@backstage/plugin-search-backend 2.0.5-next.0 → 2.0.6-next.0

package/CHANGELOG.md

@@ -1,5 +1,27 @@
 # @backstage/plugin-search-backend
 
+## 2.0.6-next.0
+
+### Patch Changes
+
+- Updated dependencies
+  - @backstage/backend-defaults@0.12.1-next.0
+  - @backstage/backend-plugin-api@1.4.3-next.0
+  - @backstage/plugin-permission-node@0.10.4-next.0
+  - @backstage/plugin-search-backend-node@1.3.15-next.0
+  - @backstage/backend-openapi-utils@0.6.1-next.0
+
+## 2.0.5
+
+### Patch Changes
+
+- Updated dependencies
+  - @backstage/backend-openapi-utils@0.6.0
+  - @backstage/backend-defaults@0.12.0
+  - @backstage/plugin-permission-node@0.10.3
+  - @backstage/plugin-search-backend-node@1.3.14
+  - @backstage/backend-plugin-api@1.4.2
+
 ## 2.0.5-next.0
 
 ### Patch Changes

package/dist/alpha.cjs.js.map

@@ -1 +1 @@
-{"version":3,"file":"alpha.cjs.js","sources":["../src/alpha.ts"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { default as feature } from './plugin';\n\n/** @alpha */\nconst _feature = feature;\nexport default _feature;\n"],"names":["feature"],"mappings":";;;;;;AAmBA,MAAM,QAAW,GAAAA;;;;"}
+{"version":3,"file":"alpha.cjs.js","sources":["../src/alpha.ts"],"sourcesContent":["/*\n * Copyright 2024 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { default as feature } from './plugin';\n\n/** @alpha */\nconst _feature = feature;\nexport default _feature;\n"],"names":["feature"],"mappings":";;;;;;AAmBA,MAAM,QAAA,GAAWA;;;;"}

package/dist/plugin.cjs.js

@@ -92,7 +92,6 @@ var feature = backendPluginApi.createBackendPlugin({
         });
         const router$1 = await router.createRouter({
           config,
-          discovery,
           permissions,
           auth,
           httpAuth,

package/dist/plugin.cjs.js.map

@@ -1 +1 @@
-{"version":3,"file":"plugin.cjs.js","sources":["../src/plugin.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  coreServices,\n  createBackendPlugin,\n} from '@backstage/backend-plugin-api';\nimport {\n  LunrSearchEngine,\n  RegisterCollatorParameters,\n  RegisterDecoratorParameters,\n  SearchEngine,\n} from '@backstage/plugin-search-backend-node';\nimport {\n  SearchEngineRegistryExtensionPoint,\n  searchEngineRegistryExtensionPoint,\n  searchIndexRegistryExtensionPoint,\n  SearchIndexRegistryExtensionPoint,\n  searchIndexServiceRef,\n} from '@backstage/plugin-search-backend-node/alpha';\n\nimport { createRouter } from './service/router';\n\nclass SearchIndexRegistry implements SearchIndexRegistryExtensionPoint {\n  private collators: RegisterCollatorParameters[] = [];\n  private decorators: RegisterDecoratorParameters[] = [];\n\n  public addCollator(options: RegisterCollatorParameters): void {\n    this.collators.push(options);\n  }\n\n  public addDecorator(options: RegisterDecoratorParameters): void {\n    this.decorators.push(options);\n  }\n\n  public getCollators(): RegisterCollatorParameters[] {\n    return this.collators;\n  }\n\n  public getDecorators(): RegisterDecoratorParameters[] {\n    return this.decorators;\n  }\n}\n\nclass SearchEngineRegistry implements SearchEngineRegistryExtensionPoint {\n  private searchEngine: SearchEngine | null = null;\n\n  public setSearchEngine(searchEngine: SearchEngine): void {\n    if (this.searchEngine) {\n      throw new Error('Multiple Search engines is not supported at this time');\n    }\n    this.searchEngine = searchEngine;\n  }\n\n  public getSearchEngine(): SearchEngine | null {\n    return this.searchEngine;\n  }\n}\n\n/**\n * The Search plugin is responsible for starting search indexing processes and return search results.\n * @public\n */\nexport default createBackendPlugin({\n  pluginId: 'search',\n  register(env) {\n    const searchIndexRegistry = new SearchIndexRegistry();\n    env.registerExtensionPoint(\n      searchIndexRegistryExtensionPoint,\n      searchIndexRegistry,\n    );\n\n    const searchEngineRegistry = new SearchEngineRegistry();\n    env.registerExtensionPoint(\n      searchEngineRegistryExtensionPoint,\n      searchEngineRegistry,\n    );\n\n    env.registerInit({\n      deps: {\n        logger: coreServices.logger,\n        config: coreServices.rootConfig,\n        discovery: coreServices.discovery,\n        permissions: coreServices.permissions,\n        auth: coreServices.auth,\n        http: coreServices.httpRouter,\n        httpAuth: coreServices.httpAuth,\n        lifecycle: coreServices.rootLifecycle,\n        searchIndexService: searchIndexServiceRef,\n      },\n      async init({\n        config,\n        logger,\n        discovery,\n        permissions,\n        auth,\n        http,\n        httpAuth,\n        lifecycle,\n        searchIndexService,\n      }) {\n        let searchEngine = searchEngineRegistry.getSearchEngine();\n        if (!searchEngine) {\n          searchEngine = new LunrSearchEngine({\n            logger,\n          });\n        }\n\n        const collators = searchIndexRegistry.getCollators();\n        const decorators = searchIndexRegistry.getDecorators();\n        searchIndexService.init({\n          searchEngine: searchEngine!,\n          collators,\n          decorators,\n        });\n\n        lifecycle.addStartupHook(async () => {\n          await searchIndexService.start();\n        });\n\n        lifecycle.addShutdownHook(async () => {\n          await searchIndexService.stop();\n        });\n\n        const router = await createRouter({\n          config,\n          discovery,\n          permissions,\n          auth,\n          httpAuth,\n          logger,\n          engine: searchEngine,\n          types: searchIndexService.getDocumentTypes(),\n        });\n\n        http.use(router);\n      },\n    });\n  },\n});\n"],"names":["createBackendPlugin","searchIndexRegistryExtensionPoint","searchEngineRegistryExtensionPoint","coreServices","searchIndexServiceRef","LunrSearchEngine","router","createRouter"],"mappings":";;;;;;;;;AAoCA,MAAM,mBAAiE,CAAA;AAAA,EAC7D,YAA0C,EAAC;AAAA,EAC3C,aAA4C,EAAC;AAAA,EAE9C,YAAY,OAA2C,EAAA;AAC5D,IAAK,IAAA,CAAA,SAAA,CAAU,KAAK,OAAO,CAAA;AAAA;AAC7B,EAEO,aAAa,OAA4C,EAAA;AAC9D,IAAK,IAAA,CAAA,UAAA,CAAW,KAAK,OAAO,CAAA;AAAA;AAC9B,EAEO,YAA6C,GAAA;AAClD,IAAA,OAAO,IAAK,CAAA,SAAA;AAAA;AACd,EAEO,aAA+C,GAAA;AACpD,IAAA,OAAO,IAAK,CAAA,UAAA;AAAA;AAEhB;AAEA,MAAM,oBAAmE,CAAA;AAAA,EAC/D,YAAoC,GAAA,IAAA;AAAA,EAErC,gBAAgB,YAAkC,EAAA;AACvD,IAAA,IAAI,KAAK,YAAc,EAAA;AACrB,MAAM,MAAA,IAAI,MAAM,uDAAuD,CAAA;AAAA;AAEzE,IAAA,IAAA,CAAK,YAAe,GAAA,YAAA;AAAA;AACtB,EAEO,eAAuC,GAAA;AAC5C,IAAA,OAAO,IAAK,CAAA,YAAA;AAAA;AAEhB;AAMA,cAAeA,oCAAoB,CAAA;AAAA,EACjC,QAAU,EAAA,QAAA;AAAA,EACV,SAAS,GAAK,EAAA;AACZ,IAAM,MAAA,mBAAA,GAAsB,IAAI,mBAAoB,EAAA;AACpD,IAAI,GAAA,CAAA,sBAAA;AAAA,MACFC,uCAAA;AAAA,MACA;AAAA,KACF;AAEA,IAAM,MAAA,oBAAA,GAAuB,IAAI,oBAAqB,EAAA;AACtD,IAAI,GAAA,CAAA,sBAAA;AAAA,MACFC,wCAAA;AAAA,MACA;AAAA,KACF;AAEA,IAAA,GAAA,CAAI,YAAa,CAAA;AAAA,MACf,IAAM,EAAA;AAAA,QACJ,QAAQC,6BAAa,CAAA,MAAA;AAAA,QACrB,QAAQA,6BAAa,CAAA,UAAA;AAAA,QACrB,WAAWA,6BAAa,CAAA,SAAA;AAAA,QACxB,aAAaA,6BAAa,CAAA,WAAA;AAAA,QAC1B,MAAMA,6BAAa,CAAA,IAAA;AAAA,QACnB,MAAMA,6BAAa,CAAA,UAAA;AAAA,QACnB,UAAUA,6BAAa,CAAA,QAAA;AAAA,QACvB,WAAWA,6BAAa,CAAA,aAAA;AAAA,QACxB,kBAAoB,EAAAC;AAAA,OACtB;AAAA,MACA,MAAM,IAAK,CAAA;AAAA,QACT,MAAA;AAAA,QACA,MAAA;AAAA,QACA,SAAA;AAAA,QACA,WAAA;AAAA,QACA,IAAA;AAAA,QACA,IAAA;AAAA,QACA,QAAA;AAAA,QACA,SAAA;AAAA,QACA;AAAA,OACC,EAAA;AACD,QAAI,IAAA,YAAA,GAAe,qBAAqB,eAAgB,EAAA;AACxD,QAAA,IAAI,CAAC,YAAc,EAAA;AACjB,UAAA,YAAA,GAAe,IAAIC,wCAAiB,CAAA;AAAA,YAClC;AAAA,WACD,CAAA;AAAA;AAGH,QAAM,MAAA,SAAA,GAAY,oBAAoB,YAAa,EAAA;AACnD,QAAM,MAAA,UAAA,GAAa,oBAAoB,aAAc,EAAA;AACrD,QAAA,kBAAA,CAAmB,IAAK,CAAA;AAAA,UACtB,YAAA;AAAA,UACA,SAAA;AAAA,UACA;AAAA,SACD,CAAA;AAED,QAAA,SAAA,CAAU,eAAe,YAAY;AACnC,UAAA,MAAM,mBAAmB,KAAM,EAAA;AAAA,SAChC,CAAA;AAED,QAAA,SAAA,CAAU,gBAAgB,YAAY;AACpC,UAAA,MAAM,mBAAmB,IAAK,EAAA;AAAA,SAC/B,CAAA;AAED,QAAM,MAAAC,QAAA,GAAS,MAAMC,mBAAa,CAAA;AAAA,UAChC,MAAA;AAAA,UACA,SAAA;AAAA,UACA,WAAA;AAAA,UACA,IAAA;AAAA,UACA,QAAA;AAAA,UACA,MAAA;AAAA,UACA,MAAQ,EAAA,YAAA;AAAA,UACR,KAAA,EAAO,mBAAmB,gBAAiB;AAAA,SAC5C,CAAA;AAED,QAAA,IAAA,CAAK,IAAID,QAAM,CAAA;AAAA;AACjB,KACD,CAAA;AAAA;AAEL,CAAC,CAAA;;;;"}
+{"version":3,"file":"plugin.cjs.js","sources":["../src/plugin.ts"],"sourcesContent":["/*\n * Copyright 2023 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  coreServices,\n  createBackendPlugin,\n} from '@backstage/backend-plugin-api';\nimport {\n  LunrSearchEngine,\n  RegisterCollatorParameters,\n  RegisterDecoratorParameters,\n  SearchEngine,\n} from '@backstage/plugin-search-backend-node';\nimport {\n  SearchEngineRegistryExtensionPoint,\n  searchEngineRegistryExtensionPoint,\n  searchIndexRegistryExtensionPoint,\n  SearchIndexRegistryExtensionPoint,\n  searchIndexServiceRef,\n} from '@backstage/plugin-search-backend-node/alpha';\n\nimport { createRouter } from './service/router';\n\nclass SearchIndexRegistry implements SearchIndexRegistryExtensionPoint {\n  private collators: RegisterCollatorParameters[] = [];\n  private decorators: RegisterDecoratorParameters[] = [];\n\n  public addCollator(options: RegisterCollatorParameters): void {\n    this.collators.push(options);\n  }\n\n  public addDecorator(options: RegisterDecoratorParameters): void {\n    this.decorators.push(options);\n  }\n\n  public getCollators(): RegisterCollatorParameters[] {\n    return this.collators;\n  }\n\n  public getDecorators(): RegisterDecoratorParameters[] {\n    return this.decorators;\n  }\n}\n\nclass SearchEngineRegistry implements SearchEngineRegistryExtensionPoint {\n  private searchEngine: SearchEngine | null = null;\n\n  public setSearchEngine(searchEngine: SearchEngine): void {\n    if (this.searchEngine) {\n      throw new Error('Multiple Search engines is not supported at this time');\n    }\n    this.searchEngine = searchEngine;\n  }\n\n  public getSearchEngine(): SearchEngine | null {\n    return this.searchEngine;\n  }\n}\n\n/**\n * The Search plugin is responsible for starting search indexing processes and return search results.\n * @public\n */\nexport default createBackendPlugin({\n  pluginId: 'search',\n  register(env) {\n    const searchIndexRegistry = new SearchIndexRegistry();\n    env.registerExtensionPoint(\n      searchIndexRegistryExtensionPoint,\n      searchIndexRegistry,\n    );\n\n    const searchEngineRegistry = new SearchEngineRegistry();\n    env.registerExtensionPoint(\n      searchEngineRegistryExtensionPoint,\n      searchEngineRegistry,\n    );\n\n    env.registerInit({\n      deps: {\n        logger: coreServices.logger,\n        config: coreServices.rootConfig,\n        discovery: coreServices.discovery,\n        permissions: coreServices.permissions,\n        auth: coreServices.auth,\n        http: coreServices.httpRouter,\n        httpAuth: coreServices.httpAuth,\n        lifecycle: coreServices.rootLifecycle,\n        searchIndexService: searchIndexServiceRef,\n      },\n      async init({\n        config,\n        logger,\n        discovery,\n        permissions,\n        auth,\n        http,\n        httpAuth,\n        lifecycle,\n        searchIndexService,\n      }) {\n        let searchEngine = searchEngineRegistry.getSearchEngine();\n        if (!searchEngine) {\n          searchEngine = new LunrSearchEngine({\n            logger,\n          });\n        }\n\n        const collators = searchIndexRegistry.getCollators();\n        const decorators = searchIndexRegistry.getDecorators();\n        searchIndexService.init({\n          searchEngine: searchEngine!,\n          collators,\n          decorators,\n        });\n\n        lifecycle.addStartupHook(async () => {\n          await searchIndexService.start();\n        });\n\n        lifecycle.addShutdownHook(async () => {\n          await searchIndexService.stop();\n        });\n\n        const router = await createRouter({\n          config,\n          discovery,\n          permissions,\n          auth,\n          httpAuth,\n          logger,\n          engine: searchEngine,\n          types: searchIndexService.getDocumentTypes(),\n        });\n\n        http.use(router);\n      },\n    });\n  },\n});\n"],"names":["createBackendPlugin","searchIndexRegistryExtensionPoint","searchEngineRegistryExtensionPoint","coreServices","searchIndexServiceRef","LunrSearchEngine","router","createRouter"],"mappings":";;;;;;;;;AAoCA,MAAM,mBAAA,CAAiE;AAAA,EAC7D,YAA0C,EAAC;AAAA,EAC3C,aAA4C,EAAC;AAAA,EAE9C,YAAY,OAAA,EAA2C;AAC5D,IAAA,IAAA,CAAK,SAAA,CAAU,KAAK,OAAO,CAAA;AAAA,EAC7B;AAAA,EAEO,aAAa,OAAA,EAA4C;AAC9D,IAAA,IAAA,CAAK,UAAA,CAAW,KAAK,OAAO,CAAA;AAAA,EAC9B;AAAA,EAEO,YAAA,GAA6C;AAClD,IAAA,OAAO,IAAA,CAAK,SAAA;AAAA,EACd;AAAA,EAEO,aAAA,GAA+C;AACpD,IAAA,OAAO,IAAA,CAAK,UAAA;AAAA,EACd;AACF;AAEA,MAAM,oBAAA,CAAmE;AAAA,EAC/D,YAAA,GAAoC,IAAA;AAAA,EAErC,gBAAgB,YAAA,EAAkC;AACvD,IAAA,IAAI,KAAK,YAAA,EAAc;AACrB,MAAA,MAAM,IAAI,MAAM,uDAAuD,CAAA;AAAA,IACzE;AACA,IAAA,IAAA,CAAK,YAAA,GAAe,YAAA;AAAA,EACtB;AAAA,EAEO,eAAA,GAAuC;AAC5C,IAAA,OAAO,IAAA,CAAK,YAAA;AAAA,EACd;AACF;AAMA,cAAeA,oCAAA,CAAoB;AAAA,EACjC,QAAA,EAAU,QAAA;AAAA,EACV,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,mBAAA,GAAsB,IAAI,mBAAA,EAAoB;AACpD,IAAA,GAAA,CAAI,sBAAA;AAAA,MACFC,uCAAA;AAAA,MACA;AAAA,KACF;AAEA,IAAA,MAAM,oBAAA,GAAuB,IAAI,oBAAA,EAAqB;AACtD,IAAA,GAAA,CAAI,sBAAA;AAAA,MACFC,wCAAA;AAAA,MACA;AAAA,KACF;AAEA,IAAA,GAAA,CAAI,YAAA,CAAa;AAAA,MACf,IAAA,EAAM;AAAA,QACJ,QAAQC,6BAAA,CAAa,MAAA;AAAA,QACrB,QAAQA,6BAAA,CAAa,UAAA;AAAA,QACrB,WAAWA,6BAAA,CAAa,SAAA;AAAA,QACxB,aAAaA,6BAAA,CAAa,WAAA;AAAA,QAC1B,MAAMA,6BAAA,CAAa,IAAA;AAAA,QACnB,MAAMA,6BAAA,CAAa,UAAA;AAAA,QACnB,UAAUA,6BAAA,CAAa,QAAA;AAAA,QACvB,WAAWA,6BAAA,CAAa,aAAA;AAAA,QACxB,kBAAA,EAAoBC;AAAA,OACtB;AAAA,MACA,MAAM,IAAA,CAAK;AAAA,QACT,MAAA;AAAA,QACA,MAAA;AAAA,QACA,SAAA;AAAA,QACA,WAAA;AAAA,QACA,IAAA;AAAA,QACA,IAAA;AAAA,QACA,QAAA;AAAA,QACA,SAAA;AAAA,QACA;AAAA,OACF,EAAG;AACD,QAAA,IAAI,YAAA,GAAe,qBAAqB,eAAA,EAAgB;AACxD,QAAA,IAAI,CAAC,YAAA,EAAc;AACjB,UAAA,YAAA,GAAe,IAAIC,wCAAA,CAAiB;AAAA,YAClC;AAAA,WACD,CAAA;AAAA,QACH;AAEA,QAAA,MAAM,SAAA,GAAY,oBAAoB,YAAA,EAAa;AACnD,QAAA,MAAM,UAAA,GAAa,oBAAoB,aAAA,EAAc;AACrD,QAAA,kBAAA,CAAmB,IAAA,CAAK;AAAA,UACtB,YAAA;AAAA,UACA,SAAA;AAAA,UACA;AAAA,SACD,CAAA;AAED,QAAA,SAAA,CAAU,eAAe,YAAY;AACnC,UAAA,MAAM,mBAAmB,KAAA,EAAM;AAAA,QACjC,CAAC,CAAA;AAED,QAAA,SAAA,CAAU,gBAAgB,YAAY;AACpC,UAAA,MAAM,mBAAmB,IAAA,EAAK;AAAA,QAChC,CAAC,CAAA;AAED,QAAA,MAAMC,QAAA,GAAS,MAAMC,mBAAA,CAAa;AAAA,UAChC,MAAA;AAAA,UAEA,WAAA;AAAA,UACA,IAAA;AAAA,UACA,QAAA;AAAA,UACA,MAAA;AAAA,UACA,MAAA,EAAQ,YAAA;AAAA,UACR,KAAA,EAAO,mBAAmB,gBAAA;AAAiB,SAC5C,CAAA;AAED,QAAA,IAAA,CAAK,IAAID,QAAM,CAAA;AAAA,MACjB;AAAA,KACD,CAAA;AAAA,EACH;AACF,CAAC,CAAA;;;;"}

