@backstage/plugin-search-backend 1.0.0 → 1.0.1-next.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/CHANGELOG.md +10 -0
  2. package/dist/index.cjs.js +120 -69
  3. package/dist/index.cjs.js.map +1 -1
  4. package/package.json +7 -7
package/CHANGELOG.md CHANGED
@@ -1,5 +1,15 @@
1
1
  # @backstage/plugin-search-backend
2
2
 
3
+ ## 1.0.1-next.0
4
+
5
+ ### Patch Changes
6
+
7
+ - Updated dependencies
8
+ - @backstage/backend-common@0.15.0-next.0
9
+ - @backstage/plugin-auth-node@0.2.4-next.0
10
+ - @backstage/plugin-permission-node@0.6.4-next.0
11
+ - @backstage/plugin-search-backend-node@1.0.1-next.0
12
+
3
13
  ## 1.0.0
4
14
 
5
15
  ### Major Changes
package/dist/index.cjs.js CHANGED
@@ -53,34 +53,52 @@ class AuthorizedSearchEngine {
53
53
  }
54
54
  async query(query, options) {
55
55
  const queryStartTime = Date.now();
56
- const conditionFetcher = new DataLoader__default["default"]((requests) => this.permissions.authorizeConditional(requests.slice(), options), {
57
- cacheKeyFn: ({ permission: { name } }) => name
58
- });
59
- const authorizer = new DataLoader__default["default"]((requests) => this.permissions.authorize(requests.slice(), options), {
60
- cacheKeyFn: ({ permission: { name }, resourceRef }) => qs__default["default"].stringify({ name, resourceRef })
61
- });
56
+ const conditionFetcher = new DataLoader__default["default"](
57
+ (requests) => this.permissions.authorizeConditional(requests.slice(), options),
58
+ {
59
+ cacheKeyFn: ({ permission: { name } }) => name
60
+ }
61
+ );
62
+ const authorizer = new DataLoader__default["default"](
63
+ (requests) => this.permissions.authorize(requests.slice(), options),
64
+ {
65
+ cacheKeyFn: ({ permission: { name }, resourceRef }) => qs__default["default"].stringify({ name, resourceRef })
66
+ }
67
+ );
62
68
  const requestedTypes = query.types || Object.keys(this.types);
63
- const typeDecisions = lodash.zipObject(requestedTypes, await Promise.all(requestedTypes.map((type) => {
64
- var _a;
65
- const permission = (_a = this.types[type]) == null ? void 0 : _a.visibilityPermission;
66
- if (!permission) {
67
- return { result: pluginPermissionCommon.AuthorizeResult.ALLOW };
69
+ const typeDecisions = lodash.zipObject(
70
+ requestedTypes,
71
+ await Promise.all(
72
+ requestedTypes.map((type) => {
73
+ var _a;
74
+ const permission = (_a = this.types[type]) == null ? void 0 : _a.visibilityPermission;
75
+ if (!permission) {
76
+ return { result: pluginPermissionCommon.AuthorizeResult.ALLOW };
77
+ }
78
+ if (pluginPermissionCommon.isResourcePermission(permission)) {
79
+ return conditionFetcher.load({ permission });
80
+ }
81
+ return authorizer.load({ permission });
82
+ })
83
+ )
84
+ );
85
+ const authorizedTypes = requestedTypes.filter(
86
+ (type) => {
87
+ var _a;
88
+ return ((_a = typeDecisions[type]) == null ? void 0 : _a.result) !== pluginPermissionCommon.AuthorizeResult.DENY;
68
89
  }
69
- if (pluginPermissionCommon.isResourcePermission(permission)) {
70
- return conditionFetcher.load({ permission });
90
+ );
91
+ const resultByResultFilteringRequired = authorizedTypes.some(
92
+ (type) => {
93
+ var _a;
94
+ return ((_a = typeDecisions[type]) == null ? void 0 : _a.result) === pluginPermissionCommon.AuthorizeResult.CONDITIONAL;
71
95
  }
72
- return authorizer.load({ permission });
73
- })));
74
- const authorizedTypes = requestedTypes.filter((type) => {
75
- var _a;
76
- return ((_a = typeDecisions[type]) == null ? void 0 : _a.result) !== pluginPermissionCommon.AuthorizeResult.DENY;
77
- });
78
- const resultByResultFilteringRequired = authorizedTypes.some((type) => {
79
- var _a;
80
- return ((_a = typeDecisions[type]) == null ? void 0 : _a.result) === pluginPermissionCommon.AuthorizeResult.CONDITIONAL;
81
- });
96
+ );
82
97
  if (!resultByResultFilteringRequired) {
83
- return this.searchEngine.query({ ...query, types: authorizedTypes }, options);
98
+ return this.searchEngine.query(
99
+ { ...query, types: authorizedTypes },
100
+ options
101
+ );
84
102
  }
85
103
  const { page } = decodePageCursor(query.pageCursor);
86
104
  const targetResults = (page + 1) * this.pageSize;
@@ -88,8 +106,13 @@ class AuthorizedSearchEngine {
88
106
  let nextPageCursor;
89
107
  let latencyBudgetExhausted = false;
90
108
  do {
91
- const nextPage = await this.searchEngine.query({ ...query, types: authorizedTypes, pageCursor: nextPageCursor }, options);
92
- filteredResults = filteredResults.concat(await this.filterResults(nextPage.results, typeDecisions, authorizer));
109
+ const nextPage = await this.searchEngine.query(
110
+ { ...query, types: authorizedTypes, pageCursor: nextPageCursor },
111
+ options
112
+ );
113
+ filteredResults = filteredResults.concat(
114
+ await this.filterResults(nextPage.results, typeDecisions, authorizer)
115
+ );
93
116
  nextPageCursor = nextPage.nextPageCursor;
94
117
  latencyBudgetExhausted = Date.now() - queryStartTime > this.queryLatencyBudgetMs;
95
118
  } while (nextPageCursor && filteredResults.length < targetResults && !latencyBudgetExhausted);
@@ -105,33 +128,43 @@ class AuthorizedSearchEngine {
105
128
  };
106
129
  }
107
130
  async filterResults(results, typeDecisions, authorizer) {
108
- return lodash.compact(await Promise.all(results.map((result) => {
109
- var _a, _b, _c;
110
- if (((_a = typeDecisions[result.type]) == null ? void 0 : _a.result) === pluginPermissionCommon.AuthorizeResult.ALLOW) {
111
- return result;
112
- }
113
- const permission = (_b = this.types[result.type]) == null ? void 0 : _b.visibilityPermission;
114
- const resourceRef = (_c = result.document.authorization) == null ? void 0 : _c.resourceRef;
115
- if (!permission || !resourceRef) {
116
- return result;
117
- }
118
- if (!pluginPermissionCommon.isResourcePermission(permission)) {
119
- throw new Error(`Unexpected conditional decision returned for non-resource permission "${permission.name}"`);
120
- }
121
- return authorizer.load({ permission, resourceRef }).then((decision) => decision.result === pluginPermissionCommon.AuthorizeResult.ALLOW ? result : void 0);
122
- })));
131
+ return lodash.compact(
132
+ await Promise.all(
133
+ results.map((result) => {
134
+ var _a, _b, _c;
135
+ if (((_a = typeDecisions[result.type]) == null ? void 0 : _a.result) === pluginPermissionCommon.AuthorizeResult.ALLOW) {
136
+ return result;
137
+ }
138
+ const permission = (_b = this.types[result.type]) == null ? void 0 : _b.visibilityPermission;
139
+ const resourceRef = (_c = result.document.authorization) == null ? void 0 : _c.resourceRef;
140
+ if (!permission || !resourceRef) {
141
+ return result;
142
+ }
143
+ if (!pluginPermissionCommon.isResourcePermission(permission)) {
144
+ throw new Error(
145
+ `Unexpected conditional decision returned for non-resource permission "${permission.name}"`
146
+ );
147
+ }
148
+ return authorizer.load({ permission, resourceRef }).then(
149
+ (decision) => decision.result === pluginPermissionCommon.AuthorizeResult.ALLOW ? result : void 0
150
+ );
151
+ })
152
+ )
153
+ );
123
154
  }
124
155
  }
125
156
 
126
157
