@drodil/backstage-plugin-qeta-node 3.20.3 → 3.22.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/conditionExports.cjs.js +6 -11
- package/dist/conditionExports.cjs.js.map +1 -1
- package/dist/index.cjs.js +6 -6
- package/dist/index.d.ts +8 -25
- package/dist/permissionResources.cjs.js +32 -0
- package/dist/permissionResources.cjs.js.map +1 -0
- package/dist/permissionRules.cjs.js +25 -37
- package/dist/permissionRules.cjs.js.map +1 -1
- package/package.json +5 -5
|
@@ -2,14 +2,13 @@
|
|
|
2
2
|
|
|
3
3
|
var pluginPermissionNode = require('@backstage/plugin-permission-node');
|
|
4
4
|
var permissionRules = require('./permissionRules.cjs.js');
|
|
5
|
-
var
|
|
5
|
+
var permissionResources = require('./permissionResources.cjs.js');
|
|
6
6
|
|
|
7
7
|
const {
|
|
8
8
|
conditions: qConditions,
|
|
9
9
|
createConditionalDecision: createPostDecision
|
|
10
10
|
} = pluginPermissionNode.createConditionExports({
|
|
11
|
-
|
|
12
|
-
resourceType: backstagePluginQetaCommon.POST_RESOURCE_TYPE,
|
|
11
|
+
resourceRef: permissionResources.postPermissionResourceRef,
|
|
13
12
|
rules: permissionRules.postRules
|
|
14
13
|
});
|
|
15
14
|
const questionConditions = qConditions;
|
|
@@ -18,8 +17,7 @@ const {
|
|
|
18
17
|
conditions: aConditions,
|
|
19
18
|
createConditionalDecision: createAnswerDecision
|
|
20
19
|
} = pluginPermissionNode.createConditionExports({
|
|
21
|
-
|
|
22
|
-
resourceType: backstagePluginQetaCommon.ANSWER_RESOURCE_TYPE,
|
|
20
|
+
resourceRef: permissionResources.answerPermissionResourceRef,
|
|
23
21
|
rules: permissionRules.answerRules
|
|
24
22
|
});
|
|
25
23
|
const answerConditions = aConditions;
|
|
@@ -28,8 +26,7 @@ const {
|
|
|
28
26
|
conditions: cConditions,
|
|
29
27
|
createConditionalDecision: createCommentDecision
|
|
30
28
|
} = pluginPermissionNode.createConditionExports({
|
|
31
|
-
|
|
32
|
-
resourceType: backstagePluginQetaCommon.COMMENT_RESOURCE_TYPE,
|
|
29
|
+
resourceRef: permissionResources.commentPermissionResourceRef,
|
|
33
30
|
rules: permissionRules.commentRules
|
|
34
31
|
});
|
|
35
32
|
const commentConditions = cConditions;
|
|
@@ -38,8 +35,7 @@ const {
|
|
|
38
35
|
conditions: tConditions,
|
|
39
36
|
createConditionalDecision: createTagDecision
|
|
40
37
|
} = pluginPermissionNode.createConditionExports({
|
|
41
|
-
|
|
42
|
-
resourceType: backstagePluginQetaCommon.TAG_RESOURCE_TYPE,
|
|
38
|
+
resourceRef: permissionResources.tagPermissionResourceRef,
|
|
43
39
|
rules: permissionRules.tagRules
|
|
44
40
|
});
|
|
45
41
|
const tagConditions = tConditions;
|
|
@@ -48,8 +44,7 @@ const {
|
|
|
48
44
|
conditions: colConditions,
|
|
49
45
|
createConditionalDecision: createCollectionDecision
|
|
50
46
|
} = pluginPermissionNode.createConditionExports({
|
|
51
|
-
|
|
52
|
-
resourceType: backstagePluginQetaCommon.COLLECTION_RESOUCE_TYPE,
|
|
47
|
+
resourceRef: permissionResources.collectionPermissionResourceRef,
|
|
53
48
|
rules: permissionRules.collectionRules
|
|
54
49
|
});
|
|
55
50
|
const collectionConditions = colConditions;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"conditionExports.cjs.js","sources":["../src/conditionExports.ts"],"sourcesContent":["import { createConditionExports } from '@backstage/plugin-permission-node';\nimport {\n answerRules,\n collectionRules,\n commentRules,\n postRules,\n tagRules,\n} from './permissionRules';\nimport {\n
|
|
1
|
+
{"version":3,"file":"conditionExports.cjs.js","sources":["../src/conditionExports.ts"],"sourcesContent":["import { createConditionExports } from '@backstage/plugin-permission-node';\nimport {\n answerRules,\n collectionRules,\n commentRules,\n postRules,\n tagRules,\n} from './permissionRules';\nimport {\n answerPermissionResourceRef,\n collectionPermissionResourceRef,\n commentPermissionResourceRef,\n postPermissionResourceRef,\n tagPermissionResourceRef,\n} from './permissionResources.ts';\n\nconst {\n conditions: qConditions,\n createConditionalDecision: createPostDecision,\n} = createConditionExports({\n resourceRef: postPermissionResourceRef,\n rules: postRules,\n});\n\nexport const questionConditions = qConditions;\n\nexport const createPostConditionalDecision = createPostDecision;\n\nconst {\n conditions: aConditions,\n createConditionalDecision: createAnswerDecision,\n} = createConditionExports({\n resourceRef: answerPermissionResourceRef,\n rules: answerRules,\n});\n\nexport const answerConditions = aConditions;\n\nexport const createAnswerConditionalDecision = createAnswerDecision;\n\nconst {\n conditions: cConditions,\n createConditionalDecision: createCommentDecision,\n} = createConditionExports({\n resourceRef: commentPermissionResourceRef,\n rules: commentRules,\n});\n\nexport const commentConditions = cConditions;\n\nexport const createCommentConditionalDecision = createCommentDecision;\n\nconst {\n conditions: tConditions,\n createConditionalDecision: createTagDecision,\n} = createConditionExports({\n resourceRef: tagPermissionResourceRef,\n rules: tagRules,\n});\n\nexport const tagConditions = tConditions;\n\nexport const createTagConditionalDecision = createTagDecision;\n\nconst {\n conditions: colConditions,\n createConditionalDecision: createCollectionDecision,\n} = createConditionExports({\n resourceRef: collectionPermissionResourceRef,\n rules: collectionRules,\n});\n\nexport const collectionConditions = colConditions;\n\nexport const createCollectionConditionalDecision = createCollectionDecision;\n"],"names":["createConditionExports","postPermissionResourceRef","postRules","answerPermissionResourceRef","answerRules","commentPermissionResourceRef","commentRules","tagPermissionResourceRef","tagRules","collectionPermissionResourceRef","collectionRules"],"mappings":";;;;;;AAgBA,MAAM;AAAA,EACJ,UAAY,EAAA,WAAA;AAAA,EACZ,yBAA2B,EAAA;AAC7B,CAAA,GAAIA,2CAAuB,CAAA;AAAA,EACzB,WAAa,EAAAC,6CAAA;AAAA,EACb,KAAO,EAAAC;AACT,CAAC,CAAA;AAEM,MAAM,kBAAqB,GAAA;AAE3B,MAAM,6BAAgC,GAAA;AAE7C,MAAM;AAAA,EACJ,UAAY,EAAA,WAAA;AAAA,EACZ,yBAA2B,EAAA;AAC7B,CAAA,GAAIF,2CAAuB,CAAA;AAAA,EACzB,WAAa,EAAAG,+CAAA;AAAA,EACb,KAAO,EAAAC;AACT,CAAC,CAAA;AAEM,MAAM,gBAAmB,GAAA;AAEzB,MAAM,+BAAkC,GAAA;AAE/C,MAAM;AAAA,EACJ,UAAY,EAAA,WAAA;AAAA,EACZ,yBAA2B,EAAA;AAC7B,CAAA,GAAIJ,2CAAuB,CAAA;AAAA,EACzB,WAAa,EAAAK,gDAAA;AAAA,EACb,KAAO,EAAAC;AACT,CAAC,CAAA;AAEM,MAAM,iBAAoB,GAAA;AAE1B,MAAM,gCAAmC,GAAA;AAEhD,MAAM;AAAA,EACJ,UAAY,EAAA,WAAA;AAAA,EACZ,yBAA2B,EAAA;AAC7B,CAAA,GAAIN,2CAAuB,CAAA;AAAA,EACzB,WAAa,EAAAO,4CAAA;AAAA,EACb,KAAO,EAAAC;AACT,CAAC,CAAA;AAEM,MAAM,aAAgB,GAAA;AAEtB,MAAM,4BAA+B,GAAA;AAE5C,MAAM;AAAA,EACJ,UAAY,EAAA,aAAA;AAAA,EACZ,yBAA2B,EAAA;AAC7B,CAAA,GAAIR,2CAAuB,CAAA;AAAA,EACzB,WAAa,EAAAS,mDAAA;AAAA,EACb,KAAO,EAAAC;AACT,CAAC,CAAA;AAEM,MAAM,oBAAuB,GAAA;AAE7B,MAAM,mCAAsC,GAAA;;;;;;;;;;;;;"}
|
package/dist/index.cjs.js
CHANGED
|
@@ -3,6 +3,7 @@
|
|
|
3
3
|
var extensions = require('./extensions.cjs.js');
|
|
4
4
|
var permissionRules = require('./permissionRules.cjs.js');
|
|
5
5
|
var conditionExports = require('./conditionExports.cjs.js');
|
|
6
|
+
var permissionResources = require('./permissionResources.cjs.js');
|
|
6
7
|
|
|
7
8
|
|
|
8
9
|
|
|
@@ -22,17 +23,11 @@ exports.collectionOwnerConditionFactory = permissionRules.collectionOwnerConditi
|
|
|
22
23
|
exports.collectionRules = permissionRules.collectionRules;
|
|
23
24
|
exports.commentAuthorConditionFactory = permissionRules.commentAuthorConditionFactory;
|
|
24
25
|
exports.commentRules = permissionRules.commentRules;
|
|
25
|
-
exports.createAnswerPermissionRule = permissionRules.createAnswerPermissionRule;
|
|
26
|
-
exports.createCollectionPermissionRule = permissionRules.createCollectionPermissionRule;
|
|
27
|
-
exports.createCommentPermissionRule = permissionRules.createCommentPermissionRule;
|
|
28
|
-
exports.createPostPermissionRule = permissionRules.createPostPermissionRule;
|
|
29
|
-
exports.createTagPermissionRule = permissionRules.createTagPermissionRule;
|
|
30
26
|
exports.isAnswerAuthor = permissionRules.isAnswerAuthor;
|
|
31
27
|
exports.isCollectionOwner = permissionRules.isCollectionOwner;
|
|
32
28
|
exports.isCommentAuthor = permissionRules.isCommentAuthor;
|
|
33
29
|
exports.isPostAuthor = permissionRules.isPostAuthor;
|
|
34
30
|
exports.isTag = permissionRules.isTag;
|
|
35
|
-
exports.permissionRules = permissionRules.permissionRules;
|
|
36
31
|
exports.postAuthorConditionFactory = permissionRules.postAuthorConditionFactory;
|
|
37
32
|
exports.postHasEntities = permissionRules.postHasEntities;