package/dist/schema/openapi/generated/router.cjs.js.map

@@ -1 +1 @@
-{"version":3,"file":"router.cjs.js","sources":["../../../../src/schema/openapi/generated/router.ts"],"sourcesContent":["/*\n * Copyright 2025 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\n// ******************************************************************\n// * THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. *\n// ******************************************************************\nimport { createValidatedOpenApiRouterFromGeneratedEndpointMap } from '@backstage/backend-openapi-utils';\nimport { EndpointMap } from './apis';\n\nexport const spec = {\n  openapi: '3.0.3',\n  info: {\n    title: 'search',\n    version: '1',\n    description:\n      'The Backstage backend plugin that provides search functionality.',\n    license: {\n      name: 'Apache-2.0',\n      url: 'http://www.apache.org/licenses/LICENSE-2.0.html',\n    },\n    contact: {},\n  },\n  servers: [\n    {\n      url: '/',\n    },\n  ],\n  components: {\n    examples: {},\n    headers: {},\n    parameters: {},\n    requestBodies: {},\n    responses: {\n      ErrorResponse: {\n        description: 'An error response from the backend.',\n        content: {\n          'application/json; charset=utf-8': {\n            schema: {\n              $ref: '#/components/schemas/Error',\n            },\n          },\n        },\n      },\n    },\n    schemas: {\n      Error: {\n        type: 'object',\n        properties: {\n          error: {\n            type: 'object',\n            properties: {\n              name: {\n                type: 'string',\n              },\n              message: {\n                type: 'string',\n              },\n            },\n            required: ['name', 'message'],\n          },\n          request: {\n            type: 'object',\n            properties: {\n              method: {\n                type: 'string',\n              },\n              url: {\n                type: 'string',\n              },\n            },\n            required: ['method', 'url'],\n          },\n          response: {\n            type: 'object',\n            properties: {\n              statusCode: {\n                type: 'number',\n              },\n            },\n            required: ['statusCode'],\n          },\n        },\n        required: ['error', 'request', 'response'],\n      },\n      JsonObject: {\n        type: 'object',\n        properties: {},\n        additionalProperties: {},\n      },\n    },\n    securitySchemes: {\n      JWT: {\n        type: 'http',\n        scheme: 'bearer',\n        bearerFormat: 'JWT',\n      },\n    },\n  },\n  paths: {\n    '/query': {\n      get: {\n        operationId: 'Query',\n        description: 'Query documents with a given filter.',\n        tags: ['Search'],\n        responses: {\n          '200': {\n            description: 'Ok',\n            content: {\n              'application/json': {\n                schema: {\n                  type: 'object',\n                  properties: {\n                    results: {\n                      type: 'array',\n                      items: {\n                        type: 'object',\n                        properties: {\n                          type: {\n                            type: 'string',\n                            description: 'The \"type\" of the given document.',\n                          },\n                          document: {\n                            type: 'object',\n                            description:\n                              'The raw value of the document, as indexed.',\n                            properties: {\n                              title: {\n                                type: 'string',\n                                description:\n                                  'The primary name of the document (e.g. name, title, identifier, etc).',\n                              },\n                              text: {\n                                type: 'string',\n                                description:\n                                  'Free-form text of the document (e.g. description, content, etc).',\n                              },\n                              location: {\n                                type: 'string',\n                                description:\n                                  'The relative or absolute URL of the document (target when a search result is clicked).',\n                              },\n                            },\n                          },\n                          highlight: {\n                            type: 'object',\n                            description:\n                              'Optional result highlight. Useful for improving the search result\\ndisplay/experience.',\n                          },\n                          rank: {\n                            type: 'integer',\n                            description:\n                              'Optional result rank, where 1 is the first/top result returned. \\nUseful for understanding search effectiveness in analytics.',\n                          },\n                        },\n                        required: ['type', 'document'],\n                        additionalProperties: false,\n                      },\n                    },\n                    nextPageCursor: {\n                      type: 'string',\n                    },\n                    previousPageCursor: {\n                      type: 'string',\n                    },\n                    numberOfResults: {\n                      type: 'integer',\n                    },\n                  },\n                  required: ['results'],\n                },\n              },\n            },\n          },\n          default: {\n            $ref: '#/components/responses/ErrorResponse',\n          },\n        },\n        security: [\n          {},\n          {\n            JWT: [],\n          },\n        ],\n        parameters: [\n          {\n            name: 'term',\n            in: 'query',\n            required: false,\n            allowReserved: true,\n            schema: {\n              type: 'string',\n              default: '',\n            },\n          },\n          {\n            name: 'filters',\n            in: 'query',\n            required: false,\n            style: 'deepObject',\n            allowReserved: true,\n            schema: {\n              $ref: '#/components/schemas/JsonObject',\n            },\n          },\n          {\n            name: 'types',\n            in: 'query',\n            required: false,\n            allowReserved: true,\n            schema: {\n              type: 'array',\n              items: {\n                type: 'string',\n              },\n            },\n          },\n          {\n            name: 'pageCursor',\n            in: 'query',\n            required: false,\n            allowReserved: true,\n            schema: {\n              type: 'string',\n            },\n          },\n          {\n            name: 'pageLimit',\n            in: 'query',\n            required: false,\n            allowReserved: true,\n            schema: {\n              type: 'integer',\n            },\n          },\n          {\n            name: 'unknown',\n            in: 'query',\n            required: false,\n            style: 'form',\n            explode: true,\n            allowReserved: true,\n            schema: {\n              type: 'object',\n              additionalProperties: {},\n            },\n          },\n        ],\n      },\n    },\n  },\n} as const;\nexport const createOpenApiRouter = async (\n  options?: Parameters<\n    typeof createValidatedOpenApiRouterFromGeneratedEndpointMap\n  >['1'],\n) =>\n  createValidatedOpenApiRouterFromGeneratedEndpointMap<EndpointMap>(\n    spec,\n    options,\n  );\n"],"names":["createValidatedOpenApiRouterFromGeneratedEndpointMap"],"mappings":";;;;AAsBO,MAAM,IAAO,GAAA;AAAA,EAClB,OAAS,EAAA,OAAA;AAAA,EACT,IAAM,EAAA;AAAA,IACJ,KAAO,EAAA,QAAA;AAAA,IACP,OAAS,EAAA,GAAA;AAAA,IACT,WACE,EAAA,kEAAA;AAAA,IACF,OAAS,EAAA;AAAA,MACP,IAAM,EAAA,YAAA;AAAA,MACN,GAAK,EAAA;AAAA,KACP;AAAA,IACA,SAAS;AAAC,GACZ;AAAA,EACA,OAAS,EAAA;AAAA,IACP;AAAA,MACE,GAAK,EAAA;AAAA;AACP,GACF;AAAA,EACA,UAAY,EAAA;AAAA,IACV,UAAU,EAAC;AAAA,IACX,SAAS,EAAC;AAAA,IACV,YAAY,EAAC;AAAA,IACb,eAAe,EAAC;AAAA,IAChB,SAAW,EAAA;AAAA,MACT,aAAe,EAAA;AAAA,QACb,WAAa,EAAA,qCAAA;AAAA,QACb,OAAS,EAAA;AAAA,UACP,iCAAmC,EAAA;AAAA,YACjC,MAAQ,EAAA;AAAA,cACN,IAAM,EAAA;AAAA;AACR;AACF;AACF;AACF,KACF;AAAA,IACA,OAAS,EAAA;AAAA,MACP,KAAO,EAAA;AAAA,QACL,IAAM,EAAA,QAAA;AAAA,QACN,UAAY,EAAA;AAAA,UACV,KAAO,EAAA;AAAA,YACL,IAAM,EAAA,QAAA;AAAA,YACN,UAAY,EAAA;AAAA,cACV,IAAM,EAAA;AAAA,gBACJ,IAAM,EAAA;AAAA,eACR;AAAA,cACA,OAAS,EAAA;AAAA,gBACP,IAAM,EAAA;AAAA;AACR,aACF;AAAA,YACA,QAAA,EAAU,CAAC,MAAA,EAAQ,SAAS;AAAA,WAC9B;AAAA,UACA,OAAS,EAAA;AAAA,YACP,IAAM,EAAA,QAAA;AAAA,YACN,UAAY,EAAA;AAAA,cACV,MAAQ,EAAA;AAAA,gBACN,IAAM,EAAA;AAAA,eACR;AAAA,cACA,GAAK,EAAA;AAAA,gBACH,IAAM,EAAA;AAAA;AACR,aACF;AAAA,YACA,QAAA,EAAU,CAAC,QAAA,EAAU,KAAK;AAAA,WAC5B;AAAA,UACA,QAAU,EAAA;AAAA,YACR,IAAM,EAAA,QAAA;AAAA,YACN,UAAY,EAAA;AAAA,cACV,UAAY,EAAA;AAAA,gBACV,IAAM,EAAA;AAAA;AACR,aACF;AAAA,YACA,QAAA,EAAU,CAAC,YAAY;AAAA;AACzB,SACF;AAAA,QACA,QAAU,EAAA,CAAC,OAAS,EAAA,SAAA,EAAW,UAAU;AAAA,OAC3C;AAAA,MACA,UAAY,EAAA;AAAA,QACV,IAAM,EAAA,QAAA;AAAA,QACN,YAAY,EAAC;AAAA,QACb,sBAAsB;AAAC;AACzB,KACF;AAAA,IACA,eAAiB,EAAA;AAAA,MACf,GAAK,EAAA;AAAA,QACH,IAAM,EAAA,MAAA;AAAA,QACN,MAAQ,EAAA,QAAA;AAAA,QACR,YAAc,EAAA;AAAA;AAChB;AACF,GACF;AAAA,EACA,KAAO,EAAA;AAAA,IACL,QAAU,EAAA;AAAA,MACR,GAAK,EAAA;AAAA,QACH,WAAa,EAAA,OAAA;AAAA,QACb,WAAa,EAAA,sCAAA;AAAA,QACb,IAAA,EAAM,CAAC,QAAQ,CAAA;AAAA,QACf,SAAW,EAAA;AAAA,UACT,KAAO,EAAA;AAAA,YACL,WAAa,EAAA,IAAA;AAAA,YACb,OAAS,EAAA;AAAA,cACP,kBAAoB,EAAA;AAAA,gBAClB,MAAQ,EAAA;AAAA,kBACN,IAAM,EAAA,QAAA;AAAA,kBACN,UAAY,EAAA;AAAA,oBACV,OAAS,EAAA;AAAA,sBACP,IAAM,EAAA,OAAA;AAAA,sBACN,KAAO,EAAA;AAAA,wBACL,IAAM,EAAA,QAAA;AAAA,wBACN,UAAY,EAAA;AAAA,0BACV,IAAM,EAAA;AAAA,4BACJ,IAAM,EAAA,QAAA;AAAA,4BACN,WAAa,EAAA;AAAA,2BACf;AAAA,0BACA,QAAU,EAAA;AAAA,4BACR,IAAM,EAAA,QAAA;AAAA,4BACN,WACE,EAAA,4CAAA;AAAA,4BACF,UAAY,EAAA;AAAA,8BACV,KAAO,EAAA;AAAA,gCACL,IAAM,EAAA,QAAA;AAAA,gCACN,WACE,EAAA;AAAA,+BACJ;AAAA,8BACA,IAAM,EAAA;AAAA,gCACJ,IAAM,EAAA,QAAA;AAAA,gCACN,WACE,EAAA;AAAA,+BACJ;AAAA,8BACA,QAAU,EAAA;AAAA,gCACR,IAAM,EAAA,QAAA;AAAA,gCACN,WACE,EAAA;AAAA;AACJ;AACF,2BACF;AAAA,0BACA,SAAW,EAAA;AAAA,4BACT,IAAM,EAAA,QAAA;AAAA,4BACN,WACE,EAAA;AAAA,2BACJ;AAAA,0BACA,IAAM,EAAA;AAAA,4BACJ,IAAM,EAAA,SAAA;AAAA,4BACN,WACE,EAAA;AAAA;AACJ,yBACF;AAAA,wBACA,QAAA,EAAU,CAAC,MAAA,EAAQ,UAAU,CAAA;AAAA,wBAC7B,oBAAsB,EAAA;AAAA;AACxB,qBACF;AAAA,oBACA,cAAgB,EAAA;AAAA,sBACd,IAAM,EAAA;AAAA,qBACR;AAAA,oBACA,kBAAoB,EAAA;AAAA,sBAClB,IAAM,EAAA;AAAA,qBACR;AAAA,oBACA,eAAiB,EAAA;AAAA,sBACf,IAAM,EAAA;AAAA;AACR,mBACF;AAAA,kBACA,QAAA,EAAU,CAAC,SAAS;AAAA;AACtB;AACF;AACF,WACF;AAAA,UACA,OAAS,EAAA;AAAA,YACP,IAAM,EAAA;AAAA;AACR,SACF;AAAA,QACA,QAAU,EAAA;AAAA,UACR,EAAC;AAAA,UACD;AAAA,YACE,KAAK;AAAC;AACR,SACF;AAAA,QACA,UAAY,EAAA;AAAA,UACV;AAAA,YACE,IAAM,EAAA,MAAA;AAAA,YACN,EAAI,EAAA,OAAA;AAAA,YACJ,QAAU,EAAA,KAAA;AAAA,YACV,aAAe,EAAA,IAAA;AAAA,YACf,MAAQ,EAAA;AAAA,cACN,IAAM,EAAA,QAAA;AAAA,cACN,OAAS,EAAA;AAAA;AACX,WACF;AAAA,UACA;AAAA,YACE,IAAM,EAAA,SAAA;AAAA,YACN,EAAI,EAAA,OAAA;AAAA,YACJ,QAAU,EAAA,KAAA;AAAA,YACV,KAAO,EAAA,YAAA;AAAA,YACP,aAAe,EAAA,IAAA;AAAA,YACf,MAAQ,EAAA;AAAA,cACN,IAAM,EAAA;AAAA;AACR,WACF;AAAA,UACA;AAAA,YACE,IAAM,EAAA,OAAA;AAAA,YACN,EAAI,EAAA,OAAA;AAAA,YACJ,QAAU,EAAA,KAAA;AAAA,YACV,aAAe,EAAA,IAAA;AAAA,YACf,MAAQ,EAAA;AAAA,cACN,IAAM,EAAA,OAAA;AAAA,cACN,KAAO,EAAA;AAAA,gBACL,IAAM,EAAA;AAAA;AACR;AACF,WACF;AAAA,UACA;AAAA,YACE,IAAM,EAAA,YAAA;AAAA,YACN,EAAI,EAAA,OAAA;AAAA,YACJ,QAAU,EAAA,KAAA;AAAA,YACV,aAAe,EAAA,IAAA;AAAA,YACf,MAAQ,EAAA;AAAA,cACN,IAAM,EAAA;AAAA;AACR,WACF;AAAA,UACA;AAAA,YACE,IAAM,EAAA,WAAA;AAAA,YACN,EAAI,EAAA,OAAA;AAAA,YACJ,QAAU,EAAA,KAAA;AAAA,YACV,aAAe,EAAA,IAAA;AAAA,YACf,MAAQ,EAAA;AAAA,cACN,IAAM,EAAA;AAAA;AACR,WACF;AAAA,UACA;AAAA,YACE,IAAM,EAAA,SAAA;AAAA,YACN,EAAI,EAAA,OAAA;AAAA,YACJ,QAAU,EAAA,KAAA;AAAA,YACV,KAAO,EAAA,MAAA;AAAA,YACP,OAAS,EAAA,IAAA;AAAA,YACT,aAAe,EAAA,IAAA;AAAA,YACf,MAAQ,EAAA;AAAA,cACN,IAAM,EAAA,QAAA;AAAA,cACN,sBAAsB;AAAC;AACzB;AACF;AACF;AACF;AACF;AAEJ;AACa,MAAA,mBAAA,GAAsB,OACjC,OAIA,KAAAA,wEAAA;AAAA,EACE,IAAA;AAAA,EACA;AACF;;;;;"}
