAA,cAAA,CAAe,IAAI,CAAQ,IAAA,KAAA;AA3GnC,MAAA,IAAA,EAAA,CAAA;AA4GU,MAAA,MAAM,UAAa,GAAA,CAAA,EAAA,GAAA,IAAA,CAAK,KAAM,CAAA,IAAA,CAAA,KAAX,IAAkB,GAAA,KAAA,CAAA,GAAA,EAAA,CAAA,oBAAA,CAAA;AAErC,MAAO,OAAA,UAAA,GACH,UAAW,CAAA,IAAA,CAAK,EAAE,UAAA,EAAY,CAC9B,GAAA,EAAE,MAAQ,EAAAC,sCAAA,CAAgB,KAAe,EAAA,CAAA;AAAA,KAC9C,CACH,CACF,CAAA,CAAA;AAEA,IAAM,MAAA,eAAA,GAAkB,cAAe,CAAA,MAAA,CACrC,CAAK,IAAA,KAAA;AAtHX,MAAA,IAAA,EAAA,CAAA;AAsHc,MAAc,OAAA,CAAA,CAAA,EAAA,GAAA,aAAA,CAAA,IAAA,CAAA,KAAd,IAAqB,GAAA,KAAA,CAAA,GAAA,EAAA,CAAA,MAAA,MAAWA,sCAAgB,CAAA,IAAA,CAAA;AAAA,KAC1D,CAAA,CAAA;AAEA,IAAM,MAAA,+BAAA,GAAkC,eAAgB,CAAA,IAAA,CACtD,CAAK,IAAA,KAAA;AA1HX,MAAA,IAAA,EAAA,CAAA;AA0Hc,MAAc,OAAA,CAAA,CAAA,EAAA,GAAA,aAAA,CAAA,IAAA,CAAA,KAAd,IAAqB,GAAA,KAAA,CAAA,GAAA,EAAA,CAAA,MAAA,MAAWA,sCAAgB,CAAA,WAAA,CAAA;AAAA,KAC1D,CAAA,CAAA;AAcA,IAAA,IAAI,CAAC,+BAAiC,EAAA;AACpC,MAAO,OAAA,IAAA,CAAK,aAAa,KACvB,CAAA,EAAA,GAAK,OAAO,KAAO,EAAA,eAAA,IACnB,OACF,CAAA,CAAA;AAAA,KACF;AAEA,IAAA,MAAM,EAAE,IAAA,EAAA,GAAS,gBAAiB,CAAA,KAAA,CAAM,UAAU,CAAA,CAAA;AAClD,IAAM,MAAA,aAAA,GAAiB,CAAO,IAAA,GAAA,CAAA,IAAK,IAAK,CAAA,QAAA,CAAA;AAExC,IAAA,IAAI,kBAAqC,EAAC,CAAA;AAC1C,IAAI,IAAA,cAAA,CAAA;AACJ,IAAA,IAAI,sBAAyB,GAAA,KAAA,CAAA;AAE7B,IAAG,GAAA;AACD,MAAA,MAAM,QAAW,GAAA,MAAM,IAAK,CAAA,YAAA,CAAa,KACvC,CAAA,EAAA,GAAK,KAAO,EAAA,KAAA,EAAO,eAAiB,EAAA,UAAA,EAAY,cAAe,EAAA,EAC/D,OACF,CAAA,CAAA;AAEA,MAAkB,eAAA,GAAA,eAAA,CAAgB,OAChC,MAAM,IAAA,CAAK,cAAc,QAAS,CAAA,OAAA,EAAS,aAAe,EAAA,UAAU,CACtE,CAAA,CAAA;AAEA,MAAA,cAAA,GAAiB,QAAS,CAAA,cAAA,CAAA;AAC1B,MAAA,sBAAA,GACE,IAAK,CAAA,GAAA,EAAQ,GAAA,cAAA,GAAiB,IAAK,CAAA,oBAAA,CAAA;AAAA,KAErC,QAAA,cAAA,IACA,eAAgB,CAAA,MAAA,GAAS,iBACzB,CAAC,sBAAA,EAAA;AAGH,IAAO,OAAA;AAAA,MACL,OAAA,EAAS,gBAAgB,KACvB,CAAA,IAAA,GAAO,KAAK,QACX,EAAA,CAAA,IAAA,GAAO,CAAK,IAAA,IAAA,CAAK,QACpB,CAAA;AAAA,MACA,kBAAA,EACE,SAAS,CAAI,GAAA,KAAA,CAAA,GAAY,iBAAiB,EAAE,IAAA,EAAM,IAAO,GAAA,CAAA,EAAG,CAAA;AAAA,MAC9D,cACE,EAAA,CAAC,sBACA,KAAA,cAAA,IAAkB,eAAgB,CAAA,MAAA,GAAS,aACxC,CAAA,GAAA,gBAAA,CAAiB,EAAE,IAAA,EAAM,IAAO,GAAA,CAAA,EAAG