|
|
38
33
|
exports.postHasEntitiesConditionFactory = permissionRules.postHasEntitiesConditionFactory;
|
|
@@ -54,4 +49,9 @@ exports.createPostConditionalDecision = conditionExports.createPostConditionalDe
|
|
|
54
49
|
exports.createTagConditionalDecision = conditionExports.createTagConditionalDecision;
|
|
55
50
|
exports.questionConditions = conditionExports.questionConditions;
|
|
56
51
|
exports.tagConditions = conditionExports.tagConditions;
|
|
52
|
+
exports.answerPermissionResourceRef = permissionResources.answerPermissionResourceRef;
|
|
53
|
+
exports.collectionPermissionResourceRef = permissionResources.collectionPermissionResourceRef;
|
|
54
|
+
exports.commentPermissionResourceRef = permissionResources.commentPermissionResourceRef;
|
|
55
|
+
exports.postPermissionResourceRef = permissionResources.postPermissionResourceRef;
|
|
56
|
+
exports.tagPermissionResourceRef = permissionResources.tagPermissionResourceRef;
|
|
57
57
|
//# sourceMappingURL=index.cjs.js.map
|
package/dist/index.d.ts
CHANGED
|
@@ -2,8 +2,8 @@ import * as _backstage_backend_plugin_api from '@backstage/backend-plugin-api';
|
|
|
2
2
|
import { BackstageCredentials, BackstageUserPrincipal } from '@backstage/backend-plugin-api';
|
|
3
3
|
import * as _drodil_backstage_plugin_qeta_common from '@drodil/backstage-plugin-qeta-common';
|
|
4
4
|
import { Question, AIResponse, Article, Post, PostFilter, Answer, AnswerFilter, Comment, CommentFilter, TagResponse, TagFilter, Collection, CollectionFilter } from '@drodil/backstage-plugin-qeta-common';
|
|
5
|
-
import * as _backstage_plugin_permission_node from '@backstage/plugin-permission-node';
|
|
6
5
|
import * as _backstage_plugin_permission_common_index from '@backstage/plugin-permission-common/index';
|
|
6
|
+
import * as _backstage_plugin_permission_node from '@backstage/plugin-permission-node';
|
|
7
7
|
|
|
8
8
|
interface AIHandler {
|
|
9
9
|
/**
|
|
@@ -62,7 +62,6 @@ interface QetaTagDatabaseExtensionPoint {
|
|
|
62
62
|
declare const qetaAIExtensionPoint: _backstage_backend_plugin_api.ExtensionPoint<QetaAIExtensionPoint>;
|
|
63
63
|
declare const qetaTagDatabaseExtensionPoint: _backstage_backend_plugin_api.ExtensionPoint<QetaTagDatabaseExtensionPoint>;
|
|
64
64
|
|
|
65
|
-
declare const createPostPermissionRule: <TParams extends _backstage_plugin_permission_common_index.PermissionRuleParams = undefined>(rule: _backstage_plugin_permission_node.PermissionRule<Post, PostFilter, "post", TParams>) => _backstage_plugin_permission_node.PermissionRule<Post, PostFilter, "post", TParams>;
|
|
66
65
|
declare const isPostAuthor: _backstage_plugin_permission_node.PermissionRule<Post, PostFilter, "post", {
|
|
67
66
|
userRef?: string | undefined;
|
|
68
67
|
claims?: string[] | undefined;
|
|
@@ -113,25 +112,6 @@ declare const postRules: {
|
|
|
113
112
|
type: string;
|
|
114
113
|
}>;
|
|
115
114
|
};
|
|
116
|
-
/**
|
|
117
|
-
* @deprecated use `postRules` instead
|
|
118
|
-
*/
|
|
119
|
-
declare const permissionRules: {
|
|
120
|
-
isPostAuthor: _backstage_plugin_permission_node.PermissionRule<Post, PostFilter, "post", {
|
|
121
|
-
userRef?: string | undefined;
|
|
122
|
-
claims?: string[] | undefined;
|
|
123
|
-
}>;
|
|
124
|
-
postHasTags: _backstage_plugin_permission_node.PermissionRule<Post, PostFilter, "post", {
|
|
125
|
-
tags: string[];
|
|
126
|
-
}>;
|
|
127
|
-
postHasEntities: _backstage_plugin_permission_node.PermissionRule<Post, PostFilter, "post", {
|
|
128
|
-
entityRefs: string[];
|
|
129
|
-
}>;
|
|
130
|
-
postHasType: _backstage_plugin_permission_node.PermissionRule<Post, PostFilter, "post", {
|
|
131
|
-
type: string;
|
|
132
|
-
}>;
|
|
133
|
-
};
|
|
134
|
-
declare const createAnswerPermissionRule: <TParams extends _backstage_plugin_permission_common_index.PermissionRuleParams = undefined>(rule: _backstage_plugin_permission_node.PermissionRule<Answer, AnswerFilter, "answer", TParams>) => _backstage_plugin_permission_node.PermissionRule<Answer, AnswerFilter, "answer", TParams>;
|
|
135
115
|
declare const isAnswerAuthor: _backstage_plugin_permission_node.PermissionRule<Answer, AnswerFilter, "answer", {
|
|
136
116
|
userRef?: string | undefined;
|
|
137
117
|
claims?: string[] | undefined;
|
|
@@ -171,7 +151,6 @@ declare const answerRules: {
|
|
|
171
151
|
entityRefs: string[];
|
|
172
152
|
}>;
|
|
173
153
|
};
|
|
174
|
-
declare const createCommentPermissionRule: <TParams extends _backstage_plugin_permission_common_index.PermissionRuleParams = undefined>(rule: _backstage_plugin_permission_node.PermissionRule<Comment, CommentFilter, "comment", TParams>) => _backstage_plugin_permission_node.PermissionRule<Comment, CommentFilter, "comment", TParams>;
|
|
175
154
|
declare const isCommentAuthor: _backstage_plugin_permission_node.PermissionRule<Comment, CommentFilter, "comment", {
|
|
176
155
|
userRef?: string | undefined;
|
|
177
156
|
claims?: string[] | undefined;
|
|
@@ -189,7 +168,6 @@ declare const commentRules: {
|
|
|
189
168
|
claims?: string[] | undefined;
|
|
190
169
|
}>;
|
|
191
170
|
};
|
|
192
|
-
declare const createTagPermissionRule: <TParams extends _backstage_plugin_permission_common_index.PermissionRuleParams = undefined>(rule: _backstage_plugin_permission_node.PermissionRule<TagResponse, TagFilter, "tag", TParams>) => _backstage_plugin_permission_node.PermissionRule<TagResponse, TagFilter, "tag", TParams>;
|
|
193
171
|
declare const isTag: _backstage_plugin_permission_node.PermissionRule<TagResponse, TagFilter, "tag", {
|
|
194
172
|
tag: string;
|
|
195
173
|
}>;
|
|
@@ -203,7 +181,6 @@ declare const tagRules: {
|
|
|
203
181
|
tag: string;
|
|
204
182
|
}>;
|
|
205
183
|
};
|
|
206
|
-
declare const createCollectionPermissionRule: <TParams extends _backstage_plugin_permission_common_index.PermissionRuleParams = undefined>(rule: _backstage_plugin_permission_node.PermissionRule<Collection, CollectionFilter, "collection", TParams>) => _backstage_plugin_permission_node.PermissionRule<Collection, CollectionFilter, "collection", TParams>;
|
|
207
184
|
declare const isCollectionOwner: _backstage_plugin_permission_node.PermissionRule<Collection, CollectionFilter, "collection", {
|
|
208
185
|
userRef?: string | undefined;
|
|
209
186
|
claims?: string[] | undefined;
|
|
@@ -342,4 +319,10 @@ declare const collectionConditions: _backstage_plugin_permission_node.Conditions
|
|
|
342
319
|
}>;
|
|
343
320
|
declare const createCollectionConditionalDecision: (permission: _backstage_plugin_permission_common_index.ResourcePermission<"collection">, conditions: _backstage_plugin_permission_common_index.PermissionCriteria<_backstage_plugin_permission_common_index.PermissionCondition<"collection">>) => _backstage_plugin_permission_common_index.ConditionalPolicyDecision;
|
|
344
321
|
|
|
345
|
-
|
|
322
|
+
declare const postPermissionResourceRef: _backstage_plugin_permission_node.PermissionResourceRef<Post, PostFilter, "post", "qeta">;
|
|
323
|
+
declare const answerPermissionResourceRef: _backstage_plugin_permission_node.PermissionResourceRef<Answer, AnswerFilter, "answer", "qeta">;
|
|
324
|
+
declare const commentPermissionResourceRef: _backstage_plugin_permission_node.PermissionResourceRef<Comment, CommentFilter, "comment", "qeta">;
|
|
325
|
+
declare const tagPermissionResourceRef: _backstage_plugin_permission_node.PermissionResourceRef<TagResponse, TagFilter, "tag", "qeta">;
|
|
326
|
+
declare const collectionPermissionResourceRef: _backstage_plugin_permission_node.PermissionResourceRef<Collection, CollectionFilter, "collection", "qeta">;
|
|
327
|
+
|
|
328
|
+
export { type AIHandler, type QetaAIExtensionPoint, type QetaTagDatabaseExtensionPoint, type TagDatabase, answerAuthorConditionFactory, answerConditions, answerPermissionResourceRef, answerQuestionEntitiesConditionFactory, answerQuestionHasEntityRefs, answerQuestionHasTags, answerQuestionTagsConditionFactory, answerRules, collectionConditions, collectionHasEntities, collectionHasEntitiesConditionFactory, collectionHasTags, collectionHasTagsConditionFactory, collectionOwnerConditionFactory, collectionPermissionResourceRef, collectionRules, commentAuthorConditionFactory, commentConditions, commentPermissionResourceRef, commentRules, createAnswerConditionalDecision, createCollectionConditionalDecision, createCommentConditionalDecision, createPostConditionalDecision, createTagConditionalDecision, isAnswerAuthor, isCollectionOwner, isCommentAuthor, isPostAuthor, isTag, postAuthorConditionFactory, postHasEntities, postHasEntitiesConditionFactory, postHasTags, postHasTagsConditionFactory, postHasType, postHasTypeConditionFactory, postPermissionResourceRef, postRules, qetaAIExtensionPoint, qetaTagDatabaseExtensionPoint, questionConditions, rules, tagConditionFactory, tagConditions, tagPermissionResourceRef, tagRules };