+{"version":3,"file":"router.cjs.js","sources":["../../../../src/schema/openapi/generated/router.ts"],"sourcesContent":["/*\n * Copyright 2025 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\n// ******************************************************************\n// * THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. *\n// ******************************************************************\nimport { createValidatedOpenApiRouterFromGeneratedEndpointMap } from '@backstage/backend-openapi-utils';\nimport { EndpointMap } from './apis';\n\nexport const spec = {\n  openapi: '3.0.3',\n  info: {\n    title: 'search',\n    version: '1',\n    description:\n      'The Backstage backend plugin that provides search functionality.',\n    license: {\n      name: 'Apache-2.0',\n      url: 'http://www.apache.org/licenses/LICENSE-2.0.html',\n    },\n    contact: {},\n  },\n  servers: [\n    {\n      url: '/',\n    },\n  ],\n  components: {\n    examples: {},\n    headers: {},\n    parameters: {},\n    requestBodies: {},\n    responses: {\n      ErrorResponse: {\n        description: 'An error response from the backend.',\n        content: {\n          'application/json; charset=utf-8': {\n            schema: {\n              $ref: '#/components/schemas/Error',\n            },\n          },\n        },\n      },\n    },\n    schemas: {\n      Error: {\n        type: 'object',\n        properties: {\n          error: {\n            type: 'object',\n            properties: {\n              name: {\n                type: 'string',\n              },\n              message: {\n                type: 'string',\n              },\n            },\n            required: ['name', 'message'],\n          },\n          request: {\n            type: 'object',\n            properties: {\n              method: {\n                type: 'string',\n              },\n              url: {\n                type: 'string',\n              },\n            },\n            required: ['method', 'url'],\n          },\n          response: {\n            type: 'object',\n            properties: {\n              statusCode: {\n                type: 'number',\n              },\n            },\n            required: ['statusCode'],\n          },\n        },\n        required: ['error', 'request', 'response'],\n      },\n      JsonObject: {\n        type: 'object',\n        properties: {},\n        additionalProperties: {},\n      },\n    },\n    securitySchemes: {\n      JWT: {\n        type: 'http',\n        scheme: 'bearer',\n        bearerFormat: 'JWT',\n      },\n    },\n  },\n  paths: {\n    '/query': {\n      get: {\n        operationId: 'Query',\n        description: 'Query documents with a given filter.',\n        tags: ['Search'],\n        responses: {\n          '200': {\n            description: 'Ok',\n            content: {\n              'application/json': {\n                schema: {\n                  type: 'object',\n                  properties: {\n                    results: {\n                      type: 'array',\n                      items: {\n                        type: 'object',\n                        properties: {\n                          type: {\n                            type: 'string',\n                            description: 'The \"type\" of the given document.',\n                          },\n                          document: {\n                            type: 'object',\n                            description:\n                              'The raw value of the document, as indexed.',\n                            properties: {\n                              title: {\n                                type: 'string',\n                                description:\n                                  'The primary name of the document (e.g. name, title, identifier, etc).',\n                              },\n                              text: {\n                                type: 'string',\n                                description:\n                                  'Free-form text of the document (e.g. description, content, etc).',\n                              },\n                              location: {\n                                type: 'string',\n                                description:\n                                  'The relative or absolute URL of the document (target when a search result is clicked).',\n                              },\n                            },\n                          },\n                          highlight: {\n                            type: 'object',\n                            description:\n                              'Optional result highlight. Useful for improving the search result\\ndisplay/experience.',\n                          },\n                          rank: {\n                            type: 'integer',\n                            description:\n                              'Optional result rank, where 1 is the first/top result returned. \\nUseful for understanding search effectiveness in analytics.',\n                          },\n                        },\n                        required: ['type', 'document'],\n                        additionalProperties: false,\n                      },\n                    },\n                    nextPageCursor: {\n                      type: 'string',\n                    },\n                    previousPageCursor: {\n                      type: 'string',\n                    },\n                    numberOfResults: {\n                      type: 'integer',\n                    },\n                  },\n                  required: ['results'],\n                },\n              },\n            },\n          },\n          default: {\n            $ref: '#/components/responses/ErrorResponse',\n          },\n        },\n        security: [\n          {},\n          {\n            JWT: [],\n          },\n        ],\n        parameters: [\n          {\n            name: 'term',\n            in: 'query',\n            required: false,\n            allowReserved: true,\n            schema: {\n              type: 'string',\n              default: '',\n            },\n          },\n          {\n            name: 'filters',\n            in: 'query',\n            required: false,\n            style: 'deepObject',\n            allowReserved: true,\n            schema: {\n              $ref: '#/components/schemas/JsonObject',\n            },\n          },\n          {\n            name: 'types',\n            in: 'query',\n            required: false,\n            allowReserved: true,\n            schema: {\n              type: 'array',\n              items: {\n                type: 'string',\n              },\n            },\n          },\n          {\n            name: 'pageCursor',\n            in: 'query',\n            required: false,\n            allowReserved: true,\n            schema: {\n              type: 'string',\n            },\n          },\n          {\n            name: 'pageLimit',\n            in: 'query',\n            required: false,\n            allowReserved: true,\n            schema: {\n              type: 'integer',\n            },\n          },\n          {\n            name: 'unknown',\n            in: 'query',\n            required: false,\n            style: 'form',\n            explode: true,\n            allowReserved: true,\n            schema: {\n              type: 'object',\n              additionalProperties: {},\n            },\n          },\n        ],\n      },\n    },\n  },\n} as const;\nexport const createOpenApiRouter = async (\n  options?: Parameters<\n    typeof createValidatedOpenApiRouterFromGeneratedEndpointMap\n  >['1'],\n) =>\n  createValidatedOpenApiRouterFromGeneratedEndpointMap<EndpointMap>(\n    spec,\n    options,\n  );\n"],"names":["createValidatedOpenApiRouterFromGeneratedEndpointMap"],"mappings":";;;;AAsBO,MAAM,IAAA,GAAO;AAAA,EAClB,OAAA,EAAS,OAAA;AAAA,EACT,IAAA,EAAM;AAAA,IACJ,KAAA,EAAO,QAAA;AAAA,IACP,OAAA,EAAS,GAAA;AAAA,IACT,WAAA,EACE,kEAAA;AAAA,IACF,OAAA,EAAS;AAAA,MACP,IAAA,EAAM,YAAA;AAAA,MACN,GAAA,EAAK;AAAA,KACP;AAAA,IACA,SAAS;AAAC,GACZ;AAAA,EACA,OAAA,EAAS;AAAA,IACP;AAAA,MACE,GAAA,EAAK;AAAA;AACP,GACF;AAAA,EACA,UAAA,EAAY;AAAA,IACV,UAAU,EAAC;AAAA,IACX,SAAS,EAAC;AAAA,IACV,YAAY,EAAC;AAAA,IACb,eAAe,EAAC;AAAA,IAChB,SAAA,EAAW;AAAA,MACT,aAAA,EAAe;AAAA,QACb,WAAA,EAAa,qCAAA;AAAA,QACb,OAAA,EAAS;AAAA,UACP,iCAAA,EAAmC;AAAA,YACjC,MAAA,EAAQ;AAAA,cACN,IAAA,EAAM;AAAA;AACR;AACF;AACF;AACF,KACF;AAAA,IACA,OAAA,EAAS;AAAA,MACP,KAAA,EAAO;AAAA,QACL,IAAA,EAAM,QAAA;AAAA,QACN,UAAA,EAAY;AAAA,UACV,KAAA,EAAO;AAAA,YACL,IAAA,EAAM,QAAA;AAAA,YACN,UAAA,EAAY;AAAA,cACV,IAAA,EAAM;AAAA,gBACJ,IAAA,EAAM;AAAA,eACR;AAAA,cACA,OAAA,EAAS;AAAA,gBACP,IAAA,EAAM;AAAA;AACR,aACF;AAAA,YACA,QAAA,EAAU,CAAC,MAAA,EAAQ,SAAS;AAAA,WAC9B;AAAA,UACA,OAAA,EAAS;AAAA,YACP,IAAA,EAAM,QAAA;AAAA,YACN,UAAA,EAAY;AAAA,cACV,MAAA,EAAQ;AAAA,gBACN,IAAA,EAAM;AAAA,eACR;AAAA,cACA,GAAA,EAAK;AAAA,gBACH,IAAA,EAAM;AAAA;AACR,aACF;AAAA,YACA,QAAA,EAAU,CAAC,QAAA,EAAU,KAAK;AAAA,WAC5B;AAAA,UACA,QAAA,EAAU;AAAA,YACR,IAAA,EAAM,QAAA;AAAA,YACN,UAAA,EAAY;AAAA,cACV,UAAA,EAAY;AAAA,gBACV,IAAA,EAAM;AAAA;AACR,aACF;AAAA,YACA,QAAA,EAAU,CAAC,YAAY;AAAA;AACzB,SACF;AAAA,QACA,QAAA,EAAU,CAAC,OAAA,EAAS,SAAA,EAAW,UAAU;AAAA,OAC3C;AAAA,MACA,UAAA,EAAY;AAAA,QACV,IAAA,EAAM,QAAA;AAAA,QACN,YAAY,EAAC;AAAA,QACb,sBAAsB;AAAC;AACzB,KACF;AAAA,IACA,eAAA,EAAiB;AAAA,MACf,GAAA,EAAK;AAAA,QACH,IAAA,EAAM,MAAA;AAAA,QACN,MAAA,EAAQ,QAAA;AAAA,QACR,YAAA,EAAc;AAAA;AAChB;AACF,GACF;AAAA,EACA,KAAA,EAAO;AAAA,IACL,QAAA,EAAU;AAAA,MACR,GAAA,EAAK;AAAA,QACH,WAAA,EAAa,OAAA;AAAA,QACb,WAAA,EAAa,sCAAA;AAAA,QACb,IAAA,EAAM,CAAC,QAAQ,CAAA;AAAA,QACf,SAAA,EAAW;AAAA,UACT,KAAA,EAAO;AAAA,YACL,WAAA,EAAa,IAAA;AAAA,YACb,OAAA,EAAS;AAAA,cACP,kBAAA,EAAoB;AAAA,gBAClB,MAAA,EAAQ;AAAA,kBACN,IAAA,EAAM,QAAA;AAAA,kBACN,UAAA,EAAY;AAAA,oBACV,OAAA,EAAS;AAAA,sBACP,IAAA,EAAM,OAAA;AAAA,sBACN,KAAA,EAAO;AAAA,wBACL,IAAA,EAAM,QAAA;AAAA,wBACN,UAAA,EAAY;AAAA,0BACV,IAAA,EAAM;AAAA,4BACJ,IAAA,EAAM,QAAA;AAAA,4BACN,WAAA,EAAa;AAAA,2BACf;AAAA,0BACA,QAAA,EAAU;AAAA,4BACR,IAAA,EAAM,QAAA;AAAA,4BACN,WAAA,EACE,4CAAA;AAAA,4BACF,UAAA,EAAY;AAAA,8BACV,KAAA,EAAO;AAAA,gCACL,IAAA,EAAM,QAAA;AAAA,gCACN,WAAA,EACE;AAAA,+BACJ;AAAA,8BACA,IAAA,EAAM;AAAA,gCACJ,IAAA,EAAM,QAAA;AAAA,gCACN,WAAA,EACE;AAAA,+BACJ;AAAA,8BACA,QAAA,EAAU;AAAA,gCACR,IAAA,EAAM,QAAA;AAAA,gCACN,WAAA,EACE;AAAA;AACJ;AACF,2BACF;AAAA,0BACA,SAAA,EAAW;AAAA,4BACT,IAAA,EAAM,QAAA;AAAA,4BACN,WAAA,EACE;AAAA,2BACJ;AAAA,0BACA,IAAA,EAAM;AAAA,4BACJ,IAAA,EAAM,SAAA;AAAA,4BACN,WAAA,EACE;AAAA;AACJ,yBACF;AAAA,wBACA,QAAA,EAAU,CAAC,MAAA,EAAQ,UAAU,CAAA;AAAA,wBAC7B,oBAAA,EAAsB;AAAA;AACxB,qBACF;AAAA,oBACA,cAAA,EAAgB;AAAA,sBACd,IAAA,EAAM;AAAA,qBACR;AAAA,oBACA,kBAAA,EAAoB;AAAA,sBAClB,IAAA,EAAM;AAAA,qBACR;AAAA,oBACA,eAAA,EAAiB;AAAA,sBACf,IAAA,EAAM;AAAA;AACR,mBACF;AAAA,kBACA,QAAA,EAAU,CAAC,SAAS;AAAA;AACtB;AACF;AACF,WACF;AAAA,UACA,OAAA,EAAS;AAAA,YACP,IAAA,EAAM;AAAA;AACR,SACF;AAAA,QACA,QAAA,EAAU;AAAA,UACR,EAAC;AAAA,UACD;AAAA,YACE,KAAK;AAAC;AACR,SACF;AAAA,QACA,UAAA,EAAY;AAAA,UACV;AAAA,YACE,IAAA,EAAM,MAAA;AAAA,YACN,EAAA,EAAI,OAAA;AAAA,YACJ,QAAA,EAAU,KAAA;AAAA,YACV,aAAA,EAAe,IAAA;AAAA,YACf,MAAA,EAAQ;AAAA,cACN,IAAA,EAAM,QAAA;AAAA,cACN,OAAA,EAAS;AAAA;AACX,WACF;AAAA,UACA;AAAA,YACE,IAAA,EAAM,SAAA;AAAA,YACN,EAAA,EAAI,OAAA;AAAA,YACJ,QAAA,EAAU,KAAA;AAAA,YACV,KAAA,EAAO,YAAA;AAAA,YACP,aAAA,EAAe,IAAA;AAAA,YACf,MAAA,EAAQ;AAAA,cACN,IAAA,EAAM;AAAA;AACR,WACF;AAAA,UACA;AAAA,YACE,IAAA,EAAM,OAAA;AAAA,YACN,EAAA,EAAI,OAAA;AAAA,YACJ,QAAA,EAAU,KAAA;AAAA,YACV,aAAA,EAAe,IAAA;AAAA,YACf,MAAA,EAAQ;AAAA,cACN,IAAA,EAAM,OAAA;AAAA,cACN,KAAA,EAAO;AAAA,gBACL,IAAA,EAAM;AAAA;AACR;AACF,WACF;AAAA,UACA;AAAA,YACE,IAAA,EAAM,YAAA;AAAA,YACN,EAAA,EAAI,OAAA;AAAA,YACJ,QAAA,EAAU,KAAA;AAAA,YACV,aAAA,EAAe,IAAA;AAAA,YACf,MAAA,EAAQ;AAAA,cACN,IAAA,EAAM;AAAA;AACR,WACF;AAAA,UACA;AAAA,YACE,IAAA,EAAM,WAAA;AAAA,YACN,EAAA,EAAI,OAAA;AAAA,YACJ,QAAA,EAAU,KAAA;AAAA,YACV,aAAA,EAAe,IAAA;AAAA,YACf,MAAA,EAAQ;AAAA,cACN,IAAA,EAAM;AAAA;AACR,WACF;AAAA,UACA;AAAA,YACE,IAAA,EAAM,SAAA;AAAA,YACN,EAAA,EAAI,OAAA;AAAA,YACJ,QAAA,EAAU,KAAA;AAAA,YACV,KAAA,EAAO,MAAA;AAAA,YACP,OAAA,EAAS,IAAA;AAAA,YACT,aAAA,EAAe,IAAA;AAAA,YACf,MAAA,EAAQ;AAAA,cACN,IAAA,EAAM,QAAA;AAAA,cACN,sBAAsB;AAAC;AACzB;AACF;AACF;AACF;AACF;AAEJ;AACO,MAAM,mBAAA,GAAsB,OACjC,OAAA,KAIAA,wEAAA;AAAA,EACE,IAAA;AAAA,EACA;AACF;;;;;"}

