npm - @spotify/backstage-plugin-rbac - Versions diffs - 0.5.12 → 0.6.0 - Mend

@spotify/backstage-plugin-rbac 0.5.12 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (16) hide show

package/CHANGELOG.md +14 -0
package/alpha/package.json +7 -0
package/config.d.ts +1 -4
package/dist/alpha.d.ts +8 -0
package/dist/alpha.esm.js +2 -0
package/dist/esm/Authorized-2a69c12e.esm.js +2 -0
package/dist/esm/RBACSidebarItem-9beee132.esm.js +2 -0
package/dist/esm/Root-5eafe743.esm.js +3 -0
package/dist/esm/routes-28afb55d.esm.js +2 -0
package/dist/index.d.ts +1 -1
package/dist/index.esm.js +1 -1
package/package.json +40 -27
package/dist/esm/Authorized-ea25ddf4.esm.js +0 -2
package/dist/esm/RBACSidebarItem-6579d7e3.esm.js +0 -2
package/dist/esm/Root-315d5957.esm.js +0 -3
package/dist/esm/index-9f94edaa.esm.js +0 -2

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,19 @@
 # @spotify/backstage-plugin-rbac
+## 0.6.0
+### Minor Changes
+- Added compatibility for React 18. You do not need to upgrade your Backstage App to use React 18, but this plugin is now built and tested against it.
+### Patch Changes
+- Bug fixes and performance improvements to the JSON editing experience for conditional decisions.
+- Upgraded to Backstage `v1.23.0`
+- Updated dependencies
+  - `@spotify/backstage-plugin-core` to `^0.6.0`
+  - `@spotify/backstage-plugin-rbac-common` to `^0.5.11`
 ## 0.5.12
 ### Patch Changes

package/alpha/package.json ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "name": "@spotify/backstage-plugin-rbac",
+  "version": "0.6.0",
+  "main": "../dist/alpha.esm.js",
+  "module": "../dist/alpha.esm.js",
+  "types": "../dist/alpha.d.ts"
+}

package/config.d.ts CHANGED Viewed

@@ -1,7 +1,4 @@
-import type {
-  LiteralDecision,
-  Policy,
-} from '@spotify/backstage-plugin-rbac-common';
+import type { Policy } from '@spotify/backstage-plugin-rbac-common';
 export interface Config {
   permission?: {

package/dist/alpha.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import * as _backstage_frontend_plugin_api from '@backstage/frontend-plugin-api';
+/**
+ * @public
+ */
+declare const _default: _backstage_frontend_plugin_api.BackstagePlugin<{}, {}>;
+export { _default as default };

package/dist/alpha.esm.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import{createApiExtension as r,createApiFactory as t,fetchApiRef as o,discoveryApiRef as a,createPageExtension as i,createPlugin as p}from"@backstage/frontend-plugin-api";import{a as c,R as f,r as n}from"./esm/routes-28afb55d.esm.js";import{convertLegacyRouteRef as m,compatWrapper as s}from"@backstage/core-compat-api";import R from"react";import"@backstage/core-plugin-api";import"@backstage/errors";import"@spotify/backstage-plugin-rbac-common";const A=r({factory:t({api:c,deps:{fetchApi:o,discoveryApi:a},factory:e=>new f(e)})}),l=i({routeRef:m(n),defaultPath:"/rbac",loader:()=>import("./esm/Root-5eafe743.esm.js").then(e=>s(R.createElement(e.RBACRoot,null)))});var u=p({id:"rbac",extensions:[l,A]});export{u as default};
2	+ //# sourceMappingURL=alpha.esm.js.map

package/dist/esm/Authorized-2a69c12e.esm.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import{useApi as i}from"@backstage/core-plugin-api";import e from"react";import u from"react-use/lib/useAsync";import{a as m}from"./routes-28afb55d.esm.js";function p({children:n,loading:l=null,unauthorized:o=null}){var r;const a=i(m),t=u(()=>a.authorize(),[]);return t.loading?e.createElement(e.Fragment,null,l):(r=t.value)!=null&&r.authorized?e.createElement(e.Fragment,null,n):e.createElement(e.Fragment,null,o)}export{p as A};
2	+ //# sourceMappingURL=Authorized-2a69c12e.esm.js.map

package/dist/esm/RBACSidebarItem-9beee132.esm.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import{SidebarItem as e}from"@backstage/core-components";import m from"@material-ui/icons/Lock";import t from"react";import{A as i}from"./Authorized-2a69c12e.esm.js";import"@backstage/core-plugin-api";import"react-use/lib/useAsync";import"./routes-28afb55d.esm.js";import"@backstage/errors";import"@spotify/backstage-plugin-rbac-common";function p({text:r="RBAC",...o}){return t.createElement(i,null,t.createElement(e,{icon:m,to:"rbac",text:r,...o}))}export{p as RBACSidebarItem};
2	+ //# sourceMappingURL=RBACSidebarItem-9beee132.esm.js.map

package/dist/esm/Root-5eafe743.esm.js ADDED Viewed

@@ -0,0 +1,3 @@
+import{Breadcrumbs as Gn,Link as ae,Page as jn,Header as _n,Content as Yn,Table as Jn,Progress as ke,ErrorPanel as Nt,EmptyState as Oe,ContentHeader as Be,UserIcon as qn}from"@backstage/core-components";import{useRouteRef as Kn,useApi as k,alertApiRef as oe,useApp as tt,configApiRef as Qn}from"@backstage/core-plugin-api";import e,{createContext as Le,useState as R,useCallback as I,useMemo as B,useContext as Me,Fragment as Fe,useRef as ye,useEffect as J,useLayoutEffect as Xn,Children as Pt,isValidElement as ze,useReducer as Zn}from"react";import{useNavigate as q,Link as el,useParams as nt,Routes as tl,Route as We}from"react-router-dom";import{A as nl}from"./Authorized-2a69c12e.esm.js";import{makeStyles as C,Typography as h,Container as ll,Grid as O,Button as P,Box as E,Dialog as ie,DialogTitle as He,DialogContent as ee,TextField as ce,DialogActions as lt,CircularProgress as Tt,Tooltip as ge,Chip as se,Card as te,CardContent as he,List as rl,ListItem as St,ListItemIcon as me,ListItemText as Q,CardActions as al,IconButton as j,CardActionArea as ol,CardHeader as At,Radio as il,FormControl as ve,InputLabel as de,Select as be,Input as Rt,MenuItem as H,Checkbox as Ce,FormHelperText as rt,TableCell as D,TableContainer as cl,Table as Ue,TableHead as Ve,TableRow as U,TableBody as Ge,Accordion as sl,AccordionSummary as ml,AccordionDetails as dl,Paper as at,DialogContentText as ul,ButtonGroup as pl,Menu as $t,MenuList as ot,Divider as it,FormControlLabel as It,Popper as El,Tabs as fl,Tab as yl,debounce as gl,ButtonBase as hl}from"@material-ui/core";import vl from"react-use/lib/useMount";import{SpotifyLicenseBanner as bl,useAutoUpdatingRelativeTime as Cl,invariant as je}from"@spotify/backstage-plugin-core";import{r as xl,a as V}from"./routes-28afb55d.esm.js";import ue from"react-use/lib/useAsyncFn";import{PolicyConfigParser as _e,isConditionalDecision as Ye,isAllOfPermissionCriteria as wl,isAnyOfPermissionCriteria as Dl,isNotPermissionCriteria as Nl,getMatchingRolePermissions as kt,UpdateDraftRequestParser as Pl,isMatchingPermission as Tl,BackstageUserPlaceholder as xe,RoleParser as Sl}from"@spotify/backstage-plugin-rbac-common";import Al,{dump as Rl}from"js-yaml";import $l from"@material-ui/icons/FilterNone";import Il from"@material-ui/icons/Publish";import{DateTime as Je}from"luxon";import ct from"@material-ui/icons/Close";import we from"react-use/lib/useAsync";import Ot from"lodash/keyBy";import kl from"lodash/isEqual";import Ol from"@material-ui/icons/CalendarToday";import Bt from"@material-ui/icons/Person";import Bl from"@material-ui/icons/FiberManualRecord";import{v4 as pe}from"uuid";import{saveAs as Ll}from"file-saver";import Lt from"lodash/omit";import Ml from"lodash/pickBy";import Mt from"@material-ui/icons/ReportProblemOutlined";import Ft from"react-use/lib/useLocalStorage";import{isResourcePermission as st,AuthorizeResult as F}from"@backstage/plugin-permission-common";import{forEach as Fl,mapValues as zl,groupBy as Wl,uniq as Hl}from"lodash";import Ul from"@material-ui/icons/Check";import Vl from"@material-ui/icons/Edit";import Gl from"@material-ui/icons/Clear";import{Alert as zt,Autocomplete as mt,ToggleButton as jl,ToggleButtonGroup as _l}from"@material-ui/lab";import Yl from"@material-ui/icons/ExpandMore";import Jl from"@material-ui/icons/AccountTreeOutlined";import ql from"@material-ui/icons/CheckSharp";import Kl from"@material-ui/icons/NotInterested";import dt from"ajv";import Ql from"@material-ui/icons/InfoOutlined";import{z as Wt}from"zod";import ut from"@material-ui/icons/Add";import De from"@material-ui/icons/Delete";import Xl from"@material-ui/icons/KeyboardArrowDown";import Zl from"@material-ui/icons/KeyboardArrowUp";import Ht from"@material-ui/icons/Info";import er from"../images/no-roles.svg";import tr from"@material-ui/icons/MoreHoriz";import nr from"@material-ui/icons/Save";import lr from"@material-ui/icons/Settings";import rr from"@material-ui/icons/Undo";import ar from"@material-ui/icons/VerticalAlignTop";import or from"lodash/uniqBy";import ir from"@material-ui/icons/Remove";import{parseEntityRef as ne,DEFAULT_NAMESPACE as cr}from"@backstage/catalog-model";import{humanizeEntityRef as sr,catalogApiRef as mr}from"@backstage/plugin-catalog-react";import{List as dr}from"react-virtualized";import ur from"@material-ui/icons/Group";import pr from"@material-ui/icons/GroupWork";import Er from"../images/no-permissions.svg";import"@backstage/errors";const fr=C(t=>({breadcrumbs:{marginBottom:t.spacing(4)}}));function yr({pages:t}){const n=Kn(xl),l=fr();return e.createElement(Gn,{className:l.breadcrumbs},e.createElement(ae,{to:n()},"Home"),t.map(({title:a,path:r},o)=>r?e.createElement(ae,{to:r,key:r,relative:"path"},a):e.createElement(h,{key:`${o}`},a)))}function qe({children:t,header:n,pages:l}){return e.createElement(jn,{themeId:"tool"},e.createElement(bl,{backend:"rbac",invalidLicenseMessage:"Your existing policy will continue to apply, but you will be unable to make any changes until you enter a valid license."