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
var pluginPermissionNode = require('@backstage/plugin-permission-node');
|
|
4
|
+
var backstagePluginQetaCommon = require('@drodil/backstage-plugin-qeta-common');
|
|
5
|
+
|
|
6
|
+
const postPermissionResourceRef = pluginPermissionNode.createPermissionResourceRef().with({
|
|
7
|
+
resourceType: backstagePluginQetaCommon.POST_RESOURCE_TYPE,
|
|
8
|
+
pluginId: "qeta"
|
|
9
|
+
});
|
|
10
|
+
const answerPermissionResourceRef = pluginPermissionNode.createPermissionResourceRef().with({
|
|
11
|
+
resourceType: backstagePluginQetaCommon.ANSWER_RESOURCE_TYPE,
|
|
12
|
+
pluginId: "qeta"
|
|
13
|
+
});
|
|
14
|
+
const commentPermissionResourceRef = pluginPermissionNode.createPermissionResourceRef().with({
|
|
15
|
+
resourceType: backstagePluginQetaCommon.COMMENT_RESOURCE_TYPE,
|
|
16
|
+
pluginId: "qeta"
|
|
17
|
+
});
|
|
18
|
+
const tagPermissionResourceRef = pluginPermissionNode.createPermissionResourceRef().with({
|
|
19
|
+
resourceType: backstagePluginQetaCommon.TAG_RESOURCE_TYPE,
|
|
20
|
+
pluginId: "qeta"
|
|
21
|
+
});
|
|
22
|
+
const collectionPermissionResourceRef = pluginPermissionNode.createPermissionResourceRef().with({
|
|
23
|
+
resourceType: backstagePluginQetaCommon.COLLECTION_RESOUCE_TYPE,
|
|
24
|
+
pluginId: "qeta"
|
|
25
|
+
});
|
|
26
|
+
|
|
27
|
+
exports.answerPermissionResourceRef = answerPermissionResourceRef;
|
|
28
|
+
exports.collectionPermissionResourceRef = collectionPermissionResourceRef;
|
|
29
|
+
exports.commentPermissionResourceRef = commentPermissionResourceRef;
|
|
30
|
+
exports.postPermissionResourceRef = postPermissionResourceRef;
|
|
31
|
+
exports.tagPermissionResourceRef = tagPermissionResourceRef;
|
|
32
|
+
//# sourceMappingURL=permissionResources.cjs.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"permissionResources.cjs.js","sources":["../src/permissionResources.ts"],"sourcesContent":["import { createPermissionResourceRef } from '@backstage/plugin-permission-node';\nimport {\n Answer,\n ANSWER_RESOURCE_TYPE,\n AnswerFilter,\n Collection,\n COLLECTION_RESOUCE_TYPE,\n CollectionFilter,\n Comment,\n COMMENT_RESOURCE_TYPE,\n CommentFilter,\n Post,\n POST_RESOURCE_TYPE,\n PostFilter,\n TAG_RESOURCE_TYPE,\n TagFilter,\n TagResponse,\n} from '@drodil/backstage-plugin-qeta-common';\n\nexport const postPermissionResourceRef = createPermissionResourceRef<\n Post,\n PostFilter\n>().with({\n resourceType: POST_RESOURCE_TYPE,\n pluginId: 'qeta',\n});\n\nexport const answerPermissionResourceRef = createPermissionResourceRef<\n Answer,\n AnswerFilter\n>().with({\n resourceType: ANSWER_RESOURCE_TYPE,\n pluginId: 'qeta',\n});\n\nexport const commentPermissionResourceRef = createPermissionResourceRef<\n Comment,\n CommentFilter\n>().with({\n resourceType: COMMENT_RESOURCE_TYPE,\n pluginId: 'qeta',\n});\n\nexport const tagPermissionResourceRef = createPermissionResourceRef<\n TagResponse,\n TagFilter\n>().with({\n resourceType: TAG_RESOURCE_TYPE,\n pluginId: 'qeta',\n});\n\nexport const collectionPermissionResourceRef = createPermissionResourceRef<\n Collection,\n CollectionFilter\n>().with({\n resourceType: COLLECTION_RESOUCE_TYPE,\n pluginId: 'qeta',\n});\n"],"names":["createPermissionResourceRef","POST_RESOURCE_TYPE","ANSWER_RESOURCE_TYPE","COMMENT_RESOURCE_TYPE","TAG_RESOURCE_TYPE","COLLECTION_RESOUCE_TYPE"],"mappings":";;;;;AAmBa,MAAA,yBAAA,GAA4BA,gDAGvC,EAAA,CAAE,IAAK,CAAA;AAAA,EACP,YAAc,EAAAC,4CAAA;AAAA,EACd,QAAU,EAAA;AACZ,CAAC;AAEY,MAAA,2BAAA,GAA8BD,gDAGzC,EAAA,CAAE,IAAK,CAAA;AAAA,EACP,YAAc,EAAAE,8CAAA;AAAA,EACd,QAAU,EAAA;AACZ,CAAC;AAEY,MAAA,4BAAA,GAA+BF,gDAG1C,EAAA,CAAE,IAAK,CAAA;AAAA,EACP,YAAc,EAAAG,+CAAA;AAAA,EACd,QAAU,EAAA;AACZ,CAAC;AAEY,MAAA,wBAAA,GAA2BH,gDAGtC,EAAA,CAAE,IAAK,CAAA;AAAA,EACP,YAAc,EAAAI,2CAAA;AAAA,EACd,QAAU,EAAA;AACZ,CAAC;AAEY,MAAA,+BAAA,GAAkCJ,gDAG7C,EAAA,CAAE,IAAK,CAAA;AAAA,EACP,YAAc,EAAAK,iDAAA;AAAA,EACd,QAAU,EAAA;AACZ,CAAC;;;;;;;;"}
|
|
@@ -2,13 +2,12 @@
|
|
|
2
2
|
|
|
3
3
|
var pluginPermissionNode = require('@backstage/plugin-permission-node');
|
|
4
4
|
var zod = require('zod');
|
|
5
|
-
var
|
|
5
|
+
var permissionResources = require('./permissionResources.cjs.js');
|
|
6
6
|
|
|
7
|
-
const
|
|
8
|
-
const isPostAuthor = createPostPermissionRule({
|
|
7
|
+
const isPostAuthor = pluginPermissionNode.createPermissionRule({
|
|
9
8
|
name: "IS_AUTHOR",
|
|
10
9
|
description: "Should allow only if the post is created by the user",
|
|
11
|
-
|
|
10
|
+
resourceRef: permissionResources.postPermissionResourceRef,
|
|
12
11
|
paramsSchema: zod.z.object({
|
|
13
12
|
userRef: zod.z.string().describe("User ID to match on the author").optional(),
|
|
14
13
|
claims: zod.z.array(zod.z.string()).optional().describe("List of claims to match at least one on within author")
|
|
@@ -24,10 +23,10 @@ const isPostAuthor = createPostPermissionRule({
|
|
|
24
23
|
}
|
|
25
24
|
});
|
|
26
25
|
const postAuthorConditionFactory = pluginPermissionNode.createConditionFactory(isPostAuthor);
|
|
27
|
-
const postHasTags =
|
|
26
|
+
const postHasTags = pluginPermissionNode.createPermissionRule({
|
|
28
27
|
name: "HAS_TAGS",
|
|
29
28
|
description: "Should allow only if the post has all the specific tags",
|
|
30
|
-
|
|
29
|
+
resourceRef: permissionResources.postPermissionResourceRef,
|
|
31
30
|
paramsSchema: zod.z.object({
|
|
32
31
|
tags: zod.z.array(zod.z.string()).describe("Tag to match the post")
|
|
33
32
|
}),
|
|
@@ -42,10 +41,10 @@ const postHasTags = createPostPermissionRule({
|
|
|
42
41
|
}
|
|
43
42
|
});
|
|
44
43
|
const postHasTagsConditionFactory = pluginPermissionNode.createConditionFactory(postHasTags);
|
|
45
|
-
const postHasEntities =
|
|
44
|
+
const postHasEntities = pluginPermissionNode.createPermissionRule({
|
|
46
45
|
name: "HAS_ENTITIES",
|
|
47
46
|
description: "Should allow only if the post has all the specific entities",
|
|
48
|
-
|
|
47
|
+
resourceRef: permissionResources.postPermissionResourceRef,
|
|
49
48
|
paramsSchema: zod.z.object({
|
|
50
49
|
entityRefs: zod.z.array(zod.z.string()).describe("Entity refs to match the post")
|
|
51
50
|
}),
|
|
@@ -60,10 +59,10 @@ const postHasEntities = createPostPermissionRule({
|
|
|
60
59
|
}
|
|
61
60
|
});
|
|
62
61
|
const postHasEntitiesConditionFactory = pluginPermissionNode.createConditionFactory(postHasEntities);
|
|
63
|
-
const postHasType =
|
|
62
|
+
const postHasType = pluginPermissionNode.createPermissionRule({
|
|
64
63
|
name: "HAS_TYPE",
|
|
65
64
|
description: "Should allow only if the post has the specific type",
|
|
66
|
-
|
|
65
|
+
resourceRef: permissionResources.postPermissionResourceRef,
|
|
67
66
|
paramsSchema: zod.z.object({
|
|
68
67
|
type: zod.z.string().describe("Type to match the post")
|
|
69
68
|
}),
|
|
@@ -84,12 +83,10 @@ const postRules = {
|
|
|
84
83
|
postHasEntities,
|
|
85
84
|
postHasType
|
|
86
85
|
};
|
|
87
|
-
const
|
|
88
|
-
const createAnswerPermissionRule = pluginPermissionNode.makeCreatePermissionRule();
|
|
89
|
-
const isAnswerAuthor = createAnswerPermissionRule({
|
|
86
|
+
const isAnswerAuthor = pluginPermissionNode.createPermissionRule({
|
|
90
87
|
name: "IS_AUTHOR",
|
|
91
88
|
description: "Should allow only if the answer is created by the user",
|
|
92
|
-
|
|
89
|
+
resourceRef: permissionResources.answerPermissionResourceRef,
|
|
93
90
|
paramsSchema: zod.z.object({
|
|
94
91
|
userRef: zod.z.string().describe("User ID to match on the author").optional(),
|
|
95
92
|
claims: zod.z.array(zod.z.string()).optional().describe("List of claims to match at least one on within author")
|
|
@@ -105,10 +102,10 @@ const isAnswerAuthor = createAnswerPermissionRule({
|
|
|
105
102
|
}
|
|
106
103
|
});
|
|
107
104
|
const answerAuthorConditionFactory = pluginPermissionNode.createConditionFactory(isAnswerAuthor);
|
|
108
|
-
const answerQuestionHasTags =
|
|
105
|
+
const answerQuestionHasTags = pluginPermissionNode.createPermissionRule({
|
|
109
106
|
name: "HAS_TAGS",
|
|
110
107
|
description: "Should allow only if the answers question has all the specific tags",
|
|
111
|
-
|
|
108
|
+