package/dist/service/AuthorizedSearchEngine.cjs.js.map

@@ -1 +1 @@
-{"version":3,"file":"AuthorizedSearchEngine.cjs.js","sources":["../../src/service/AuthorizedSearchEngine.ts"],"sourcesContent":["/*\n * Copyright 2022 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { compact, zipObject } from 'lodash';\nimport qs from 'qs';\nimport DataLoader from 'dataloader';\nimport {\n  AuthorizePermissionRequest,\n  AuthorizeResult,\n  EvaluatePermissionRequest,\n  EvaluatePermissionResponse,\n  isResourcePermission,\n  QueryPermissionRequest,\n} from '@backstage/plugin-permission-common';\nimport {\n  DocumentTypeInfo,\n  IndexableResult,\n  IndexableResultSet,\n  SearchQuery,\n} from '@backstage/plugin-search-common';\nimport {\n  QueryRequestOptions,\n  QueryTranslator,\n  SearchEngine,\n} from '@backstage/plugin-search-backend-node';\nimport { Config } from '@backstage/config';\nimport { InputError } from '@backstage/errors';\nimport { Writable } from 'stream';\nimport { AuthService, PermissionsService } from '@backstage/backend-plugin-api';\n\nexport function decodePageCursor(pageCursor?: string): { page: number } {\n  if (!pageCursor) {\n    return { page: 0 };\n  }\n\n  const page = Number(Buffer.from(pageCursor, 'base64').toString('utf-8'));\n  if (isNaN(page)) {\n    throw new InputError('Invalid page cursor');\n  }\n\n  if (page < 0) {\n    throw new InputError('Invalid page cursor');\n  }\n\n  return {\n    page,\n  };\n}\n\nexport function encodePageCursor({ page }: { page: number }): string {\n  return Buffer.from(`${page}`, 'utf-8').toString('base64');\n}\n\nexport class AuthorizedSearchEngine implements SearchEngine {\n  private readonly queryLatencyBudgetMs: number;\n\n  constructor(\n    private readonly searchEngine: SearchEngine,\n    private readonly types: Record<string, DocumentTypeInfo>,\n    private readonly permissions: PermissionsService,\n    private readonly auth: AuthService,\n    config: Config,\n  ) {\n    this.queryLatencyBudgetMs =\n      config.getOptionalNumber('search.permissions.queryLatencyBudgetMs') ??\n      1000;\n  }\n\n  setTranslator(translator: QueryTranslator): void {\n    this.searchEngine.setTranslator(translator);\n  }\n\n  async getIndexer(type: string): Promise<Writable> {\n    return this.searchEngine.getIndexer(type);\n  }\n\n  async query(\n    query: SearchQuery,\n    options: QueryRequestOptions,\n  ): Promise<IndexableResultSet> {\n    const queryStartTime = Date.now();\n\n    const compatOptions =\n      'credentials' in options\n        ? options\n        : { credentials: await this.auth.getNoneCredentials() };\n\n    const conditionFetcher = new DataLoader(\n      (requests: readonly QueryPermissionRequest[]) =>\n        this.permissions.authorizeConditional(requests.slice(), compatOptions),\n      {\n        cacheKeyFn: ({ permission: { name } }) => name,\n      },\n    );\n\n    const authorizer = new DataLoader(\n      (requests: readonly AuthorizePermissionRequest[]) =>\n        this.permissions.authorize(requests.slice(), compatOptions),\n      {\n        // Serialize the permission name and resourceRef as\n        // a query string to avoid collisions from overlapping\n        // permission names and resourceRefs.\n        cacheKeyFn: ({ permission: { name }, resourceRef }) =>\n          qs.stringify({ name, resourceRef }),\n      },\n    );\n\n    const requestedTypes = query.types || Object.keys(this.types);\n\n    const typeDecisions = zipObject(\n      requestedTypes,\n      await Promise.all(\n        requestedTypes.map(type => {\n          const permission = this.types[type]?.visibilityPermission;\n\n          // No permission configured for this document type - always allow.\n          if (!permission) {\n            return { result: AuthorizeResult.ALLOW as const };\n          }\n\n          // Resource permission supplied, so we need to check for conditional decisions.\n          if (isResourcePermission(permission)) {\n            return conditionFetcher.load({ permission });\n          }\n\n          // Non-resource permission supplied - we can perform a standard authorization.\n          return authorizer.load({ permission });\n        }),\n      ),\n    );\n\n    const authorizedTypes = requestedTypes.filter(\n      type => typeDecisions[type]?.result !== AuthorizeResult.DENY,\n    );\n\n    const resultByResultFilteringRequired = authorizedTypes.some(\n      type => typeDecisions[type]?.result === AuthorizeResult.CONDITIONAL,\n    );\n\n    // When there are no CONDITIONAL decisions for any of the requested\n    // result types, we can skip filtering result by result by simply\n    // skipping the types the user is not permitted to see, which will\n    // be much more efficient.\n    //\n    // Since it's not currently possible to configure the page size used\n    // by search engines, this detail means that a single user might see\n    // a different page size depending on whether their search required\n    // result-by-result filtering or not. We can fix this minor\n    // inconsistency by introducing a configurable page size.\n    //\n    // cf. https://github.com/backstage/backstage/issues/9162\n    if (!resultByResultFilteringRequired) {\n      return this.searchEngine.query(\n        { ...query, types: authorizedTypes },\n        compatOptions,\n      );\n    }\n\n    const pageSize = query.pageLimit || 25;\n    const { page } = decodePageCursor(query.pageCursor);\n    const targetResults = (page + 1) * pageSize;\n\n    let filteredResults: IndexableResult[] = [];\n    let nextPageCursor: string | undefined;\n    let latencyBudgetExhausted = false;\n\n    do {\n      const nextPage = await this.searchEngine.query(\n        { ...query, types: authorizedTypes, pageCursor: nextPageCursor },\n        compatOptions,\n      );\n\n      filteredResults = filteredResults.concat(\n        await this.filterResults(nextPage.results, typeDecisions, authorizer),\n      );\n\n      nextPageCursor = nextPage.nextPageCursor;\n      latencyBudgetExhausted =\n        Date.now() - queryStartTime > this.queryLatencyBudgetMs;\n    } while (\n      nextPageCursor &&\n      filteredResults.length < targetResults &&\n      !latencyBudgetExhausted\n    );\n\n    return {\n      results: filteredResults\n        .slice(page * pageSize, (page + 1) * pageSize)\n        .map((result, index) => {\n          // Overwrite any/all rank entries to avoid leaking knowledge of filtered results.\n          return {\n            ...result,\n            rank: page * pageSize + index + 1,\n          };\n        }),\n      previousPageCursor:\n        page === 0 ? undefined : encodePageCursor({ page: page - 1 }),\n      nextPageCursor:\n        !latencyBudgetExhausted &&\n        (nextPageCursor || filteredResults.length > targetResults)\n          ? encodePageCursor({ page: page + 1 })\n          : undefined,\n      numberOfResults: undefined,\n    };\n  }\n\n  private async filterResults(\n    results: IndexableResult[],\n    typeDecisions: Record<string, EvaluatePermissionResponse>,\n    authorizer: DataLoader<\n      EvaluatePermissionRequest,\n      EvaluatePermissionResponse\n    >,\n  ) {\n    return compact(\n      await Promise.all(\n        results.map(result => {\n          if (typeDecisions[result.type]?.result === AuthorizeResult.ALLOW) {\n            return result;\n          }\n\n          const permission = this.types[result.type]?.visibilityPermission;\n          const resourceRef = result.document.authorization?.resourceRef;\n\n          if (!permission || !resourceRef) {\n            return result;\n          }\n\n          // We only reach this point in the code for types where the initial\n          // authorization returned CONDITIONAL -- ALLOWs return early\n          // immediately above, and types where the decision was DENY get\n          // filtered out entirely when querying.\n          //\n          // This means the call to isResourcePermission here is mostly about\n          // narrowing the type of permission - the only way to get here with a\n          // non-resource permission is if the PermissionPolicy returns a\n          // CONDITIONAL decision for a non-resource permission, which can't\n          // happen - it would throw an error during validation in the\n          // permission-backend.