}),e.createElement(_n,{title:"Role Based Access Control"}),e.createElement(Yn,null,e.createElement(ll,{maxWidth:"lg"},e.createElement(O,{container:!0,spacing:4},e.createElement(O,{item:!0,xs:12},l&&e.createElement(yr,{pages:l}),n),t))))}const Ut=Le({hasDraftPolicy:!1,policies:void 0,setPolicies:()=>{},setPolicy:()=>{},getPolicy:()=>{},removePolicy:()=>{}}),Ke=()=>Me(Ut);function gr({children:t,initialState:n={policies:void 0,cache:{}}}){const[l,a]=R(n),r=I(m=>{a(s=>({...s,policies:m,cache:Vt(s.cache,m)}))},[]),o=I(m=>l.cache[m],[l.cache]),i=I(m=>a(s=>({...s,cache:{...s.cache,[m]:void 0},policies:void 0})),[]),c=I(m=>a(s=>({...s,policies:void 0,cache:Vt(s.cache,[m])})),[]);return e.createElement(Ut.Provider,{value:B(()=>{var m;return{hasDraftPolicy:((m=l.policies)==null?void 0:m.some(({status:s})=>s==="draft"))||!1,policies:l.policies,setPolicies:r,setPolicy:c,getPolicy:o,removePolicy:i}},[l.policies,r,c,o,i])},t)}function Vt(t,n){if(!n)return t;const l={...t};return n.forEach(a=>{l[a.id]=a}),l}const Ne=()=>{const t=k(V),{setPolicies:n,policies:l}=Ke(),[{loading:a,error:r},o]=ue(()=>t.getPolicies(),[t],l?{loading:!1,value:{items:l,totalItems:l.length}}:{loading:!0}),i=I(async()=>{const c=await o();n(c.items)},[o,n]);return{loading:a,error:r,fetchPolicies:i}};function hr(){const t=k(V),n=q(),l=k(oe);function a(r){var o,i;const c=(i=(o=r.target)==null?void 0:o.files)==null?void 0:i[0],m=new FileReader;c&&(m.readAsText(c,"utf-8"),m.onload=async s=>{var p,u;const d=(u=(p=s.target)==null?void 0:p.result)==null?void 0:u.toString();if(d){let x=null;try{x=Al.load(d)}catch{l.post({message:"YAML file is invalid",severity:"error"});return}const f=_e.safeParse(x);if(!f.success){l.post({message:"Imported policy is invalid",severity:"error"});return}const y=f.data;if((await t.getPolicies()).items.some(w=>w.status==="draft")){l.post({message:"Unable to import new policy due to existing draft policy",severity:"error"});return}const g=await t.createDraft(y);n(`./versions/${g.id}`),l.post({message:"Policy imported successfully",severity:"success"})}})}return e.createElement(P,{variant:"outlined",color:"primary",component:"label"},"Import",e.createElement("input",{role:"input",type:"file",hidden:!0,onChange:a,accept:".yaml"}))}function vr(t){throw new Error("Invalid state")}function br(t){var n;return Ye(t.decision)?"Conditional":(n={allow:"Allow",deny:"Deny"}[t.decision])!=null?n:"Unknown"}function pt(t){var n;if(t.match==="*")return"All";if(t.match.name)return t.match.name;const l=[];return t.match.resourceType&&l.push(t.match.resourceType),(n=t.match.actions)!=null&&n.length&&l.push(t.match.actions.join(", ")),l.join(" | ")}const Cr=(t,n)=>{const l={resolutionStrategy:{operation:"UNCHANGED",before:t==null?void 0:t.resolutionStrategy,after:n==null?void 0:n.resolutionStrategy}};for(const a of Object.keys(l)){const r=a;l[r].before!==l[r].after&&(l[r].operation="CHANGED")}return l},Et=(t,n)=>{const l=Object.entries(t);for(const[,a]of l){const r=n(a);for(const[,o]of l){const i=n(o);i.operation!=="ADDED"&&i.operation!=="REMOVED"&&(r.operation==="ADDED"&&r.indexAfter<i.indexAfter?i.indexBefore+=1:r.operation==="REMOVED"&&r.indexBefore<i.indexBefore&&(i.indexBefore-=1))}}for(const[,a]of l){const r=n(a);r.operation==="UNCHANGED"&&r.indexAfter!==r.indexBefore&&(r.operation=r.indexAfter>r.indexBefore?"MOVED_DOWN":"MOVED_UP")}return t},ft=(t,n)=>{if(t==="*")return n==="*"?{"*":{operation:"UNCHANGED",after:"*",before:"*",indexAfter:0,indexBefore:0}}:{"*":{operation:"REMOVED",after:null,before:"*",indexAfter:-1,indexBefore:0},...Object.fromEntries(n.map((a,r)=>[a,{operation:"ADDED",after:a,before:null,indexAfter:r,indexBefore:-1}]))};if(n==="*")return{"*":{operation:"ADDED",after:"*",before:null,indexAfter:0,indexBefore:-1},...Object.fromEntries(t.map((a,r)=>[a,{operation:"REMOVED",after:null,before:a,indexAfter:-1,indexBefore:r}]))};const l=Object.fromEntries(n.map((a,r)=>[a,{operation:"ADDED",after:a,before:null,indexAfter:r,indexBefore:-1}]));for(let a=0;a<t.length;a++){const r=t[a];l[r]?(l[r].before=r,l[r].indexBefore=a,l[r].operation="UNCHANGED"):l[r]={operation:"REMOVED",after:null,before:r,indexAfter:-1,indexBefore:a}}return Et(l,a=>a)},yt=(t,n)=>{const l=Ot(n,"id"),a=Object.fromEntries(n.map((r,o)=>[r.id,{operation:"ADDED",indexAfter:o,indexBefore:-1,after:r,before:null}]));for(let r=0;r<t.length;r++){const o=t[r];if(a[o.id]){const i=!kl(o,l[o.id]);a[o.id].before=o,a[o.id].indexBefore=r,a[o.id].operation=i?"CHANGED":"UNCHANGED"}else a[o.id]={operation:"REMOVED",after:null,before:o,indexAfter:-1,indexBefore:r}}return Et(a,r=>r)},xr=(t=[],n=[])=>{const l=Ot(n,"id"),a=Object.fromEntries(n.map((r,o)=>[r.id,{role:{operation:"ADDED",indexAfter:o,indexBefore:-1,after:r,before:null},members:ft([],r.members),permissions:yt([],r.permissions)}]));for(let r=0;r<t.length;r++){const o=t[r];if(l[o.id]){const i=l[o.id],c=ft(o.members,i.members),m=yt(o.permissions,i.permissions),s=Object.values(m).some(({operation:d})=>d!=="UNCHANGED"),p=Object.values(c).some(({operation:d})=>d!=="UNCHANGED"),u=o.name!==i.name||s||p;a[o.id].role.before=o,a[o.id].role.indexBefore=r,a[o.id].role.operation=u?"CHANGED":"UNCHANGED",a[o.id].members=c,a[o.id].permissions=m}else a[o.id]={role:{operation:"REMOVED",after:null,before:o,indexAfter:-1,indexBefore:r},members:ft(o.members,[]),permissions:yt(o.permissions,[])}}return Et(a,({role:r})=>r)},wr=(t,n)=>{const l=xr((t==null?void 0:t.roles)||[],n.roles||[]),a=Cr(t==null?void 0:t.options,n.options),r=(t==null?void 0:t.name)!==n.name,o=Object.values(a).some(({operation:i})=>i!=="UNCHANGED");return{policy:{operation:r||o?"CHANGED":"UNCHANGED",before:t,after:n},roles:l,options:a}},Gt=t=>{const n=k(V),{value:l,loading:a,error:r}=we(()=>n.getActivePolicy(),[n]);return B(()=>t&&!a&&!r?wr(l,t):null,[l,t,a,r])},Dr=(t,n)=>{switch(n){case"ADDED":return t.palette.success.main;case"REMOVED":return t.palette.errorText;case"CHANGED":return t.palette.infoText;case"MOVED_UP":case"MOVED_DOWN":return t.palette.infoText;case"UNCHANGED":default:return t.palette.text.primary}},Nr=t=>{switch(t){case"ADDED":return"success";case"REMOVED":return"error";case"CHANGED":return"info";case"MOVED_UP":case"MOVED_DOWN":return"info";case"UNCHANGED":default:return"info"}},Pr=t=>{switch(t){case"ADDED":return"New";case"REMOVED":return"Removed";case"CHANGED":return"Changed";case"MOVED_UP":return"Moved up";case"MOVED_DOWN":return"Moved down";case"UNCHANGED":default:return"No changes"}},Tr=C(t=>({root:({operation:n})=>({color:Dr(t,n)})})),W=t=>e.createElement(h,{...t,variant:"body2"}),N=t=>{const n=Tr(t);return e.createElement(E,{...t,className:n.root,component:"span",fontWeight:"fontWeightBold"})},jt=({policy:t})=>{var n,l,a,r;const o=Gt(t),i=(o==null?void 0:o.policy.operation)==="CHANGED"||Object.values((n=o==null?void 0:o.roles)!=null?n:{}).some(u=>u.role.operation!=="UNCHANGED")||((l=o==null?void 0:o.options)==null?void 0:l.resolutionStrategy.operation)==="CHANGED";if(!o||!i)return e.createElement(E,null,"No changes");const c=!!o.policy.before&&!!o.policy.after&&o.policy.before.name!==o.policy.after.name,m=o.options.resolutionStrategy.operation==="CHANGED",s=({before:u,after:d})=>u&&d&&u.name!==d.name,p=({operation:u})=>u!=="ADDED"&&u!=="REMOVED";return e.createElement(E,null,c&&e.createElement(W,null,"Policy name ",e.createElement(N,{operation:"CHANGED"},"changed")," from"," ",e.createElement(N,null,'"',(a=o.policy.before)==null?void 0:a.name,'"')," to"," ",e.createElement(N,null,'"',(r=o.policy.after)==null?void 0:r.name,'"')),m&&e.createElement(W,null,"Resolution Strategy ",e.createElement(N,{operation:"CHANGED"},"changed")," ","from ",e.createElement(N,null,'"',o.options.resolutionStrategy.before,'"')," to"," ",e.createElement(N,null,'"',o.options.resolutionStrategy.after,'"')),Object.entries(o.roles).map(([u,{role:d,permissions:x,members:f}])=>{var y,g,w,S,T,z;return e.createElement(Fe,{key:u},d.operation==="ADDED"&&e.createElement(W,null,"Role ",e.createElement(N,null,'"',(y=d.after)==null?void 0:y.name,'"')," has been"," ",e.createElement(N,{operation:"ADDED"},"added")),d.operation==="REMOVED"&&e.createElement(W,null,"Role ",e.createElement(N,null,'"',(g=d.before)==null?void 0:g.name,'"')," has been"," ",e.createElement(N,{operation:"REMOVED"},"removed")),s(d)&&e.createElement(W,null,"Role name changed from ",e.createElement(N,null,'"',(w=d.before)==null?void 0:w.name,'"')," ","to ",e.createElement(N,null,'"',(S=d.after)==null?void 0:S.name,'"')),d.indexAfter>d.indexBefore&&d.indexBefore!==-1&&e.createElement(W,null,"Role ",e.createElement(N,null,'"',(T=d.after)==null?void 0:T.name,'"')," has been"," ",e.createElement(N,{operation:"MOVED_DOWN"},"moved down")," in priority"),d.indexAfter<d.indexBefore&&d.indexAfter!