resourceRef: permissionResources.answerPermissionResourceRef,
|
|
112
109
|
paramsSchema: zod.z.object({
|
|
113
110
|
tags: zod.z.array(zod.z.string()).describe("Tag to match the question")
|
|
114
111
|
}),
|
|
@@ -125,10 +122,10 @@ const answerQuestionHasTags = createAnswerPermissionRule({
|
|
|
125
122
|
const answerQuestionTagsConditionFactory = pluginPermissionNode.createConditionFactory(
|
|
126
123
|
answerQuestionHasTags
|
|
127
124
|
);
|
|
128
|
-
const answerQuestionHasEntityRefs =
|
|
125
|
+
const answerQuestionHasEntityRefs = pluginPermissionNode.createPermissionRule({
|
|
129
126
|
name: "HAS_ENTITIES",
|
|
130
127
|
description: "Should allow only if the answers question has all the specific entities",
|
|
131
|
-
|
|
128
|
+
resourceRef: permissionResources.answerPermissionResourceRef,
|
|
132
129
|
paramsSchema: zod.z.object({
|
|
133
130
|
entityRefs: zod.z.array(zod.z.string()).describe("Tag to match the question")
|
|
134
131
|
}),
|
|
@@ -150,11 +147,10 @@ const answerRules = {
|
|
|
150
147
|
answerQuestionHasTags,
|
|
151
148
|
answerQuestionHasEntityRefs
|
|
152
149
|
};
|
|
153
|
-
const
|
|
154
|
-
const isCommentAuthor = createCommentPermissionRule({
|
|
150
|
+
const isCommentAuthor = pluginPermissionNode.createPermissionRule({
|
|
155
151
|
name: "IS_AUTHOR",
|
|
156
152
|
description: "Should allow only if the comment is created by the user",
|
|
157
|
-
|
|
153
|
+
resourceRef: permissionResources.commentPermissionResourceRef,
|
|
158
154
|
paramsSchema: zod.z.object({
|
|
159
155
|
userRef: zod.z.string().describe("User ID to match on the author").optional(),
|
|
160
156
|
claims: zod.z.array(zod.z.string()).optional().describe("List of claims to match at least one on within author")
|
|
@@ -171,11 +167,10 @@ const isCommentAuthor = createCommentPermissionRule({
|
|
|
171
167
|
});
|
|
172
168
|
const commentAuthorConditionFactory = pluginPermissionNode.createConditionFactory(isCommentAuthor);
|
|
173
169
|
const commentRules = { isCommentAuthor };
|
|
174
|
-
const
|
|
175
|
-
const isTag = createTagPermissionRule({
|
|
170
|
+
const isTag = pluginPermissionNode.createPermissionRule({
|
|
176
171
|
name: "IS_TAG",
|
|
177
172
|
description: "Should allow only if the tag exists",
|
|
178
|
-
|
|
173
|
+
resourceRef: permissionResources.tagPermissionResourceRef,
|
|
179
174
|
paramsSchema: zod.z.object({
|
|
180
175
|
tag: zod.z.string().describe("Tag to match the post")
|
|
181
176
|
}),
|
|
@@ -191,11 +186,10 @@ const isTag = createTagPermissionRule({
|
|
|
191
186
|
});
|
|
192
187
|
const tagConditionFactory = pluginPermissionNode.createConditionFactory(isTag);
|
|
193
188
|
const tagRules = { isTag };
|
|
194
|
-
const
|
|
195
|
-
const isCollectionOwner = createCollectionPermissionRule({
|
|
189
|
+
const isCollectionOwner = pluginPermissionNode.createPermissionRule({
|
|
196
190
|
name: "IS_OWNER",
|
|
197
191
|
description: "Should allow only if the collection is owned by the user",
|
|
198
|
-
|
|
192
|
+
resourceRef: permissionResources.collectionPermissionResourceRef,
|
|
199
193
|
paramsSchema: zod.z.object({
|
|
200
194
|
userRef: zod.z.string().describe("User reference to match on the owner").optional(),
|
|
201
195
|
claims: zod.z.array(zod.z.string()).optional().describe("List of claims to match at least one on within owner")
|
|
@@ -211,10 +205,10 @@ const isCollectionOwner = createCollectionPermissionRule({
|
|
|
211
205
|
}
|
|
212
206
|
});
|
|
213
207
|
const collectionOwnerConditionFactory = pluginPermissionNode.createConditionFactory(isCollectionOwner);
|
|
214
|
-
const collectionHasTags =
|
|
208
|
+
const collectionHasTags = pluginPermissionNode.createPermissionRule({
|
|
215
209
|
name: "HAS_TAGS",
|
|
216
210
|
description: "Should allow only if the posts in the collection have the specific tags",
|
|
217
|
-
|
|
211
|
+
resourceRef: permissionResources.collectionPermissionResourceRef,
|
|
218
212
|
paramsSchema: zod.z.object({
|
|
219
213
|
tags: zod.z.array(zod.z.string()).describe("Tag to match the collection")
|
|
220
214
|
}),
|
|
@@ -229,10 +223,10 @@ const collectionHasTags = createCollectionPermissionRule({
|
|
|
229
223
|
}
|
|
230
224
|
});
|
|
231
225
|
const collectionHasTagsConditionFactory = pluginPermissionNode.createConditionFactory(collectionHasTags);
|
|
232
|
-
const collectionHasEntities =
|
|
226
|
+
const collectionHasEntities = pluginPermissionNode.createPermissionRule({
|
|
233
227
|
name: "HAS_ENTITIES",
|
|
234
228
|
description: "Should allow only if the posts in the collection have the specific entities",
|
|
235
|
-
|
|
229
|
+
resourceRef: permissionResources.collectionPermissionResourceRef,
|
|
236
230
|
paramsSchema: zod.z.object({
|
|
237
231
|
entityRefs: zod.z.array(zod.z.string()).describe("Entity refs to match the collection")
|
|
238
232
|
}),
|
|
@@ -276,17 +270,11 @@ exports.collectionOwnerConditionFactory = collectionOwnerConditionFactory;
|
|
|
276
270
|
exports.collectionRules = collectionRules;
|
|
277
271
|
exports.commentAuthorConditionFactory = commentAuthorConditionFactory;
|
|
278
272
|
exports.commentRules = commentRules;
|
|
279
|
-
exports.createAnswerPermissionRule = createAnswerPermissionRule;
|
|
280
|
-
exports.createCollectionPermissionRule = createCollectionPermissionRule;
|
|
281
|
-
exports.createCommentPermissionRule = createCommentPermissionRule;
|
|
282
|
-
exports.createPostPermissionRule = createPostPermissionRule;
|
|
283
|
-
exports.createTagPermissionRule = createTagPermissionRule;
|
|
284
273
|
exports.isAnswerAuthor = isAnswerAuthor;
|
|
285
274
|
exports.isCollectionOwner = isCollectionOwner;
|
|
286
275
|
exports.isCommentAuthor = isCommentAuthor;
|
|
287
276
|
exports.isPostAuthor = isPostAuthor;
|
|
288
277
|
exports.isTag = isTag;
|
|
289
|
-
exports.permissionRules = permissionRules;
|
|
290
278
|
exports.postAuthorConditionFactory = postAuthorConditionFactory;
|
|
291
279
|
exports.postHasEntities = postHasEntities;
|
|
292
280
|
exports.postHasEntitiesConditionFactory = postHasEntitiesConditionFactory;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"permissionRules.cjs.js","sources":["../src/permissionRules.ts"],"sourcesContent":["import {\n createConditionFactory,\n makeCreatePermissionRule,\n} from '@backstage/plugin-permission-node';\nimport { z } from 'zod';\nimport {\n Answer,\n ANSWER_RESOURCE_TYPE,\n AnswerFilter,\n Collection,\n COLLECTION_RESOUCE_TYPE,\n CollectionFilter,\n Comment,\n COMMENT_RESOURCE_TYPE,\n CommentFilter,\n Post,\n POST_RESOURCE_TYPE,\n PostFilter,\n TAG_RESOURCE_TYPE,\n TagFilter,\n TagResponse,\n} from '@drodil/backstage-plugin-qeta-common';\n\nexport const createPostPermissionRule = makeCreatePermissionRule<\n Post,\n PostFilter,\n typeof POST_RESOURCE_TYPE\n>();\n\nexport const isPostAuthor = createPostPermissionRule({\n name: 'IS_AUTHOR',\n description: 'Should allow only if the post is created by the user',\n resourceType: POST_RESOURCE_TYPE,\n paramsSchema: z.object({\n userRef: z.string().describe('User ID to match on the author').optional(),\n claims: z\n .array(z.string())\n .optional()\n .describe('List of claims to match at least one on within author'),\n }),\n apply: (resource: Post, { userRef, claims = [] }) => {\n return resource?.author === userRef || claims.includes(resource?.author);\n },\n toQuery: ({ userRef, claims = [] }) => {\n return {\n property: 'posts.author',\n values: [userRef, ...claims].filter(Boolean),\n };\n },\n});\n\nexport const postAuthorConditionFactory = createConditionFactory(isPostAuthor);\n\nexport const postHasTags = createPostPermissionRule({\n name: 'HAS_TAGS',\n description: 'Should allow only if the post has all the specific tags',\n resourceType: POST_RESOURCE_TYPE,\n paramsSchema: z.object({\n tags: z.array(z.string()).describe('Tag to match the post'),\n }),\n apply: (resource: Post, { tags }) => {\n return tags.every(t => resource?.tags?.includes(t));\n },\n toQuery: ({ tags }) => {\n return {\n property: 'tags',\n values: tags,\n };\n },\n});\n\nexport const postHasTagsConditionFactory = createConditionFactory(postHasTags);\n\nexport const postHasEntities = createPostPermissionRule({\n name: 'HAS_ENTITIES',\n description: 'Should allow only if the post has all the specific entities',\n resourceType: POST_RESOURCE_TYPE,\n paramsSchema: z.object({\n entityRefs: z.array(z.string()).describe('Entity refs to match the post'),\n }),\n apply: (resource: Post, { entityRefs }) => {\n return