,CACnC,GAAA,KAAA,CAAA;AAAA,KACR,CAAA;AAAA,GACF;AAAA,EAEc,MAAA,aAAA,CACZ,OACA,EAAA,aAAA,EACA,UAIA,EAAA;AACA,IAAA,OAAOC,eACL,MAAM,OAAA,CAAQ,GACZ,CAAA,OAAA,CAAQ,IAAI,CAAU,MAAA,KAAA;AAnM9B,MAAA,IAAA,EAAA,EAAA,EAAA,EAAA,EAAA,CAAA;AAoMU,MAAA,IAAI,qBAAc,MAAO,CAAA,IAAA,CAAA,KAArB,IAA4B,GAAA,KAAA,CAAA,GAAA,EAAA,CAAA,MAAA,MAAWD,uCAAgB,KAAO,EAAA;AAChE,QAAO,OAAA,MAAA,CAAA;AAAA,OACT;AAEA,MAAA,MAAM,UAAa,GAAA,CAAA,EAAA,GAAA,IAAA,CAAK,KAAM,CAAA,MAAA,CAAO,UAAlB,IAAyB,GAAA,KAAA,CAAA,GAAA,EAAA,CAAA,oBAAA,CAAA;AAC5C,MAAA,MAAM,WAAc,GAAA,CAAA,EAAA,GAAA,MAAA,CAAO,QAAS,CAAA,aAAA,KAAhB,IAA+B,GAAA,KAAA,CAAA,GAAA,EAAA,CAAA,WAAA,CAAA;AAEnD,MAAI,IAAA,CAAC,UAAc,IAAA,CAAC,WAAa,EAAA;AAC/B,QAAO,OAAA,MAAA,CAAA;AAAA,OACT;AAaA,MAAI,IAAA,CAACE,2CAAqB,CAAA,UAAU,CAAG,EAAA;AACrC,QAAA,MAAM,IAAI,KAAA,CACR,CAAyE,sEAAA,EAAA,UAAA,CAAW,IACtF,CAAA,CAAA,CAAA,CAAA,CAAA;AAAA,OACF;AAEA,MAAA,OAAO,UACJ,CAAA,IAAA,CAAK,EAAE,UAAA,EAAY,aAAa,CAAA,CAChC,IAAK,CAAA,CAAA,QAAA,KACJ,QAAS,CAAA,MAAA,KAAWF,sCAAgB,CAAA,KAAA,GAAQ,SAAS,KACvD,CAAA,CAAA,CAAA;AAAA,KACH,CACH,CACF,CAAA,CAAA;AAAA,GACF;AACF;;ACvMA,MAAM,gBAAA,GAA4CG,KAAE,CAAA,IAAA,CAAK,MAAM;AAC7D,EAAA,MAAM,eAA0C,GAAAA,KAAA,CAAE,IAAK,CAAA,MACrDA,MAAE,KAAM,CAAA;AAAA,IACNA,MAAE,MAAO,EAAA;AAAA,IACTA,MAAE,MAAO,EAAA;AAAA,IACTA,MAAE,OAAQ,EAAA;AAAA,IACVA,MAAE,IAAK,EAAA;AAAA,IACPA,KAAA,CAAE,MAAM,eAAe,CAAA;AAAA,IACvB,gBAAA;AAAA,GACD,CACH,CAAA,CAAA;AAEA,EAAO,OAAAA,KAAA,CAAE,OAAO,eAAe,CAAA,CAAA;AACjC,CAAC,CAAA,CAAA;AAUD,MAAM,wBAAA,GAA2B,CAAC,OAAA,EAAS,QAAQ,CAAA,CAAA;AAEnD,eAAA,YAAA,CACE,OACyB,EAAA;AACzB,EAAA,MAAM,EAAE,MAAQ,EAAA,WAAA,EAAa,KAAO,EAAA,WAAA,EAAa,QAAQ,MAAW,EAAA,GAAA,OAAA,CAAA;AAEpE,EAAM,MAAA,aAAA,GAAgBA,MAAE,MAAO,CAAA;AAAA,IAC7B,IAAM,EAAAA,KAAA,CAAE,MAAO,EAAA,CAAE,QAAQ,EAAE,CAAA;AAAA,IAC3B,OAAA,EAAS,iBAAiB,QAAS,EAAA;AAAA,IACnC,OAAOA,KACJ,CAAA,KAAA,CAAMA,KAAE,CAAA,MAAA,GAAS,MAAO,CAAA,CAAA,IAAA,KAAQ,MAAO,CAAA,IAAA,CAAK,KAAK,CAAE,CAAA,QAAA,CAAS,IAAI,CAAC,CAAC,EAClE,QAAS,EAAA;AAAA,IACZ,UAAY,EAAAA,KAAA,CAAE,MAAO,EAAA,CAAE,QAAS,EAAA;AAAA,GACjC,CAAA,CAAA;AAED,EAAM,MAAA,MAAA,GAAS