==-1&&e.createElement(W,null,"Role ",e.createElement(N,null,'"',(z=d.after)==null?void 0:z.name,'"')," has been"," ",e.createElement(N,{operation:"MOVED_UP"},"moved up")," in priority"),p(d)&&e.createElement(e.Fragment,null,Object.entries(x).map(([M,b])=>{var A,v,$,L,le;const{before:X,after:Ee}=b,re=X&&pt(X),Z=Ee&&pt(Ee);return e.createElement(Fe,{key:M},b.operation==="ADDED"&&b.after&&e.createElement(W,null,"Permission decision"," ",e.createElement(N,null,'"',Z,'"')," has been"," ",e.createElement(N,{operation:"ADDED"},"added")," to"," ",e.createElement(N,null,'"',(A=d.after)==null?void 0:A.name,'"')),b.operation==="REMOVED"&&b.before&&e.createElement(W,null,"Permission decision"," ",e.createElement(N,null,'"',re,'"')," has been"," ",e.createElement(N,{operation:"REMOVED"},"removed")," ","from ",e.createElement(N,null,'"',(v=d.after)==null?void 0:v.name,'"')),b.operation==="CHANGED"&&e.createElement(W,null,re!==Z?e.createElement(e.Fragment,null,"Permission decision"," ",e.createElement(N,null,'"',re,'"')," has been"," ",e.createElement(N,{operation:"CHANGED"},"updated")," ","to ",e.createElement(N,null,'"',Z,'"')):e.createElement(e.Fragment,null,"Permission decision"," ",e.createElement(N,null,'"',re,'"')," has been"," ",e.createElement(N,{operation:"CHANGED"},"updated"))," ","in ",e.createElement(N,null,'"',($=d.after)==null?void 0:$.name,'"')),b.indexAfter>b.indexBefore&&b.indexBefore!==-1&&e.createElement(W,null,"Permission decision"," ",e.createElement(N,null,'"',Z,'"')," has been"," ",e.createElement(N,{operation:"MOVED_DOWN"},"moved down")," ","in priority in"," ",e.createElement(N,null,'"',(L=d.after)==null?void 0:L.name,'"')),b.indexAfter<b.indexBefore&&b.indexAfter!==-1&&e.createElement(W,null,"Permission decision"," ",e.createElement(N,null,'"',Z,'"')," has been"," ",e.createElement(N,{operation:"MOVED_UP"},"moved up")," ","in priority in"," ",e.createElement(N,null,'"',(le=d.after)==null?void 0:le.name,'"')))}),Object.entries(f).map(([M,b])=>{var A,v;return e.createElement(Fe,{key:M},b.operation==="ADDED"&&b.after&&e.createElement(W,null,"Member ",e.createElement(N,null,'"',b.after,'"')," has been"," ",e.createElement(N,{operation:"ADDED"},"added")," to"," ",e.createElement(N,null,'"',(A=d.after)==null?void 0:A.name,'"')),b.operation==="REMOVED"&&b.before&&e.createElement(W,null,"Member ",e.createElement(N,null,'"',b.before,'"')," has been"," ",e.createElement(N,{operation:"REMOVED"},"removed")," from"," ",e.createElement(N,null,'"',(v=d.after)==null?void 0:v.name,'"')))})))}))},Sr=C(t=>({closeButton:{color:t.palette.text.secondary},diffSummaryContainer:{backgroundColor:t.palette.background.default,marginBottom:t.spacing(2)}}));function gt({open:t,onPublish:n,onClose:l,policy:a}){const[r,o]=R(!1),i=Sr(),c=ye(null),m=async()=>{var s,p;o(!0),await n((p=(s=c.current)==null?void 0:s.value)!=null?p:""),o(!1)};return e.createElement(ie,{open:t,onClose:l,fullWidth:!0},e.createElement(He,null,e.createElement(E,{display:"flex",justifyContent:"space-between",alignItems:"center"},"Ready to publish?",e.createElement(P,{startIcon:e.createElement(ct,null),onClick:l,className:i.closeButton},"Close")),e.createElement(h,null,"Double check your changes, then click Publish to activate this version of your policy. This will immediately apply the permissions defined in this version across Backstage.")),e.createElement(ee,{className:i.diffSummaryContainer,dividers:!0},e.createElement(jt,{policy:a})),e.createElement(ee,null,e.createElement(ce,{variant:"outlined",fullWidth:!0,label:"Summary (optional)",placeholder:"Briefly describe this version (or changes from a previous version)",inputRef:c})),e.createElement(lt,null,e.createElement(P,{color:"primary",onClick:m,disabled:r},r?e.createElement(Tt,{size:20}):"Publish")))}const Ar=C(()=>({root:{display:"inline-flex"}})),_t=({timestamp:t,description:n})=>{const l=Ar(),a=Je.fromISO(t).toLocaleString(Je.DATETIME_FULL),r=Cl(t),o=n?`${n}${r}`:r;return e.createElement("span",{className:l.root},e.createElement(ge,{title:a},e.createElement(h,{component:"span",display:"inline",variant:"inherit"},o)))};function Yt(t,n,l){var a,r;let o=n.created,i=t.createdBy;l!=null&&l.created&&(i=l.created+i);let c=t.createdAt;return t.status==="active"?(o=n.published,i=(a=t.lastPublishedBy)!=null?a:"",l!=null&&l.published&&(i=l.published+i),c=(r=t.lastPublishedAt)!=null?r:""):t.createdAt!==t.updatedAt&&(o=n.updated,i=t.updatedBy,l!=null&&l.updated&&(i=l.updated+i),c=t.updatedAt),{activityDateText:o,activityUser:i,timestamp:c}}const Rr=C(t=>({chip:{margin:0},icon:{color:t.palette.success.main}}));function Jt(t){const n=Rr();return t.status==="inactive"?null:t.status==="draft"?e.createElement(se,{className:n.chip,label:"Draft",size:t.size}):e.createElement(se,{className:n.chip,classes:{icon:n.icon},label:"Active",icon:e.createElement(Bl,null),size:t.size})}const $r=C(t=>({card:n=>({backgroundImage:n.policy.status==="active"?"linear-gradient(256.15deg, #00782A 19.77%, #1DB954 100%)":"linear-gradient(256.15deg, #BDBDBD 19.77%, #EEEEEE 100%)",backgroundPosition:"top",backgroundSize:"100% 8px",backgroundRepeat:"no-repeat",paddingTop:"8px",height:"100%"}),diffSummaryContainer:{backgroundColor:t.palette.background.default,padding:t.spacing(2),borderWidth:"1px",borderStyle:"solid",borderColor:t.palette.divider,borderRadius:t.shape.borderRadius},header:{display:"flex",justifyContent:"space-between",alignItems:"center"},detailsHeader:{...t.typography.body1,paddingTop:t.spacing(2),color:t.palette.text.secondary},activityList:{color:t.palette.text.secondary},activityListItem:{padding:0},actions:{justifyContent:"flex-start"}}));function Pe(t){const n=$r(t),{policy:l,to:a,withChangeSummary:r}=t,o=`${l.name} ${l.status==="draft"?"- Draft":""}`,i={created:"Created: ",published:"Published: ",updated:"Updated: "},c={created:"Created by ",published:"Published by ",updated:"Updated by "},{activityDateText:m,activityUser:s,timestamp:p}=Yt(l,i,c);return e.createElement(te,{className:n.card},e.createElement(he,null,e.createElement("div",{className:n.header},a?e.createElement(ae,{to:`versions/${l.id}`},e.createElement(h,{variant:"h5",component:"h1"},o)):e.createElement(h,{variant:"h5",component:"h1"},o),l.status==="active"?e.createElement(Jt,{status:"active",size:"small"}):null),l.description?e.createElement(h,{variant:"body1",color:"textSecondary"},'"',l.description,'"'):null,e.createElement(h,{component:"h2",className:n.detailsHeader},"Details"),e.createElement(rl,{className:n.activityList},e.createElement(St,{className:n.activityListItem},e.createElement(me,null,e.createElement(Ol,null)),e.createElement(Q,{primary:e.createElement(_t,{timestamp:p,description:m})})),e.createElement(St,{className:n.activityListItem},e.createElement(me,null,e.createElement(Bt,null)),e.createElement(Q,{primary:s}))),r&&e.createElement(E,{paddingTop:2},e.createElement(h,{gutterBottom:!0,variant:"subtitle2"},"What's changed"),e.createElement(E,{className:n.diffSummaryContainer},e.createElement(jt,{policy:l})))),t.actions?e.createElement(al,{className:n.actions},t.actions):null)}const Ir=C(t=>({paper:{padding:t.spacing(2,2,0,2)}})),ht=({isOpen:t,onClose:n,policy:l})=>{const a=Ir();return e.createElement(ie,{classes:{...a},open:t,onClose:n},e.createElement(He,{disableTypography:!0},e.createElement(E,{display:"flex",flexDirection:"row"},e.createElement(E,null,e.createElement(h,{variant:"h4",component:"h2"},"Success!"),e.createElement(h,null,l.name," has been published and is now your active policy.")),e.createElement(E,null,e.createElement(j,{onClick:n,title:"Close dialog"},e.createElement(ct,null))))),e.createElement(ee,null,e.createElement(Pe,{policy:l})),e.createElement(lt,null,e.createElement(E,{display:"flex",flexDirection:"row",flexGrow:1,justifyContent:"flex-start"},e.createElement(P,{component:el,color:"primary",onClick:n,role:"link",to:"/rbac"},"View all versions"))))};function vt(){const t=k(V),n=k(oe),l=q(),{fetchPolicies:a}=Ne();return ue(async r=>{if(!r)return;const{roles:o,name:i,options:c}=r;try{const m=await t.createDraft({roles:o,options:c,name:i});return await a(),l(`/rbac/versions/${m.id}`),m}catch(m){throw m instanceof Error&&n.post({message:m.message,severity:"error"}),m}},[l,t,n,a])}function bt(){const t=k(V),n=k(oe),l=ue(async(r,o,i)=>{if(r)return await t.publishPolicy(r.id,{description:o,update:i}),t.getPolicy(r.id)},[]),[{error:a}]=l;return J(()=>{a&&n.post({message:a.message,severity:"error"})},[a,n]),l}const kr=[{title:"Name",field:"name",render:t=>e.createElement(ae,{to:`versions/${t.id}`},t.name)},{title:"Status",field:"status",render:t=>{switch(t.status){case"active":return"Active";case"draft":return"Draft";case"inactive":return"Inactive";default:return vr(t.status)}}},{title:"Publish date",field:"lastPublishedAt",render:t=>t.lastPublishedAt?Je.fromISO(t.lastPublishedAt).toLocaleString(Je.DATETIME_MED_WITH_SECONDS):"",type:"datetime",defaultSort:"desc"},{title:"Published by",field:"lastPublishedBy"}];function Or(t){const n=t.data.length>3,{fetchPolicies:l}=Ne(),[{loading:a},r]=vt(),[{loading:o,value:i},c]=bt(),[m,s]=R(void 0),[p,u]=R(!1),d=()=>{s(void 0),l()},x=(m==null?void 0:m.id)===(i==null?void 0:i.id)?i:void 0,f=[y=>{const{tableData:g,...w}=y;return{icon:Il,tooltip:"Republish",onClick:()=>{s(w),u(!0)},disabled:o}},y=>{const{tableData:g,...w}=y;return{icon:$l,tooltip:"Duplicate",disabled:a||!t.canDuplicate,onClick:()=>r(w)}}];return e.createElement(e.Fragment,null,e.createElement(Jn,{title:"Previous Versions",columns:kr,data:t.data,options:{paging:n,pageSize:3,pageSizeOptions:[3,5,10,20],actionsColumnIndex:-1,loadingType:"linear"},actions:f}),m&&e.createElement(gt,{open:p,onPublish:y=>{c(m,y),u(!1)},onClose:()=>{s(void 0),u(!1)},policy:m}),x&&e.createElement(ht,{isOpen:!0,policy:x,onClose:d}))}function Br(t){var n,l;return((l=(n=t==null?void 0:t.body)==null?void 0:n.response)==null?void 0:l.statusCode)===404}function qt(t){const n=new Blob([Lr(t)],{type:"text/yaml"});Ll(n,`${(t.name||"policy").toLocaleLowerCase().replace(/\W/g,"-")}.yaml`)}function Lr(t){const{name:n,roles:l,options:a,description:r}=t;return`# this is an autogenerated file, do not edit