\n          if (!isResourcePermission(permission)) {\n            throw new Error(\n              `Unexpected conditional decision returned for non-resource permission \"${permission.name}\"`,\n            );\n          }\n\n          return authorizer\n            .load({ permission, resourceRef })\n            .then(decision =>\n              decision.result === AuthorizeResult.ALLOW ? result : undefined,\n            );\n        }),\n      ),\n    );\n  }\n}\n"],"names":["InputError","DataLoader","qs","zipObject","AuthorizeResult","isResourcePermission","compact"],"mappings":";;;;;;;;;;;;;AA2CO,SAAS,iBAAiB,UAAuC,EAAA;AACtE,EAAA,IAAI,CAAC,UAAY,EAAA;AACf,IAAO,OAAA,EAAE,MAAM,CAAE,EAAA;AAAA;AAGnB,EAAM,MAAA,IAAA,GAAO,OAAO,MAAO,CAAA,IAAA,CAAK,YAAY,QAAQ,CAAA,CAAE,QAAS,CAAA,OAAO,CAAC,CAAA;AACvE,EAAI,IAAA,KAAA,CAAM,IAAI,CAAG,EAAA;AACf,IAAM,MAAA,IAAIA,kBAAW,qBAAqB,CAAA;AAAA;AAG5C,EAAA,IAAI,OAAO,CAAG,EAAA;AACZ,IAAM,MAAA,IAAIA,kBAAW,qBAAqB,CAAA;AAAA;AAG5C,EAAO,OAAA;AAAA,IACL;AAAA,GACF;AACF;AAEgB,SAAA,gBAAA,CAAiB,EAAE,IAAA,EAAkC,EAAA;AACnE,EAAO,OAAA,MAAA,CAAO,KAAK,CAAG,EAAA,IAAI,IAAI,OAAO,CAAA,CAAE,SAAS,QAAQ,CAAA;AAC1D;AAEO,MAAM,sBAA+C,CAAA;AAAA,EAG1D,WACmB,CAAA,YAAA,EACA,KACA,EAAA,WAAA,EACA,MACjB,MACA,EAAA;AALiB,IAAA,IAAA,CAAA,YAAA,GAAA,YAAA;AACA,IAAA,IAAA,CAAA,KAAA,GAAA,KAAA;AACA,IAAA,IAAA,CAAA,WAAA,GAAA,WAAA;AACA,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAGjB,IAAA,IAAA,CAAK,oBACH,GAAA,MAAA,CAAO,iBAAkB,CAAA,yCAAyC,CAClE,IAAA,GAAA;AAAA;AACJ,EAZiB,oBAAA;AAAA,EAcjB,cAAc,UAAmC,EAAA;AAC/C,IAAK,IAAA,CAAA,YAAA,CAAa,cAAc,UAAU,CAAA;AAAA;AAC5C,EAEA,MAAM,WAAW,IAAiC,EAAA;AAChD,IAAO,OAAA,IAAA,CAAK,YAAa,CAAA,UAAA,CAAW,IAAI,CAAA;AAAA;AAC1C,EAEA,MAAM,KACJ,CAAA,KAAA,EACA,OAC6B,EAAA;AAC7B,IAAM,MAAA,cAAA,GAAiB,KAAK,GAAI,EAAA;AAEhC,IAAM,MAAA,aAAA,GACJ,aAAiB,IAAA,OAAA,GACb,OACA,GAAA,EAAE,aAAa,MAAM,IAAA,CAAK,IAAK,CAAA,kBAAA,EAAqB,EAAA;AAE1D,IAAA,MAAM,mBAAmB,IAAIC,2BAAA;AAAA,MAC3B,CAAC,aACC,IAAK,CAAA,WAAA,CAAY,qBAAqB,QAAS,CAAA,KAAA,IAAS,aAAa,CAAA;AAAA,MACvE;AAAA,QACE,YAAY,CAAC,EAAE,YAAY,EAAE,IAAA,IAAa,KAAA;AAAA;AAC5C,KACF;AAEA,IAAA,MAAM,aAAa,IAAIA,2BAAA;AAAA,MACrB,CAAC,aACC,IAAK,CAAA,WAAA,CAAY,UAAU,QAAS,CAAA,KAAA,IAAS,aAAa,CAAA;AAAA,MAC5D;AAAA;AAAA;AAAA;AAAA,QAIE,UAAY,EAAA,CAAC,EAAE,UAAA,EAAY,EAAE,IAAK,EAAA,EAAG,WAAY,EAAA,KAC/CC,mBAAG,CAAA,SAAA,CAAU,EAAE,IAAA,EAAM,aAAa;AAAA;AACtC,KACF;AAEA,IAAA,MAAM,iBAAiB,KAAM,CAAA,KAAA,IAAS,MAAO,CAAA,IAAA,CAAK,KAAK,KAAK,CAAA;AAE5D,IAAA,MAAM,aAAgB,GAAAC,gBAAA;AAAA,MACpB,cAAA;AAAA,MACA,MAAM,OAAQ,CAAA,GAAA;AAAA,QACZ,cAAA,CAAe,IAAI,CAAQ,IAAA,KAAA;AACzB,UAAA,MAAM,UAAa,GAAA,IAAA,CAAK,KAAM,CAAA,IAAI,CAAG,EAAA,oBAAA;AAGrC,UAAA,IAAI,CAAC,UAAY,EAAA;AACf,YAAO,OAAA,EAAE,MAAQ,EAAAC,sCAAA,CAAgB,KAAe,EAAA;AAAA;AAIlD,UAAI,IAAAC,2CAAA,CAAqB,UAAU,CAAG,EAAA;AACpC,YAAA,OAAO,gBAAiB,CAAA,IAAA,CAAK,EAAE,UAAA,EAAY,CAAA;AAAA;AAI7C,UAAA,OAAO,UAAW,CAAA,IAAA,CAAK,EAAE,UAAA,EAAY,CAAA;AAAA,SACtC;AAAA;AACH,KACF;AAEA,IAAA,MAAM,kBAAkB,cAAe,CAAA,MAAA;AAAA,MACrC,CAAQ,IAAA,KAAA,aAAA,CAAc,IAAI,CAAA,EAAG,WAAWD,sCAAgB,CAAA;AAAA,KAC1D;AAEA,IAAA,MAAM,kCAAkC,eAAgB,CAAA,IAAA;AAAA,MACtD,CAAQ,IAAA,KAAA,aAAA,CAAc,IAAI,CAAA,EAAG,WAAWA,sCAAgB,CAAA;AAAA,KAC1D;AAcA,IAAA,IAAI,CAAC,+BAAiC,EAAA;AACpC,MAAA,OAAO,KAAK,YAAa,CAAA,KAAA;AAAA,QACvB,EAAE,GAAG,KAAO,EAAA,KAAA,EAAO,eAAgB,EAAA;AAAA,QACnC;AAAA,OACF;AAAA;AAGF,IAAM,MAAA,QAAA,GAAW,MAAM,SAAa,IAAA,EAAA;AACpC,IAAA,MAAM,EAAE,IAAA,EAAS,GAAA,gBAAA,CAAiB,MAAM,UAAU,CAAA;AAClD,IAAM,MAAA,aAAA,GAAA,CAAiB,OAAO,CAAK,IAAA,QAAA;AAEnC,IAAA,IAAI,kBAAqC,EAAC;AAC1C,IAAI,IAAA,cAAA;AACJ,IAAA,IAAI,sBAAyB,GAAA,KAAA;AAE7B,IAAG,GAAA;AACD,MAAM,MAAA,QAAA,GAAW,MAAM,IAAA,CAAK,YAAa,CAAA,KAAA;AAAA,QACvC,EAAE,GAAG,KAAA,EAAO,KAAO,EAAA,eAAA,EAAiB,YAAY,cAAe,EAAA;AAAA,QAC/D;AAAA,OACF;AAEA,MAAA,eAAA,GAAkB,eAAgB,CAAA,MAAA;AAAA,QAChC,MAAM,IAAK,CAAA,aAAA,CAAc,QAAS,CAAA,OAAA,EAAS,eAAe,UAAU;AAAA,OACtE;AAEA,MAAA,cAAA,GAAiB,QAAS,CAAA,cAAA;AAC1B,MAAA,sBAAA,GACE,IAAK,CAAA,GAAA,EAAQ,GAAA,cAAA,GAAiB,IAAK,CAAA,oBAAA;AAAA,KAErC,QAAA,cAAA,IACA,eAAgB,CAAA,MAAA,GAAS,iBACzB,CAAC,sBAAA;AAGH,IAAO,OAAA;AAAA,MACL,OAAS,EAAA,eAAA,CACN,KAAM,CAAA,IAAA,GAAO,QAAW,EAAA,CAAA,IAAA,GAAO,CAAK,IAAA,QAAQ,CAC5C,CAAA,GAAA,CAAI,CAAC,MAAA,EAAQ,KAAU,KAAA;AAEtB,QAAO,OAAA;AAAA,UACL,GAAG,MAAA;AAAA,UACH,IAAA,EAAM,IAAO,GAAA,QAAA,GAAW,KAAQ,GAAA;AAAA,SAClC;AAAA,OACD,CAAA;AAAA,MACH,kBAAA,EACE,SAAS,CAAI,GAAA,KAAA,CAAA,GAAY,iBAAiB,EAAE,IAAA,EAAM,IAAO,GAAA,CAAA,EAAG,CAAA;AAAA,MAC9D,cACE,EAAA,CAAC,sBACA,KAAA,cAAA,IAAkB,eAAgB,CAAA,MAAA,GAAS,aACxC,CAAA,GAAA,gBAAA,CAAiB,EAAE,IAAA,EAAM,IAAO,GAAA,CAAA,EAAG,CACnC,GAAA,KAAA,CAAA;AAAA,MACN,eAAiB,EAAA,KAAA;AAAA,KACnB;AAAA;AACF,EAEA,MAAc,aAAA,CACZ,OACA,EAAA,aAAA,EACA,UAIA,EAAA;AACA,IAAO,OAAAE,cAAA;AAAA,MACL,MAAM,OAAQ,CAAA,GAAA;AAAA,QACZ,OAAA,CAAQ,IAAI,CAAU,MAAA,KAAA;AACpB,UAAA,IAAI,cAAc,MAAO,CAAA,IAAI,CAAG,EAAA,MAAA,KAAWF,uCAAgB,KAAO,EAAA;AAChE,YAAO,OAAA,MAAA;AAAA;AAGT,UAAA,MAAM,UAAa,GAAA,IAAA,CAAK,KAAM,CAAA,MAAA,CAAO,IAAI,CAAG,EAAA,oBAAA;AAC5C,UAAM,MAAA,WAAA,GAAc,MAAO,CAAA,QAAA,CAAS,aAAe,EAAA,WAAA;AAEnD,UAAI,IAAA,CAAC,UAAc,IAAA,CAAC,WAAa,EAAA;AAC/B,YAAO,OAAA,MAAA;AAAA;AAcT,UAAI,IAAA,CAACC,2CAAqB,CAAA,UAAU,CAAG,EAAA;AACrC,YAAA,MAAM,IAAI,KAAA;AAAA,cACR,CAAA,sEAAA,EAAyE,WAAW,IAAI,CAAA,CAAA;AAAA,aAC1F;AAAA;AAGF,UAAA,OAAO,WACJ,IAAK,CAAA,EAAE,UAAY,EAAA,WAAA,EAAa,CAChC,CAAA,IAAA;AAAA,YAAK,CACJ,QAAA,KAAA,QAAA,CAAS,MAAW,KAAAD,sCAAA,CAAgB,QAAQ,MAAS,GAAA,KAAA;AAAA,WACvD;AAAA,SACH;AAAA;AACH,KACF;AAAA;AAEJ;;;;;;"}
+{"version":3,"file":"AuthorizedSearchEngine.cjs.js","sources":["../../src/service/AuthorizedSearchEngine.ts"],"sourcesContent":["/*\n * Copyright 2022 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { compact, zipObject } from 'lodash';\nimport qs from 'qs';\nimport DataLoader from 'dataloader';\nimport {\n  AuthorizePermissionRequest,\n  AuthorizeResult,\n  EvaluatePermissionRequest,\n  EvaluatePermissionResponse,\n  isResourcePermission,\n  QueryPermissionRequest,\n} from '@backstage/plugin-permission-common';\nimport {\n  DocumentTypeInfo,\n  IndexableResult,\n  IndexableResultSet,\n  SearchQuery,\n} from '@backstage/plugin-search-common';\nimport {\n  QueryRequestOptions,\n  QueryTranslator,\n  SearchEngine,\n} from '@backstage/plugin-search-backend-node';\nimport { Config } from '@backstage/config';\nimport { InputError } from '@backstage/errors';\nimport { Writable } from 'stream';\nimport { AuthService, PermissionsService } from '@backstage/backend-plugin-api';\n\nexport function decodePageCursor(pageCursor?: string): { page: number } {\n  if (!pageCursor) {\n    return { page: 0 };\n  }\n\n  const page = Number(Buffer.from(pageCursor, 'base64').toString('utf-8'));\n  if (isNaN(page)) {\n    throw new InputError('Invalid page cursor');\n  }\n\n  if (page < 0) {\n    throw new InputError('Invalid page cursor');\n  }\n\n  return {\n    page,\n  };\n}\n\nexport function encodePageCursor({ page }: { page: number }): string {\n  return Buffer.from(`${page}`, 'utf-8').toString('base64');\n}\n\nexport class AuthorizedSearchEngine implements SearchEngine {\n  private readonly queryLatencyBudgetMs: number;\n\n  constructor(\n    private readonly searchEngine: SearchEngine,\n    private readonly types: Record<string, DocumentTypeInfo>,\n    private readonly permissions: PermissionsService,\n    private readonly auth: AuthService,\n    config: Config,\n  ) {\n    this.queryLatencyBudgetMs =\n      config.getOptionalNumber('search.permissions.queryLatencyBudgetMs') ??\n      1000;\n  }\n\n  setTranslator(translator: QueryTranslator): void {\n    this.searchEngine.setTranslator(translator);\n  }\n\n  async getIndexer(type: string): Promise<Writable> {\n    return this.searchEngine.getIndexer(type);\n  }\n\n  async query(\n    query: SearchQuery,\n    options: QueryRequestOptions,\n  ): Promise<IndexableResultSet> {\n    const queryStartTime = Date.now();\n\n    const compatOptions =\n      'credentials' in options\n        ? options\n        : { credentials: await this.auth.getNoneCredentials() };\n\n    const conditionFetcher = new DataLoader(\n      (requests: readonly QueryPermissionRequest[]) =>\n        this.permissions.authorizeConditional(requests.slice(), compatOptions),\n      {\n        cacheKeyFn: ({ permission: { name } }) => name,\n      },\n    );\n\n    const authorizer = new DataLoader(\n      (requests: readonly AuthorizePermissionRequest[]) =>\n        this.permissions.authorize(requests.slice(), compatOptions),\n      {\n        // Serialize the permission name and resourceRef as\n        // a query string to avoid collisions from overlapping\n        // permission names and resourceRefs.\n        cacheKeyFn: ({ permission: { name }, resourceRef }) =>\n          qs.stringify({ name, resourceRef }),\n      },\n    );\n\n    const requestedTypes = query.types || Object.keys(this.types);\n\n    const typeDecisions = zipObject(\n      requestedTypes,\n      await Promise.all(\n        requestedTypes.map(type => {\n          const permission = this.types[type]?.visibilityPermission;\n\n          // No permission configured for this document type - always allow.\n          if (!permission) {\n            return { result: AuthorizeResult.ALLOW as const };\n          }\n\n          // Resource permission supplied, so we need to check for conditional decisions.\n          if (isResourcePermission(permission)) {\n            return conditionFetcher.load({ permission });\n          }\n\n          // Non-resource permission supplied - we can perform a standard authorization.\n          return authorizer.load({ permission });\n        }),\n      ),\n    );\n\n    const authorizedTypes = requestedTypes.filter(\n      type => typeDecisions[type]?.result !== AuthorizeResult.DENY,\n    );\n\n    const resultByResultFilteringRequired = authorizedTypes.some(\n      type => typeDecisions[type]?.result === AuthorizeResult.CONDITIONAL,\n    );\n\n    // When there are no CONDITIONAL decisions for any of the requested\n    // result types, we can skip filtering result by result by simply\n    // skipping the types the user is not permitted to see, which will\n    // be much more efficient.