  const jsonObjectSchema = zod.z.lazy(() => {
127
- const jsonValueSchema = zod.z.lazy(() => zod.z.union([
128
- zod.z.string(),
129
- zod.z.number(),
130
- zod.z.boolean(),
131
- zod.z.null(),
132
- zod.z.array(jsonValueSchema),
133
- jsonObjectSchema
134
- ]));
158
+ const jsonValueSchema = zod.z.lazy(
159
+ () => zod.z.union([
160
+ zod.z.string(),
161
+ zod.z.number(),
162
+ zod.z.boolean(),
163
+ zod.z.null(),
164
+ zod.z.array(jsonValueSchema),
165
+ jsonObjectSchema
166
+ ])
167
+ );
135
168
  return zod.z.record(jsonValueSchema);
136
169
  });
137
170
  const allowedLocationProtocols = ["http:", "https:"];
@@ -147,17 +180,26 @@ async function createRouter(options) {
147
180
  if ("authorizeConditional" in permissions) {
148
181
  permissionEvaluator = permissions;
149
182
  } else {
150
- logger.warn("PermissionAuthorizer is deprecated. Please use an instance of PermissionEvaluator instead of PermissionAuthorizer in PluginEnvironment#permissions");
183
+ logger.warn(
184
+ "PermissionAuthorizer is deprecated. Please use an instance of PermissionEvaluator instead of PermissionAuthorizer in PluginEnvironment#permissions"
185
+ );
151
186
  permissionEvaluator = pluginPermissionCommon.toPermissionEvaluator(permissions);
152
187
  }
153
- const engine = config.getOptionalBoolean("permission.enabled") ? new AuthorizedSearchEngine(inputEngine, types, permissionEvaluator, config) : inputEngine;
188
+ const engine = config.getOptionalBoolean("permission.enabled") ? new AuthorizedSearchEngine(
189
+ inputEngine,
190
+ types,
191
+ permissionEvaluator,
192
+ config
193
+ ) : inputEngine;
154
194
  const filterResultSet = ({ results, ...resultSet }) => ({
155
195
  ...resultSet,
156
196
  results: results.filter((result) => {
157
197
  const protocol = new URL(result.document.location, "https://example.com").protocol;
158
198
  const isAllowed = allowedLocationProtocols.includes(protocol);
159
199
  if (!isAllowed) {
160
- logger.info(`Rejected search result for "${result.document.title}" as location protocol "${protocol}" is unsafe`);
200
+ logger.info(
201
+ `Rejected search result for "${result.document.title}" as location protocol "${protocol}" is unsafe`
202
+ );
161
203
  }
162
204
  return isAllowed;
163
205
  })
@@ -173,25 +215,34 @@ async function createRouter(options) {
173
215
  }))
174
216
  });
175
217
  const router = Router__default["default"]();
176
- router.get("/query", async (req, res) => {
177
- var _a;
178
- const parseResult = requestSchema.safeParse(req.query);
179
- if (!parseResult.success) {
180
- throw new errors.InputError(`Invalid query string: ${parseResult.error}`);
181
- }
182
- const query = parseResult.data;
183
- logger.info(`Search request received: term="${query.term}", filters=${JSON.stringify(query.filters)}, types=${query.types ? query.types.join(",") : ""}, pageCursor=${(_a = query.pageCursor) != null ? _a : ""}`);
184
- const token = pluginAuthNode.getBearerTokenFromAuthorizationHeader(req.header("authorization"));
185
- try {
186
- const resultSet = await (engine == null ? void 0 : engine.query(query, { token }));
187
- res.send(filterResultSet(toSearchResults(resultSet)));
188
- } catch (error) {
189
- if (error.name === "MissingIndexError") {
190
- throw error;
218
+ router.get(
219
+ "/query",
220
+ async (req, res) => {
221
+ var _a;
222
+ const parseResult = requestSchema.safeParse(req.query);
223
+ if (!parseResult.success) {
224
+ throw new errors.InputError(`Invalid query string: ${parseResult.error}`);
225
+ }
226
+ const query = parseResult.data;
227
+ logger.info(
228
+ `Search request received: term="${query.term}", filters=${JSON.stringify(query.filters)}, types=${query.types ? query.types.join(",") : ""}, pageCursor=${(_a = query.pageCursor) != null ? _a : ""}`
229
+ );
230
+ const token = pluginAuthNode.getBearerTokenFromAuthorizationHeader(
231
+ req.header("authorization")
232
+ );
233
+ try {
234
+ const resultSet = await (engine == null ? void 0 : engine.query(query, { token }));
235
+ res.send(filterResultSet(toSearchResults(resultSet)));
236
+ } catch (error) {
237
+ if (error.name === "MissingIndexError") {
238
+ throw error;
239
+ }
240
+ throw new Error(
241
+ `There was a problem performing the search query. ${error}`
242
+ );
191
243
  }
192
- throw new Error(`There was a problem performing the search query. ${error}`);
193
244
  }
194
- });
245
+ );
195
246
  router.use(backendCommon.errorHandler());
196
247
  return router;
197
248
  }
package/dist/index.cjs.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.cjs.js","sources":["../src/service/AuthorizedSearchEngine.ts","../src/service/router.ts"],"sourcesContent":["/*\n * Copyright 2022 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { compact, zipObject } from 'lodash';\nimport qs from 'qs';\nimport DataLoader from 'dataloader';\nimport {\n EvaluatePermissionResponse,\n EvaluatePermissionRequest,\n AuthorizeResult,\n isResourcePermission,\n PermissionEvaluator,\n AuthorizePermissionRequest,\n QueryPermissionRequest,\n} from '@backstage/plugin-permission-common';\nimport {\n DocumentTypeInfo,\n IndexableResult,\n IndexableResultSet,\n QueryRequestOptions,\n QueryTranslator,\n SearchEngine,\n SearchQuery,\n} from '@backstage/plugin-search-common';\nimport { Config } from '@backstage/config';\nimport { InputError } from '@backstage/errors';\nimport { Writable } from 'stream';\n\nexport function decodePageCursor(pageCursor?: string): { page: number } {\n if (!pageCursor) {\n return { page: 0 };\n }\n\n const page = Number(Buffer.from(pageCursor, 'base64').toString('utf-8'));\n if (isNaN(page)) {\n throw new InputError('Invalid page cursor');\n }\n\n if (page < 0) {\n throw new InputError('Invalid page cursor');\n }\n\n return {\n page,\n };\n}\n\nexport function encodePageCursor({ page }: { page: number }): string {\n return Buffer.from(`${page}`, 'utf-8').toString('base64');\n}\n\nexport class AuthorizedSearchEngine implements SearchEngine {\n private readonly pageSize = 25;\n private readonly queryLatencyBudgetMs: number;\n\n constructor(\n private readonly searchEngine: SearchEngine,\n private readonly types: Record<string, DocumentTypeInfo>,\n private readonly permissions: PermissionEvaluator,\n config: Config,\n ) {\n this.queryLatencyBudgetMs =\n config.getOptionalNumber('search.permissions.queryLatencyBudgetMs') ??\n 1000;\n }\n\n setTranslator(translator: QueryTranslator): void {\n this.searchEngine.setTranslator(translator);\n }\n\n async getIndexer(type: string): Promise<Writable> {\n return this.searchEngine.getIndexer(type);\n }\n\n async query(\n query: SearchQuery,\n options: QueryRequestOptions,\n ): Promise<IndexableResultSet> {\n const queryStartTime = Date.now();\n\n const conditionFetcher = new DataLoader(\n (requests: readonly QueryPermissionRequest[]) =>\n this.permissions.authorizeConditional(requests.slice(), options),\n {\n cacheKeyFn: ({ permission: { name } }) => name,\n },\n );\n\n const authorizer = new DataLoader(\n (requests: readonly AuthorizePermissionRequest[]) =>\n this.permissions.authorize(requests.slice(), options),\n {\n // Serialize the permission name and resourceRef as\n // a query string to avoid collisions from overlapping\n // permission names and resourceRefs.