+${Rl(Ml({name:n,description:r,options:a,roles:l.map(({permissions:o,...i})=>({...Lt(i,["id"]),permissions:o.map(c=>Lt(c,["id"]))}))},o=>o!==null||o!==void 0))}`}const Mr=({serverPolicy:t,localPolicy:n})=>!n||!t?{policy:t,policyConflict:!1}:t.status!=="draft"?{policy:t,policyConflict:!1}:n.id!==t.id?{policy:t,policyConflict:!1}:n.updatedAt===t.updatedAt?{policy:n,policyConflict:!1}:{policy:n,policyConflict:!0},Fr=C(t=>({icon:{color:t.palette.warning.main,width:"2rem",height:"2rem"},label:{align:"center",display:"block",marginBottom:t.spacing(1),color:t.palette.text.secondary,fontSize:t.typography.caption.fontSize},policiesContainer:{display:"flex",gap:t.spacing(4),marginTop:t.spacing(4),marginBottom:t.spacing(4)},button:{marginTop:t.spacing(4)}})),zr=({localPolicy:t,onSelectLocalPolicy:n,onSelectServerPolicy:l,serverPolicy:a})=>{const r=Fr();return e.createElement(ie,{open:!0,maxWidth:"md"},e.createElement(ee,null,e.createElement(E,{display:"flex",flexDirection:"column",gridGap:8},e.createElement(E,{display:"flex",justifyContent:"center"},e.createElement(Mt,{className:r.icon})),e.createElement(h,{align:"center",variant:"h6"},"There is a conflict with your drafts"),e.createElement(E,null,e.createElement(h,{align:"center"},"A newer version of the draft you are trying to edit has been recently saved."),e.createElement(h,{align:"center"},"Please review the changes and decide on a version to keep."))),e.createElement(E,{className:r.policiesContainer},e.createElement(E,{alignItems:"center",display:"flex",flexDirection:"column",flex:"1 1 0%"},e.createElement(h,{className:r.label,variant:"button"},"Your local draft"),e.createElement(Pe,{policy:t,withChangeSummary:!0}),e.createElement(P,{className:r.button,color:"primary",onClick:n,variant:"outlined"},"Keep local draft")),e.createElement(E,{alignItems:"center",display:"flex",flexDirection:"column",flex:"1 1 0%"},e.createElement(h,{className:r.label,variant:"button"},"Recently saved draft"),e.createElement(Pe,{policy:a,withChangeSummary:!0}),e.createElement(P,{className:r.button,color:"primary",onClick:l,variant:"outlined"},"Keep recently saved draft")))))},Wr=C(t=>({icon:{color:t.palette.warning.main,width:"2rem",height:"2rem"}})),Hr=({onConfirm:t,policy:n})=>{const l=Wr(),a=()=>{qt(n)};return e.createElement(ie,{open:!0},e.createElement(ee,null,e.createElement(E,{display:"flex",flexDirection:"column",gridGap:16},e.createElement(E,{display:"flex",flexDirection:"column",gridGap:4},e.createElement(E,{display:"flex",justifyContent:"center"},e.createElement(Mt,{className:l.icon})),e.createElement(h,{align:"center",variant:"h6"},"Invalid local draft")),e.createElement(E,{display:"flex",flexDirection:"column",gridGap:8},e.createElement(h,{align:"center"},"You have a local draft that is no longer compatible or has become corrupted."),e.createElement(h,{align:"center"},"Click export to download your draft. You can attempt to restore your draft by importing this file on the RBAC home page."),e.createElement(h,{align:"center"},"Clicking continue will discard your draft."," ",e.createElement(E,{component:"span",fontWeight:"fontWeightBold"},"This action cannot be undone."))),e.createElement(E,{display:"flex",justifyContent:"center",gridGap:8,marginY:3},e.createElement(P,{color:"primary",onClick:a,variant:"outlined"},"Export"),e.createElement(P,{color:"primary",onClick:t,variant:"contained"},"Discard and continue")))))},Ur=()=>Ft("@spotify/backstage-plugin-rbac:draftPolicy"),Vr={canPublish:!1,diff:null,hasChanges:!1,isValid:!1,policy:void 0,createNewRole:()=>"",discardLocalDraft:()=>{},exportPolicy:()=>{},publish:()=>{},saveLocalDraftToServer:()=>Promise.reject(),saveAndPublish:()=>Promise.reject(),refetchPolicy:()=>Promise.reject(),updateLocalDraft:()=>{}},Kt=Le(Vr),_=()=>Me(Kt);function Qe({children:t,policyId:n}){const l=q(),a=k(oe),r=k(V),{getPolicy:o,setPolicy:i}=Ke(),c=tt(),{NotFoundErrorPage:m}=c.getComponents(),[s,p]=R({active:!1,update:!1}),[u,d]=R(!1),[{loading:x,value:f},y]=bt(),g=o(n),[w,S,T]=Ur(),z=!w||_e.safeParse(w).success,M=z?w:void 0,{policy:b,policyConflict:A}=Mr({serverPolicy:g,localPolicy:M}),v=Gt(b),$=_e.safeParse(b).success,L=$&&!M&&!x,[{loading:le,error:X},Ee]=ue(()=>r.getPolicy(n),[r,n],g?{loading:!1,value:g}:{loading:!0}),re=()=>{p({active:!0,update:!1})},Z=()=>{p({active:!0,update:!0})},K=I(async()=>{const G=await Ee();i(G)},[Ee,i]),Bn=I(async G=>{await y(b,G,s.update?b:void 0),p({active:!1,update:!1}),K==null||K()},[b,s,y,p,K]),Ln=async()=>{d(!1)},Mn=()=>{S(G=>G&&g&&{...G,updatedAt:g.updatedAt})},Fn=I(async()=>{if(!b)throw new Error("No policy to save");try{await r.updateDraft(b.id,{name:b.name,roles:b.roles,options:b.options}),a.post({message:"Policy saved",severity:"success"}),T(),K==null||K()}catch(G){a.post({message:(G==null?void 0:G.message)||"An error occurred while updating the policy",severity:"error"})}},[a,r,b,K,T]),zn=I(()=>{if(!b)throw new Error("No policy to create a new role");const G=new Set(b.roles.map(Vn=>Vn.id));let fe;do fe=pe().split("-")[0];while(G.has(fe));const Un={name:`Role ${fe}`,permissions:[],members:"*",id:fe};return S({...b,roles:[...b.roles,Un]}),fe},[b,S]),Wn=()=>{T(),l("/rbac")},Hn=()=>{b&&qt(b)};return J(()=>{g||K()},[K,g]),J(()=>{f&&d(!0)},[f]),z?b?e.createElement(Kt.Provider,{value:{canPublish:L,diff:v,hasChanges:!!M,isValid:$,policy:b,createNewRole:zn,discardLocalDraft:T,exportPolicy:Hn,publish:re,saveLocalDraftToServer:Fn,refetchPolicy:K,updateLocalDraft:S,saveAndPublish:Z}},A&&M&&g&&e.createElement(zr,{localPolicy:M,onSelectLocalPolicy:Mn,onSelectServerPolicy:T,serverPolicy:g}),e.createElement(gt,{open:s.active,onClose:()=>p({active:!1,update:!1}),onPublish:Bn,policy:b}),f&&e.createElement(ht,{isOpen:u,onClose:Ln,policy:f}),t):le?e.createElement(ke,null):X?Br(X)?e.createElement(m,null):e.createElement(Nt,{error:X!=null?X:new Error("Unknown")}):null:e.createElement(Hr,{onConfirm:Wn,policy:w})}const Gr=t=>{const[n,l]=R(!1),{fetchPolicies:a}=Ne(),[{loading:r,value:o},i]=bt(),{policy:c,hasChanges:m}=_(),s=_e.safeParse(c).success,p=!m&&s,u=async x=>{await i(c,x),l(!1)},d=()=>{a()};return e.createElement(e.Fragment,null,e.createElement(P,{...t,onClick:()=>l(!0),disabled:!p||r},"Publish"),e.createElement(gt,{open:n,onClose:()=>l(!1),onPublish:u,policy:c}),o&&e.createElement(ht,{isOpen:!0,onClose:d,policy:o}))};function jr(t){const n=k(V),l=k(oe),{fetchPolicies:a}=Ne();return ue(async()=>{if(t)return n.deleteDraft(t.id).then(a).catch(r=>(l.post({message:r.message,severity:"error"}),Promise.reject(r)))},[t])}function _r({policies:t}){const n=t.find(s=>s.status==="draft"),l=t.find(s=>s.status==="active"),[a,r]=vt(),[o,i]=jr(n),c=q(),m=Yr(t);return e.createElement(O,{container:!0,spacing:4},l?e.createElement(O,{item:!0,xs:12,md:6},e.createElement(Pe,{policy:l,to:`./versions/${l.id}`,actions:e.createElement(P,{color:"primary",disabled:a.loading||!!n,onClick:()=>r(l)},"Duplicate")})):null,n?e.createElement(O,{item:!0,xs:12,md:6},e.createElement(Pe,{policy:n,to:`./versions/${n.id}`,actions:e.createElement(e.Fragment,null,e.createElement(P,{onClick:()=>c(`versions/${n.id}`),color:"primary"},"Edit"),e.createElement(P,{color:"primary",disabled:o.loading,onClick:i},"Delete Draft"),e.createElement(Qe,{policyId:n.id},e.createElement(Gr,{color:"primary"})))})):null,e.createElement(O,{item:!0,xs:12},e.createElement(Or,{data:m,canDuplicate:!n})))}function Yr(t){return t.filter(({status:n})=>n==="inactive")}const Jr=C(t=>({cardContent:{padding:t.spacing(6,3),"& > *":{background:"transparent"}}}));function qr(){const t=Jr(),n=k(V),l=q(),[a,r]=ue(async()=>n.createDraft({roles:[],options:{resolutionStrategy:"any-allow"}}),[n]);return J(()=>{a.value&&l(`./versions/${a.value.id}`)},[l,a.value]),e.createElement(te,null,e.createElement(he,{className:t.cardContent},e.createElement(Oe,{missing:"content",title:"No policy configured",description:e.createElement(e.Fragment,null,e.createElement(E,{component:"span",display:"block",pb:2},"Until you've configured your policy, authorization will be denied for all permissions."),e.createElement(E,{component:"span",display:"block"},"Click the button below to create the first version of your policy.")),action:e.createElement(P,{variant:"contained",color:"primary",disabled:a.loading,onClick:r},"New version")})))}function Kr(){const{policies:t}=Ke(),{loading:n,error:l,fetchPolicies:a}=Ne();vl(()=>{t||a()});let r;return n?r=e.createElement(O,{item:!0,xs:12},e.createElement(ke,null)):l?r=e.createElement(Nt,{error:l}):!t||t.length===0?r=e.createElement(qr,null):r=e.createElement(_r,{policies:t}),e.createElement(qe,{pages:void 0,header:e.createElement(Be,{title:"RBAC Policies"},e.createElement(hr,null))},r)}const Qt=Le({loading:!1}),Qr=({children:t})=>{const n=k(V),l=we(async()=>await n.searchMembers({query:""}),[n]);return e.createElement(Qt.Provider,{value:l},t)},Xr=()=>Me(Qt),Xt=Le(null),Zr=({children:t})=>{const n=k(Qn),l=k(V),a=k(oe),[r,o]=R(null),i=I(async()=>{var c;if(!r){const m=await l.fetchAllPermissionMetadata((c=n.getOptionalStringArray("permission.permissionedPlugins"))!