,MAAO,CAAA,kBAAA,CAAmB,oBAAoB,CAAA,GACzD,IAAI,sBAAA,CAAuB,WAAa,EAAA,KAAA,EAAO,WAAa,EAAA,MAAM,CAClE,GAAA,WAAA,CAAA;AAEJ,EAAA,MAAM,eAAkB,GAAA,CAAC,EAAE,OAAA,EAAA,GAAY,SAAkC,EAAA,MAAA;AAAA,IACpE,GAAA,SAAA;AAAA,IACH,OAAA,EAAS,OAAQ,CAAA,MAAA,CAAO,CAAU,MAAA,KAAA;AAChC,MAAA,MAAM,WAAW,IAAI,GAAA,CAAI,OAAO,QAAS,CAAA,QAAA,EAAU,qBAAqB,CACrE,CAAA,QAAA,CAAA;AACH,MAAM,MAAA,SAAA,GAAY,wBAAyB,CAAA,QAAA,CAAS,QAAQ,CAAA,CAAA;AAC5D,MAAA,IAAI,CAAC,SAAW,EAAA;AACd,QAAA,MAAA,CAAO,IACL,CAAA,CAAA,4BAAA,EAA+B,MAAO,CAAA,QAAA,CAAS,gCAAgC,QACjF,CAAA,WAAA,CAAA,CAAA,CAAA;AAAA,OACF;AACA,MAAO,OAAA,SAAA,CAAA;AAAA,KACR,CAAA;AAAA,GACH,CAAA,CAAA;AAEA,EAAM,MAAA,eAAA,GAAkB,CAAC,SAAoD,MAAA;AAAA,IACxE,GAAA,SAAA;AAAA,IACH,OAAS,EAAA,SAAA,CAAU,OAAQ,CAAA,GAAA,CAAI,CAAW,MAAA,MAAA;AAAA,MACrC,GAAA,MAAA;AAAA,MACH,QAAU,EAAA;AAAA,QAAA,GACL,MAAO,CAAA,QAAA;AAAA,QACV,aAAe,EAAA,KAAA,CAAA;AAAA,OACjB;AAAA,KACA,CAAA,CAAA;AAAA,GACJ,CAAA,CAAA;AAEA,EAAA,MAAM,SAASC,0BAAO,EAAA,CAAA;AACtB,EAAA,MAAA,CAAO,GACL,CAAA,QAAA,EACA,OAAO,GAAA,EAAsB,GAA2C,KAAA;AA1G5E,IAAA,IAAA,EAAA,CAAA;AA2GM,IAAA,MAAM,WAAc,GAAA,aAAA,CAAc,SAAU,CAAA,GAAA,CAAI,KAAK,CAAA,CAAA;AAErD,IAAI,IAAA,CAAC,YAAY,OAAS,EAAA;AACxB,MAAA,MAAM,IAAIR,iBAAA,CAAW,CAAyB,sBAAA,EAAA,WAAA,CAAY,KAAO,CAAA,CAAA,CAAA,CAAA;AAAA,KACnE;AAEA,IAAA,MAAM,QAAQ,WAAY,CAAA,IAAA,CAAA;AAE1B,IAAO,MAAA,CAAA,IAAA,CACL,kCACE,KAAM,CAAA,IAAA,CAAA,WAAA,EACM,KAAK,SAAU,CAAA,KAAA,CAAM,OAAO,CACxC,CAAA,QAAA,EAAA,KAAA,CAAM,QAAQ,KAAM,CAAA,KAAA,CAAM,KAAK,GAAG,CAAA,GAAI,kBACxB,CAAM,EAAA,GAAA,KAAA,CAAA,UAAA,KAAN,YAAoB,EACtC,CAAA,CAAA,CAAA,CAAA;AAEA,IAAA,MAAM,KAAQ,GAAAS,oDAAA,CACZ,GAAI,CAAA,MAAA,CAAO,eAAe,CAC5B,CAAA,CAAA;AAEA,IAAI,IAAA;AACF,MAAA,MAAM,YAAY,OAAM,MAAA,IAAA,IAAA,GAAA,KAAA,CAAA,GAAA,MAAA,CAAQ,KAAM,CAAA,KAAA,EAAO,EAAE,KAAM,EAAA,CAAA,CAAA,CAAA;AAErD,MAAA,GAAA,CAAI,IAAK,CAAA,eAAA,CAAgB,eAAgB,CAAA,SAAS,CAAC,CAAC,CAAA,CAAA;AAAA,aAC7C,GAAP,EAAA;AACA,MAAM,MAAA,IAAI,KACR,CAAA,CAAA,iDAAA,EAAoD,GACtD,CAAA,CAAA,CAAA,CAAA;AAAA,KACF;AAAA,GAEJ,CAAA,CAAA;AAEA,EAAO,MAAA,CAAA,GAAA,CAAIC,4BAAc,CAAA,CAAA;AAEzB,EAAO,OAAA,MAAA,CAAA;AACT;;;;"}