\n cacheKeyFn: ({ permission: { name }, resourceRef }) =>\n qs.stringify({ name, resourceRef }),\n },\n );\n\n const requestedTypes = query.types || Object.keys(this.types);\n\n const typeDecisions = zipObject(\n requestedTypes,\n await Promise.all(\n requestedTypes.map(type => {\n const permission = this.types[type]?.visibilityPermission;\n\n // No permission configured for this document type - always allow.\n if (!permission) {\n return { result: AuthorizeResult.ALLOW as const };\n }\n\n // Resource permission supplied, so we need to check for conditional decisions.\n if (isResourcePermission(permission)) {\n return conditionFetcher.load({ permission });\n }\n\n // Non-resource permission supplied - we can perform a standard authorization.\n return authorizer.load({ permission });\n }),\n ),\n );\n\n const authorizedTypes = requestedTypes.filter(\n type => typeDecisions[type]?.result !== AuthorizeResult.DENY,\n );\n\n const resultByResultFilteringRequired = authorizedTypes.some(\n type => typeDecisions[type]?.result === AuthorizeResult.CONDITIONAL,\n );\n\n // When there are no CONDITIONAL decisions for any of the requested\n // result types, we can skip filtering result by result by simply\n // skipping the types the user is not permitted to see, which will\n // be much more efficient.\n //\n // Since it's not currently possible to configure the page size used\n // by search engines, this detail means that a single user might see\n // a different page size depending on whether their search required\n // result-by-result filtering or not. We can fix this minor\n // inconsistency by introducing a configurable page size.\n //\n // cf. https://github.com/backstage/backstage/issues/9162\n if (!resultByResultFilteringRequired) {\n return this.searchEngine.query(\n { ...query, types: authorizedTypes },\n options,\n );\n }\n\n const { page } = decodePageCursor(query.pageCursor);\n const targetResults = (page + 1) * this.pageSize;\n\n let filteredResults: IndexableResult[] = [];\n let nextPageCursor: string | undefined;\n let latencyBudgetExhausted = false;\n\n do {\n const nextPage = await this.searchEngine.query(\n { ...query, types: authorizedTypes, pageCursor: nextPageCursor },\n options,\n );\n\n filteredResults = filteredResults.concat(\n await this.filterResults(nextPage.results, typeDecisions, authorizer),\n );\n\n nextPageCursor = nextPage.nextPageCursor;\n latencyBudgetExhausted =\n Date.now() - queryStartTime > this.queryLatencyBudgetMs;\n } while (\n nextPageCursor &&\n filteredResults.length < targetResults &&\n !latencyBudgetExhausted\n );\n\n return {\n results: filteredResults\n .slice(page * this.pageSize, (page + 1) * this.pageSize)\n .map((result, index) => {\n // Overwrite any/all rank entries to avoid leaking knowledge of filtered results.\n return {\n ...result,\n rank: page * this.pageSize + index + 1,\n };\n }),\n previousPageCursor:\n page === 0 ? undefined : encodePageCursor({ page: page - 1 }),\n nextPageCursor:\n !latencyBudgetExhausted &&\n (nextPageCursor || filteredResults.length > targetResults)\n ? encodePageCursor({ page: page + 1 })\n : undefined,\n };\n }\n\n private async filterResults(\n results: IndexableResult[],\n typeDecisions: Record<string, EvaluatePermissionResponse>,\n authorizer: DataLoader<\n EvaluatePermissionRequest,\n EvaluatePermissionResponse\n >,\n ) {\n return compact(\n await Promise.all(\n results.map(result => {\n if (typeDecisions[result.type]?.result === AuthorizeResult.ALLOW) {\n return result;\n }\n\n const permission = this.types[result.type]?.visibilityPermission;\n const resourceRef = result.document.authorization?.resourceRef;\n\n if (!permission || !resourceRef) {\n return result;\n }\n\n // We only reach this point in the code for types where the initial\n // authorization returned CONDITIONAL -- ALLOWs return early\n // immediately above, and types where the decision was DENY get\n // filtered out entirely when querying.\n //\n // This means the call to isResourcePermission here is mostly about\n // narrowing the type of permission - the only way to get here with a\n // non-resource permission is if the PermissionPolicy returns a\n // CONDITIONAL decision for a non-resource permission, which can't\n // happen - it would throw an error during validation in the\n // permission-backend.\n if (!isResourcePermission(permission)) {\n throw new Error(\n `Unexpected conditional decision returned for non-resource permission \"${permission.name}\"`,\n );\n }\n\n return authorizer\n .load({ permission, resourceRef })\n .then(decision =>\n decision.result === AuthorizeResult.ALLOW ? result : undefined,\n );\n }),\n ),\n );\n }\n}\n","/*\n * Copyright 2021 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport express from 'express';\nimport Router from 'express-promise-router';\nimport { Logger } from 'winston';\nimport { z } from 'zod';\nimport { errorHandler } from '@backstage/backend-common';\nimport { ErrorResponseBody, InputError } from '@backstage/errors';\nimport { Config } from '@backstage/config';\nimport { JsonObject, JsonValue } from '@backstage/types';\nimport { getBearerTokenFromAuthorizationHeader } from '@backstage/plugin-auth-node';\nimport {\n PermissionAuthorizer,\n PermissionEvaluator,\n toPermissionEvaluator,\n} from '@backstage/plugin-permission-common';\nimport {\n DocumentTypeInfo,\n IndexableResultSet,\n SearchResultSet,\n} from '@backstage/plugin-search-common';\nimport { SearchEngine } from '@backstage/plugin-search-common';\nimport { AuthorizedSearchEngine } from './AuthorizedSearchEngine';\n\nconst jsonObjectSchema: z.ZodSchema<JsonObject> = z.lazy(() => {\n const jsonValueSchema: z.ZodSchema<JsonValue> = z.lazy(() =>\n z.union([\n z.string(),\n z.number(),\n z.boolean(),\n z.null(),\n z.array(jsonValueSchema),\n jsonObjectSchema,\n ]),\n );\n\n return z.record(jsonValueSchema);\n});\n\n/**\n * @public\n */\nexport type RouterOptions = {\n engine: SearchEngine;\n types: Record<string, DocumentTypeInfo>;\n permissions: PermissionEvaluator | PermissionAuthorizer;\n config: Config;\n logger: Logger;\n};\n\nconst allowedLocationProtocols = ['http:', 'https:'];\n\n/**\n * @public\n */\nexport async function createRouter(\n options: RouterOptions,\n): Promise<express.Router> {\n const { engine: inputEngine, types, permissions, config, logger } = options;\n\n const requestSchema = z.object({\n term: z.string().default(''),\n filters: jsonObjectSchema.optional(),\n types: z\n .array(z.string().refine(type => Object.keys(types).includes(type)))\n .optional(),\n pageCursor: z.string().optional(),\n });\n\n let permissionEvaluator: PermissionEvaluator;\n if ('authorizeConditional' in permissions) {\n permissionEvaluator = permissions as PermissionEvaluator;\n } else {\n logger.warn(\n 'PermissionAuthorizer is deprecated. Please use an instance of PermissionEvaluator instead of PermissionAuthorizer in PluginEnvironment#permissions',\n );\n permissionEvaluator = toPermissionEvaluator(permissions);\n }\n\n const engine = config.getOptionalBoolean('permission.enabled')\n ? new AuthorizedSearchEngine(\n inputEngine,\n types,\n permissionEvaluator,\n config,\n )\n : inputEngine;\n\n const filterResultSet = ({ results, ...resultSet }: SearchResultSet) => ({\n ...resultSet,\n results: results.filter(result => {\n const protocol = new URL(result.document.location, 'https://example.com')\n .protocol;\n const isAllowed = allowedLocationProtocols.includes(protocol);\n if (!isAllowed) {\n logger.info(\n `Rejected search result for \"${result.document.title}\" as location protocol \"${protocol}\" is unsafe`,\n );\n }\n return isAllowed;\n }),\n });\n\n const toSearchResults = (resultSet: IndexableResultSet): SearchResultSet => ({\n ...resultSet,\n results: resultSet.results.map(result => ({\n ...result,\n document: {\n ...result.document,\n authorization: undefined,\n },\n })),\n });\n\n const router = Router();\n router.get(\n '/query',\n async (\n req: express.Request,\n res: express.Response<SearchResultSet | ErrorResponseBody>,\n ) => {\n const parseResult = requestSchema.safeParse(req.query);\n\n if (!parseResult.success) {\n throw new InputError(`Invalid query string: ${parseResult.error}`);\n }\n\n const query = parseResult.data;\n\n logger.info(\n `Search request received: term=\"${\n query.term\n }\", filters=${JSON.stringify(query.filters)}, types=${\n query.types ? query.types.join(',') : ''\n }, pageCursor=${query.pageCursor ?? ''}`,\n );\n\n const token = getBearerTokenFromAuthorizationHeader(\n req.header('authorization'),\n );\n\n try {\n const resultSet = await engine?.query(query, { token });\n\n res.send(filterResultSet(toSearchResults(resultSet)));\n } catch (error) {\n if (error.name === 'MissingIndexError') {\n // re-throw and let the default error handler middleware captures it and serializes it with the right response code on the standard form\n throw error;\n }\n\n throw new Error(\n `There was a problem performing the search query. ${error}`,\n );\n }\n },\n );\n\n router.use(errorHandler());\n\n return router;\n}\n"],"names":["InputError","DataLoader","qs","zipObject","AuthorizeResult","isResourcePermission","compact","z","toPermissionEvaluator","Router","getBearerTokenFromAuthorizationHeader","errorHandler"],"mappings":";;;;;;;;;;;;;;;;;;;;AAQO,SAAS,gBAAgB,CAAC,UAAU,EAAE;AAC7C,EAAE,IAAI,CAAC,UAAU,EAAE;AACnB,IAAI,OAAO,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;AACvB,GAAG;AACH,EAAE,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;AAC3E,EAAE,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE;AACnB,IAAI,MAAM,IAAIA,iBAAU,CAAC,qBAAqB,CAAC,CAAC;AAChD,GAAG;AACH,EAAE,IAAI,IAAI,GAAG,CAAC,EAAE;AAChB,IAAI,MAAM,IAAIA,iBAAU,CAAC,qBAAqB,CAAC,CAAC;AAChD,GAAG;AACH,EAAE,OAAO;AACT,IAAI,IAAI;AACR,GAAG,CAAC;AACJ,CAAC;AACM,SAAS,gBAAgB,CAAC,EAAE,IAAI,EAAE,EAAE;AAC3C,EAAE,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AAC5D,CAAC;AACM,MAAM,sBAAsB,CAAC;AACpC,EAAE,WAAW,CAAC,YAAY,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE;AACxD,IAAI,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;AACrC,IAAI,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;AACvB,IAAI,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;AACnC,IAAI,IAAI,CAAC,QAAQ,GAAG,EAAE,CAAC;AACvB,IAAI,IAAI,EAAE,CAAC;AACX,IAAI,IAAI,CAAC,oBAAoB,GAAG,CAAC,EAAE,GAAG,MAAM,CAAC,iBAAiB,CAAC,yCAAyC,CAAC,KAAK,IAAI,GAAG,EAAE,GAAG,GAAG,CAAC;AAC9H,GAAG;AACH,EAAE,aAAa,CAAC,UAAU,EAAE;AAC5B,IAAI,IAAI,CAAC,YAAY,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;AAChD,GAAG;AACH,EAAE,MAAM,UAAU,CAAC,IAAI,EAAE;AACzB,IAAI,OAAO,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;AAC9C,GAAG;AACH,EAAE,MAAM,KAAK,CAAC,KAAK,EAAE,OAAO,EAAE;AAC9B,IAAI,MAAM,cAAc,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;AACtC,IAAI,MAAM,gBAAgB,GAAG,IAAIC,8BAAU,CAAC,CAAC,QAAQ,KAAK,IAAI,CAAC,WAAW,CAAC,oBAAoB,CAAC,QAAQ,CAAC,KAAK,EAAE,EAAE,OAAO,CAAC,EAAE;AAC5H,MAAM,UAAU,EAAE,CAAC,EAAE,UAAU,EAAE,EAAE,IAAI,EAAE,EAAE,KAAK,IAAI;AACpD,KAAK,CAAC,CAAC;AACP,IAAI,MAAM,UAAU,GAAG,IAAIA,8BAAU,CAAC,CAAC,QAAQ,KAAK,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,QAAQ,CAAC,KAAK,EAAE,EAAE,OAAO,CAAC,EAAE;AAC3G,MAAM,UAAU,EAAE,CAAC,EAAE,UAAU,EAAE,EAAE,IAAI,EAAE,EAAE,WAAW,EAAE,KAAKC,sBAAE,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC;AAChG,KAAK,CAAC,CAAC;AACP,IAAI,MAAM,cAAc,GAAG,KAAK,CAAC,KAAK,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAClE,IAAI,MAAM,aAAa,GAAGC,gBAAS,CAAC,cAAc,EAAE,MAAM,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,IAAI,KAAK;AACnG,MAAM,IAAI,EAAE,CAAC;AACb,MAAM,MAAM,UAAU,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,IAAI,GAAG,KAAK,CAAC,GAAG,EAAE,CAAC,oBAAoB,CAAC;AAC5F,MAAM,IAAI,CAAC,UAAU,EAAE;AACvB,QAAQ,OAAO,EAAE,MAAM,EAAEC,sCAAe,CAAC,KAAK,EAAE,CAAC;AACjD,OAAO;AACP,MAAM,IAAIC,2CAAoB,CAAC,UAAU,CAAC,EAAE;AAC5C,QAAQ,OAAO,gBAAgB,CAAC,IAAI,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC;AACrD,OAAO;AACP,MAAM,OAAO,UAAU,CAAC,IAAI,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC;AAC7C,KAAK,CAAC,CAAC,CAAC,CAAC;AACT,IAAI,MAAM,eAAe,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC,IAAI,KAAK;AAC5D,MAAM,IAAI,EAAE,CAAC;AACb,MAAM,OAAO,CAAC,CAAC,EAAE,GAAG,aAAa,CAAC,IAAI,CAAC,KAAK,IAAI,GAAG,KAAK,CAAC,GAAG,EAAE,CAAC,MAAM,MAAMD,sCAAe,CAAC,IAAI,CAAC;AAChG,KAAK,CAAC,CAAC;AACP,IAAI,MAAM,+BAA+B,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC,IAAI,KAAK;AAC3E,MAAM,IAAI,EAAE,CAAC;AACb,MAAM,OAAO,CAAC,CAAC,EAAE,GAAG,aAAa,CAAC,IAAI,CAAC,KAAK,IAAI,GAAG,KAAK,CAAC,GAAG,EAAE,CAAC,MAAM,MAAMA,sCAAe,CAAC,WAAW,CAAC;AACvG,KAAK,CAAC,CAAC;AACP,IAAI,IAAI,CAAC,+BAA+B,EAAE;AAC1C,MAAM,OAAO,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,GAAG,KAAK,EAAE,KAAK,EAAE,eAAe,EAAE,EAAE,OAAO,CAAC,CAAC;AACpF,KAAK;AACL,IAAI,MAAM,EAAE,IAAI,EAAE,GAAG,gBAAgB,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;AACxD,IAAI,MAAM,aAAa,GAAG,CAAC,IAAI,GAAG,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC;AACrD,IAAI,IAAI,eAAe,GAAG,EAAE,CAAC;AAC7B,IAAI,IAAI,cAAc,CAAC;AACvB,IAAI,IAAI,sBAAsB,GAAG,KAAK,CAAC;AACvC,IAAI,GAAG;AACP,MAAM,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,GAAG,KAAK,EAAE,KAAK,EAAE,eAAe,EAAE,UAAU,EAAE,cAAc,EAAE,EAAE,OAAO,CAAC,CAAC;AAChI,MAAM,eAAe,GAAG,eAAe,CAAC,MAAM,CAAC,MAAM,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,OAAO,EAAE,aAAa,EAAE,UAAU,CAAC,CAAC,CAAC;AACtH,MAAM,cAAc,GAAG,QAAQ,CAAC,cAAc,CAAC;AAC/C,MAAM,sBAAsB,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,cAAc,GAAG,IAAI,CAAC,oBAAoB,CAAC;AACvF,KAAK,QAAQ,cAAc,IAAI,eAAe,CAAC,MAAM,GAAG,aAAa,IAAI,CAAC,sBAAsB,EAAE;AAClG,IAAI,OAAO;AACX,MAAM,OAAO,EAAE,eAAe,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC,IAAI,GAAG,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,KAAK,KAAK;AAC9G,QAAQ,OAAO;AACf,UAAU,GAAG,MAAM;AACnB,UAAU,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC,QAAQ,GAAG,KAAK,GAAG,CAAC;AAChD,SAAS,CAAC;AACV,OAAO,CAAC;AACR,MAAM,kBAAkB,EAAE,IAAI,KAAK,CAAC,GAAG,KAAK,CAAC,GAAG,gBAAgB,CAAC,EAAE,IAAI,EAAE,IAAI,GAAG,CAAC,EAAE,CAAC;AACpF,MAAM,cAAc,EAAE,CAAC,sBAAsB,KAAK,cAAc,IAAI,eAAe,CAAC,MAAM,GAAG,aAAa,CAAC,GAAG,gBAAgB,CAAC,EAAE,IAAI,EAAE,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC;AAC3J,KAAK,CAAC;AACN,GAAG;AACH,EAAE,MAAM,aAAa,CAAC,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE;AAC1D,IAAI,OAAOE,cAAO,CAAC,MAAM,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,KAAK;AAC7D,MAAM,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;AACrB,MAAM,IAAI,CAAC,CAAC,EAAE,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,IAAI,GAAG,KAAK,CAAC,GAAG,EAAE,CAAC,MAAM,MAAMF,sCAAe,CAAC,KAAK,EAAE;AACtG,QAAQ,OAAO,MAAM,CAAC;AACtB,OAAO;AACP,MAAM,MAAM,UAAU,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,IAAI,GAAG,KAAK,CAAC,GAAG,EAAE,CAAC,oBAAoB,CAAC;AACnG,MAAM,MAAM,WAAW,GAAG,CAAC,EAAE,GAAG,MAAM,CAAC,QAAQ,CAAC,aAAa,KAAK,IAAI,GAAG,KAAK,CAAC,GAAG,EAAE,CAAC,WAAW,CAAC;AACjG,MAAM,IAAI,CAAC,UAAU,IAAI,CAAC,WAAW,EAAE;AACvC,QAAQ,OAAO,MAAM,CAAC;AACtB,OAAO;AACP,MAAM,IAAI,CAACC,2CAAoB,CAAC,UAAU,CAAC,EAAE;AAC7C,QAAQ,MAAM,IAAI,KAAK,CAAC,CAAC,sEAAsE,EAAE,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;AACrH,OAAO;AACP,MAAM,OAAO,UAAU,CAAC,IAAI,CAAC,EAAE,UAAU,EAAE,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,MAAM,KAAKD,sCAAe,CAAC,KAAK,GAAG,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC;AAC1I,KAAK,CAAC,CAAC,CAAC,CAAC;AACT,GAAG;AACH;;ACtGA,MAAM,gBAAgB,GAAGG,KAAC,CAAC,IAAI,CAAC,MAAM;AACtC,EAAE,MAAM,eAAe,GAAGA,KAAC,CAAC,IAAI,CAAC,MAAMA,KAAC,CAAC,KAAK,CAAC;AAC/C,IAAIA,KAAC,CAAC,MAAM,EAAE;AACd,IAAIA,KAAC,CAAC,MAAM,EAAE;AACd,IAAIA,KAAC,CAAC,OAAO,EAAE;AACf,IAAIA,KAAC,CAAC,IAAI,EAAE;AACZ,IAAIA,KAAC,CAAC,KAAK,CAAC,eAAe,CAAC;AAC5B,IAAI,gBAAgB;AACpB,GAAG,CAAC,CAAC,CAAC;AACN,EAAE,OAAOA,KAAC,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;AACnC,CAAC,CAAC,CAAC;AACH,MAAM,wBAAwB,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;AAC9C,eAAe,YAAY,CAAC,OAAO,EAAE;AAC5C,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;AAC9E,EAAE,MAAM,aAAa,GAAGA,KAAC,CAAC,MAAM,CAAC;AACjC,IAAI,IAAI,EAAEA,KAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;AAChC,IAAI,OAAO,EAAE,gBAAgB,CAAC,QAAQ,EAAE;AACxC,IAAI,KAAK,EAAEA,KAAC,CAAC,KAAK,CAACA,KAAC,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,CAAC,IAAI,KAAK,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;AAC7F,IAAI,UAAU,EAAEA,KAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;AACrC,GAAG,CAAC,CAAC;AACL,EAAE,IAAI,mBAAmB,CAAC;AAC1B,EAAE,IAAI,sBAAsB,IAAI,WAAW,EAAE;AAC7C,IAAI,mBAAmB,GAAG,WAAW,CAAC;AACtC,GAAG,MAAM;AACT,IAAI,MAAM,CAAC,IAAI,CAAC,oJAAoJ,CAAC,CAAC;AACtK,IAAI,mBAAmB,GAAGC,4CAAqB,CAAC,WAAW,CAAC,CAAC;AAC7D,GAAG;AACH,EAAE,MAAM,MAAM,GAAG,MAAM,CAAC,kBAAkB,CAAC,oBAAoB,CAAC,GAAG,IAAI,sBAAsB,CAAC,WAAW,EAAE,KAAK,EAAE,mBAAmB,EAAE,MAAM,CAAC,GAAG,WAAW,CAAC;AAC7J,EAAE,MAAM,eAAe,GAAG,CAAC,EAAE,OAAO,EAAE,GAAG,SAAS,EAAE,MAAM;AAC1D,IAAI,GAAG,SAAS;AAChB,IAAI,OAAO,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC,MAAM,KAAK;AACxC,MAAM,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,qBAAqB,CAAC,CAAC,QAAQ,CAAC;AACzF,MAAM,MAAM,SAAS,GAAG,wBAAwB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AACpE,MAAM,IAAI,CAAC,SAAS,EAAE;AACtB,QAAQ,MAAM,CAAC,IAAI,CAAC,CAAC,4BAA4B,EAAE,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,wBAAwB,EAAE,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC;AAC1H,OAAO;AACP,MAAM,OAAO,SAAS,CAAC;AACvB,KAAK,CAAC;AACN,GAAG,CAAC,CAAC;AACL,EAAE,MAAM,eAAe,GAAG,CAAC,SAAS,MAAM;AAC1C,IAAI,GAAG,SAAS;AAChB,IAAI,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,MAAM;AAChD,MAAM,GAAG,MAAM;AACf,MAAM,QAAQ,EAAE;AAChB,QAAQ,GAAG,MAAM,CAAC,QAAQ;AAC1B,QAAQ,aAAa,EAAE,KAAK,CAAC;AAC7B,OAAO;AACP,KAAK,CAAC,CAAC;AACP,GAAG,CAAC,CAAC;AACL,EAAE,MAAM,MAAM,GAAGC,0BAAM,EAAE,CAAC;AAC1B,EAAE,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,GAAG,EAAE,GAAG,KAAK;AAC3C,IAAI,IAAI,EAAE,CAAC;AACX,IAAI,MAAM,WAAW,GAAG,aAAa,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;AAC3D,IAAI,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE;AAC9B,MAAM,MAAM,IAAIT,iBAAU,CAAC,CAAC,sBAAsB,EAAE,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AACzE,KAAK;AACL,IAAI,MAAM,KAAK,GAAG,WAAW,CAAC,IAAI,CAAC;AACnC,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,+BAA+B,EAAE,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,KAAK,CAAC,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,aAAa,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,UAAU,KAAK,IAAI,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;AACvN,IAAI,MAAM,KAAK,GAAGU,oDAAqC,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC;AACrF,IAAI,IAAI;AACR,MAAM,MAAM,SAAS,GAAG,OAAO,MAAM,IAAI,IAAI,GAAG,KAAK,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;AACzF,MAAM,GAAG,CAAC,IAAI,CAAC,eAAe,CAAC,eAAe,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;AAC5D,KAAK,CAAC,OAAO,KAAK,EAAE;AACpB,MAAM,IAAI,KAAK,CAAC,IAAI,KAAK,mBAAmB,EAAE;AAC9C,QAAQ,MAAM,KAAK,CAAC;AACpB,OAAO;AACP,MAAM,MAAM,IAAI,KAAK,CAAC,CAAC,iDAAiD,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC;AACnF,KAAK;AACL,GAAG,CAAC,CAAC;AACL,EAAE,MAAM,CAAC,GAAG,CAACC,0BAAY,EAAE,CAAC,CAAC;AAC7B,EAAE,OAAO,MAAM,CAAC;AAChB;;;;"}
1
+ {"version":3,"file":"index.cjs.js","sources":["../src/service/AuthorizedSearchEngine.ts","../src/service/router.ts"],"sourcesContent":["/*\n * Copyright 2022 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { compact, zipObject } from 'lodash';\nimport qs from 'qs';\nimport DataLoader from 'dataloader';\nimport {\n EvaluatePermissionResponse,\n EvaluatePermissionRequest,\n AuthorizeResult,\n isResourcePermission,\n PermissionEvaluator,\n AuthorizePermissionRequest,\n QueryPermissionRequest,\n} from '@backstage/plugin-permission-common';\nimport {\n DocumentTypeInfo,\n IndexableResult,\n IndexableResultSet,\n QueryRequestOptions,\n QueryTranslator,\n SearchEngine,\n SearchQuery,\n} from '@backstage/plugin-search-common';\nimport { Config } from '@backstage/config';\nimport { InputError } from '@backstage/errors';\nimport { Writable } from 'stream';\n\nexport function decodePageCursor(pageCursor?: string): { page: number } {\n if (!pageCursor) {\n return { page: 0 };\n }\n\n const page = Number(Buffer.from(pageCursor, 'base64').toString('utf-8'));\n if (isNaN(page)) {\n throw new InputError('Invalid page cursor');\n }\n\n if (page < 0) {\n throw new InputError('Invalid page cursor');\n }\n\n return {\n page,\n };\n}\n\nexport function encodePageCursor({ page }: { page: number }): string {\n return Buffer.from(`${page}`, 'utf-8').toString('base64');\n}\n\nexport class AuthorizedSearchEngine implements SearchEngine {\n private readonly pageSize = 25;\n private readonly queryLatencyBudgetMs: number;\n\n constructor(\n private readonly searchEngine: SearchEngine,\n private readonly types: Record<string, DocumentTypeInfo>,\n private readonly permissions: PermissionEvaluator,\n config: Config,\n ) {\n this.queryLatencyBudgetMs =\n config.getOptionalNumber('search.permissions.queryLatencyBudgetMs') ??