=null?c:[]),s=ta(m.rules);Fl(s,u=>{u.length!==1&&a.post({message:`The plugin(s) ${u.slice(1).join(", ")} expose rules which are conflicting with rules exposed by the ${u[0]} plugin. These rules will not be available for use. Please contact RBAC support if you need assistance resolving this issue.`,severity:"error"})});const p=na(m,s);return o(p),p}return r},[a,r,l,n]);return e.createElement(Xt.Provider,{value:B(()=>({getMetadata:i}),[i])},t)};function Xe(){const t=Me(Xt),{value:n,loading:l}=we(async()=>t==null?void 0:t.getMetadata(),[t]);return{metadata:n,isLoading:l}}function Zt(){var t;const{metadata:n}=Xe();return(t=n==null?void 0:n.rules)!=null?t:null}function Te(){var t;const{metadata:n,isLoading:l}=Xe();return{permissions:(t=n==null?void 0:n.permissions)!=null?t:null,isLoading:l}}function en(){const{metadata:t}=Xe();return t?[...new Set(t.permissions.filter(n=>st(n)).map(({resourceType:n})=>n))]:null}function ea(){const{metadata:t}=Xe(),n=en();return!t||!n?null:n.reduce((l,a)=>{const r=t.rules.find(o=>o.resourceType===a);return r&&(l[a]={pluginId:r.pluginId}),l},{})}function ta(t){return zl(Wl(t,"resourceType"),n=>Hl(n.map(({pluginId:l})=>l)))}function na(t,n){return{...t,rules:t.rules.filter(({resourceType:l,pluginId:a})=>{const r=n[l];return a===r[0]})}}const la=C(t=>({card:n=>({marginTop:t.spacing(3),height:"100%","&:hover":n.readonly?{pointerEvents:"none"}:{}}),cardHeader:{paddingBottom:t.spacing(2),alignItems:"flex-start"},defaultChip:{marginLeft:t.spacing(1),marginBottom:0},title:{display:"flex",alignItems:"center",paddingTop:t.spacing(.5),paddingBottom:t.spacing(1)}}));function tn(t){const n=la(t),{title:l,description:a,active:r,changeResolutionStrategy:o,defaultOption:i,readonly:c}=t,m=()=>{c||o()};return e.createElement(te,{className:`${n.card}`,onClick:m},e.createElement(ol,{disabled:c},e.createElement(he,null,e.createElement(At,{className:n.cardHeader,avatar:e.createElement(il,{checked:r,color:"primary",disabled:c}),title:e.createElement("div",{className:n.title},e.createElement(h,{variant:"h6",component:"h2"},l),i?e.createElement(se,{label:"Default",size:"small",className:n.defaultChip}):null),subheader:a}))))}const ra=C(t=>({title:{display:"flex",alignItems:"center",paddingBottom:t.spacing(2)},maxWidthWrapper:{maxWidth:"800px"},readOnlyChip:{marginLeft:t.spacing(1)},paragraph:{paddingBottom:t.spacing(1)}}));function aa(){const{versionId:t}=nt();return je(t),e.createElement(Qe,{policyId:t},e.createElement(oa,null))}function oa(){const t=ra(),{policy:n,updateLocalDraft:l}=_(),a=q(),r=n.status!=="draft",o=i=>{l({...n,options:{...n.options,resolutionStrategy:i}})};return e.createElement(qe,{pages:[{title:n.name,path:".."},{title:"Options"}],header:e.createElement(Be,{title:"Options"},e.createElement(P,{variant:"outlined",color:"primary",onClick:()=>a("..",{relative:"path"})},"Back to policy"))},e.createElement(O,{item:!0,xs:12,className:t.maxWidthWrapper},e.createElement("div",null,e.createElement("div",{className:t.title},e.createElement(h,{variant:"h5",component:"h1"},"Decision resolution strategy"),r?e.createElement(se,{label:"Read only",className:t.readOnlyChip}):null),e.createElement(h,{variant:"body2",component:"p",className:t.paragraph},"Multiple decisions from multiple roles could be applicable to a single user when authorizing a permission request. Please select the decision resolution strategy that makes sense for your policy."),e.createElement(h,{variant:"body2",component:"p",className:t.paragraph},"Please note this strategy will be applied to the whole policy and greatly affects the outcome of permission decisions."),e.createElement(tn,{title:"Any-allow",changeResolutionStrategy:()=>o("any-allow"),readonly:r,defaultOption:!0,description:e.createElement(e.Fragment,null,e.createElement(h,{variant:"body2",color:"textSecondary",component:"p",className:t.paragraph},"The first allow decision from all of the roles and decisions is the final result. A single explicit allow or an allow as a result of a conditional decision would result in a final allow decision, otherwise the decision is deny."),e.createElement(h,{variant:"body2",color:"textSecondary",component:"p",className:t.paragraph},"With this option, the order of roles and decisions does not matter.")),active:n.options.resolutionStrategy==="any-allow"}),e.createElement(tn,{title:"First match",changeResolutionStrategy:()=>o("first-match"),readonly:r,description:e.createElement(e.Fragment,null,e.createElement(h,{variant:"body2",color:"textSecondary",component:"p",className:t.paragraph},"The first matching decision from the first matching role that is applicable to the user is the final result, regardless if that decision is an allow, deny or conditional."),e.createElement(h,{variant:"body2",color:"textSecondary",component:"p",className:t.paragraph},"With this option, the order in which you define roles and decisions matters.")),active:n.options.resolutionStrategy==="first-match"}))))}const nn=t=>{if(t.success)return{};const n={};for(const l of t.error.issues)n[l.path.join(".")]=!0;return n},ia=C(t=>({container:{display:"flex",position:"relative",alignItems:"center",gap:t.spacing(1),flexShrink:1,maxWidth:"100%",minWidth:0},input:({invalid:n})=>({boxSizing:"content-box",display:"block",maxWidth:"100%",padding:0,borderWidth:2,borderStyle:"solid",borderColor:n?t.palette.error.main:"transparent",borderRadius:t.shape.borderRadius,backgroundColor:"transparent",color:t.palette.textContrast,fontFamily:"inherit",fontSize:"inherit",lineHeight:"inherit",fontWeight:"inherit",textOverflow:"ellipsis"}),hiddenSpan:{position:"absolute",top:0,left:0,borderWidth:1,whiteSpace:"pre",opacity:0,pointerEvents:"none"}}));function ln({invalid:t,name:n,value:l,onTextChange:a}){const r=ia({invalid:t}),[o,i]=R(!1),[c,m]=R(null),s=ye(null),[p,u]=R(l);J(()=>{u(l)},[l]),Xn(()=>{s.current&&c&&s.current.style.setProperty("width",`max(${c.getBoundingClientRect().width}px, 3ch)`)},[c,p]);const d=()=>{i(!1),u(l)},x=()=>{i(!1),a==null||a(p)},f=()=>{var g;o?x():(i(!0),(g=s.current)==null||g.focus())},y=g=>{var w;g.key==="Enter"&&((w=s.current)==null||w.blur()),g.key==="Escape"&&d()};return e.createElement(e.Fragment,null,e.createElement("div",{className:r.container},e.createElement("input",{"aria-label":n,className:r.input,name:n,ref:s,onChange:g=>u(g.target.value),onFocus:f,onBlur:x,onKeyDown:y,value:p}),e.createElement("span",{"aria-hidden":"true",className:r.hiddenSpan,ref:m},p),e.createElement(j,{onClick:f,size:"small"},o?e.createElement(Ul,{"aria-label":"Save title"}):e.createElement(Vl,{"aria-label":"Edit title"}))))}const ca=C(t=>({titleWrapper:{display:"flex",alignItems:"center",gap:t.spacing(2)}}));function rn({children:t}){const n=ca();return e.createElement(h,{noWrap:!0,variant:"h4",component:"h2",color:"textSecondary",className:n.titleWrapper},t)}const sa=C(t=>({fieldset:{border:"none",margin:`${t.spacing(3)}px 0 ${t.spacing(3)}px`,paddingLeft:"0"}})),an=({children:t,title:n})=>{const l=sa();return e.createElement("fieldset",{className:l.fieldset},e.createElement(h,{variant:"h6",component:"legend"},n),t)},ma=C(t=>({chipContainer:{marginTop:t.spacing(1),marginLeft:t.spacing(1),display:"flex",flexWrap:"wrap"}})),da=e.forwardRef(({selectedPermissionNames:t,setSelectedPermissionNames:n,errorMessage:l},a)=>{const r=ma(),{permissions:o}=Te();return e.createElement(e.Fragment,null,e.createElement(ve,{fullWidth:!0,error:!!l},e.createElement(de,{id:"selectLabel"},"Select permissions"),e.createElement(be,{ref:a,native:!1,displayEmpty:!0,multiple:!0,value:t,onChange:i=>n(i.target.value),input:e.createElement(Rt,null),"aria-labelledby":"selectLabel",renderValue:i=>e.createElement("div",{className:r.chipContainer,"aria-labelledby":"selectLabel"},o==null?void 0:o.filter(c=>i.includes(c.name)).map(c=>e.createElement(se,{key:c.name,label:c.name})))},o==null?void 0:o.map(i=>e.createElement(H,{key:i.name,value:i.name},e.createElement(Ce,{color:"primary",checked:t.includes(i.name),name:i.name,value:i.name,required:!0}),e.createElement(Q,{primary:i.name})))),e.createElement(rt,null,l)))}),Y=({name:t})=>{const n=B(()=>t.includes(".")?t.split(/(\.)