\n    //\n    // Since it's not currently possible to configure the page size used\n    // by search engines, this detail means that a single user might see\n    // a different page size depending on whether their search required\n    // result-by-result filtering or not. We can fix this minor\n    // inconsistency by introducing a configurable page size.\n    //\n    // cf. https://github.com/backstage/backstage/issues/9162\n    if (!resultByResultFilteringRequired) {\n      return this.searchEngine.query(\n        { ...query, types: authorizedTypes },\n        compatOptions,\n      );\n    }\n\n    const pageSize = query.pageLimit || 25;\n    const { page } = decodePageCursor(query.pageCursor);\n    const targetResults = (page + 1) * pageSize;\n\n    let filteredResults: IndexableResult[] = [];\n    let nextPageCursor: string | undefined;\n    let latencyBudgetExhausted = false;\n\n    do {\n      const nextPage = await this.searchEngine.query(\n        { ...query, types: authorizedTypes, pageCursor: nextPageCursor },\n        compatOptions,\n      );\n\n      filteredResults = filteredResults.concat(\n        await this.filterResults(nextPage.results, typeDecisions, authorizer),\n      );\n\n      nextPageCursor = nextPage.nextPageCursor;\n      latencyBudgetExhausted =\n        Date.now() - queryStartTime > this.queryLatencyBudgetMs;\n    } while (\n      nextPageCursor &&\n      filteredResults.length < targetResults &&\n      !latencyBudgetExhausted\n    );\n\n    return {\n      results: filteredResults\n        .slice(page * pageSize, (page + 1) * pageSize)\n        .map((result, index) => {\n          // Overwrite any/all rank entries to avoid leaking knowledge of filtered results.\n          return {\n            ...result,\n            rank: page * pageSize + index + 1,\n          };\n        }),\n      previousPageCursor:\n        page === 0 ? undefined : encodePageCursor({ page: page - 1 }),\n      nextPageCursor:\n        !latencyBudgetExhausted &&\n        (nextPageCursor || filteredResults.length > targetResults)\n          ? encodePageCursor({ page: page + 1 })\n          : undefined,\n      numberOfResults: undefined,\n    };\n  }\n\n  private async filterResults(\n    results: IndexableResult[],\n    typeDecisions: Record<string, EvaluatePermissionResponse>,\n    authorizer: DataLoader<\n      EvaluatePermissionRequest,\n      EvaluatePermissionResponse\n    >,\n  ) {\n    return compact(\n      await Promise.all(\n        results.map(result => {\n          if (typeDecisions[result.type]?.result === AuthorizeResult.ALLOW) {\n            return result;\n          }\n\n          const permission = this.types[result.type]?.visibilityPermission;\n          const resourceRef = result.document.authorization?.resourceRef;\n\n          if (!permission || !resourceRef) {\n            return result;\n          }\n\n          // We only reach this point in the code for types where the initial\n          // authorization returned CONDITIONAL -- ALLOWs return early\n          // immediately above, and types where the decision was DENY get\n          // filtered out entirely when querying.\n          //\n          // This means the call to isResourcePermission here is mostly about\n          // narrowing the type of permission - the only way to get here with a\n          // non-resource permission is if the PermissionPolicy returns a\n          // CONDITIONAL decision for a non-resource permission, which can't\n          // happen - it would throw an error during validation in the\n          // permission-backend.\n          if (!isResourcePermission(permission)) {\n            throw new Error(\n              `Unexpected conditional decision returned for non-resource permission \"${permission.name}\"`,\n            );\n          }\n\n          return authorizer\n            .load({ permission, resourceRef })\n            .then(decision =>\n              decision.result === AuthorizeResult.ALLOW ? result : undefined,\n            );\n        }),\n      ),\n    );\n  }\n}\n"],"names":["InputError","DataLoader","qs","zipObject","AuthorizeResult","isResourcePermission","compact"],"mappings":";;;;;;;;;;;;;AA2CO,SAAS,iBAAiB,UAAA,EAAuC;AACtE,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,OAAO,EAAE,MAAM,CAAA,EAAE;AAAA,EACnB;AAEA,EAAA,MAAM,IAAA,GAAO,OAAO,MAAA,CAAO,IAAA,CAAK,YAAY,QAAQ,CAAA,CAAE,QAAA,CAAS,OAAO,CAAC,CAAA;AACvE,EAAA,IAAI,KAAA,CAAM,IAAI,CAAA,EAAG;AACf,IAAA,MAAM,IAAIA,kBAAW,qBAAqB,CAAA;AAAA,EAC5C;AAEA,EAAA,IAAI,OAAO,CAAA,EAAG;AACZ,IAAA,MAAM,IAAIA,kBAAW,qBAAqB,CAAA;AAAA,EAC5C;AAEA,EAAA,OAAO;AAAA,IACL;AAAA,GACF;AACF;AAEO,SAAS,gBAAA,CAAiB,EAAE,IAAA,EAAK,EAA6B;AACnE,EAAA,OAAO,MAAA,CAAO,KAAK,CAAA,EAAG,IAAI,IAAI,OAAO,CAAA,CAAE,SAAS,QAAQ,CAAA;AAC1D;AAEO,MAAM,sBAAA,CAA+C;AAAA,EAG1D,WAAA,CACmB,YAAA,EACA,KAAA,EACA,WAAA,EACA,MACjB,MAAA,EACA;AALiB,IAAA,IAAA,CAAA,YAAA,GAAA,YAAA;AACA,IAAA,IAAA,CAAA,KAAA,GAAA,KAAA;AACA,IAAA,IAAA,CAAA,WAAA,GAAA,WAAA;AACA,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAGjB,IAAA,IAAA,CAAK,oBAAA,GACH,MAAA,CAAO,iBAAA,CAAkB,yCAAyC,CAAA,IAClE,GAAA;AAAA,EACJ;AAAA,EAZiB,oBAAA;AAAA,EAcjB,cAAc,UAAA,EAAmC;AAC/C,IAAA,IAAA,CAAK,YAAA,CAAa,cAAc,UAAU,CAAA;AAAA,EAC5C;AAAA,EAEA,MAAM,WAAW,IAAA,EAAiC;AAChD,IAAA,OAAO,IAAA,CAAK,YAAA,CAAa,UAAA,CAAW,IAAI,CAAA;AAAA,EAC1C;AAAA,EAEA,MAAM,KAAA,CACJ,KAAA,EACA,OAAA,EAC6B;AAC7B,IAAA,MAAM,cAAA,GAAiB,KAAK,GAAA,EAAI;AAEhC,IAAA,MAAM,aAAA,GACJ,aAAA,IAAiB,OAAA,GACb,OAAA,GACA,EAAE,aAAa,MAAM,IAAA,CAAK,IAAA,CAAK,kBAAA,EAAmB,EAAE;AAE1D,IAAA,MAAM,mBAAmB,IAAIC,2BAAA;AAAA,MAC3B,CAAC,aACC,IAAA,CAAK,WAAA,CAAY,qBAAqB,QAAA,CAAS,KAAA,IAAS,aAAa,CAAA;AAAA,MACvE;AAAA,QACE,YAAY,CAAC,EAAE,YAAY,EAAE,IAAA,IAAO,KAAM;AAAA;AAC5C,KACF;AAEA,IAAA,MAAM,aAAa,IAAIA,2BAAA;AAAA,MACrB,CAAC,aACC,IAAA,CAAK,WAAA,CAAY,UAAU,QAAA,CAAS,KAAA,IAAS,aAAa,CAAA;AAAA,MAC5D;AAAA;AAAA;AAAA;AAAA,QAIE,UAAA,EAAY,CAAC,EAAE,UAAA,EAAY,EAAE,IAAA,EAAK,EAAG,WAAA,EAAY,KAC/CC,mBAAA,CAAG,SAAA,CAAU,EAAE,IAAA,EAAM,aAAa;AAAA;AACtC,KACF;AAEA,IAAA,MAAM,iBAAiB,KAAA,CAAM,KAAA,IAAS,MAAA,CAAO,IAAA,CAAK,KAAK,KAAK,CAAA;AAE5D,IAAA,MAAM,aAAA,GAAgBC,gBAAA;AAAA,MACpB,cAAA;AAAA,MACA,MAAM,OAAA,CAAQ,GAAA;AAAA,QACZ,cAAA,CAAe,IAAI,CAAA,IAAA,KAAQ;AACzB,UAAA,MAAM,UAAA,GAAa,IAAA,CAAK,KAAA,CAAM,IAAI,CAAA,EAAG,oBAAA;AAGrC,UAAA,IAAI,CAAC,UAAA,EAAY;AACf,YAAA,OAAO,EAAE,MAAA,EAAQC,sCAAA,CAAgB,KAAA,EAAe;AAAA,UAClD;AAGA,UAAA,IAAIC,2CAAA,CAAqB,UAAU,CAAA,EAAG;AACpC,YAAA,OAAO,gBAAA,CAAiB,IAAA,CAAK,EAAE,UAAA,EAAY,CAAA;AAAA,UAC7C;AAGA,UAAA,OAAO,UAAA,CAAW,IAAA,CAAK,EAAE,UAAA,EAAY,CAAA;AAAA,QACvC,CAAC;AAAA;AACH,KACF;AAEA,IAAA,MAAM,kBAAkB,cAAA,CAAe,MAAA;AAAA,MACrC,CAAA,IAAA,KAAQ,aAAA,CAAc,IAAI,CAAA,EAAG,WAAWD,sCAAA,CAAgB;AAAA,KAC1D;AAEA,IAAA,MAAM,kCAAkC,eAAA,CAAgB,IAAA;AAAA,MACtD,CAAA,IAAA,KAAQ,aAAA,CAAc,IAAI,CAAA,EAAG,WAAWA,sCAAA,CAAgB;AAAA,KAC1D;AAcA,IAAA,IAAI,CAAC,+BAAA,EAAiC;AACpC,MAAA,OAAO,KAAK,YAAA,CAAa,KAAA;AAAA,QACvB,EAAE,GAAG,KAAA,EAAO,KAAA,EAAO,eAAA,EAAgB;AAAA,QACnC;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,SAAA,IAAa,EAAA;AACpC,IAAA,MAAM,EAAE,IAAA,EAAK,GAAI,gBAAA,CAAiB,MAAM,UAAU,CAAA;AAClD,IAAA,MAAM,aAAA,GAAA,CAAiB,OAAO,CAAA,IAAK,QAAA;AAEnC,IAAA,IAAI,kBAAqC,EAAC;AAC1C,IAAA,IAAI,cAAA;AACJ,IAAA,IAAI,sBAAA,GAAyB,KAAA;AAE7B,IAAA,GAAG;AACD,MAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,YAAA,CAAa,KAAA;AAAA,QACvC,EAAE,GAAG,KAAA,EAAO,KAAA,EAAO,eAAA,EAAiB,YAAY,cAAA,EAAe;AAAA,QAC/D;AAAA,OACF;AAEA,MAAA,eAAA,GAAkB,eAAA,CAAgB,MAAA;AAAA,QAChC,MAAM,IAAA,CAAK,aAAA,CAAc,QAAA,CAAS,OAAA,EAAS,eAAe,UAAU;AAAA,OACtE;AAEA,MAAA,cAAA,GAAiB,QAAA,CAAS,cAAA;AAC1B,MAAA,sBAAA,GACE,IAAA,CAAK,GAAA,EAAI,GAAI,cAAA,GAAiB,IAAA,CAAK,oBAAA;AAAA,IACvC,CAAA,QACE,cAAA,IACA,eAAA,CAAgB,MAAA,GAAS,iBACzB,CAAC,sBAAA;AAGH,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,eAAA,CACN,KAAA,CAAM,IAAA,GAAO,QAAA,EAAA,CAAW,IAAA,GAAO,CAAA,IAAK,QAAQ,CAAA,CAC5C,GAAA,CAAI,CAAC,MAAA,EAAQ,KAAA,KAAU;AAEtB,QAAA,OAAO;AAAA,UACL,GAAG,MAAA;AAAA,UACH,IAAA,EAAM,IAAA,GAAO,QAAA,GAAW,KAAA,GAAQ;AAAA,SAClC;AAAA,MACF,CAAC,CAAA;AAAA,MACH,kBAAA,EACE,SAAS,CAAA,GAAI,MAAA,GAAY,iBAAiB,EAAE,IAAA,EAAM,IAAA,GAAO,CAAA,EAAG,CAAA;AAAA,MAC9D,cAAA,EACE,CAAC,sBAAA,KACA,cAAA,IAAkB,eAAA,CAAgB,MAAA,GAAS,aAAA,CAAA,GACxC,gBAAA,CAAiB,EAAE,IAAA,EAAM,IAAA,GAAO,CAAA,EAAG,CAAA,GACnC,MAAA;AAAA,MACN,eAAA,EAAiB;AAAA,KACnB;AAAA,EACF;AAAA,EAEA,MAAc,aAAA,CACZ,OAAA,EACA,aAAA,EACA,UAAA,EAIA;AACA,IAAA,OAAOE,cAAA;AAAA,MACL,MAAM,OAAA,CAAQ,GAAA;AAAA,QACZ,OAAA,CAAQ,IAAI,CAAA,MAAA,KAAU;AACpB,UAAA,IAAI,cAAc,MAAA,CAAO,IAAI,CAAA,EAAG,MAAA,KAAWF,uCAAgB,KAAA,EAAO;AAChE,YAAA,OAAO,MAAA;AAAA,UACT;AAEA,UAAA,MAAM,UAAA,GAAa,IAAA,CAAK,KAAA,CAAM,MAAA,CAAO,IAAI,CAAA,EAAG,oBAAA;AAC5C,UAAA,MAAM,WAAA,GAAc,MAAA,CAAO,QAAA,CAAS,aAAA,EAAe,WAAA;AAEnD,UAAA,IAAI,CAAC,UAAA,IAAc,CAAC,WAAA,EAAa;AAC/B,YAAA,OAAO,MAAA;AAAA,UACT;AAaA,UAAA,IAAI,CAACC,2CAAA,CAAqB,UAAU,CAAA,EAAG;AACrC,YAAA,MAAM,IAAI,KAAA;AAAA,cACR,CAAA,sEAAA,EAAyE,WAAW,IAAI,CAAA,CAAA;AAAA,aAC1F;AAAA,UACF;AAEA,UAAA,OAAO,WACJ,IAAA,CAAK,EAAE,UAAA,EAAY,WAAA,EAAa,CAAA,CAChC,IAAA;AAAA,YAAK,CAAA,QAAA,KACJ,QAAA,CAAS,MAAA,KAAWD,sCAAA,CAAgB,QAAQ,MAAA,GAAS;AAAA,WACvD;AAAA,QACJ,CAAC;AAAA;AACH,KACF;AAAA,EACF;AACF;;;;;;"}