\n 1000;\n }\n\n setTranslator(translator: QueryTranslator): void {\n this.searchEngine.setTranslator(translator);\n }\n\n async getIndexer(type: string): Promise<Writable> {\n return this.searchEngine.getIndexer(type);\n }\n\n async query(\n query: SearchQuery,\n options: QueryRequestOptions,\n ): Promise<IndexableResultSet> {\n const queryStartTime = Date.now();\n\n const conditionFetcher = new DataLoader(\n (requests: readonly QueryPermissionRequest[]) =>\n this.permissions.authorizeConditional(requests.slice(), options),\n {\n cacheKeyFn: ({ permission: { name } }) => name,\n },\n );\n\n const authorizer = new DataLoader(\n (requests: readonly AuthorizePermissionRequest[]) =>\n this.permissions.authorize(requests.slice(), options),\n {\n // Serialize the permission name and resourceRef as\n // a query string to avoid collisions from overlapping\n // permission names and resourceRefs.\n cacheKeyFn: ({ permission: { name }, resourceRef }) =>\n qs.stringify({ name, resourceRef }),\n },\n );\n\n const requestedTypes = query.types || Object.keys(this.types);\n\n const typeDecisions = zipObject(\n requestedTypes,\n await Promise.all(\n requestedTypes.map(type => {\n const permission = this.types[type]?.visibilityPermission;\n\n // No permission configured for this document type - always allow.\n if (!permission) {\n return { result: AuthorizeResult.ALLOW as const };\n }\n\n // Resource permission supplied, so we need to check for conditional decisions.\n if (isResourcePermission(permission)) {\n return conditionFetcher.load({ permission });\n }\n\n // Non-resource permission supplied - we can perform a standard authorization.\n return authorizer.load({ permission });\n }),\n ),\n );\n\n const authorizedTypes = requestedTypes.filter(\n type => typeDecisions[type]?.result !== AuthorizeResult.DENY,\n );\n\n const resultByResultFilteringRequired = authorizedTypes.some(\n type => typeDecisions[type]?.result === AuthorizeResult.CONDITIONAL,\n );\n\n // When there are no CONDITIONAL decisions for any of the requested\n // result types, we can skip filtering result by result by simply\n // skipping the types the user is not permitted to see, which will\n // be much more efficient.\n //\n // Since it's not currently possible to configure the page size used\n // by search engines, this detail means that a single user might see\n // a different page size depending on whether their search required\n // result-by-result filtering or not. We can fix this minor\n // inconsistency by introducing a configurable page size.\n //\n // cf. https://github.com/backstage/backstage/issues/9162\n if (!resultByResultFilteringRequired) {\n return this.searchEngine.query(\n { ...query, types: authorizedTypes },\n options,\n );\n }\n\n const { page } = decodePageCursor(query.pageCursor);\n const targetResults = (page + 1) * this.pageSize;\n\n let filteredResults: IndexableResult[] = [];\n let nextPageCursor: string | undefined;\n let latencyBudgetExhausted = false;\n\n do {\n const nextPage = await this.searchEngine.query(\n { ...query, types: authorizedTypes, pageCursor: nextPageCursor },\n options,\n );\n\n filteredResults = filteredResults.concat(\n await this.filterResults(nextPage.results, typeDecisions, authorizer),\n );\n\n nextPageCursor = nextPage.nextPageCursor;\n latencyBudgetExhausted =\n Date.now() - queryStartTime > this.queryLatencyBudgetMs;\n } while (\n nextPageCursor &&\n filteredResults.length < targetResults &&\n !latencyBudgetExhausted\n );\n\n return {\n results: filteredResults\n .slice(page * this.pageSize, (page + 1) * this.pageSize)\n .map((result, index) => {\n // Overwrite any/all rank entries to avoid leaking knowledge of filtered results.\n return {\n ...result,\n rank: page * this.pageSize + index + 1,\n };\n }),\n previousPageCursor:\n page === 0 ? undefined : encodePageCursor({ page: page - 1 }),\n nextPageCursor:\n !latencyBudgetExhausted &&\n (nextPageCursor || filteredResults.length > targetResults)\n ? encodePageCursor({ page: page + 1 })\n : undefined,\n };\n }\n\n private async filterResults(\n results: IndexableResult[],\n typeDecisions: Record<string, EvaluatePermissionResponse>,\n authorizer: DataLoader<\n EvaluatePermissionRequest,\n EvaluatePermissionResponse\n >,\n ) {\n return compact(\n await Promise.all(\n results.map(result => {\n if (typeDecisions[result.type]?.result === AuthorizeResult.ALLOW) {\n return result;\n }\n\n const permission = this.types[result.type]?.visibilityPermission;\n const resourceRef = result.document.authorization?.resourceRef;\n\n if (!permission || !resourceRef) {\n return result;\n }\n\n // We only reach this point in the code for types where the initial\n // authorization returned CONDITIONAL -- ALLOWs return early\n // immediately above, and types where the decision was DENY get\n // filtered out entirely when querying.\n //\n // This means the call to isResourcePermission here is mostly about\n // narrowing the type of permission - the only way to get here with a\n // non-resource permission is if the PermissionPolicy returns a\n // CONDITIONAL decision for a non-resource permission, which can't\n // happen - it would throw an error during validation in the\n // permission-backend.\n if (!isResourcePermission(permission)) {\n throw new Error(\n `Unexpected conditional decision returned for non-resource permission \"${permission.name}\"`,\n );\n }\n\n return authorizer\n .load({ permission, resourceRef })\n .then(decision =>\n decision.result === AuthorizeResult.ALLOW ? result : undefined,\n );\n }),\n ),\n );\n }\n}\n","/*\n * Copyright 2021 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport express from 'express';\nimport Router from 'express-promise-router';\nimport { Logger } from 'winston';\nimport { z } from 'zod';\nimport { errorHandler } from '@backstage/backend-common';\nimport { ErrorResponseBody, InputError } from '@backstage/errors';\nimport { Config } from '@backstage/config';\nimport { JsonObject, JsonValue } from '@backstage/types';\nimport { getBearerTokenFromAuthorizationHeader } from '@backstage/plugin-auth-node';\nimport {\n PermissionAuthorizer,\n PermissionEvaluator,\n toPermissionEvaluator,\n} from '@backstage/plugin-permission-common';\nimport {\n DocumentTypeInfo,\n IndexableResultSet,\n SearchResultSet,\n} from '@backstage/plugin-search-common';\nimport { SearchEngine } from '@backstage/plugin-search-common';\nimport { AuthorizedSearchEngine } from './AuthorizedSearchEngine';\n\nconst jsonObjectSchema: z.ZodSchema<JsonObject> = z.lazy(() => {\n const jsonValueSchema: z.ZodSchema<JsonValue> = z.lazy(() =>\n z.union([\n z.string(),\n z.number(),\n z.boolean(),\n z.null(),\n z.array(jsonValueSchema),\n jsonObjectSchema,\n ]),\n );\n\n return z.record(jsonValueSchema);\n});\n\n/**\n * @public\n */\nexport type RouterOptions = {\n engine: SearchEngine;\n types: Record<string, DocumentTypeInfo>;\n permissions: PermissionEvaluator | PermissionAuthorizer;\n config: Config;\n logger: Logger;\n};\n\nconst allowedLocationProtocols = ['http:', 'https:'];\n\n/**\n * @public\n */\nexport async function createRouter(\n options: RouterOptions,\n): Promise<express.Router> {\n const { engine: inputEngine, types, permissions, config, logger } = options;\n\n const requestSchema = z.object({\n term: z.string().default(''),\n filters: jsonObjectSchema.optional(),\n types: z\n .array(z.string().refine(type => Object.keys(types).includes(type)))\n .optional(),\n pageCursor: z.string().optional(),\n });\n\n let permissionEvaluator: PermissionEvaluator;\n if ('authorizeConditional' in permissions) {\n permissionEvaluator = permissions as PermissionEvaluator;\n } else {\n logger.warn(\n 'PermissionAuthorizer is deprecated. Please use an instance of PermissionEvaluator instead of PermissionAuthorizer in PluginEnvironment#permissions',\n );\n permissionEvaluator = toPermissionEvaluator(permissions);\n }\n\n const engine = config.getOptionalBoolean('permission.enabled')\n ? new AuthorizedSearchEngine(\n inputEngine,\n types,\n permissionEvaluator,\n config,\n )\n : inputEngine;\n\n const filterResultSet = ({ results, ...resultSet }: SearchResultSet) => ({\n ...resultSet,\n results: results.filter(result => {\n const protocol = new URL(result.document.location, 'https://example.com')\n .protocol;\n const isAllowed = allowedLocationProtocols.includes(protocol);\n if (!isAllowed) {\n logger.info(\n `Rejected search result for \"${result.document.title}\" as location protocol \"${protocol}\" is unsafe`,\n );\n }\n return isAllowed;\n }),\n });\n\n const toSearchResults = (resultSet: IndexableResultSet): SearchResultSet => ({\n ...resultSet,\n results: resultSet.results.map(result => ({\n ...result,\n document: {\n ...result.document,\n authorization: undefined,\n },\n })),\n });\n\n const router = Router();\n router.get(\n '/query',\n async (\n req: express.Request,\n res: express.Response<SearchResultSet | ErrorResponseBody>,\n ) => {\n const parseResult = requestSchema.safeParse(req.query);\n\n if (!parseResult.success) {\n throw new InputError(`Invalid query string: ${parseResult.error}`);\n }\n\n const query = parseResult.data;\n\n logger.info(\n `Search request received: term=\"${\n query.term\n }\", filters=${JSON.stringify(query.filters)}, types=${\n query.types ? query.types.join(',') : ''\n }, pageCursor=${query.pageCursor ?? ''}`,\n );\n\n const token = getBearerTokenFromAuthorizationHeader(\n req.header('authorization'),\n );\n\n try {\n const resultSet = await engine?.query(query, { token });\n\n res.send(filterResultSet(toSearchResults(resultSet)));\n } catch (error) {\n if (error.name === 'MissingIndexError') {\n // re-throw and let the default error handler middleware captures it and serializes it with the right response code on the standard form\n throw error;\n }\n\n throw new Error(\n `There was a problem performing the search query. ${error}`,\n );\n }\n },\n );\n\n router.use(errorHandler());\n\n return router;\n}\n"],"names":["InputError","DataLoader","qs","zipObject","AuthorizeResult","isResourcePermission","compact","z","toPermissionEvaluator","Router","getBearerTokenFromAuthorizationHeader","errorHandler"],"mappings":";;;;;;;;;;;;;;;;;;;;AAQO,SAAS,gBAAgB,CAAC,UAAU,EAAE;AAC7C,EAAE,IAAI,CAAC,UAAU,EAAE;AACnB,IAAI,OAAO,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;AACvB,GAAG;AACH,EAAE,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;AAC3E,EAAE,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE;AACnB,IAAI,MAAM,IAAIA,iBAAU,CAAC,qBAAqB,CAAC,CAAC;AAChD,GAAG;AACH,EAAE,IAAI,IAAI,GAAG,CAAC,EAAE;AAChB,IAAI,MAAM,IAAIA,iBAAU,CAAC,qBAAqB,CAAC,CAAC;AAChD,GAAG;AACH,EAAE,OAAO;AACT,IAAI,IAAI;AACR,GAAG,CAAC;AACJ,CAAC;AACM,SAAS,gBAAgB,CAAC,EAAE,IAAI,EAAE,EAAE;AAC3C,EAAE,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AAC5D,CAAC;AACM,MAAM,sBAAsB,CAAC;AACpC,EAAE,WAAW,CAAC,YAAY,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE;AACxD,IAAI,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;AACrC,IAAI,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;AACvB,IAAI,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;AACnC,IAAI,IAAI,CAAC,QAAQ,GAAG,EAAE,CAAC;AACvB,IAAI,IAAI,EAAE,CAAC;AACX,IAAI,IAAI,CAAC,oBAAoB,GAAG,CAAC,EAAE,GAAG,MAAM,CAAC,iBAAiB,CAAC,yCAAyC,CAAC,KAAK,IAAI,GAAG,EAAE,GAAG,GAAG,CAAC;AAC9H,GAAG;AACH,EAAE,aAAa,CAAC,UAAU,EAAE;AAC5B,IAAI,IAAI,CAAC,YAAY,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;AAChD,GAAG;AACH,EAAE,MAAM,UAAU,CAAC,IAAI,EAAE;AACzB,IAAI,OAAO,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;AAC9C,GAAG;AACH,EAAE,MAAM,KAAK,CAAC,KAAK,EAAE,OAAO,EAAE;AAC9B,IAAI,MAAM,cAAc,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;AACtC,IAAI,MAAM,gBAAgB,GAAG,IAAIC,8BAAU;AAC3C,MAAM,CAAC,QAAQ,KAAK,IAAI,CAAC,WAAW,CAAC,oBAAoB,CAAC,QAAQ,CAAC,KAAK,EAAE,EAAE,OAAO,CAAC;AACpF,MAAM;AACN,QAAQ,UAAU,EAAE,CAAC,EAAE,UAAU,EAAE,EAAE,IAAI,EAAE,EAAE,KAAK,IAAI;AACtD,OAAO;AACP,KAAK,CAAC;AACN,IAAI,MAAM,UAAU,GAAG,IAAIA,8BAAU;AACrC,MAAM,CAAC,QAAQ,KAAK,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,QAAQ,CAAC,KAAK,EAAE,EAAE,OAAO,CAAC;AACzE,MAAM;AACN,QAAQ,UAAU,EAAE,CAAC,EAAE,UAAU,EAAE,EAAE,IAAI,EAAE,EAAE,WAAW,EAAE,KAAKC,sBAAE,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC;AAClG,OAAO;AACP,KAAK,CAAC;AACN,IAAI,MAAM,cAAc,GAAG,KAAK,CAAC,KAAK,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAClE,IAAI,MAAM,aAAa,GAAGC,gBAAS;AACnC,MAAM,cAAc;AACpB,MAAM,MAAM,OAAO,CAAC,GAAG;AACvB,QAAQ,cAAc,CAAC,GAAG,CAAC,CAAC,IAAI,KAAK;AACrC,UAAU,IAAI,EAAE,CAAC;AACjB,UAAU,MAAM,UAAU,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,IAAI,GAAG,KAAK,CAAC,GAAG,EAAE,CAAC,oBAAoB,CAAC;AAChG,UAAU,IAAI,CAAC,UAAU,EAAE;AAC3B,YAAY,OAAO,EAAE,MAAM,EAAEC,sCAAe,CAAC,KAAK,EAAE,CAAC;AACrD,WAAW;AACX,UAAU,IAAIC,2CAAoB,CAAC,UAAU,CAAC,EAAE;AAChD,YAAY,OAAO,gBAAgB,CAAC,IAAI,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC;AACzD,WAAW;AACX,UAAU,OAAO,UAAU,CAAC,IAAI,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC;AACjD,SAAS,CAAC;AACV,OAAO;AACP,KAAK,CAAC;AACN,IAAI,MAAM,eAAe,GAAG,cAAc,CAAC,MAAM;AACjD,MAAM,CAAC,IAAI,KAAK;AAChB,QAAQ,IAAI,EAAE,CAAC;AACf,QAAQ,OAAO,CAAC,CAAC,EAAE,GAAG,aAAa,CAAC,IAAI,CAAC,KAAK,IAAI,GAAG,KAAK,CAAC,GAAG,EAAE,CAAC,MAAM,MAAMD,sCAAe,CAAC,IAAI,CAAC;AAClG,OAAO;AACP,KAAK,CAAC;AACN,IAAI,MAAM,+BAA+B,GAAG,eAAe,CAAC,IAAI;AAChE,MAAM,CAAC,IAAI,KAAK;AAChB,QAAQ,IAAI,EAAE,CAAC;AACf,QAAQ,OAAO,CAAC,CAAC,EAAE,GAAG,aAAa,CAAC,IAAI,CAAC,KAAK,IAAI,GAAG,KAAK,CAAC,GAAG,EAAE,CAAC,MAAM,MAAMA,sCAAe,CAAC,WAAW,CAAC;AACzG,OAAO;AACP,KAAK,CAAC;AACN,IAAI,IAAI,CAAC,+BAA+B,EAAE;AAC1C,MAAM,OAAO,IAAI,CAAC,YAAY,CAAC,KAAK;AACpC,QAAQ,EAAE,GAAG,KAAK,EAAE,KAAK,EAAE,eAAe,EAAE;AAC5C,QAAQ,OAAO;AACf,OAAO,CAAC;AACR,KAAK;AACL,IAAI,MAAM,EAAE,IAAI,EAAE,GAAG,gBAAgB,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;AACxD,IAAI,MAAM,aAAa,GAAG,CAAC,IAAI,GAAG,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC;AACrD,IAAI,IAAI,eAAe,GAAG,EAAE,CAAC;AAC7B,IAAI,IAAI,cAAc,CAAC;AACvB,IAAI,IAAI,sBAAsB,GAAG,KAAK,CAAC;AACvC,IAAI,GAAG;AACP,MAAM,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,KAAK;AACpD,QAAQ,EAAE,GAAG,KAAK,EAAE,KAAK,EAAE,eAAe,EAAE,UAAU,EAAE,cAAc,EAAE;AACxE,QAAQ,OAAO;AACf,OAAO,CAAC;AACR,MAAM,eAAe,GAAG,eAAe,CAAC,MAAM;AAC9C,QAAQ,MAAM,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,OAAO,EAAE,aAAa,EAAE,UAAU,CAAC;AAC7E,OAAO,CAAC;AACR,MAAM,cAAc,GAAG,QAAQ,CAAC,cAAc,CAAC;AAC/C,MAAM,sBAAsB,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,cAAc,GAAG,IAAI,CAAC,oBAAoB,CAAC;AACvF,KAAK,QAAQ,cAAc,IAAI,eAAe,CAAC,MAAM,GAAG,aAAa,IAAI,CAAC,sBAAsB,EAAE;AAClG,IAAI,OAAO;AACX,MAAM,OAAO,EAAE,eAAe,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC,IAAI,GAAG,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,KAAK,KAAK;AAC9G,QAAQ,OAAO;AACf,UAAU,GAAG,MAAM;AACnB,UAAU,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC,QAAQ,GAAG,KAAK,GAAG,CAAC;AAChD,SAAS,CAAC;AACV,OAAO,CAAC;AACR,MAAM,kBAAkB,EAAE,IAAI,KAAK,CAAC,GAAG,KAAK,CAAC,GAAG,gBAAgB,CAAC,EAAE,IAAI,EAAE,IAAI,GAAG,CAAC,EAAE,CAAC;AACpF,MAAM,cAAc,EAAE,CAAC,sBAAsB,KAAK,cAAc,IAAI,eAAe,CAAC,MAAM,GAAG,aAAa,CAAC,GAAG,gBAAgB,CAAC,EAAE,IAAI,EAAE,IAAI,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC;AAC3J,KAAK,CAAC;AACN,GAAG;AACH,EAAE,MAAM,aAAa,CAAC,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE;AAC1D,IAAI,OAAOE,cAAO;AAClB,MAAM,MAAM,OAAO,CAAC,GAAG;AACvB,QAAQ,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,KAAK;AAChC,UAAU,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;AACzB,UAAU,IAAI,CAAC,CAAC,EAAE,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,IAAI,GAAG,KAAK,CAAC,GAAG,EAAE,CAAC,MAAM,MAAMF,sCAAe,CAAC,KAAK,EAAE;AAC1G,YAAY,OAAO,MAAM,CAAC;AAC1B,WAAW;AACX,UAAU,MAAM,UAAU,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,IAAI,GAAG,KAAK,CAAC,GAAG,EAAE,CAAC,oBAAoB,CAAC;AACvG,UAAU,MAAM,WAAW,GAAG,CAAC,EAAE,GAAG,MAAM,CAAC,QAAQ,CAAC,aAAa,KAAK,IAAI,GAAG,KAAK,CAAC,GAAG,EAAE,CAAC,WAAW,CAAC;AACrG,UAAU,IAAI,CAAC,UAAU,IAAI,CAAC,WAAW,EAAE;AAC3C,YAAY,OAAO,MAAM,CAAC;AAC1B,WAAW;AACX,UAAU,IAAI,CAACC,2CAAoB,CAAC,UAAU,CAAC,EAAE;AACjD,YAAY,MAAM,IAAI,KAAK;AAC3B,cAAc,CAAC,sEAAsE,EAAE,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;AACzG,aAAa,CAAC;AACd,WAAW;AACX,UAAU,OAAO,UAAU,CAAC,IAAI,CAAC,EAAE,UAAU,EAAE,WAAW,EAAE,CAAC,CAAC,IAAI;AAClE,YAAY,CAAC,QAAQ,KAAK,QAAQ,CAAC,MAAM,KAAKD,sCAAe,CAAC,KAAK,GAAG,MAAM,GAAG,KAAK,CAAC;AACrF,WAAW,CAAC;AACZ,SAAS,CAAC;AACV,OAAO;AACP,KAAK,CAAC;AACN,GAAG;AACH;;ACrIA,MAAM,gBAAgB,GAAGG,KAAC,CAAC,IAAI,CAAC,MAAM;AACtC,EAAE,MAAM,eAAe,GAAGA,KAAC,CAAC,IAAI;AAChC,IAAI,MAAMA,KAAC,CAAC,KAAK,CAAC;AAClB,MAAMA,KAAC,CAAC,MAAM,EAAE;AAChB,MAAMA,KAAC,CAAC,MAAM,EAAE;AAChB,MAAMA,KAAC,CAAC,OAAO,EAAE;AACjB,MAAMA,KAAC,CAAC,IAAI,EAAE;AACd,MAAMA,KAAC,CAAC,KAAK,CAAC,eAAe,CAAC;AAC9B,MAAM,gBAAgB;AACtB,KAAK,CAAC;AACN,GAAG,CAAC;AACJ,EAAE,OAAOA,KAAC,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;AACnC,CAAC,CAAC,CAAC;AACH,MAAM,wBAAwB,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;AAC9C,eAAe,YAAY,CAAC,OAAO,EAAE;AAC5C,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;AAC9E,EAAE,MAAM,aAAa,GAAGA,KAAC,CAAC,MAAM,CAAC;AACjC,IAAI,IAAI,EAAEA,KAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;AAChC,IAAI,OAAO,EAAE,gBAAgB,CAAC,QAAQ,EAAE;AACxC,IAAI,KAAK,EAAEA,KAAC,CAAC,KAAK,CAACA,KAAC,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,CAAC,IAAI,KAAK,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;AAC7F,IAAI,UAAU,EAAEA,KAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;AACrC,GAAG,CAAC,CAAC;AACL,EAAE,IAAI,mBAAmB,CAAC;AAC1B,EAAE,IAAI,sBAAsB,IAAI,WAAW,EAAE;AAC7C,IAAI,mBAAmB,GAAG,WAAW,CAAC;AACtC,GAAG,MAAM;AACT,IAAI,MAAM,CAAC,IAAI;AACf,MAAM,oJAAoJ;AAC1J,KAAK,CAAC;AACN,IAAI,mBAAmB,GAAGC,4CAAqB,CAAC,WAAW,CAAC,CAAC;AAC7D,GAAG;AACH,EAAE,MAAM,MAAM,GAAG,MAAM,CAAC,kBAAkB,CAAC,oBAAoB,CAAC,GAAG,IAAI,sBAAsB;AAC7F,IAAI,WAAW;AACf,IAAI,KAAK;AACT,IAAI,mBAAmB;AACvB,IAAI,MAAM;AACV,GAAG,GAAG,WAAW,CAAC;AAClB,EAAE,MAAM,eAAe,GAAG,CAAC,EAAE,OAAO,EAAE,GAAG,SAAS,EAAE,MAAM;AAC1D,IAAI,GAAG,SAAS;AAChB,IAAI,OAAO,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC,MAAM,KAAK;AACxC,MAAM,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,qBAAqB,CAAC,CAAC,QAAQ,CAAC;AACzF,MAAM,MAAM,SAAS,GAAG,wBAAwB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AACpE,MAAM,IAAI,CAAC,SAAS,EAAE;AACtB,QAAQ,MAAM,CAAC,IAAI;AACnB,UAAU,CAAC,4BAA4B,EAAE,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,wBAAwB,EAAE,QAAQ,CAAC,WAAW,CAAC;AAC9G,SAAS,CAAC;AACV,OAAO;AACP,MAAM,OAAO,SAAS,CAAC;AACvB,KAAK,CAAC;AACN,GAAG,CAAC,CAAC;AACL,EAAE,MAAM,eAAe,GAAG,CAAC,SAAS,MAAM;AAC1C,IAAI,GAAG,SAAS;AAChB,IAAI,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,MAAM;AAChD,MAAM,GAAG,MAAM;AACf,MAAM,QAAQ,EAAE;AAChB,QAAQ,GAAG,MAAM,CAAC,QAAQ;AAC1B,QAAQ,aAAa,EAAE,KAAK,CAAC;AAC7B,OAAO;AACP,KAAK,CAAC,CAAC;AACP,GAAG,CAAC,CAAC;AACL,EAAE,MAAM,MAAM,GAAGC,0BAAM,EAAE,CAAC;AAC1B,EAAE,MAAM,CAAC,GAAG;AACZ,IAAI,QAAQ;AACZ,IAAI,OAAO,GAAG,EAAE,GAAG,KAAK;AACxB,MAAM,IAAI,EAAE,CAAC;AACb,MAAM,MAAM,WAAW,GAAG,aAAa,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;AAC7D,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE;AAChC,QAAQ,MAAM,IAAIT,iBAAU,CAAC,CAAC,sBAAsB,EAAE,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AAC3E,OAAO;AACP,MAAM,MAAM,KAAK,GAAG,WAAW,CAAC,IAAI,CAAC;AACrC,MAAM,MAAM,CAAC,IAAI;AACjB,QAAQ,CAAC,+BAA+B,EAAE,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,KAAK,CAAC,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,aAAa,EAAE,CAAC,EAAE,GAAG,KAAK,CAAC,UAAU,KAAK,IAAI,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC;AAC7M,OAAO,CAAC;AACR,MAAM,MAAM,KAAK,GAAGU,oDAAqC;AACzD,QAAQ,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC;AACnC,OAAO,CAAC;AACR,MAAM,IAAI;AACV,QAAQ,MAAM,SAAS,GAAG,OAAO,MAAM,IAAI,IAAI,GAAG,KAAK,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;AAC3F,QAAQ,GAAG,CAAC,IAAI,CAAC,eAAe,CAAC,eAAe,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;AAC9D,OAAO,CAAC,OAAO,KAAK,EAAE;AACtB,QAAQ,IAAI,KAAK,CAAC,IAAI,KAAK,mBAAmB,EAAE;AAChD,UAAU,MAAM,KAAK,CAAC;AACtB,SAAS;AACT,QAAQ,MAAM,IAAI,KAAK;AACvB,UAAU,CAAC,iDAAiD,EAAE,KAAK,CAAC,CAAC;AACrE,SAAS,CAAC;AACV,OAAO;AACP,KAAK;AACL,GAAG,CAAC;AACJ,EAAE,MAAM,CAAC,GAAG,CAACC,0BAAY,EAAE,CAAC,CAAC;AAC7B,EAAE,OAAO,MAAM,CAAC;AAChB;;;;"}
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@backstage/plugin-search-backend",
3
3
  "description": "The Backstage backend plugin that provides your backstage app with search",
4
- "version": "1.0.0",
4
+ "version": "1.0.1-next.0",
5
5
  "main": "dist/index.cjs.js",
6
6
  "types": "dist/index.d.ts",
7
7
  "license": "Apache-2.0",
@@ -23,13 +23,13 @@
23
23
  "clean": "backstage-cli package clean"
24
24
  },
25
25
  "dependencies": {
26
- "@backstage/backend-common": "^0.14.1",
26
+ "@backstage/backend-common": "^0.15.0-next.0",
27
27
  "@backstage/config": "^1.0.1",
28
28
  "@backstage/errors": "^1.1.0",
29
- "@backstage/plugin-auth-node": "^0.2.3",
29
+ "@backstage/plugin-auth-node": "^0.2.4-next.0",
30
30
  "@backstage/plugin-permission-common": "^0.6.3",
31
- "@backstage/plugin-permission-node": "^0.6.3",
32
- "@backstage/plugin-search-backend-node": "^1.0.0",
31
+ "@backstage/plugin-permission-node": "^0.6.4-next.0",
32
+ "@backstage/plugin-search-backend-node": "^1.0.1-next.0",
33
33
  "@backstage/plugin-search-common": "^1.0.0",
34
34
  "@backstage/types": "^1.0.0",
35
35
  "@types/express": "^4.17.6",
@@ -43,12 +43,12 @@
43
43
  "zod": "^3.11.6"
44
44
  },
45
45
  "devDependencies": {
46
- "@backstage/cli": "^0.18.0",
46
+ "@backstage/cli": "^0.18.1-next.0",
47
47
  "@types/supertest": "^2.0.8",
48
48
  "supertest": "^6.1.3"
49
49
  },
50
50
  "files": [
51
51
  "dist"
52
52
  ],
53
- "gitHead": "999878d8f1ae30f6a15925816af2016cb9d717a1"
53
+ "gitHead": "fc3229c49caf6eced02ed9516199015bf4682664"
54
54
  }