/g).flatMap(l=>[l,e.createElement("wbr",null)]):[t],[t]);return e.createElement(e.Fragment,null,n.map((l,a)=>e.createElement(e.Fragment,{key:a},l)))},on=({authorizeResult:t,size:n})=>{switch(t){case F.ALLOW:return e.createElement(ql,{fontSize:n});case F.DENY:return e.createElement(Kl,{fontSize:n});case F.CONDITIONAL:return e.createElement(Jl,{fontSize:n});default:return null}},ua=["condition","anyOf","allOf","not"],cn={condition:"Condition",anyOf:"Any of",allOf:"All of",not:"Not"};function Ct(t){return t===null?!1:t.hasOwnProperty("id")&&t.hasOwnProperty("ruleName")&&t.hasOwnProperty("parameters")}function Se(t){return t.hasOwnProperty("levelType")}function pa(t){return t==="anyOf"||t==="allOf"||t==="not"}const Ea=C(()=>({root:{fontFamily:"monospace"}})),sn=({children:t})=>{const n=Ea();return e.createElement(h,{variant:"body2",className:n.root},t)},fa=C(t=>({rule:{color:t.palette.type==="light"?"#EB0014":"#FF8F9C"},parameters:{color:t.palette.type==="light"?"#E22134":"#EE96A0"}}));function mn({condition:t}){const n=fa();return e.createElement(sn,null,e.createElement(E,{component:"span",className:n.rule},t.ruleName,"(",e.createElement(E,{component:"span",className:n.parameters},JSON.stringify(t.parameters,null,1)),")"))}const ya=({children:t})=>e.createElement(E,{pl:2},t);function dn({level:t}){return e.createElement(e.Fragment,null,e.createElement(sn,null,cn[t.levelType]),e.createElement(ya,null,t.children.map((n,l)=>Se(n)?e.createElement(dn,{key:l,level:n}):e.createElement(mn,{key:l,condition:n}))))}const ga=C(t=>({resultsBox:{border:`1px solid ${t.palette.border}`,borderRadius:t.shape.borderRadius,padding:t.spacing(2)}}));function ha({permissionCriteria:t}){const n=ga();return e.createElement(E,{className:n.resultsBox},Ct(t)&&e.createElement(mn,{condition:t}),Se(t)&&e.createElement(dn,{level:t}))}const va=C(t=>({conditionResultText:{color:t.palette.success.main},conditionDecisionText:{padding:`0 0 ${t.spacing(3)}px`}}));function un({permissionCriteria:t}){const n=va();return e.createElement("div",null,e.createElement(h,{component:"p",variant:"body1",className:n.conditionDecisionText},"If the below conditions are met then the action is"," ",e.createElement("strong",{className:n.conditionResultText},"allowed.")),e.createElement(ha,{permissionCriteria:t}))}function ba(t){return t?{id:t.id,match:Ca(t),decisionType:xa(t),criteria:Ye(t.decision)?Ae(t.decision.conditions):null}:{id:pe(),match:{method:"specificPermission"},decisionType:"allow",criteria:null}}function Ca(t){var n;return t.match==="*"?{method:"all"}:t.match.name?{method:"specificPermission",name:t.match.name}:t.match.resourceType||(n=t.match.actions)!=null&&n.length?{method:"filter",resourceType:t.match.resourceType,actions:t.match.actions}:{method:"specificPermission"}}function xa(t){return typeof t.decision=="string"?t.decision:"conditional"}function Ae(t){const n=pe();return wl(t)?{id:n,levelType:"allOf",children:t.allOf.map(l=>Ae(l))}:Dl(t)?{id:n,levelType:"anyOf",children:t.anyOf.map(l=>Ae(l))}:Nl(t)?{id:n,levelType:"not",children:[Ae(t.not)]}:{id:n,ruleName:t.rule,parameters:t.params}}function pn(t,n){if(!t)return!1;if(Se(t))return t.children.length>0&&t.children.every(a=>pn(a,n));if(!t.ruleName)return!1;const l=n==null?void 0:n.find(({name:a})=>a===t.ruleName);return l?l.paramsSchema?new dt({allErrors:!0}).compile(l.paramsSchema)(t.parameters):!0:!1}function wa(t,n,l){return{id:t,match:En(n,l),decision:l}}function En({method:t,...n},l){return t==="all"?"*":l&&Ye(l)?{resourceType:l.resourceType,...n}:n}function xt(t){return Ct(t)?{rule:t.ruleName,params:t.parameters}:t.levelType==="not"?{not:xt(t.children[0])}:{[t.levelType]:t.children.map(n=>xt(n))}}const Da=C(()=>({decisionRowCell:{fontWeight:"bold"}})),Ze=({children:t,ledToDecision:n,color:l})=>{const a=Da();return e.createElement(h,{variant:"body1",component:"span",classes:{root:n?a.decisionRowCell:void 0},color:l},t)},Na=({ledToDecision:t})=>e.createElement(Ze,{ledToDecision:t,color:t===!1?"textSecondary":void 0},t?"Yes":"No"),Pa=C(t=>({decisionCell:{display:"flex",justifyItems:"center"},decisionIconContainer:{display:"flex",alignItems:"center",marginRight:t.spacing(1)},decisionIconAllow:{color:t.palette.success.main},decisionIconDeny:{color:t.palette.error.main},decisionIconConditional:{color:t.palette.info.main}})),Ta=t=>{switch(t){case F.ALLOW:return"Allow";case F.DENY:return"Deny";case F.CONDITIONAL:return"Conditional";default:return"Permission not found in role"}},Sa=(t,n)=>{let l;switch(t){case F.ALLOW:l=n.decisionIconAllow;break;case F.DENY:l=n.decisionIconDeny;break;case F.CONDITIONAL:l=n.decisionIconConditional;break;default:return}return`${n.decisionIconContainer} ${l}`},Aa=({ledToDecision:t,authorizeResult:n})=>{const l=Pa();return e.createElement("div",{className:l.decisionCell},n!==null&&e.createElement("span",{className:Sa(n,l)},e.createElement(on,{authorizeResult:n,size:"small"})),e.createElement(Ze,{ledToDecision:t,color:t===!1?"textSecondary":void 0},Ta(n)))},Ra=({permissionName:t,ledToDecision:n})=>e.createElement(Ze,{ledToDecision:n,color:n===!1?"textSecondary":void 0},e.createElement(Y,{name:t})),$a=({role:t,ledToDecision:n})=>e.createElement(ae,{to:`roles/${t.id}`},e.createElement(Ze,{ledToDecision:n,color:"primary"},t.name)),Ia=C(t=>({tableHeader:{borderBottom:`1px solid ${t.palette.border}`}})),Re=({children:t})=>{const n=Ia();return e.createElement(D,{size:"small",classes:{root:n.tableHeader}},t)},ka=C(t=>({userCell:{borderRight:`1px solid ${t.palette.border}`,color:t.palette.text.secondary,background:t.palette.background.paper}})),Oa=({rowCount:t})=>{const n=ka();return e.createElement(D,{size:"small",padding:"none",align:"center",rowSpan:t,classes:{root:n.userCell}},e.createElement(qn,null))},Ba=C(t=>({tableContainer:{border:`1px solid ${t.palette.border}`,borderRadius:t.shape.borderRadius},tableRow:{"&, &:nth-child(odd)":{background:t.palette.background.paper}},decisionTableRow:{"&, &:nth-child(odd)":{background:t.palette.type==="light"?t.palette.infoBackground:t.palette.grey[900]}}})),La=t=>{if(Ye(t))return F.CONDITIONAL;if(typeof t=="string")switch(t){case"allow":return F.ALLOW;case"deny":return F.DENY;default:throw new Error(`Unknown decision: ${t}`)}throw new Error("Unknown decision type found.")},Ma=(t,n)=>n.some(l=>l.rolePermissionId===t.id),Fa=t=>B(()=>{const{roles:n,permission:l,decisionOrigin:a}=t,r=[];for(const o of n){const i=kt(o,l);if(i.length>0)for(const c of i)r.push({role:o,permission:l,authorizeResult:La(c.decision),ledToDecision:Ma(c,a)});else r.push({role:o,permission:l,authorizeResult:null,ledToDecision:!1})}return r},[t]),za=({resultRow:t})=>{const n=Ba(),l=Fa(t);return e.createElement(E,{marginTop:3,marginBottom:3},e.createElement(cl,{classes:{root:n.tableContainer}},e.createElement(Ue,null,e.createElement(Ve,null,e.createElement(U,{classes:{root:n.tableRow}},e.createElement(Re,null),e.createElement(Re,null,"Role"),e.createElement(Re,null,"Permission"),e.createElement(Re,null,"Decision"),e.createElement(Re,null,"Is deciding role"))),e.createElement(Ge,null,l.map((a,r)=>{const o=r===0;return e.createElement(U,{key:r,classes:{root:a.ledToDecision?n.decisionTableRow:n.tableRow}},o?e.createElement(Oa,{rowCount:l.length}):null,e.createElement(D,{size:"small"},e.createElement($a,{role:a.role,ledToDecision:a.ledToDecision})),e.createElement(D,{size:"small"},e.createElement(Ra,{permissionName:a.permission.name,ledToDecision:a.ledToDecision})),e.createElement(D,{size:"small"},e.createElement(Aa,{authorizeResult:a.authorizeResult,ledToDecision:a.ledToDecision})),e.createElement(D,{size:"small"},e.createElement(Na,{ledToDecision:a.ledToDecision})))})))))},Wa=C(t=>({container:{display:"flex",flexDirection:"row",gap:t.spacing(1)},infoIcon:{color:t.palette.textSubtle}})),Ha=({policy:t,roles:n,permission:l})=>{const a=n.flatMap(o=>kt(o,l));let r;if(n.length===0)r=e.createElement(e.Fragment,null,"A user with no assigned roles will be denied access to"," ",e.createElement("strong",null,e.createElement(Y,{name:l.name})),".");else if(!a.length)r=e.createElement(e.Fragment,null,"None of the roles explicitly sets a rule for the permission"," ",e.createElement("strong",null,e.createElement(Y,{name:l.name})),", which means that a user who has all of these roles will be denied access to"," ",e.createElement("strong",null,e.createElement(Y,{name:l.name})),".");else if(t.options.resolutionStrategy==="any-allow")r=e.createElement(e.Fragment,null,"None of the roles explicitly sets an allow or conditional rule for the permission"," ",e.createElement("strong",null,e.createElement(Y,{name:l.name})),". Since the resolution strategy for this policy is"," ",e.createElement("strong",null,"any-allow"),", a user who has all of these roles will be denied access to"," ",e.createElement("strong",null,e.createElement(Y,{name:l.name})),".");else throw t.options.resolutionStrategy==="first-match"?new Error("Trying to render ImplicitDecisionInfo for a first-match policy that has matching role permission. This should not happen, since the decision should be explicit by the matching role permission."):new Error(`Unknown resolution strategy ${t.options.resolutionStrategy}. Cannot render ImplicitDecisionInfo.