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@backstage/plugin-search-backend",
|
|
3
3
|
"description": "The Backstage backend plugin that provides your backstage app with search",
|
|
4
|
-
"version": "0.
|
|
4
|
+
"version": "0.5.0-next.1",
|
|
5
5
|
"main": "dist/index.cjs.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
7
7
|
"license": "Apache-2.0",
|
|
@@ -23,15 +23,15 @@
|
|
|
23
23
|
"clean": "backstage-cli package clean"
|
|
24
24
|
},
|
|
25
25
|
"dependencies": {
|
|
26
|
-
"@backstage/backend-common": "^0.13.
|
|
27
|
-
"@backstage/config": "^0.
|
|
28
|
-
"@backstage/errors": "^0.
|
|
29
|
-
"@backstage/plugin-auth-node": "^0.
|
|
30
|
-
"@backstage/plugin-permission-common": "^0.
|
|
31
|
-
"@backstage/plugin-permission-node": "^0.
|
|
32
|
-
"@backstage/plugin-search-backend-node": "^0.5.
|
|
33
|
-
"@backstage/plugin-search-common": "^0.3.1",
|
|
34
|
-
"@backstage/types": "^0.
|
|
26
|
+
"@backstage/backend-common": "^0.13.2-next.1",
|
|
27
|
+
"@backstage/config": "^1.0.0",
|
|
28
|
+
"@backstage/errors": "^1.0.0",
|
|
29
|
+
"@backstage/plugin-auth-node": "^0.2.0-next.0",
|
|
30
|
+
"@backstage/plugin-permission-common": "^0.6.0-next.0",
|
|
31
|
+
"@backstage/plugin-permission-node": "^0.6.0-next.1",
|
|
32
|
+
"@backstage/plugin-search-backend-node": "^0.5.3-next.0",
|
|
33
|
+
"@backstage/plugin-search-common": "^0.3.3-next.1",
|
|
34
|
+
"@backstage/types": "^1.0.0",
|
|
35
35
|
"@types/express": "^4.17.6",
|
|
36
36
|
"dataloader": "^2.0.0",
|
|
37
37
|
"express": "^4.17.1",
|
|
@@ -43,12 +43,12 @@
|
|
|
43
43
|
"zod": "^3.11.6"
|
|
44
44
|
},
|
|
45
45
|
"devDependencies": {
|
|
46
|
-
"@backstage/cli": "^0.
|
|
46
|
+
"@backstage/cli": "^0.17.0-next.1",
|
|
47
47
|
"@types/supertest": "^2.0.8",
|
|
48
48
|
"supertest": "^6.1.3"
|
|
49
49
|
},
|
|
50
50
|
"files": [
|
|
51
51
|
"dist"
|
|
52
52
|
],
|
|
53
|
-
"gitHead": "
|
|
53
|
+
"gitHead": "57d12dcc35aeb6c33b09e51d1efc3408c574f109"
|
|
54
54
|
}
|