entityRefs.every(t => resource?.entities?.includes(t));\n },\n toQuery: ({ entityRefs }) => {\n return {\n property: 'entityRefs',\n values: entityRefs,\n };\n },\n});\n\nexport const postHasEntitiesConditionFactory =\n createConditionFactory(postHasEntities);\n\nexport const postHasType = createPostPermissionRule({\n name: 'HAS_TYPE',\n description: 'Should allow only if the post has the specific type',\n resourceType: POST_RESOURCE_TYPE,\n paramsSchema: z.object({\n type: z.string().describe('Type to match the post'),\n }),\n apply: (resource: Post, { type }) => {\n return resource?.type === type;\n },\n toQuery: ({ type }) => {\n return {\n property: 'posts.type',\n values: [type],\n };\n },\n});\n\nexport const postHasTypeConditionFactory = createConditionFactory(postHasType);\n\nexport const postRules = {\n isPostAuthor,\n postHasTags,\n postHasEntities,\n postHasType,\n};\n\n/**\n * @deprecated use `postRules` instead\n */\nexport const permissionRules = postRules;\n\nexport const createAnswerPermissionRule = makeCreatePermissionRule<\n Answer,\n AnswerFilter,\n typeof ANSWER_RESOURCE_TYPE\n>();\n\nexport const isAnswerAuthor = createAnswerPermissionRule({\n name: 'IS_AUTHOR',\n description: 'Should allow only if the answer is created by the user',\n resourceType: ANSWER_RESOURCE_TYPE,\n paramsSchema: z.object({\n userRef: z.string().describe('User ID to match on the author').optional(),\n claims: z\n .array(z.string())\n .optional()\n .describe('List of claims to match at least one on within author'),\n }),\n apply: (resource: Answer, { userRef, claims = [] }) => {\n return resource?.author === userRef || claims.includes(resource?.author);\n },\n toQuery: ({ userRef, claims = [] }) => {\n return {\n property: 'answers.author',\n values: [userRef, ...claims].filter(Boolean),\n };\n },\n});\n\nexport const answerAuthorConditionFactory =\n createConditionFactory(isAnswerAuthor);\n\nexport const answerQuestionHasTags = createAnswerPermissionRule({\n name: 'HAS_TAGS',\n description:\n 'Should allow only if the answers question has all the specific tags',\n resourceType: ANSWER_RESOURCE_TYPE,\n paramsSchema: z.object({\n tags: z.array(z.string()).describe('Tag to match the question'),\n }),\n apply: (resource: Answer, { tags }) => {\n return tags.every(t => resource?.post?.tags?.includes(t));\n },\n toQuery: ({ tags }) => {\n return {\n property: 'tags',\n values: tags,\n };\n },\n});\n\nexport const answerQuestionTagsConditionFactory = createConditionFactory(\n answerQuestionHasTags,\n);\n\nexport const answerQuestionHasEntityRefs = createAnswerPermissionRule({\n name: 'HAS_ENTITIES',\n description:\n 'Should allow only if the answers question has all the specific entities',\n resourceType: ANSWER_RESOURCE_TYPE,\n paramsSchema: z.object({\n entityRefs: z.array(z.string()).describe('Tag to match the question'),\n }),\n apply: (resource: Answer, { entityRefs }) => {\n return entityRefs.every(t => resource?.post?.entities?.includes(t));\n },\n toQuery: ({ entityRefs }) => {\n return {\n property: 'entityRefs',\n values: entityRefs,\n };\n },\n});\n\nexport const answerQuestionEntitiesConditionFactory = createConditionFactory(\n answerQuestionHasEntityRefs,\n);\n\nexport const answerRules = {\n isAnswerAuthor,\n answerQuestionHasTags,\n answerQuestionHasEntityRefs,\n};\n\nexport const createCommentPermissionRule = makeCreatePermissionRule<\n Comment,\n CommentFilter,\n typeof COMMENT_RESOURCE_TYPE\n>();\n\nexport const isCommentAuthor = createCommentPermissionRule({\n name: 'IS_AUTHOR',\n description: 'Should allow only if the comment is created by the user',\n resourceType: COMMENT_RESOURCE_TYPE,\n paramsSchema: z.object({\n userRef: z.string().describe('User ID to match on the author').optional(),\n claims: z\n .array(z.string())\n .optional()\n .describe('List of claims to match at least one on within author'),\n }),\n apply: (resource: Comment, { userRef, claims = [] }) => {\n return resource?.author === userRef || claims.includes(resource?.author);\n },\n toQuery: ({ userRef, claims = [] }) => {\n return {\n property: 'comments.author',\n values: [userRef, ...claims].filter(Boolean),\n };\n },\n});\n\nexport const commentAuthorConditionFactory =\n createConditionFactory(isCommentAuthor);\n\nexport const commentRules = { isCommentAuthor };\n\nexport const createTagPermissionRule = makeCreatePermissionRule<\n TagResponse,\n TagFilter,\n typeof TAG_RESOURCE_TYPE\n>();\nexport const isTag = createTagPermissionRule({\n name: 'IS_TAG',\n description: 'Should allow only if the tag exists',\n resourceType: TAG_RESOURCE_TYPE,\n paramsSchema: z.object({\n tag: z.string().describe('Tag to match the post'),\n }),\n apply: (resource: TagResponse, { tag }) => {\n return resource?.tag === tag;\n },\n toQuery: ({ tag }) => {\n return {\n property: 'tags.tag',\n values: [tag],\n };\n },\n});\n\nexport const tagConditionFactory = createConditionFactory(isTag);\n\nexport const tagRules = { isTag };\n\nexport const createCollectionPermissionRule = makeCreatePermissionRule<\n Collection,\n CollectionFilter,\n typeof COLLECTION_RESOUCE_TYPE\n>();\n\nexport const isCollectionOwner = createCollectionPermissionRule({\n name: 'IS_OWNER',\n description: 'Should allow only if the collection is owned by the user',\n resourceType: COLLECTION_RESOUCE_TYPE,\n paramsSchema: z.object({\n userRef: z\n .string()\n .describe('User reference to match on the owner')\n .optional(),\n claims: z\n .array(z.string())\n .optional()\n .describe('List of claims to match at least one on within owner'),\n }),\n apply: (resource: Collection, { userRef, claims = [] }) => {\n return resource?.owner === userRef || claims.includes(resource?.owner);\n },\n toQuery: ({ userRef, claims = [] }) => {\n return {\n property: 'collections.owner',\n values: [userRef, ...claims].filter(Boolean),\n };\n },\n});\n\nexport const collectionOwnerConditionFactory =\n createConditionFactory(isCollectionOwner);\n\nexport const collectionHasTags = createCollectionPermissionRule({\n name: 'HAS_TAGS',\n description:\n 'Should allow only if the posts in the collection have the specific tags',\n resourceType: COLLECTION_RESOUCE_TYPE,\n paramsSchema: z.object({\n tags: z.array(z.string()).describe('Tag to match the collection'),\n }),\n apply: (resource: Collection, { tags }) => {\n return tags.every(t => resource?.tags?.includes(t));\n },\n toQuery: ({ tags }) => {\n return {\n property: 'tags',\n values: tags,\n };\n },\n});\n\nexport const collectionHasTagsConditionFactory =\n createConditionFactory(collectionHasTags);\n\nexport const collectionHasEntities = createCollectionPermissionRule({\n name: 'HAS_ENTITIES',\n description:\n 'Should allow only if the posts in the collection have the specific entities',\n resourceType: COLLECTION_RESOUCE_TYPE,\n paramsSchema: z.object({\n entityRefs: z\n .array(z.string())\n .describe('Entity refs to match the collection'),\n }),\n apply: (resource: Collection, { entityRefs }) => {\n return entityRefs.every(t => resource?.entities?.includes(t));\n },\n toQuery: ({ entityRefs }) => {\n return {\n property: 'entityRefs',\n values: entityRefs,\n };\n },\n});\n\nexport const collectionHasEntitiesConditionFactory = createConditionFactory(\n collectionHasEntities,\n);\n\nexport const collectionRules = {\n isCollectionOwner,\n collectionHasTags,\n collectionHasEntities,\n};\n\nexport const rules = {\n ...commentRules,\n ...answerRules,\n ...postRules,\n ...tagRules,\n ...collectionRules,\n};\n"],"names":["makeCreatePermissionRule","POST_RESOURCE_TYPE","z","createConditionFactory","ANSWER_RESOURCE_TYPE","COMMENT_RESOURCE_TYPE","TAG_RESOURCE_TYPE","COLLECTION_RESOUCE_TYPE"],"mappings":";;;;;;AAuBO,MAAM,2BAA2BA,6CAItC;AAEK,MAAM,eAAe,wBAAyB,CAAA;AAAA,EACnD,IAAM,EAAA,WAAA;AAAA,EACN,WAAa,EAAA,sDAAA;AAAA,EACb,YAAc,EAAAC,4CAAA;AAAA,EACd,YAAA,EAAcC,MAAE,MAAO,CAAA;AAAA,IACrB,SAASA,KAAE,CAAA,MAAA,GAAS,QAAS,CAAA,gCAAgC,EAAE,QAAS,EAAA;AAAA,IACxE,MAAA,EAAQA,KACL,CAAA,KAAA,CAAMA,KAAE,CAAA,MAAA,EAAQ,CAChB,CAAA,QAAA,EACA,CAAA,QAAA,CAAS,uDAAuD;AAAA,GACpE,CAAA;AAAA,EACD,KAAA,EAAO,CAAC,QAAgB,EAAA,EAAE,SAAS,MAAS,GAAA,IAAS,KAAA;AACnD,IAAA,OAAO,UAAU,MAAW,KAAA,OAAA,IAAW,MAAO,CAAA,QAAA,CAAS,UAAU,MAAM,CAAA;AAAA,GACzE;AAAA,EACA,SAAS,CAAC,EAAE,SAAS,MAAS,GAAA,IAAS,KAAA;AACrC,IAAO,OAAA;AAAA,MACL,QAAU,EAAA,cAAA;AAAA,MACV,QAAQ,CAAC,OAAA,EAAS,GAAG,MAAM,CAAA,CAAE,OAAO,OAAO;AAAA,KAC7C;AAAA;AAEJ,CAAC;AAEY,MAAA,0BAAA,GAA6BC,4CAAuB,YAAY;AAEtE,MAAM,cAAc,wBAAyB,CAAA;AAAA,EAClD,IAAM,EAAA,UAAA;AAAA,EACN,WAAa,EAAA,yDAAA;AAAA,EACb,YAAc,EAAAF,4CAAA;AAAA,EACd,YAAA,EAAcC,MAAE,MAAO,CAAA;AAAA,IACrB,IAAA,EAAMA,MAAE,KAAM,CAAAA,KAAA,CAAE,QAAQ,CAAA,CAAE,SAAS,uBAAuB;AAAA,GAC3D,CAAA;AAAA,EACD,KAAO,EAAA,CAAC,QAAgB,EAAA,EAAE,MAAW,KAAA;AACnC,IAAA,OAAO,KAAK,KAAM,CAAA,CAAA,CAAA,KAAK,UAAU,IAAM,EAAA,QAAA,CAAS,CAAC,CAAC,CAAA;AAAA,GACpD;AAAA,EACA,OAAS,EAAA,CAAC,EAAE,IAAA,EAAW,KAAA;AACrB,IAAO,OAAA;AAAA,MACL,QAAU,EAAA,MAAA;AAAA,MACV,MAAQ,EAAA;AAAA,KACV;AAAA;AAEJ,CAAC;AAEY,MAAA,2BAAA,GAA8BC,4CAAuB,WAAW;AAEtE,MAAM,kBAAkB,wBAAyB,CAAA;AAAA,EACtD,IAAM,EAAA,cAAA;AAAA,EACN,WAAa,EAAA,6DAAA;AAAA,EACb,YAAc,EAAAF,4CAAA;AAAA,EACd,YAAA,EAAcC,MAAE,MAAO,CAAA;AAAA,IACrB,UAAA,EAAYA,MAAE,KAAM,CAAAA,KAAA,CAAE,QAAQ,CAAA,CAAE,SAAS,+BAA+B;AAAA,GACzE,CAAA;AAAA,EACD,KAAO,EAAA,CAAC,QAAgB,EAAA,EAAE,YAAiB,KAAA;AACzC,IAAA,OAAO,WAAW,KAAM,CAAA,CAAA,CAAA,KAAK,UAAU,QAAU,EAAA,QAAA,CAAS,CAAC,CAAC,CAAA;AAAA,GAC9D;AAAA,EACA,OAAS,EAAA,CAAC,EAAE,UAAA,EAAiB,KAAA;AAC3B,IAAO,OAAA;AAAA,MACL,QAAU,EAAA,YAAA;AAAA,MACV,MAAQ,EAAA;AAAA,KACV;AAAA;AAEJ,CAAC;AAEY,MAAA,+BAAA,GACXC,4CAAuB,eAAe;AAEjC,MAAM,cAAc,wBAAyB,CAAA;AAAA,EAClD,IAAM,EAAA,UAAA;AAAA,EACN,WAAa,EAAA,qDAAA;AAAA,EACb,YAAc,EAAAF,4CAAA;AAAA,EACd,YAAA,EAAcC,MAAE,MAAO,CAAA;AAAA,IACrB,IAAM,EAAAA,KAAA,CAAE,MAAO,EAAA,CAAE,SAAS,wBAAwB;AAAA,GACnD,CAAA;AAAA,EACD,KAAO,EAAA,CAAC,QAAgB,EAAA,EAAE,MAAW,KAAA;AACnC,IAAA,OAAO,UAAU,IAAS,KAAA,IAAA;AAAA,GAC5B;AAAA,EACA,OAAS,EAAA,CAAC,EAAE,IAAA,EAAW,KAAA;AACrB,IAAO,OAAA;AAAA,MACL,QAAU,EAAA,YAAA;AAAA,MACV,MAAA,EAAQ,CAAC,IAAI;AAAA,KACf;AAAA;AAEJ,CAAC;AAEY,MAAA,2BAAA,GAA8BC,4CAAuB,WAAW;AAEtE,MAAM,SAAY,GAAA;AAAA,EACvB,YAAA;AAAA,EACA,WAAA;AAAA,EACA,eAAA;AAAA,EACA;AACF;AAKO,MAAM,eAAkB,GAAA;AAExB,MAAM,6BAA6BH,6CAIxC;AAEK,MAAM,iBAAiB,0BAA2B,CAAA;AAAA,EACvD,IAAM,EAAA,WAAA;AAAA,EACN,WAAa,EAAA,wDAAA;AAAA,EACb,YAAc,EAAAI,8CAAA;AAAA,EACd,YAAA,EAAcF,MAAE,MAAO,CAAA;AAAA,IACrB,SAASA,KAAE,CAAA,MAAA,GAAS,QAAS,CAAA,gCAAgC,EAAE,QAAS,EAAA;AAAA,IACxE,MAAA,EAAQA,KACL,CAAA,KAAA,CAAMA,KAAE,CAAA,MAAA,EAAQ,CAChB,CAAA,QAAA,EACA,CAAA,QAAA,CAAS,uDAAuD;AAAA,GACpE,CAAA;AAAA,EACD,KAAA,EAAO,CAAC,QAAkB,EAAA,EAAE,SAAS,MAAS,GAAA,IAAS,KAAA;AACrD,IAAA,OAAO,UAAU,MAAW,KAAA,OAAA,IAAW,MAAO,CAAA,QAAA,CAAS,UAAU,MAAM,CAAA;AAAA,GACzE;AAAA,EACA,SAAS,CAAC,EAAE,SAAS,MAAS,GAAA,IAAS,KAAA;AACrC,IAAO,OAAA;AAAA,MACL,QAAU,EAAA,gBAAA;AAAA,MACV,QAAQ,CAAC,OAAA,EAAS,GAAG,MAAM,CAAA,CAAE,OAAO,OAAO;AAAA,KAC7C;AAAA;AAEJ,CAAC;AAEY,MAAA,4BAAA,GACXC,4CAAuB,cAAc;AAEhC,MAAM,wBAAwB,0BAA2B,CAAA;AAAA,EAC9D,IAAM,EAAA,UAAA;AAAA,EACN,WACE,EAAA,qEAAA;AAAA,EACF,YAAc,EAAAC,8CAAA;AAAA,EACd,YAAA,EAAcF,MAAE,MAAO,CAAA;AAAA,IACrB,IAAA,EAAMA,MAAE,KAAM,CAAAA,KAAA,CAAE,QAAQ,CAAA,CAAE,SAAS,2BAA2B;AAAA,GAC/D,CAAA;AAAA,EACD,KAAO,EAAA,CAAC,QAAkB,EAAA,EAAE,MAAW,KAAA;AACrC,IAAO,OAAA,IAAA,CAAK,MAAM,CAAK,CAAA,KAAA,QAAA,EAAU,MAAM,IAAM,EAAA,QAAA,CAAS,CAAC,CAAC,CAAA;AAAA,GAC1D;AAAA,EACA,OAAS,EAAA,CAAC,EAAE,IAAA,EAAW,KAAA;AACrB,IAAO,OAAA;AAAA,MACL,QAAU,EAAA,MAAA;AAAA,MACV,MAAQ,EAAA;AAAA,KACV;AAAA;AAEJ,CAAC;AAEM,MAAM,kCAAqC,GAAAC,2CAAA;AAAA,EAChD;AACF;AAEO,MAAM,8BAA8B,0BAA2B,CAAA;AAAA,EACpE,IAAM,EAAA,cAAA;AAAA,EACN,WACE,EAAA,yEAAA;AAAA,EACF,YAAc,EAAAC,8CAAA;AAAA,EACd,YAAA,EAAcF,MAAE,MAAO,CAAA;AAAA,IACrB,UAAA,EAAYA,MAAE,KAAM,CAAAA,KAAA,CAAE,QAAQ,CAAA,CAAE,SAAS,2BAA2B;AAAA,GACrE,CAAA;AAAA,EACD,KAAO,EAAA,CAAC,QAAkB,EAAA,EAAE,YAAiB,KAAA;AAC3C,IAAO,OAAA,UAAA,CAAW,MAAM,CAAK,CAAA,KAAA,QAAA,EAAU,MAAM,QAAU,EAAA,QAAA,CAAS,CAAC,CAAC,CAAA;AAAA,GACpE;AAAA,EACA,OAAS,EAAA,CAAC,EAAE,UAAA,EAAiB,KAAA;AAC3B,IAAO,OAAA;AAAA,MACL,QAAU,EAAA,YAAA;AAAA,MACV,MAAQ,EAAA;AAAA,KACV;AAAA;AAEJ,CAAC;AAEM,MAAM,sCAAyC,GAAAC,2CAAA;AAAA,EACpD;AACF;AAEO,MAAM,WAAc,GAAA;AAAA,EACzB,cAAA;AAAA,EACA,qBAAA;AAAA,EACA;AACF;AAEO,MAAM,8BAA8BH,6CAIzC;AAEK,MAAM,kBAAkB,2BAA4B,CAAA;AAAA,EACzD,IAAM,EAAA,WAAA;AAAA,EACN,WAAa,EAAA,yDAAA;AAAA,EACb,YAAc,EAAAK,+CAAA;AAAA,EACd,YAAA,EAAcH,MAAE,MAAO,CAAA;AAAA,IACrB,SAASA,KAAE,CAAA,MAAA,GAAS,QAAS,CAAA,gCAAgC,EAAE,QAAS,EAAA;AAAA,IACxE,MAAA,EAAQA,KACL,CAAA,KAAA,CAAMA,KAAE,CAAA,MAAA,EAAQ,CAChB,CAAA,QAAA,EACA,CAAA,QAAA,CAAS,uDAAuD;AAAA,GACpE,CAAA;AAAA,EACD,KAAA,EAAO,CAAC,QAAmB,EAAA,EAAE,SAAS,MAAS,GAAA,IAAS,KAAA;AACtD,IAAA,OAAO,UAAU,MAAW,KAAA,OAAA,IAAW,MAAO,CAAA,QAAA,CAAS,UAAU,MAAM,CAAA;AAAA,GACzE;AAAA,EACA,SAAS,CAAC,EAAE,SAAS,MAAS,GAAA,IAAS,KAAA;AACrC,IAAO,OAAA;AAAA,MACL,QAAU,EAAA,iBAAA;AAAA,MACV,QAAQ,CAAC,OAAA,EAAS,GAAG,MAAM,CAAA,CAAE,OAAO,OAAO;AAAA,KAC7C;AAAA;AAEJ,CAAC;AAEY,MAAA,6BAAA,GACXC,4CAAuB,eAAe;AAE3B,MAAA,YAAA,GAAe,EAAE,eAAgB;AAEvC,MAAM,0BAA0BH,6CAIrC;AACK,MAAM,QAAQ,uBAAwB,CAAA;AAAA,EAC3C,IAAM,EAAA,QAAA;AAAA,EACN,WAAa,EAAA,qCAAA;AAAA,EACb,YAAc,EAAAM,2CAAA;AAAA,EACd,YAAA,EAAcJ,MAAE,MAAO,CAAA;AAAA,IACrB,GAAK,EAAAA,KAAA,CAAE,MAAO,EAAA,CAAE,SAAS,uBAAuB;AAAA,GACjD,CAAA;AAAA,EACD,KAAO,EAAA,CAAC,QAAuB,EAAA,EAAE,KAAU,KAAA;AACzC,IAAA,OAAO,UAAU,GAAQ,KAAA,GAAA;AAAA,GAC3B;AAAA,EACA,OAAS,EAAA,CAAC,EAAE,GAAA,EAAU,KAAA;AACpB,IAAO,OAAA;AAAA,MACL,QAAU,EAAA,UAAA;AAAA,MACV,MAAA,EAAQ,CAAC,GAAG;AAAA,KACd;AAAA;AAEJ,CAAC;AAEY,MAAA,mBAAA,GAAsBC,4CAAuB,KAAK;AAElD,MAAA,QAAA,GAAW,EAAE,KAAM;AAEzB,MAAM,iCAAiCH,6CAI5C;AAEK,MAAM,oBAAoB,8BAA+B,CAAA;AAAA,EAC9D,IAAM,EAAA,UAAA;AAAA,EACN,WAAa,EAAA,0DAAA;AAAA,EACb,YAAc,EAAAO,iDAAA;AAAA,EACd,YAAA,EAAcL,MAAE,MAAO,CAAA;AAAA,IACrB,SAASA,KACN,CAAA,MAAA,GACA,QAAS,CAAA,sCAAsC,EAC/C,QAAS,EAAA;AAAA,IACZ,MAAA,EAAQA,KACL,CAAA,KAAA,CAAMA,KAAE,CAAA,MAAA,EAAQ,CAChB,CAAA,QAAA,EACA,CAAA,QAAA,CAAS,sDAAsD;AAAA,GACnE,CAAA;AAAA,EACD,KAAA,EAAO,CAAC,QAAsB,EAAA,EAAE,SAAS,MAAS,GAAA,IAAS,KAAA;AACzD,IAAA,OAAO,UAAU,KAAU,KAAA,OAAA,IAAW,MAAO,CAAA,QAAA,CAAS,UAAU,KAAK,CAAA;AAAA,GACvE;AAAA,EACA,SAAS,CAAC,EAAE,SAAS,MAAS,GAAA,IAAS,KAAA;AACrC,IAAO,OAAA;AAAA,MACL,QAAU,EAAA,mBAAA;AAAA,MACV,QAAQ,CAAC,OAAA,EAAS,GAAG,MAAM,CAAA,CAAE,OAAO,OAAO;AAAA,KAC7C;AAAA;AAEJ,CAAC;AAEY,MAAA,+BAAA,GACXC,4CAAuB,iBAAiB;AAEnC,MAAM,oBAAoB,8BAA+B,CAAA;AAAA,EAC9D,IAAM,EAAA,UAAA;AAAA,EACN,WACE,EAAA,yEAAA;AAAA,EACF,YAAc,EAAAI,iDAAA;AAAA,EACd,YAAA,EAAcL,MAAE,MAAO,CAAA;AAAA,IACrB,IAAA,EAAMA,MAAE,KAAM,CAAAA,KAAA,CAAE,QAAQ,CAAA,CAAE,SAAS,6BAA6B;AAAA,GACjE,CAAA;AAAA,EACD,KAAO,EAAA,CAAC,QAAsB,EAAA,EAAE,MAAW,KAAA;AACzC,IAAA,OAAO,KAAK,KAAM,CAAA,CAAA,CAAA,KAAK,UAAU,IAAM,EAAA,QAAA,CAAS,CAAC,CAAC,CAAA;AAAA,GACpD;AAAA,EACA,OAAS,EAAA,CAAC,EAAE,IAAA,EAAW,KAAA;AACrB,IAAO,OAAA;AAAA,MACL,QAAU,EAAA,MAAA;AAAA,MACV,MAAQ,EAAA;AAAA,KACV;AAAA;AAEJ,CAAC;AAEY,MAAA,iCAAA,GACXC,4CAAuB,iBAAiB;AAEnC,MAAM,wBAAwB,8BAA+B,CAAA;AAAA,EAClE,IAAM,EAAA,cAAA;AAAA,EACN,WACE,EAAA,6EAAA;AAAA,EACF,YAAc,EAAAI,iDAAA;AAAA,EACd,YAAA,EAAcL,MAAE,MAAO,CAAA;AAAA,IACrB,UAAA,EAAYA,MACT,KAAM,CAAAA,KAAA,CAAE,QAAQ,CAAA,CAChB,SAAS,qCAAqC;AAAA,GAClD,CAAA;AAAA,EACD,KAAO,EAAA,CAAC,QAAsB,EAAA,EAAE,YAAiB,KAAA;AAC/C,IAAA,OAAO,WAAW,KAAM,CAAA,CAAA,CAAA,KAAK,UAAU,QAAU,EAAA,QAAA,CAAS,CAAC,CAAC,CAAA;AAAA,GAC9D;AAAA,EACA,OAAS,EAAA,CAAC,EAAE,UAAA,EAAiB,KAAA;AAC3B,IAAO,OAAA;AAAA,MACL,QAAU,EAAA,YAAA;AAAA,MACV,MAAQ,EAAA;AAAA,KACV;AAAA;AAEJ,CAAC;AAEM,MAAM,qCAAwC,GAAAC,2CAAA;AAAA,EACnD;AACF;AAEO,MAAM,eAAkB,GAAA;AAAA,EAC7B,iBAAA;AAAA,EACA,iBAAA;AAAA,EACA;AACF;AAEO,MAAM,KAAQ,GAAA;AAAA,EACnB,GAAG,YAAA;AAAA,EACH,GAAG,WAAA;AAAA,EACH,GAAG,SAAA;AAAA,EACH,GAAG,QAAA;AAAA,EACH,GAAG;AACL;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;"}
|
|
1
|
+
{"version":3,"file":"permissionRules.cjs.js","sources":["../src/permissionRules.ts"],"sourcesContent":["import {\n createConditionFactory,\n createPermissionRule,\n} from '@backstage/plugin-permission-node';\nimport { z } from 'zod';\nimport {\n Answer,\n AnswerFilter,\n Collection,\n CollectionFilter,\n Comment,\n CommentFilter,\n Post,\n PostFilter,\n TagFilter,\n TagResponse,\n} from '@drodil/backstage-plugin-qeta-common';\nimport {\n answerPermissionResourceRef,\n collectionPermissionResourceRef,\n commentPermissionResourceRef,\n postPermissionResourceRef,\n tagPermissionResourceRef,\n} from './permissionResources';\n\nexport const isPostAuthor = createPermissionRule({\n name: 'IS_AUTHOR',\n description: 'Should allow only if the post is created by the user',\n resourceRef: postPermissionResourceRef,\n paramsSchema: z.object({\n userRef: z.string().describe('User ID to match on the author').optional(),\n claims: z\n .array(z.string())\n .optional()\n .describe('List of claims to match at least one on within author'),\n }),\n apply: (resource: Post, { userRef, claims = [] }) => {\n return resource?.author === userRef || claims.includes(resource?.author);\n },\n toQuery: ({ userRef, claims = [] }) => {\n return {\n property: 'posts.author' as PostFilter['property'],\n values: [userRef, ...claims].filter(Boolean),\n };\n },\n});\n\nexport const postAuthorConditionFactory = createConditionFactory(isPostAuthor);\n\nexport const postHasTags = createPermissionRule({\n name: 'HAS_TAGS',\n description: 'Should allow only if the post has all the specific tags',\n resourceRef: postPermissionResourceRef,\n paramsSchema: z.object({\n tags: z.array(z.string()).describe('Tag to match the post'),\n }),\n apply: (resource: Post, { tags }) => {\n return tags.every(t => resource?.tags?.includes(t));\n },\n toQuery: ({ tags }) => {\n return {\n property: 'tags' as PostFilter['property'],\n values: tags,\n };\n },\n});\n\nexport const postHasTagsConditionFactory = createConditionFactory(postHasTags);\n\nexport const postHasEntities = createPermissionRule({\n name: 'HAS_ENTITIES',\n description: 'Should allow only if the post has all the specific entities',\n resourceRef: postPermissionResourceRef,\n paramsSchema: z.object({\n entityRefs: z.array(z.string()).describe('Entity refs to match the post'),\n }),\n apply: (resource: Post, { entityRefs }) => {\n return entityRefs.every(t => resource?.entities?.includes(t));\n },\n toQuery: ({ entityRefs }) => {\n return {\n property: 'entityRefs' as PostFilter['property'],\n values: entityRefs,\n };\n },\n});\n\nexport const postHasEntitiesConditionFactory =\n createConditionFactory(postHasEntities);\n\nexport const postHasType = createPermissionRule({\n name: 'HAS_TYPE',\n description: 'Should allow only if the post has the specific type',\n resourceRef: postPermissionResourceRef,\n paramsSchema: z.object({\n type: z.string().describe('Type to match the post'),\n }),\n apply: (resource: Post, { type }) => {\n return resource?.type === type;\n },\n toQuery: ({ type }) => {\n return {\n property: 'posts.type' as PostFilter['property'],\n values: [type],\n };\n },\n});\n\nexport const postHasTypeConditionFactory = createConditionFactory(postHasType);\n\nexport const postRules = {\n isPostAuthor,\n postHasTags,\n postHasEntities,\n postHasType,\n};\n\nexport const isAnswerAuthor = createPermissionRule({\n name: 'IS_AUTHOR',\n description: 'Should allow only if the answer is created by the user',\n resourceRef: answerPermissionResourceRef,\n paramsSchema: z.object({\n userRef: z.string().describe('User ID to match on the author').optional(),\n claims: z\n .array(z.string())\n .optional()\n .describe('List of claims to match at least one on within author'),\n }),\n apply: (resource: Answer, { userRef, claims = [] }) => {\n return resource?.author === userRef || claims.includes(resource?.author);\n },\n toQuery: ({ userRef, claims = [] }) => {\n return {\n property: 'answers.author' as AnswerFilter['property'],\n values: [userRef, ...claims].filter(Boolean),\n };\n },\n});\n\nexport const answerAuthorConditionFactory =\n createConditionFactory(isAnswerAuthor);\n\nexport const answerQuestionHasTags = createPermissionRule({\n name: 'HAS_TAGS',\n description:\n 'Should allow only if the answers question has all the specific tags',\n resourceRef: answerPermissionResourceRef,\n paramsSchema: z.object({\n tags: z.array(z.string()).describe('Tag to match the question'),\n }),\n apply: (resource: Answer, { tags }) => {\n return tags.every(t => resource?.post?.tags?.includes(t));\n },\n toQuery: ({ tags }) => {\n return {\n property: 'tags' as AnswerFilter['property'],\n values: tags,\n };\n },\n});\n\nexport const answerQuestionTagsConditionFactory = createConditionFactory(\n answerQuestionHasTags,\n);\n\nexport const answerQuestionHasEntityRefs = createPermissionRule({\n name: 'HAS_ENTITIES',\n description:\n 'Should allow only if the answers question has all the specific entities',\n resourceRef: answerPermissionResourceRef,\n paramsSchema: z.object({\n entityRefs: z.array(z.string()).describe('Tag to match the question'),\n }),\n apply: (resource: Answer, { entityRefs }) => {\n return entityRefs.every(t => resource?.post?.entities?.includes(t));\n },\n toQuery: ({ entityRefs }) => {\n return {\n property: 'entityRefs' as AnswerFilter['property'],\n values: entityRefs,\n };\n },\n});\n\nexport const answerQuestionEntitiesConditionFactory = createConditionFactory(\n answerQuestionHasEntityRefs,\n);\n\nexport const answerRules = {\n isAnswerAuthor,\n answerQuestionHasTags,\n answerQuestionHasEntityRefs,\n};\n\nexport const isCommentAuthor = createPermissionRule({\n name: 'IS_AUTHOR',\n description: 'Should allow only if the comment is created by the user',\n resourceRef: commentPermissionResourceRef,\n paramsSchema: z.object({\n userRef: z.string().describe('User ID to match on the author').optional(),\n claims: z\n .array(z.string())\n .optional()\n .describe('List of claims to match at least one on within author'),\n }),\n apply: (resource: Comment, { userRef, claims = [] }) => {\n return resource?.author === userRef || claims.includes(resource?.author);\n },\n toQuery: ({ userRef, claims = [] }) => {\n return {\n property: 'comments.author' as CommentFilter['property'],\n values: [userRef, ...claims].filter(Boolean),\n };\n },\n});\n\nexport const commentAuthorConditionFactory =\n createConditionFactory(isCommentAuthor);\n\nexport const commentRules = { isCommentAuthor };\n\nexport const isTag = createPermissionRule({\n name: 'IS_TAG',\n description: 'Should allow only if the tag exists',\n resourceRef: tagPermissionResourceRef,\n paramsSchema: z.object({\n tag: z.string().describe('Tag to match the post'),\n }),\n apply: (resource: TagResponse, { tag }) => {\n return resource?.tag === tag;\n },\n toQuery: ({ tag }) => {\n return {\n property: 'tags.tag' as TagFilter['property'],\n values: [tag],\n };\n },\n});\n\nexport const tagConditionFactory = createConditionFactory(isTag);\n\nexport const tagRules = { isTag };\n\nexport const isCollectionOwner = createPermissionRule({\n name: 'IS_OWNER',\n description: 'Should allow only if the collection is owned by the user',\n resourceRef: collectionPermissionResourceRef,\n paramsSchema: z.object({\n userRef: z\n .string()\n .describe('User reference to match on the owner')\n .optional(),\n claims: z\n .array(z.string())\n .optional()\n .describe('List of claims to match at least one on within owner'),\n }),\n apply: (resource: Collection, { userRef, claims = [] }) => {\n return resource?.owner === userRef || claims.includes(resource?.owner);\n },\n toQuery: ({ userRef, claims = [] }) => {\n return {\n property: 'collections.owner' as CollectionFilter['property'],\n values: [userRef, ...claims].filter(Boolean),\n };\n },\n});\n\nexport const collectionOwnerConditionFactory =\n createConditionFactory(isCollectionOwner);\n\nexport const collectionHasTags = createPermissionRule({\n name: 'HAS_TAGS',\n description:\n 'Should allow only if the posts in the collection have the specific tags',\n resourceRef: collectionPermissionResourceRef,\n paramsSchema: z.object({\n tags: z.array(z.string()).describe('Tag to match the collection'),\n }),\n apply: (resource: Collection, { tags }) => {\n return tags.every(t => resource?.tags?.includes(t));\n },\n toQuery: ({ tags }) => {\n return {\n property: 'tags' as CollectionFilter['property'],\n values: tags,\n };\n },\n});\n\nexport const collectionHasTagsConditionFactory =\n createConditionFactory(collectionHasTags);\n\nexport const collectionHasEntities = createPermissionRule({\n name: 'HAS_ENTITIES',\n description:\n 'Should allow only if the posts in the collection have the specific entities',\n resourceRef: collectionPermissionResourceRef,\n paramsSchema: z.object({\n entityRefs: z\n .array(z.string())\n .describe('Entity refs to match the collection'),\n }),\n apply: (resource: Collection, { entityRefs }) => {\n return entityRefs.every(t => resource?.entities?.includes(t));\n },\n toQuery: ({ entityRefs }) => {\n return {\n property: 'entityRefs' as CollectionFilter['property'],\n values: entityRefs,\n };\n },\n});\n\nexport const collectionHasEntitiesConditionFactory = createConditionFactory(\n collectionHasEntities,\n);\n\nexport const collectionRules = {\n isCollectionOwner,\n collectionHasTags,\n collectionHasEntities,\n};\n\nexport const rules = {\n ...commentRules,\n ...answerRules,\n ...postRules,\n ...tagRules,\n ...collectionRules,\n};\n"],"names":["createPermissionRule","postPermissionResourceRef","z","createConditionFactory","answerPermissionResourceRef","commentPermissionResourceRef","tagPermissionResourceRef","collectionPermissionResourceRef"],"mappings":";;;;;;AAyBO,MAAM,eAAeA,yCAAqB,CAAA;AAAA,EAC/C,IAAM,EAAA,WAAA;AAAA,EACN,WAAa,EAAA,sDAAA;AAAA,EACb,WAAa,EAAAC,6CAAA;AAAA,EACb,YAAA,EAAcC,MAAE,MAAO,CAAA;AAAA,IACrB,SAASA,KAAE,CAAA,MAAA,GAAS,QAAS,CAAA,gCAAgC,EAAE,QAAS,EAAA;AAAA,IACxE,MAAA,EAAQA,KACL,CAAA,KAAA,CAAMA,KAAE,CAAA,MAAA,EAAQ,CAChB,CAAA,QAAA,EACA,CAAA,QAAA,CAAS,uDAAuD;AAAA,GACpE,CAAA;AAAA,EACD,KAAA,EAAO,CAAC,QAAgB,EAAA,EAAE,SAAS,MAAS,GAAA,IAAS,KAAA;AACnD,IAAA,OAAO,UAAU,MAAW,KAAA,OAAA,IAAW,MAAO,CAAA,QAAA,CAAS,UAAU,MAAM,CAAA;AAAA,GACzE;AAAA,EACA,SAAS,CAAC,EAAE,SAAS,MAAS,GAAA,IAAS,KAAA;AACrC,IAAO,OAAA;AAAA,MACL,QAAU,EAAA,cAAA;AAAA,MACV,QAAQ,CAAC,OAAA,EAAS,GAAG,MAAM,CAAA,CAAE,OAAO,OAAO;AAAA,KAC7C;AAAA;AAEJ,CAAC;AAEY,MAAA,0BAAA,GAA6BC,4CAAuB,YAAY;AAEtE,MAAM,cAAcH,yCAAqB,CAAA;AAAA,EAC9C,IAAM,EAAA,UAAA;AAAA,EACN,WAAa,EAAA,yDAAA;AAAA,EACb,WAAa,EAAAC,6CAAA;AAAA,EACb,YAAA,EAAcC,MAAE,MAAO,CAAA;AAAA,IACrB,IAAA,EAAMA,MAAE,KAAM,CAAAA,KAAA,CAAE,QAAQ,CAAA,CAAE,SAAS,uBAAuB;AAAA,GAC3D,CAAA;AAAA,EACD,KAAO,EAAA,CAAC,QAAgB,EAAA,EAAE,MAAW,KAAA;AACnC,IAAA,OAAO,KAAK,KAAM,CAAA,CAAA,CAAA,KAAK,UAAU,IAAM,EAAA,QAAA,CAAS,CAAC,CAAC,CAAA;AAAA,GACpD;AAAA,EACA,OAAS,EAAA,CAAC,EAAE,IAAA,EAAW,KAAA;AACrB,IAAO,OAAA;AAAA,MACL,QAAU,EAAA,MAAA;AAAA,MACV,MAAQ,EAAA;AAAA,KACV;AAAA;AAEJ,CAAC;AAEY,MAAA,2BAAA,GAA8BC,4CAAuB,WAAW;AAEtE,MAAM,kBAAkBH,yCAAqB,CAAA;AAAA,EAClD,IAAM,EAAA,cAAA;AAAA,EACN,WAAa,EAAA,6DAAA;AAAA,EACb,WAAa,EAAAC,6CAAA;AAAA,EACb,YAAA,EAAcC,MAAE,MAAO,CAAA;AAAA,IACrB,UAAA,EAAYA,MAAE,KAAM,CAAAA,KAAA,CAAE,QAAQ,CAAA,CAAE,SAAS,+BAA+B;AAAA,GACzE,CAAA;AAAA,EACD,KAAO,EAAA,CAAC,QAAgB,EAAA,EAAE,YAAiB,KAAA;AACzC,IAAA,OAAO,WAAW,KAAM,CAAA,CAAA,CAAA,KAAK,UAAU,QAAU,EAAA,QAAA,CAAS,CAAC,CAAC,CAAA;AAAA,GAC9D;AAAA,EACA,OAAS,EAAA,CAAC,EAAE,UAAA,EAAiB,KAAA;AAC3B,IAAO,OAAA;AAAA,MACL,QAAU,EAAA,YAAA;AAAA,MACV,MAAQ,EAAA;AAAA,KACV;AAAA;AAEJ,CAAC;AAEY,MAAA,+BAAA,GACXC,4CAAuB,eAAe;AAEjC,MAAM,cAAcH,yCAAqB,CAAA;AAAA,EAC9C,IAAM,EAAA,UAAA;AAAA,EACN,WAAa,EAAA,qDAAA;AAAA,EACb,WAAa,EAAAC,6CAAA;AAAA,EACb,YAAA,EAAcC,MAAE,MAAO,CAAA;AAAA,IACrB,IAAM,EAAAA,KAAA,CAAE,MAAO,EAAA,CAAE,SAAS,wBAAwB;AAAA,GACnD,CAAA;AAAA,EACD,KAAO,EAAA,CAAC,QAAgB,EAAA,EAAE,MAAW,KAAA;AACnC,IAAA,OAAO,UAAU,IAAS,KAAA,IAAA;AAAA,GAC5B;AAAA,EACA,OAAS,EAAA,CAAC,EAAE,IAAA,EAAW,KAAA;AACrB,IAAO,OAAA;AAAA,MACL,QAAU,EAAA,YAAA;AAAA,MACV,MAAA,EAAQ,CAAC,IAAI;AAAA,KACf;AAAA;AAEJ,CAAC;AAEY,MAAA,2BAAA,GAA8BC,4CAAuB,WAAW;AAEtE,MAAM,SAAY,GAAA;AAAA,EACvB,YAAA;AAAA,EACA,WAAA;AAAA,EACA,eAAA;AAAA,EACA;AACF;AAEO,MAAM,iBAAiBH,yCAAqB,CAAA;AAAA,EACjD,IAAM,EAAA,WAAA;AAAA,EACN,WAAa,EAAA,wDAAA;AAAA,EACb,WAAa,EAAAI,+CAAA;AAAA,EACb,YAAA,EAAcF,MAAE,MAAO,CAAA;AAAA,IACrB,SAASA,KAAE,CAAA,MAAA,GAAS,QAAS,CAAA,gCAAgC,EAAE,QAAS,EAAA;AAAA,IACxE,MAAA,EAAQA,KACL,CAAA,KAAA,CAAMA,KAAE,CAAA,MAAA,EAAQ,CAChB,CAAA,QAAA,EACA,CAAA,QAAA,CAAS,uDAAuD;AAAA,GACpE,CAAA;AAAA,EACD,KAAA,EAAO,CAAC,QAAkB,EAAA,EAAE,SAAS,MAAS,GAAA,IAAS,KAAA;AACrD,IAAA,OAAO,UAAU,MAAW,KAAA,OAAA,IAAW,MAAO,CAAA,QAAA,CAAS,UAAU,MAAM,CAAA;AAAA,GACzE;AAAA,EACA,SAAS,CAAC,EAAE,SAAS,MAAS,GAAA,IAAS,KAAA;AACrC,IAAO,OAAA;AAAA,MACL,QAAU,EAAA,gBAAA;AAAA,MACV,QAAQ,CAAC,OAAA,EAAS,GAAG,MAAM,CAAA,CAAE,OAAO,OAAO;AAAA,KAC7C;AAAA;AAEJ,CAAC;AAEY,MAAA,4BAAA,GACXC,4CAAuB,cAAc;AAEhC,MAAM,wBAAwBH,yCAAqB,CAAA;AAAA,EACxD,IAAM,EAAA,UAAA;AAAA,EACN,WACE,EAAA,qEAAA;AAAA,EACF,WAAa,EAAAI,+CAAA;AAAA,EACb,YAAA,EAAcF,MAAE,MAAO,CAAA;AAAA,IACrB,IAAA,EAAMA,MAAE,KAAM,CAAAA,KAAA,CAAE,QAAQ,CAAA,CAAE,SAAS,2BAA2B;AAAA,GAC/D,CAAA;AAAA,EACD,KAAO,EAAA,CAAC,QAAkB,EAAA,EAAE,MAAW,KAAA;AACrC,IAAO,OAAA,IAAA,CAAK,MAAM,CAAK,CAAA,KAAA,QAAA,EAAU,MAAM,IAAM,EAAA,QAAA,CAAS,CAAC,CAAC,CAAA;AAAA,GAC1D;AAAA,EACA,OAAS,EAAA,CAAC,EAAE,IAAA,EAAW,KAAA;AACrB,IAAO,OAAA;AAAA,MACL,QAAU,EAAA,MAAA;AAAA,MACV,MAAQ,EAAA;AAAA,KACV;AAAA;AAEJ,CAAC;AAEM,MAAM,kCAAqC,GAAAC,2CAAA;AAAA,EAChD;AACF;AAEO,MAAM,8BAA8BH,yCAAqB,CAAA;AAAA,EAC9D,IAAM,EAAA,cAAA;AAAA,EACN,WACE,EAAA,yEAAA;AAAA,EACF,WAAa,EAAAI,+CAAA;AAAA,EACb,YAAA,EAAcF,MAAE,MAAO,CAAA;AAAA,IACrB,UAAA,EAAYA,MAAE,KAAM,CAAAA,KAAA,CAAE,QAAQ,CAAA,CAAE,SAAS,2BAA2B;AAAA,GACrE,CAAA;AAAA,EACD,KAAO,EAAA,CAAC,QAAkB,EAAA,EAAE,YAAiB,KAAA;AAC3C,IAAO,OAAA,UAAA,CAAW,MAAM,CAAK,CAAA,KAAA,QAAA,EAAU,MAAM,QAAU,EAAA,QAAA,CAAS,CAAC,CAAC,CAAA;AAAA,GACpE;AAAA,EACA,OAAS,EAAA,CAAC,EAAE,UAAA,EAAiB,KAAA;AAC3B,IAAO,OAAA;AAAA,MACL,QAAU,EAAA,YAAA;AAAA,MACV,MAAQ,EAAA;AAAA,KACV;AAAA;AAEJ,CAAC;AAEM,MAAM,sCAAyC,GAAAC,2CAAA;AAAA,EACpD;AACF;AAEO,MAAM,WAAc,GAAA;AAAA,EACzB,cAAA;AAAA,EACA,qBAAA;AAAA,EACA;AACF;AAEO,MAAM,kBAAkBH,yCAAqB,CAAA;AAAA,EAClD,IAAM,EAAA,WAAA;AAAA,EACN,WAAa,EAAA,yDAAA;AAAA,EACb,WAAa,EAAAK,gDAAA;AAAA,EACb,YAAA,EAAcH,MAAE,MAAO,CAAA;AAAA,IACrB,SAASA,KAAE,CAAA,MAAA,GAAS,QAAS,CAAA,gCAAgC,EAAE,QAAS,EAAA;AAAA,IACxE,MAAA,EAAQA,KACL,CAAA,KAAA,CAAMA,KAAE,CAAA,MAAA,EAAQ,CAChB,CAAA,QAAA,EACA,CAAA,QAAA,CAAS,uDAAuD;AAAA,GACpE,CAAA;AAAA,EACD,KAAA,EAAO,CAAC,QAAmB,EAAA,EAAE,SAAS,MAAS,GAAA,IAAS,KAAA;AACtD,IAAA,OAAO,UAAU,MAAW,KAAA,OAAA,IAAW,MAAO,CAAA,QAAA,CAAS,UAAU,MAAM,CAAA;AAAA,GACzE;AAAA,EACA,SAAS,CAAC,EAAE,SAAS,MAAS,GAAA,IAAS,KAAA;AACrC,IAAO,OAAA;AAAA,MACL,QAAU,EAAA,iBAAA;AAAA,MACV,QAAQ,CAAC,OAAA,EAAS,GAAG,MAAM,CAAA,CAAE,OAAO,OAAO;AAAA,KAC7C;AAAA;AAEJ,CAAC;AAEY,MAAA,6BAAA,GACXC,4CAAuB,eAAe;AAE3B,MAAA,YAAA,GAAe,EAAE,eAAgB;AAEvC,MAAM,QAAQH,yCAAqB,CAAA;AAAA,EACxC,IAAM,EAAA,QAAA;AAAA,EACN,WAAa,EAAA,qCAAA;AAAA,EACb,WAAa,EAAAM,4CAAA;AAAA,EACb,YAAA,EAAcJ,MAAE,MAAO,CAAA;AAAA,IACrB,GAAK,EAAAA,KAAA,CAAE,MAAO,EAAA,CAAE,SAAS,uBAAuB;AAAA,GACjD,CAAA;AAAA,EACD,KAAO,EAAA,CAAC,QAAuB,EAAA,EAAE,KAAU,KAAA;AACzC,IAAA,OAAO,UAAU,GAAQ,KAAA,GAAA;AAAA,GAC3B;AAAA,EACA,OAAS,EAAA,CAAC,EAAE,GAAA,EAAU,KAAA;AACpB,IAAO,OAAA;AAAA,MACL,QAAU,EAAA,UAAA;AAAA,MACV,MAAA,EAAQ,CAAC,GAAG;AAAA,KACd;AAAA;AAEJ,CAAC;AAEY,MAAA,mBAAA,GAAsBC,4CAAuB,KAAK;AAElD,MAAA,QAAA,GAAW,EAAE,KAAM;AAEzB,MAAM,oBAAoBH,yCAAqB,CAAA;AAAA,EACpD,IAAM,EAAA,UAAA;AAAA,EACN,WAAa,EAAA,0DAAA;AAAA,EACb,WAAa,EAAAO,mDAAA;AAAA,EACb,YAAA,EAAcL,MAAE,MAAO,CAAA;AAAA,IACrB,SAASA,KACN,CAAA,MAAA,GACA,QAAS,CAAA,sCAAsC,EAC/C,QAAS,EAAA;AAAA,IACZ,MAAA,EAAQA,KACL,CAAA,KAAA,CAAMA,KAAE,CAAA,MAAA,EAAQ,CAChB,CAAA,QAAA,EACA,CAAA,QAAA,CAAS,sDAAsD;AAAA,GACnE,CAAA;AAAA,EACD,KAAA,EAAO,CAAC,QAAsB,EAAA,EAAE,SAAS,MAAS,GAAA,IAAS,KAAA;AACzD,IAAA,OAAO,UAAU,KAAU,KAAA,OAAA,IAAW,MAAO,CAAA,QAAA,CAAS,UAAU,KAAK,CAAA;AAAA,GACvE;AAAA,EACA,SAAS,CAAC,EAAE,SAAS,MAAS,GAAA,IAAS,KAAA;AACrC,IAAO,OAAA;AAAA,MACL,QAAU,EAAA,mBAAA;AAAA,MACV,QAAQ,CAAC,OAAA,EAAS,GAAG,MAAM,CAAA,CAAE,OAAO,OAAO;AAAA,KAC7C;AAAA;AAEJ,CAAC;AAEY,MAAA,+BAAA,GACXC,4CAAuB,iBAAiB;AAEnC,MAAM,oBAAoBH,yCAAqB,CAAA;AAAA,EACpD,IAAM,EAAA,UAAA;AAAA,EACN,WACE,EAAA,yEAAA;AAAA,EACF,WAAa,EAAAO,mDAAA;AAAA,EACb,YAAA,EAAcL,MAAE,MAAO,CAAA;AAAA,IACrB,IAAA,EAAMA,MAAE,KAAM,CAAAA,KAAA,CAAE,QAAQ,CAAA,CAAE,SAAS,6BAA6B;AAAA,GACjE,CAAA;AAAA,EACD,KAAO,EAAA,CAAC,QAAsB,EAAA,EAAE,MAAW,KAAA;AACzC,IAAA,OAAO,KAAK,KAAM,CAAA,CAAA,CAAA,KAAK,UAAU,IAAM,EAAA,QAAA,CAAS,CAAC,CAAC,CAAA;AAAA,GACpD;AAAA,EACA,OAAS,EAAA,CAAC,EAAE,IAAA,EAAW,KAAA;AACrB,IAAO,OAAA;AAAA,MACL,QAAU,EAAA,MAAA;AAAA,MACV,MAAQ,EAAA;AAAA,KACV;AAAA;AAEJ,CAAC;AAEY,MAAA,iCAAA,GACXC,4CAAuB,iBAAiB;AAEnC,MAAM,wBAAwBH,yCAAqB,CAAA;AAAA,EACxD,IAAM,EAAA,cAAA;AAAA,EACN,WACE,EAAA,6EAAA;AAAA,EACF,WAAa,EAAAO,mDAAA;AAAA,EACb,YAAA,EAAcL,MAAE,MAAO,CAAA;AAAA,IACrB,UAAA,EAAYA,MACT,KAAM,CAAAA,KAAA,CAAE,QAAQ,CAAA,CAChB,SAAS,qCAAqC;AAAA,GAClD,CAAA;AAAA,EACD,KAAO,EAAA,CAAC,QAAsB,EAAA,EAAE,YAAiB,KAAA;AAC/C,IAAA,OAAO,WAAW,KAAM,CAAA,CAAA,CAAA,KAAK,UAAU,QAAU,EAAA,QAAA,CAAS,CAAC,CAAC,CAAA;AAAA,GAC9D;AAAA,EACA,OAAS,EAAA,CAAC,EAAE,UAAA,EAAiB,KAAA;AAC3B,IAAO,OAAA;AAAA,MACL,QAAU,EAAA,YAAA;AAAA,MACV,MAAQ,EAAA;AAAA,KACV;AAAA;AAEJ,CAAC;AAEM,MAAM,qCAAwC,GAAAC,2CAAA;AAAA,EACnD;AACF;AAEO,MAAM,eAAkB,GAAA;AAAA,EAC7B,iBAAA;AAAA,EACA,iBAAA;AAAA,EACA;AACF;AAEO,MAAM,KAAQ,GAAA;AAAA,EACnB,GAAG,YAAA;AAAA,EACH,GAAG,WAAA;AAAA,EACH,GAAG,SAAA;AAAA,EACH,GAAG,QAAA;AAAA,EACH,GAAG;AACL;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;"}
|
package/package.json
CHANGED
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
"backstage.io",
|
|
8
8
|
"node"
|
|
9
9
|
],
|
|
10
|
-
"version": "3.
|
|
10
|
+
"version": "3.22.0",
|
|
11
11
|
"main": "dist/index.cjs.js",
|
|
12
12
|
"types": "dist/index.d.ts",
|
|
13
13
|
"prepublishOnly": "yarn tsc && yarn build",
|
|
@@ -47,15 +47,15 @@
|
|
|
47
47
|
"tsc": "tsc"
|
|
48
48
|
},
|
|
49
49
|
"devDependencies": {
|
|
50
|
-
"@backstage/cli": "^0.
|
|
50
|
+
"@backstage/cli": "^0.30.0"
|
|
51
51
|
},
|
|
52
52
|
"files": [
|
|
53
53
|
"dist"
|
|
54
54
|
],
|
|
55
55
|
"dependencies": {
|
|
56
|
-
"@backstage/backend-plugin-api": "^1.
|
|
57
|
-
"@backstage/plugin-permission-node": "^0.8.
|
|
58
|
-
"@drodil/backstage-plugin-qeta-common": "^3.
|
|
56
|
+
"@backstage/backend-plugin-api": "^1.2.0",
|
|
57
|
+
"@backstage/plugin-permission-node": "^0.8.8",
|
|
58
|
+
"@drodil/backstage-plugin-qeta-common": "^3.22.0",
|
|
59
59
|
"zod": "^3.22.4"
|
|
60
60
|
},
|
|
61
61
|
"typesVersions": {
|