package/dist/service/router.cjs.js.map

@@ -1 +1 @@
-{"version":3,"file":"router.cjs.js","sources":["../../src/service/router.ts"],"sourcesContent":["/*\n * Copyright 2021 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport express from 'express';\nimport { z } from 'zod';\nimport { InputError } from '@backstage/errors';\nimport { Config } from '@backstage/config';\nimport { JsonObject, JsonValue } from '@backstage/types';\nimport {\n  PermissionAuthorizer,\n  PermissionEvaluator,\n  toPermissionEvaluator,\n} from '@backstage/plugin-permission-common';\nimport {\n  DocumentTypeInfo,\n  IndexableResultSet,\n  SearchResultSet,\n} from '@backstage/plugin-search-common';\nimport { SearchEngine } from '@backstage/plugin-search-backend-node';\nimport { AuthorizedSearchEngine } from './AuthorizedSearchEngine';\nimport { createOpenApiRouter } from '../schema/openapi';\nimport {\n  AuthService,\n  DiscoveryService,\n  HttpAuthService,\n  LoggerService,\n} from '@backstage/backend-plugin-api';\n\nconst jsonObjectSchema: z.ZodSchema<JsonObject> = z.lazy(() => {\n  const jsonValueSchema: z.ZodSchema<JsonValue> = z.lazy(() =>\n    z.union([\n      z.string(),\n      z.number(),\n      z.boolean(),\n      z.null(),\n      z.array(jsonValueSchema),\n      jsonObjectSchema,\n    ]),\n  );\n\n  return z.record(jsonValueSchema);\n});\n\n/**\n * @internal\n */\nexport type RouterOptions = {\n  engine: SearchEngine;\n  types: Record<string, DocumentTypeInfo>;\n  discovery?: DiscoveryService;\n  permissions: PermissionEvaluator | PermissionAuthorizer;\n  config: Config;\n  logger: LoggerService;\n  auth: AuthService;\n  httpAuth: HttpAuthService;\n};\n\nconst defaultMaxPageLimit = 100;\nconst defaultMaxTermLength = 100;\nconst allowedLocationProtocols = ['http:', 'https:'];\n\n/**\n * @internal\n */\nexport async function createRouter(\n  options: RouterOptions,\n): Promise<express.Router> {\n  const router = await createOpenApiRouter();\n  const {\n    engine: inputEngine,\n    types,\n    permissions,\n    config,\n    logger,\n    auth,\n    httpAuth,\n  } = options;\n\n  const maxPageLimit =\n    config.getOptionalNumber('search.maxPageLimit') ?? defaultMaxPageLimit;\n\n  const maxTermLength =\n    config.getOptionalNumber('search.maxTermLength') ?? defaultMaxTermLength;\n\n  const requestSchema = z.object({\n    term: z\n      .string()\n      .refine(\n        term => term.length <= maxTermLength,\n        term => ({\n          message: `The term length \"${term.length}\" is greater than \"${maxTermLength}\"`,\n        }),\n      )\n      .default(''),\n    filters: jsonObjectSchema.optional(),\n    types: z\n      .array(z.string().refine(type => Object.keys(types).includes(type)))\n      .optional(),\n    pageCursor: z.string().optional(),\n    pageLimit: z\n      .number()\n      .refine(\n        pageLimit => pageLimit <= maxPageLimit,\n        pageLimit => ({\n          message: `The page limit \"${pageLimit}\" is greater than \"${maxPageLimit}\"`,\n        }),\n      )\n      .optional(),\n  });\n\n  let permissionEvaluator: PermissionEvaluator;\n  if ('authorizeConditional' in permissions) {\n    permissionEvaluator = permissions as PermissionEvaluator;\n  } else {\n    logger.warn(\n      'PermissionAuthorizer is deprecated. Please use an instance of PermissionEvaluator instead of PermissionAuthorizer in PluginEnvironment#permissions',\n    );\n    permissionEvaluator = toPermissionEvaluator(permissions);\n  }\n\n  const engine = config.getOptionalBoolean('permission.enabled')\n    ? new AuthorizedSearchEngine(\n        inputEngine,\n        types,\n        permissionEvaluator,\n        auth,\n        config,\n      )\n    : inputEngine;\n\n  const filterResultSet = ({ results, ...resultSet }: SearchResultSet) => ({\n    ...resultSet,\n    results: results.filter(result => {\n      const protocol = new URL(result.document.location, 'https://example.com')\n        .protocol;\n      const isAllowed = allowedLocationProtocols.includes(protocol);\n      if (!isAllowed) {\n        logger.info(\n          `Rejected search result for \"${result.document.title}\" as location protocol \"${protocol}\" is unsafe`,\n        );\n      }\n      return isAllowed;\n    }),\n  });\n\n  const toSearchResults = (resultSet: IndexableResultSet): SearchResultSet => ({\n    ...resultSet,\n    results: resultSet.results.map(result => ({\n      ...result,\n      document: {\n        ...result.document,\n        authorization: undefined,\n      },\n    })),\n  });\n\n  router.get('/query', async (req, res) => {\n    const parseResult = requestSchema.passthrough().safeParse(req.query);\n\n    if (!parseResult.success) {\n      throw new InputError(`Invalid query string: ${parseResult.error}`);\n    }\n\n    const query = parseResult.data;\n\n    logger.info(\n      `Search request received: term=\"${query.term}\", filters=${JSON.stringify(\n        query.filters,\n      )}, types=${query.types ? query.types.join(',') : ''}, pageCursor=${\n        query.pageCursor ?? ''\n      }`,\n    );\n\n    try {\n      const credentials = await httpAuth.credentials(req);\n      const { token } = await auth.getPluginRequestToken({\n        onBehalfOf: credentials,\n        targetPluginId: 'search',\n      });\n      const resultSet = await engine?.query(query, {\n        token,\n        credentials,\n      });\n\n      res.json(filterResultSet(toSearchResults(resultSet)));\n    } catch (error) {\n      // Log the error message here, but don't expose it to the user in the response\n      logger.error(\n        `There was a problem performing the search query: ${error.message}`,\n      );\n      if (error.name === 'MissingIndexError') {\n        // re-throw and let the default error handler middleware captures it and serializes it with the right response code on the standard form\n        throw error;\n      }\n\n      // If the error is not a MissingIndexError, we want to throw a generic error without the error message as it may leak internal information\n      throw new Error(`There was a problem performing the search query`);\n    }\n  });\n\n  return router;\n}\n"],"names":["z","router","createOpenApiRouter","toPermissionEvaluator","AuthorizedSearchEngine","InputError"],"mappings":";;;;;;;;AAyCA,MAAM,gBAAA,GAA4CA,KAAE,CAAA,IAAA,CAAK,MAAM;AAC7D,EAAA,MAAM,kBAA0CA,KAAE,CAAA,IAAA;AAAA,IAAK,MACrDA,MAAE,KAAM,CAAA;AAAA,MACNA,MAAE,MAAO,EAAA;AAAA,MACTA,MAAE,MAAO,EAAA;AAAA,MACTA,MAAE,OAAQ,EAAA;AAAA,MACVA,MAAE,IAAK,EAAA;AAAA,MACPA,KAAA,CAAE,MAAM,eAAe,CAAA;AAAA,MACvB;AAAA,KACD;AAAA,GACH;AAEA,EAAO,OAAAA,KAAA,CAAE,OAAO,eAAe,CAAA;AACjC,CAAC,CAAA;AAgBD,MAAM,mBAAsB,GAAA,GAAA;AAC5B,MAAM,oBAAuB,GAAA,GAAA;AAC7B,MAAM,wBAAA,GAA2B,CAAC,OAAA,EAAS,QAAQ,CAAA;AAKnD,eAAsB,aACpB,OACyB,EAAA;AACzB,EAAM,MAAAC,QAAA,GAAS,MAAMC,0BAAoB,EAAA;AACzC,EAAM,MAAA;AAAA,IACJ,MAAQ,EAAA,WAAA;AAAA,IACR,KAAA;AAAA,IACA,WAAA;AAAA,IACA,MAAA;AAAA,IACA,MAAA;AAAA,IACA,IAAA;AAAA,IACA;AAAA,GACE,GAAA,OAAA;AAEJ,EAAA,MAAM,YACJ,GAAA,MAAA,CAAO,iBAAkB,CAAA,qBAAqB,CAAK,IAAA,mBAAA;AAErD,EAAA,MAAM,aACJ,GAAA,MAAA,CAAO,iBAAkB,CAAA,sBAAsB,CAAK,IAAA,oBAAA;AAEtD,EAAM,MAAA,aAAA,GAAgBF,MAAE,MAAO,CAAA;AAAA,IAC7B,IAAA,EAAMA,KACH,CAAA,MAAA,EACA,CAAA,MAAA;AAAA,MACC,CAAA,IAAA,KAAQ,KAAK,MAAU,IAAA,aAAA;AAAA,MACvB,CAAS,IAAA,MAAA;AAAA,QACP,OAAS,EAAA,CAAA,iBAAA,EAAoB,IAAK,CAAA,MAAM,sBAAsB,aAAa,CAAA,CAAA;AAAA,OAC7E;AAAA,KACF,CACC,QAAQ,EAAE,CAAA;AAAA,IACb,OAAA,EAAS,iBAAiB,QAAS,EAAA;AAAA,IACnC,OAAOA,KACJ,CAAA,KAAA,CAAMA,KAAE,CAAA,MAAA,GAAS,MAAO,CAAA,CAAA,IAAA,KAAQ,MAAO,CAAA,IAAA,CAAK,KAAK,CAAE,CAAA,QAAA,CAAS,IAAI,CAAC,CAAC,EAClE,QAAS,EAAA;AAAA,IACZ,UAAY,EAAAA,KAAA,CAAE,MAAO,EAAA,CAAE,QAAS,EAAA;AAAA,IAChC,SAAA,EAAWA,KACR,CAAA,MAAA,EACA,CAAA,MAAA;AAAA,MACC,eAAa,SAAa,IAAA,YAAA;AAAA,MAC1B,CAAc,SAAA,MAAA;AAAA,QACZ,OAAS,EAAA,CAAA,gBAAA,EAAmB,SAAS,CAAA,mBAAA,EAAsB,YAAY,CAAA,CAAA;AAAA,OACzE;AAAA,MAED,QAAS;AAAA,GACb,CAAA;AAED,EAAI,IAAA,mBAAA;AACJ,EAAA,IAAI,0BAA0B,WAAa,EAAA;AACzC,IAAsB,mBAAA,GAAA,WAAA;AAAA,GACjB,MAAA;AACL,IAAO,MAAA,CAAA,IAAA;AAAA,MACL;AAAA,KACF;AACA,IAAA,mBAAA,GAAsBG,6CAAsB,WAAW,CAAA;AAAA;AAGzD,EAAA,MAAM,MAAS,GAAA,MAAA,CAAO,kBAAmB,CAAA,oBAAoB,IACzD,IAAIC,6CAAA;AAAA,IACF,WAAA;AAAA,IACA,KAAA;AAAA,IACA,mBAAA;AAAA,IACA,IAAA;AAAA,IACA;AAAA,GAEF,GAAA,WAAA;AAEJ,EAAA,MAAM,kBAAkB,CAAC,EAAE,OAAS,EAAA,GAAG,WAAkC,MAAA;AAAA,IACvE,GAAG,SAAA;AAAA,IACH,OAAA,EAAS,OAAQ,CAAA,MAAA,CAAO,CAAU,MAAA,KAAA;AAChC,MAAA,MAAM,WAAW,IAAI,GAAA,CAAI,OAAO,QAAS,CAAA,QAAA,EAAU,qBAAqB,CACrE,CAAA,QAAA;AACH,MAAM,MAAA,SAAA,GAAY,wBAAyB,CAAA,QAAA,CAAS,QAAQ,CAAA;AAC5D,MAAA,IAAI,CAAC,SAAW,EAAA;AACd,QAAO,MAAA,CAAA,IAAA;AAAA,UACL,CAA+B,4BAAA,EAAA,MAAA,CAAO,QAAS,CAAA,KAAK,2BAA2B,QAAQ,CAAA,WAAA;AAAA,SACzF;AAAA;AAEF,MAAO,OAAA,SAAA;AAAA,KACR;AAAA,GACH,CAAA;AAEA,EAAM,MAAA,eAAA,GAAkB,CAAC,SAAoD,MAAA;AAAA,IAC3E,GAAG,SAAA;AAAA,IACH,OAAS,EAAA,SAAA,CAAU,OAAQ,CAAA,GAAA,CAAI,CAAW,MAAA,MAAA;AAAA,MACxC,GAAG,MAAA;AAAA,MACH,QAAU,EAAA;AAAA,QACR,GAAG,MAAO,CAAA,QAAA;AAAA,QACV,aAAe,EAAA,KAAA;AAAA;AACjB,KACA,CAAA;AAAA,GACJ,CAAA;AAEA,EAAAH,QAAA,CAAO,GAAI,CAAA,QAAA,EAAU,OAAO,GAAA,EAAK,GAAQ,KAAA;AACvC,IAAA,MAAM,cAAc,aAAc,CAAA,WAAA,EAAc,CAAA,SAAA,CAAU,IAAI,KAAK,CAAA;AAEnE,IAAI,IAAA,CAAC,YAAY,OAAS,EAAA;AACxB,MAAA,MAAM,IAAII,iBAAA,CAAW,CAAyB,sBAAA,EAAA,WAAA,CAAY,KAAK,CAAE,CAAA,CAAA;AAAA;AAGnE,IAAA,MAAM,QAAQ,WAAY,CAAA,IAAA;AAE1B,IAAO,MAAA,CAAA,IAAA;AAAA,MACL,CAAkC,+BAAA,EAAA,KAAA,CAAM,IAAI,CAAA,WAAA,EAAc,IAAK,CAAA,SAAA;AAAA,QAC7D,KAAM,CAAA;AAAA,OACP,CAAA,QAAA,EAAW,KAAM,CAAA,KAAA,GAAQ,KAAM,CAAA,KAAA,CAAM,IAAK,CAAA,GAAG,CAAI,GAAA,EAAE,CAClD,aAAA,EAAA,KAAA,CAAM,cAAc,EACtB,CAAA;AAAA,KACF;AAEA,IAAI,IAAA;AACF,MAAA,MAAM,WAAc,GAAA,MAAM,QAAS,CAAA,WAAA,CAAY,GAAG,CAAA;AAClD,MAAA,MAAM,EAAE,KAAA,EAAU,GAAA,MAAM,KAAK,qBAAsB,CAAA;AAAA,QACjD,UAAY,EAAA,WAAA;AAAA,QACZ,cAAgB,EAAA;AAAA,OACjB,CAAA;AACD,MAAA,MAAM,SAAY,GAAA,MAAM,MAAQ,EAAA,KAAA,CAAM,KAAO,EAAA;AAAA,QAC3C,KAAA;AAAA,QACA;AAAA,OACD,CAAA;AAED,MAAA,GAAA,CAAI,IAAK,CAAA,eAAA,CAAgB,eAAgB,CAAA,SAAS,CAAC,CAAC,CAAA;AAAA,aAC7C,KAAO,EAAA;AAEd,MAAO,MAAA,CAAA,KAAA;AAAA,QACL,CAAA,iDAAA,EAAoD,MAAM,OAAO,CAAA;AAAA,OACnE;AACA,MAAI,IAAA,KAAA,CAAM,SAAS,mBAAqB,EAAA;AAEtC,QAAM,MAAA,KAAA;AAAA;AAIR,MAAM,MAAA,IAAI,MAAM,CAAiD,+CAAA,CAAA,CAAA;AAAA;AACnE,GACD,CAAA;AAED,EAAO,OAAAJ,QAAA;AACT;;;;"}