`);return e.createElement(e.Fragment,null,e.createElement("strong",null,"Implicit decision")," \u2013 ",r)},Ua=({policy:t,permission:n,roles:l,decision:a,decisionOrigin:r})=>{const o=l.find(c=>c.id===r[0].roleId);let i;if(t.options.resolutionStrategy==="first-match"){if(!o)throw new Error("Expected decision origin role for first-match explicit decision but found none.");i=e.createElement(e.Fragment,null,"The role ",e.createElement("strong",null,o.name)," explicitly sets a rule for the permission"," ",e.createElement("strong",null,e.createElement(Y,{name:n.name})),". Since the resolution strategy for this policy is"," ",e.createElement("strong",null,"first-match"),", no other roles are applied.")}else if(t.options.resolutionStrategy==="any-allow"){if(a.result===F.ALLOW){if(!o)throw new Error("Expected decision origin role for any-allow explicit allow decision but found none.");i=e.createElement(e.Fragment,null,"The role ",e.createElement("strong",null,o.name)," is the first role that explicitly sets an allow decision for the permission"," ",e.createElement("strong",null,e.createElement(Y,{name:n.name})),". Since the resolution strategy for this policy is"," ",e.createElement("strong",null,"any-allow"),", this decides the outcome.")}else if(a.result===F.CONDITIONAL)if(r.length===1){if(!o)throw new Error("Expected decision origin role for any-allow explicit allow decision but found none.");i=e.createElement(e.Fragment,null,"The role ",e.createElement("strong",null,o.name)," is the first role that explicitly sets a decision for the permission"," ",e.createElement("strong",null,e.createElement(Y,{name:n.name})),". Since the resolution strategy for this policy is"," ",e.createElement("strong",null,"any-allow"),", this decides the outcome.")}else i=e.createElement(e.Fragment,null,"Multiple roles explicitly set a rule for the permission"," ",e.createElement("strong",null,e.createElement(Y,{name:n.name})),". Since the resolution strategy for this policy is"," ",e.createElement("strong",null,"any-allow"),", these decide the outcome.")}else throw new Error(`Unknown resolution strategy ${t.options.resolutionStrategy}. Cannot render ExplicitDecisionInfo.`);return e.createElement(e.Fragment,null,e.createElement("strong",null,"Explicit decision")," \u2013 ",i)},Va=({roles:t,permission:n,decision:l,decisionOrigin:a})=>{const{policy:r}=_(),o=Wa();return e.createElement("div",{className:o.container},e.createElement(Ql,{fontSize:"small",titleAccess:"",className:o.infoIcon}),e.createElement(h,{variant:"body1",component:"p"},a.length===0?e.createElement(Ha,{policy:r,roles:t,permission:n}):e.createElement(Ua,{policy:r,permission:n,roles:t,decision:l,decisionOrigin:a})))},Ga=C(t=>({heading:{fontWeight:"bold"},subtitle:{color:t.palette.text.secondary},criteriaSummarySpacing:{marginBottom:t.spacing(3)}})),ja=({resultRow:t})=>{const n=Ga();return e.createElement(e.Fragment,null,t.roles.length>0?e.createElement(e.Fragment,null,e.createElement(h,{variant:"body1",component:"h6",className:n.heading},"Decision breakdown"),e.createElement(h,{variant:"subtitle1",component:"p",className:n.subtitle},"See what role results in this decision."),e.createElement(za,{resultRow:t})):null,t.decision.result===F.CONDITIONAL?e.createElement("div",{className:n.criteriaSummarySpacing},e.createElement(un,{permissionCriteria:Ae(t.decision.conditions)})):null,e.createElement(Va,{roles:t.roles,permission:t.permission,decision:t.decision,decisionOrigin:t.decisionOrigin}))};function fn(t,n){switch(n){case"small":return t.typography.caption;case"medium":return t.typography.body1;case"large":return t.typography.subtitle1;default:return t.typography.caption}}function yn(t){switch(t){case"small":return .2;case"medium":return .3;case"large":return 1;default:return .8}}const _a=C(t=>({root:{display:"inline-flex",fontWeight:"bold",borderRadius:"1000px",margin:t.spacing(1),padding:t.spacing(0,1)},message:({size:n})=>({fontSize:fn(t,n).fontSize,font:fn(t,n).font,verticalAlign:"middle",padding:t.spacing(yn(n),0,yn(n),0)})}),{name:"MuiAlert"});function gn(t){var n;const l=_a({size:t.size||"small"});return e.createElement(zt,{classes:{root:l.root,message:l.message},role:"textbox",severity:t.severity,icon:(n=t.icon)!=null?n:!1,variant:t.outlined?"outlined":"standard",title:t.text},t.text)}function Ya({decision:t}){let n;switch(t.result){case"ALLOW":n={severity:"success",text:"Allow"};break;case"DENY":n={severity:"error",text:"Deny"};break;default:n={severity:"info",text:"Conditional"};break}return e.createElement(gn,{text:n.text,severity:n.severity,icon:e.createElement(on,{authorizeResult:t.result}),title:`${n.text} decision chip`,size:"large"})}const Ja=C(t=>({permissionName:{display:"flex",alignItems:"center",height:"100%",fontWeight:"bold"},detailsContainer:{padding:`${t.spacing(2)}px  ${t.spacing(1)}px 0`,borderTop:`1px solid ${t.palette.divider}`}})),qa=({resultRow:t})=>{const n=Ja();return e.createElement(sl,null,e.createElement(ml,{expandIcon:e.createElement(Yl,null),"aria-controls":"result{$resultIndex}-content",id:t.permission.name},e.createElement(O,{container:!0},e.createElement(O,{item:!0,xs:12,md:4},e.createElement(h,{variant:"body1",className:n.permissionName,component:"h5"},e.createElement(Y,{name:t.permission.name}))),e.createElement(O,{item:!0,xs:12,md:8},e.createElement(h,{variant:"body2"},t.roles.length>0?"For a user who has all the selected roles, the result will be:":"For a user with no assigned roles, the result will be:"),e.createElement(Ya,{decision:t.decision})))),e.createElement(dl,null,e.createElement("div",{className:n.detailsContainer},e.createElement(ja,{resultRow:t}))))},Ka=C(t=>({header:{borderTop:`1px solid ${t.palette.divider}`,padding:`${t.spacing(3)}px ${t.spacing(1)}px`,borderBottom:`1px solid ${t.palette.divider}`},resultHeading:{marginBottom:t.spacing(1)},accordionHeader:{padding:`${t.spacing(1)}px ${t.spacing(6)}px ${t.spacing(1)}px ${t.spacing(0)}px`,margin:"0"}})),Qa=({results:t,resolutionStrategy:n})=>{const l=Ka();return t.length?e.createElement(e.Fragment,null,e.createElement("div",{className:l.header},e.createElement(h,{variant:"h5",component:"h4",color:"textPrimary",className:l.resultHeading},"Test results"),e.createElement(zt,{severity:"info"},"All the tests are evaluated using"," ",e.createElement("strong",null,n),", which is the policy resolution strategy")),e.createElement(O,{container:!0,className:l.accordionHeader},e.createElement(O,{item:!0,xs:12,md:4},e.createElement(h,{variant:"body1",color:"textSecondary"},"Permission")),e.createElement(O,{item:!0,xs:12,md:8},e.createElement(h,{variant:"body1",color:"textSecondary"},"Result"))),t.map(a=>e.createElement(qa,{resultRow:a,key:a.permission.name}))):null},Xa=C(t=>({chipContainer:{marginTop:t.spacing(1),marginLeft:t.spacing(1),display:"flex",flexWrap:"wrap"}})),Za=({selectedRoleIds:t,setSelectedRoleIds:n})=>{const l=Xa(),{policy:a}=_();return e.createElement(e.Fragment,null,e.createElement(ve,{fullWidth:!0},e.createElement(de,{id:"selectLabel"},"Select roles"),e.createElement(be,{native:!1,displayEmpty:!0,multiple:!0,value:t,onChange:r=>n(r.target.value),input:e.createElement(Rt,null),"aria-labelledby":"selectLabel",renderValue:r=>e.createElement("div",{className:l.chipContainer,"aria-labelledby":"selectLabel"},a.roles.filter(o=>r.includes(o.id)).map(o=>e.createElement(se,{key:o.name,label:o.name})))},a.roles.map(r=>e.createElement(H,{key:r.id,value:r.id},e.createElement(Ce,{color:"primary",checked:t.includes(r.id),name:r.name,value:r.id}),e.createElement(Q,{primary:r.name}))))))},eo=Wt.array(Wt.string()),hn=(t,n,l)=>{const[a,r]=Ft(`@spotify/backstage-plugin-rbac:policyTesterForm:${t}`,[],{raw:!1,serializer:i=>JSON.stringify(i),deserializer:i=>{let c;try{c=JSON.parse(i)}catch(s){return console.error("Failed to parse json",s),[]}const m=eo.safeParse(c);return m.success?m.data:(console.error(`Stored value for ${t} has the wrong shape`,m.error),[])}}),o=B(()=>a!=null?a:[],[a]);return J(()=>{const i=new Set(n),c=o.some(m=>!i.has(m));!l&&c&&r(o.filter(m=>i.has(m)))},[n,o,r,l]),[o,r]},to=()=>{const{policy:t}=_(),{permissions:n}=Te(),l=k(V),[a,r]=R([]),o=I(async(c,m)=>{if(!n)return;const s=(await l.testPolicyDecisions(n.filter(p=>m.includes(p.name)).map(p=>({policyConfig:t,roleIds:c,permission:p})))).map(p=>({...p,roles:t.roles.filter(u=>c.includes(u.id))}));r(s)},[t,n,l,r]),i=I(()=>{r([])},[r]);return[a,o,i]},no=C(t=>({bodyText:{margin:`${t.spacing(1)}px 0`},clearButton:{marginLeft:t.spacing(1)}}));function lo(){const{policy:t}=_(),{permissions:n,isLoading:l}=Te(),a=B(()=>t.roles.map(T=>T.id),[t.roles]),r=B(()=>(n==null?void 0:n.map(T=>T.name))||[],[n]),o=ye(null),[i,c]=hn("roleIds",a),[m,s]=hn("permissionNames",r,l),[p,u]=R(""),[d,x,f]=to();J(()=>{f()},[t.roles,t.options,f]);const y=()=>{var T,z;m.length===0?((z=(T=o.current)==null?void 0:T.firstChild)==null||z.focus(),u("Please select at least one permission.")):x(i,m)},g=()=>{c([]),s([]),f(),u("")},w=no(),S=T=>{s(T),T.length>0&&u("")};return e.createElement(at,null,e.createElement(E,{justifyContent:"space-between",padding:2},e.createElement(h,{variant:"h3"},"Policy Tester"),e.createElement(h,{variant:"body1",component:"p",className:w.bodyText},"Use the policy tester to check if your changes will provide the access you intended for a user that has the roles you select below."),e.createElement(an,{title:"Which permissions do you want to test?"