+{"version":3,"file":"router.cjs.js","sources":["../../src/service/router.ts"],"sourcesContent":["/*\n * Copyright 2021 The Backstage Authors\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport express from 'express';\nimport { z } from 'zod';\nimport { InputError } from '@backstage/errors';\nimport { Config } from '@backstage/config';\nimport { JsonObject, JsonValue } from '@backstage/types';\nimport {\n  PermissionAuthorizer,\n  PermissionEvaluator,\n  toPermissionEvaluator,\n} from '@backstage/plugin-permission-common';\nimport {\n  DocumentTypeInfo,\n  IndexableResultSet,\n  SearchResultSet,\n} from '@backstage/plugin-search-common';\nimport { SearchEngine } from '@backstage/plugin-search-backend-node';\nimport { AuthorizedSearchEngine } from './AuthorizedSearchEngine';\nimport { createOpenApiRouter } from '../schema/openapi';\nimport {\n  AuthService,\n  DiscoveryService,\n  HttpAuthService,\n  LoggerService,\n} from '@backstage/backend-plugin-api';\n\nconst jsonObjectSchema: z.ZodSchema<JsonObject> = z.lazy(() => {\n  const jsonValueSchema: z.ZodSchema<JsonValue> = z.lazy(() =>\n    z.union([\n      z.string(),\n      z.number(),\n      z.boolean(),\n      z.null(),\n      z.array(jsonValueSchema),\n      jsonObjectSchema,\n    ]),\n  );\n\n  return z.record(jsonValueSchema);\n});\n\n/**\n * @internal\n */\nexport type RouterOptions = {\n  engine: SearchEngine;\n  types: Record<string, DocumentTypeInfo>;\n  discovery?: DiscoveryService;\n  permissions: PermissionEvaluator | PermissionAuthorizer;\n  config: Config;\n  logger: LoggerService;\n  auth: AuthService;\n  httpAuth: HttpAuthService;\n};\n\nconst defaultMaxPageLimit = 100;\nconst defaultMaxTermLength = 100;\nconst allowedLocationProtocols = ['http:', 'https:'];\n\n/**\n * @internal\n */\nexport async function createRouter(\n  options: RouterOptions,\n): Promise<express.Router> {\n  const router = await createOpenApiRouter();\n  const {\n    engine: inputEngine,\n    types,\n    permissions,\n    config,\n    logger,\n    auth,\n    httpAuth,\n  } = options;\n\n  const maxPageLimit =\n    config.getOptionalNumber('search.maxPageLimit') ?? defaultMaxPageLimit;\n\n  const maxTermLength =\n    config.getOptionalNumber('search.maxTermLength') ?? defaultMaxTermLength;\n\n  const requestSchema = z.object({\n    term: z\n      .string()\n      .refine(\n        term => term.length <= maxTermLength,\n        term => ({\n          message: `The term length \"${term.length}\" is greater than \"${maxTermLength}\"`,\n        }),\n      )\n      .default(''),\n    filters: jsonObjectSchema.optional(),\n    types: z\n      .array(z.string().refine(type => Object.keys(types).includes(type)))\n      .optional(),\n    pageCursor: z.string().optional(),\n    pageLimit: z\n      .number()\n      .refine(\n        pageLimit => pageLimit <= maxPageLimit,\n        pageLimit => ({\n          message: `The page limit \"${pageLimit}\" is greater than \"${maxPageLimit}\"`,\n        }),\n      )\n      .optional(),\n  });\n\n  let permissionEvaluator: PermissionEvaluator;\n  if ('authorizeConditional' in permissions) {\n    permissionEvaluator = permissions as PermissionEvaluator;\n  } else {\n    logger.warn(\n      'PermissionAuthorizer is deprecated. Please use an instance of PermissionEvaluator instead of PermissionAuthorizer in PluginEnvironment#permissions',\n    );\n    permissionEvaluator = toPermissionEvaluator(permissions);\n  }\n\n  const engine = config.getOptionalBoolean('permission.enabled')\n    ? new AuthorizedSearchEngine(\n        inputEngine,\n        types,\n        permissionEvaluator,\n        auth,\n        config,\n      )\n    : inputEngine;\n\n  const filterResultSet = ({ results, ...resultSet }: SearchResultSet) => ({\n    ...resultSet,\n    results: results.filter(result => {\n      const protocol = new URL(result.document.location, 'https://example.com')\n        .protocol;\n      const isAllowed = allowedLocationProtocols.includes(protocol);\n      if (!isAllowed) {\n        logger.info(\n          `Rejected search result for \"${result.document.title}\" as location protocol \"${protocol}\" is unsafe`,\n        );\n      }\n      return isAllowed;\n    }),\n  });\n\n  const toSearchResults = (resultSet: IndexableResultSet): SearchResultSet => ({\n    ...resultSet,\n    results: resultSet.results.map(result => ({\n      ...result,\n      document: {\n        ...result.document,\n        authorization: undefined,\n      },\n    })),\n  });\n\n  router.get('/query', async (req, res) => {\n    const parseResult = requestSchema.passthrough().safeParse(req.query);\n\n    if (!parseResult.success) {\n      throw new InputError(`Invalid query string: ${parseResult.error}`);\n    }\n\n    const query = parseResult.data;\n\n    logger.info(\n      `Search request received: term=\"${query.term}\", filters=${JSON.stringify(\n        query.filters,\n      )}, types=${query.types ? query.types.join(',') : ''}, pageCursor=${\n        query.pageCursor ?? ''\n      }`,\n    );\n\n    try {\n      const credentials = await httpAuth.credentials(req);\n      const { token } = await auth.getPluginRequestToken({\n        onBehalfOf: credentials,\n        targetPluginId: 'search',\n      });\n      const resultSet = await engine?.query(query, {\n        token,\n        credentials,\n      });\n\n      res.json(filterResultSet(toSearchResults(resultSet)));\n    } catch (error) {\n      // Log the error message here, but don't expose it to the user in the response\n      logger.error(\n        `There was a problem performing the search query: ${error.message}`,\n      );\n      if (error.name === 'MissingIndexError') {\n        // re-throw and let the default error handler middleware captures it and serializes it with the right response code on the standard form\n        throw error;\n      }\n\n      // If the error is not a MissingIndexError, we want to throw a generic error without the error message as it may leak internal information\n      throw new Error(`There was a problem performing the search query`);\n    }\n  });\n\n  return router;\n}\n"],"names":["z","router","createOpenApiRouter","toPermissionEvaluator","AuthorizedSearchEngine","InputError"],"mappings":";;;;;;;;AAyCA,MAAM,gBAAA,GAA4CA,KAAA,CAAE,IAAA,CAAK,MAAM;AAC7D,EAAA,MAAM,kBAA0CA,KAAA,CAAE,IAAA;AAAA,IAAK,MACrDA,MAAE,KAAA,CAAM;AAAA,MACNA,MAAE,MAAA,EAAO;AAAA,MACTA,MAAE,MAAA,EAAO;AAAA,MACTA,MAAE,OAAA,EAAQ;AAAA,MACVA,MAAE,IAAA,EAAK;AAAA,MACPA,KAAA,CAAE,MAAM,eAAe,CAAA;AAAA,MACvB;AAAA,KACD;AAAA,GACH;AAEA,EAAA,OAAOA,KAAA,CAAE,OAAO,eAAe,CAAA;AACjC,CAAC,CAAA;AAgBD,MAAM,mBAAA,GAAsB,GAAA;AAC5B,MAAM,oBAAA,GAAuB,GAAA;AAC7B,MAAM,wBAAA,GAA2B,CAAC,OAAA,EAAS,QAAQ,CAAA;AAKnD,eAAsB,aACpB,OAAA,EACyB;AACzB,EAAA,MAAMC,QAAA,GAAS,MAAMC,0BAAA,EAAoB;AACzC,EAAA,MAAM;AAAA,IACJ,MAAA,EAAQ,WAAA;AAAA,IACR,KAAA;AAAA,IACA,WAAA;AAAA,IACA,MAAA;AAAA,IACA,MAAA;AAAA,IACA,IAAA;AAAA,IACA;AAAA,GACF,GAAI,OAAA;AAEJ,EAAA,MAAM,YAAA,GACJ,MAAA,CAAO,iBAAA,CAAkB,qBAAqB,CAAA,IAAK,mBAAA;AAErD,EAAA,MAAM,aAAA,GACJ,MAAA,CAAO,iBAAA,CAAkB,sBAAsB,CAAA,IAAK,oBAAA;AAEtD,EAAA,MAAM,aAAA,GAAgBF,MAAE,MAAA,CAAO;AAAA,IAC7B,IAAA,EAAMA,KAAA,CACH,MAAA,EAAO,CACP,MAAA;AAAA,MACC,CAAA,IAAA,KAAQ,KAAK,MAAA,IAAU,aAAA;AAAA,MACvB,CAAA,IAAA,MAAS;AAAA,QACP,OAAA,EAAS,CAAA,iBAAA,EAAoB,IAAA,CAAK,MAAM,sBAAsB,aAAa,CAAA,CAAA;AAAA,OAC7E;AAAA,KACF,CACC,QAAQ,EAAE,CAAA;AAAA,IACb,OAAA,EAAS,iBAAiB,QAAA,EAAS;AAAA,IACnC,OAAOA,KAAA,CACJ,KAAA,CAAMA,KAAA,CAAE,MAAA,GAAS,MAAA,CAAO,CAAA,IAAA,KAAQ,MAAA,CAAO,IAAA,CAAK,KAAK,CAAA,CAAE,QAAA,CAAS,IAAI,CAAC,CAAC,EAClE,QAAA,EAAS;AAAA,IACZ,UAAA,EAAYA,KAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,IAChC,SAAA,EAAWA,KAAA,CACR,MAAA,EAAO,CACP,MAAA;AAAA,MACC,eAAa,SAAA,IAAa,YAAA;AAAA,MAC1B,CAAA,SAAA,MAAc;AAAA,QACZ,OAAA,EAAS,CAAA,gBAAA,EAAmB,SAAS,CAAA,mBAAA,EAAsB,YAAY,CAAA,CAAA;AAAA,OACzE;AAAA,MAED,QAAA;AAAS,GACb,CAAA;AAED,EAAA,IAAI,mBAAA;AACJ,EAAA,IAAI,0BAA0B,WAAA,EAAa;AACzC,IAAA,mBAAA,GAAsB,WAAA;AAAA,EACxB,CAAA,MAAO;AACL,IAAA,MAAA,CAAO,IAAA;AAAA,MACL;AAAA,KACF;AACA,IAAA,mBAAA,GAAsBG,6CAAsB,WAAW,CAAA;AAAA,EACzD;AAEA,EAAA,MAAM,MAAA,GAAS,MAAA,CAAO,kBAAA,CAAmB,oBAAoB,IACzD,IAAIC,6CAAA;AAAA,IACF,WAAA;AAAA,IACA,KAAA;AAAA,IACA,mBAAA;AAAA,IACA,IAAA;AAAA,IACA;AAAA,GACF,GACA,WAAA;AAEJ,EAAA,MAAM,kBAAkB,CAAC,EAAE,OAAA,EAAS,GAAG,WAAU,MAAwB;AAAA,IACvE,GAAG,SAAA;AAAA,IACH,OAAA,EAAS,OAAA,CAAQ,MAAA,CAAO,CAAA,MAAA,KAAU;AAChC,MAAA,MAAM,WAAW,IAAI,GAAA,CAAI,OAAO,QAAA,CAAS,QAAA,EAAU,qBAAqB,CAAA,CACrE,QAAA;AACH,MAAA,MAAM,SAAA,GAAY,wBAAA,CAAyB,QAAA,CAAS,QAAQ,CAAA;AAC5D,MAAA,IAAI,CAAC,SAAA,EAAW;AACd,QAAA,MAAA,CAAO,IAAA;AAAA,UACL,CAAA,4BAAA,EAA+B,MAAA,CAAO,QAAA,CAAS,KAAK,2BAA2B,QAAQ,CAAA,WAAA;AAAA,SACzF;AAAA,MACF;AACA,MAAA,OAAO,SAAA;AAAA,IACT,CAAC;AAAA,GACH,CAAA;AAEA,EAAA,MAAM,eAAA,GAAkB,CAAC,SAAA,MAAoD;AAAA,IAC3E,GAAG,SAAA;AAAA,IACH,OAAA,EAAS,SAAA,CAAU,OAAA,CAAQ,GAAA,CAAI,CAAA,MAAA,MAAW;AAAA,MACxC,GAAG,MAAA;AAAA,MACH,QAAA,EAAU;AAAA,QACR,GAAG,MAAA,CAAO,QAAA;AAAA,QACV,aAAA,EAAe;AAAA;AACjB,KACF,CAAE;AAAA,GACJ,CAAA;AAEA,EAAAH,QAAA,CAAO,GAAA,CAAI,QAAA,EAAU,OAAO,GAAA,EAAK,GAAA,KAAQ;AACvC,IAAA,MAAM,cAAc,aAAA,CAAc,WAAA,EAAY,CAAE,SAAA,CAAU,IAAI,KAAK,CAAA;AAEnE,IAAA,IAAI,CAAC,YAAY,OAAA,EAAS;AACxB,MAAA,MAAM,IAAII,iBAAA,CAAW,CAAA,sBAAA,EAAyB,WAAA,CAAY,KAAK,CAAA,CAAE,CAAA;AAAA,IACnE;AAEA,IAAA,MAAM,QAAQ,WAAA,CAAY,IAAA;AAE1B,IAAA,MAAA,CAAO,IAAA;AAAA,MACL,CAAA,+BAAA,EAAkC,KAAA,CAAM,IAAI,CAAA,WAAA,EAAc,IAAA,CAAK,SAAA;AAAA,QAC7D,KAAA,CAAM;AAAA,OACP,CAAA,QAAA,EAAW,KAAA,CAAM,KAAA,GAAQ,KAAA,CAAM,KAAA,CAAM,IAAA,CAAK,GAAG,CAAA,GAAI,EAAE,CAAA,aAAA,EAClD,KAAA,CAAM,cAAc,EACtB,CAAA;AAAA,KACF;AAEA,IAAA,IAAI;AACF,MAAA,MAAM,WAAA,GAAc,MAAM,QAAA,CAAS,WAAA,CAAY,GAAG,CAAA;AAClD,MAAA,MAAM,EAAE,KAAA,EAAM,GAAI,MAAM,KAAK,qBAAA,CAAsB;AAAA,QACjD,UAAA,EAAY,WAAA;AAAA,QACZ,cAAA,EAAgB;AAAA,OACjB,CAAA;AACD,MAAA,MAAM,SAAA,GAAY,MAAM,MAAA,EAAQ,KAAA,CAAM,KAAA,EAAO;AAAA,QAC3C,KAAA;AAAA,QACA;AAAA,OACD,CAAA;AAED,MAAA,GAAA,CAAI,IAAA,CAAK,eAAA,CAAgB,eAAA,CAAgB,SAAS,CAAC,CAAC,CAAA;AAAA,IACtD,SAAS,KAAA,EAAO;AAEd,MAAA,MAAA,CAAO,KAAA;AAAA,QACL,CAAA,iDAAA,EAAoD,MAAM,OAAO,CAAA;AAAA,OACnE;AACA,MAAA,IAAI,KAAA,CAAM,SAAS,mBAAA,EAAqB;AAEtC,QAAA,MAAM,KAAA;AAAA,MACR;AAGA,MAAA,MAAM,IAAI,MAAM,CAAA,+CAAA,CAAiD,CAAA;AAAA,IACnE;AAAA,EACF,CAAC,CAAA;AAED,EAAA,OAAOJ,QAAA;AACT;;;;"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@backstage/plugin-search-backend",
-  "version": "2.0.5-next.0",
+  "version": "2.0.6-next.0",
   "description": "The Backstage backend plugin that provides your backstage app with search",
   "backstage": {
     "role": "backend-plugin",
@@ -70,14 +70,14 @@
     "test": "backstage-cli package test"
   },
   "dependencies": {
-    "@backstage/backend-defaults": "0.11.2-next.0",
-    "@backstage/backend-openapi-utils": "0.6.0-next.0",
-    "@backstage/backend-plugin-api": "1.4.2-next.0",
+    "@backstage/backend-defaults": "0.12.1-next.0",
+    "@backstage/backend-openapi-utils": "0.6.1-next.0",
+    "@backstage/backend-plugin-api": "1.4.3-next.0",
     "@backstage/config": "1.3.3",
     "@backstage/errors": "1.2.7",
     "@backstage/plugin-permission-common": "0.9.1",
-    "@backstage/plugin-permission-node": "0.10.3-next.0",
-    "@backstage/plugin-search-backend-node": "1.3.14-next.0",
+    "@backstage/plugin-permission-node": "0.10.4-next.0",
+    "@backstage/plugin-search-backend-node": "1.3.15-next.0",
     "@backstage/plugin-search-common": "1.2.19",
     "@backstage/types": "1.2.1",
     "dataloader": "^2.0.0",
@@ -88,9 +88,9 @@
     "zod": "^3.22.4"
   },
   "devDependencies": {
-    "@backstage/backend-test-utils": "1.7.1-next.0",
-    "@backstage/cli": "0.33.2-next.0",
-    "@backstage/repo-tools": "0.15.1-next.0",
+    "@backstage/backend-test-utils": "1.9.0-next.1",
+    "@backstage/cli": "0.34.2-next.1",
+    "@backstage/repo-tools": "0.15.2-next.0",
     "@types/express": "^4.17.6",
     "@types/supertest": "^2.0.8",
     "supertest": "^7.0.0"