},e.createElement(da,{selectedPermissionNames:m,setSelectedPermissionNames:S,ref:o,errorMessage:p})),e.createElement(an,{title:"Which roles should the simulated user have?"},e.createElement(Za,{selectedRoleIds:i,setSelectedRoleIds:c})),e.createElement(E,{marginTop:3,component:"section"},e.createElement(P,{onClick:y,variant:"contained",color:"primary"},"Run tests"),e.createElement(P,{className:w.clearButton,color:"primary",variant:"outlined",startIcon:e.createElement(Gl,null),onClick:g},"Clear")),d&&d.length?e.createElement(E,{sx:{flexGrow:1},marginTop:4},e.createElement(Qa,{results:d,resolutionStrategy:t.options.resolutionStrategy})):null))}const vn=({children:t,onConfirm:n,message:l,title:a})=>{const[r,o]=R(!1),i=()=>o(!1),c=()=>o(!0),m=()=>{n(),i()};return e.createElement(e.Fragment,null,t({onClick:c}),e.createElement(ie,{open:r,onClose:i},e.createElement(He,null,e.createElement(E,{display:"flex",justifyContent:"space-between",alignItems:"center"},a)),e.createElement(ee,null,e.createElement(ul,null,l)),e.createElement(lt,null,e.createElement(P,{"aria-label":"Cancel action",color:"primary",onClick:i},"Cancel"),e.createElement(P,{"aria-label":"Confirm action",color:"secondary",onClick:m,variant:"contained"},"Confirm"))))},$e=t=>{const n=Pr(t.operation);return!t.operation||t.operation==="UNCHANGED"?null:e.createElement(gn,{size:t.size,text:n,severity:Nr(t.operation),outlined:!0})},bn=(t,n,l)=>{const a=n+l;if(a<0||a>=t.length)return t;const r=[...t];return[r[a],r[n]]=[r[n],r[a]],r},Cn=({array:t,index:n,onReorder:l})=>{const a=n===0,r=n===t.length-1;return e.createElement(E,{display:"flex"},e.createElement(j,{disabled:a,onClick:()=>l(bn(t,n,-1)),"aria-label":"Move up",size:"small"},e.createElement(Zl,null)),e.createElement(j,{disabled:r,onClick:()=>l(bn(t,n,1)),"aria-label":"Move down",size:"small"},e.createElement(Xl,null)))},xn=({helpText:t})=>e.createElement(E,{display:"flex",alignItems:"center"},e.createElement(E,{component:"span",mr:1},e.createElement(h,{variant:"body2",noWrap:!0},"Reorder")),e.createElement(ge,{title:t},e.createElement(Ht,{color:"primary","aria-label":t}))),ro="Use the arrows to change the order in which roles are evaluated.";function ao({}){const{diff:t,policy:n,createNewRole:l,updateLocalDraft:a}=_(),r=q(),o=oo(n),i=n.status!=="draft",c=n.options.resolutionStrategy==="any-allow",m=u=>{a({...n,roles:u})},s=u=>{a({...n,roles:n.roles.filter(({id:d})=>d!==u)})},p=()=>{r(`./roles/${l()}`)};return e.createElement(at,null,e.createElement(E,{display:"flex",justifyContent:"space-between",padding:2},e.createElement(h,{variant:"h3"},"Roles"),!i&&e.createElement(P,{color:"primary",variant:"outlined",startIcon:e.createElement(ut,null),onClick:()=>p()},"New role")),e.createElement(Ue,null,e.createElement(Ve,null,e.createElement(U,null,!i&&!c&&e.createElement(D,{style:{width:0}},e.createElement(xn,{helpText:ro})),e.createElement(D,null,"Name"),e.createElement(D,null,"Users"),e.createElement(D,null,"Groups"),!i&&e.createElement(D,{style:{width:0}}))),e.createElement(Ge,null,o.map((u,d)=>e.createElement(U,{key:d},!i&&!c&&e.createElement(D,null,e.createElement(Cn,{array:n.roles,index:d,onReorder:m})),e.createElement(D,null,e.createElement(E,{alignItems:"center",display:"flex",gridGap:8},e.createElement(ae,{to:`roles/${u.id}`},u.name),e.createElement($e,{operation:t==null?void 0:t.roles[u.id].role.operation}))),e.createElement(D,null,u.userCount),e.createElement(D,null,u.groupCount),!i&&e.createElement(D,{align:"right"},e.createElement(vn,{message:"Are you sure you want to remove this role?",title:"Remove role?",onConfirm:()=>s(u.id)},x=>e.createElement(j,{...x,"aria-label":"Remove role",size:"small"},e.createElement(De,null)))))))))}function oo(t){return t.roles.map(n=>({id:n.id,name:n.name,userCount:Array.isArray(n.members)?n.members.filter(l=>l.startsWith("user:")).length:n.members,groupCount:Array.isArray(n.members)?n.members.filter(l=>l.startsWith("group:")).length:n.members}))}const io=C(()=>({emptyStateImage:{width:"95%",zIndex:2,position:"relative",left:"50%",top:"50%",transform:"translate(-50%, 15%)"}}));function wn({src:t,alt:n}){const l=io();return e.createElement("img",{src:t,className:`${l.emptyStateImage} `,alt:n})}const co=C(t=>({cardHeader:{padding:t.spacing(3,3),borderBottom:`1px solid ${t.palette.border}`},cardContent:{padding:t.spacing(6,3),"& > *":{background:"transparent"}},emptyStateImage:{width:"95%",zIndex:2,position:"relative",left:"50%",top:"50%",transform:"translate(-50%, 15%)"}}));function so({readonly:t}){const n=co(),l=q(),{createNewRole:a}=_(),r=()=>{const o=a();l(`./roles/${o}`)};return e.createElement(te,null,e.createElement(At,{title:"Roles",className:n.cardHeader}),e.createElement(he,{className:n.cardContent},t?e.createElement(Oe,{title:"No roles configured",missing:"content"}):e.createElement(Oe,{title:"No roles yet",description:"Click the button below to create your first role.",missing:{customImage:e.createElement(wn,{src:er,alt:"No roles placeholder"})},action:e.createElement(P,{variant:"contained",color:"primary",onClick:()=>r()},"New role")})))}function mo(){const[t,n]=R(null),{hasDraftPolicy:l}=Ke(),{isValid:a,discardLocalDraft:r,exportPolicy:o,hasChanges:i,policy:c,saveLocalDraftToServer:m,saveAndPublish:s,publish:p}=_(),u=q(),[d,x]=vt(),f=g=>{n(g.currentTarget)},y=()=>{n(null)};return e.createElement(e.Fragment,null,e.createElement(pl,{variant:"contained",color:"primary"},c.status==="draft"&&e.createElement(P,{disabled:!a,onClick:()=>m()},"Save"),c.status==="inactive"&&e.createElement(P,{onClick:()=>p()},"Republish"),c.status==="active"&&e.createElement(P,{disabled:l||d.loading,onClick:()=>x(c)},"Duplicate"),e.createElement(P,{color:"primary",title:"options",size:"small",onClick:f},e.createElement(tr,null))),e.createElement($t,{getContentAnchorEl:null,anchorEl:t,anchorOrigin:{vertical:"bottom",horizontal:"right"},open:!!t,onClose:y,PaperProps:{style:{width:240}}},c.status==="draft"&&e.createElement(ot,null,e.createElement(H,{disabled:!a,onClick:()=>s()},e.createElement(me,null,e.createElement(nr,{fontSize:"small"})),e.createElement(Q,null,"Save & Publish")),e.createElement(H,{disabled:!i,onClick:()=>r()},e.createElement(me,null,e.createElement(rr,{color:i?"secondary":"inherit",fontSize:"small"})),e.createElement(Q,null,e.createElement(h,{color:i?"secondary":"inherit"},"Discard changes"))),e.createElement(it,null)),e.createElement(ot,null,e.createElement(H,{onClick:()=>o()},e.createElement(me,null,e.createElement(ar,{fontSize:"small"})),e.createElement(Q,null,"Export"))),e.createElement(it,null),e.createElement(ot,null,e.createElement(H,{disabled:!a,onClick:()=>u("./options")},e.createElement(me,null,e.createElement(lr,{fontSize:"small"})),e.createElement(Q,null,"Options")))))}function uo(){const{versionId:t}=nt();return je(t),e.createElement(Qe,{policyId:t},e.createElement(po,null))}function po(){const{policy:t,updateLocalDraft:n}=_(),l=o=>{n({...t,name:o})},a=nn(Pl.safeParse(t)).name,r=t.status!=="draft";return e.createElement(qe,{pages:[{title:t.name}],header:e.createElement(Be,{title:t.name,titleComponent:e.createElement(e.Fragment,null,e.createElement(rn,null,r?t.name:e.createElement(ln,{invalid:a,name:"Policy name",value:t.name,onTextChange:l}),e.createElement(Jt,{status:t.status})),Eo(t))},e.createElement(mo,null))},e.createElement(O,{container:!0,spacing:4},e.createElement(O,{item:!0,xs:12},t.roles.length>0?e.createElement(ao,null):e.createElement(so,{readonly:r})),e.createElement(O,{item:!0,xs:12},e.createElement(lo,null))))}function Eo(t){const n={created:"Created by ",published:"Last published by ",updated:"Last updated by "},{activityDateText:l,activityUser:a,timestamp:r}=Yt(t,n);return e.createElement(h,{variant:"body2"},e.createElement(h,{component:"span",display:"inline",variant:"body2"},`${l} ${a} `),e.createElement(_t,{timestamp:r}))}function fo(t,n){const l=(t!=null?t:[]).filter(o=>Tl(o,En(n))),a=or(l,o=>st(o)?o.resourceType:void 0),r=a.length===1&&st(a[0])?a[0].resourceType:void 0;return{permissions:l,commonResourceType:r}}const yo=C(()=>({addButton:{paddingLeft:40,paddingRight:40}}));function Dn({onSelect:t}){const n=yo(),l=ye(null),[a,r]=R(!1),o=()=>{r(i=>!i)};return e.createElement("div",null,e.createElement(P,{className:n.addButton,variant:"outlined",color:"primary",onClick:o,ref:l},"Add"),e.createElement($t,{anchorEl:l.current,open:a,onClose:o,BackdropProps:{}},ua.map(i=>e.createElement(H,{key:i,onClick:()=>{t==null||t(i),r(!1)}},cn[i]))))}const go=[];function ho(t){const{onChange:n,schema:l,name:a}=t,{description:r,items:o}=l,[i,c]=e.useState(!1),m=Array.isArray(t.value)?t.value:go,s=m.includes(xe),p=(g,w)=>{if(!Array.isArray(w)){const S=[...m];S[g]=w||"",n(S)}},u=I(()=>{n([...m,""])},[n,m]),d=g=>{n(m.filter((w,S)=>S!==g))},x=()=>{n(s?[]:[xe])},f=()=>{s&&c(!0)},y=()=>{c(!1)};return J(()=>{m.length?s&&m.length>1&&n([xe]):u()},[u,n,m,s]),!o||!("type"in o)?null:e.createElement(e.Fragment,null,(m!=null?m:[]).map((g,w,{length:S})=>e.createElement(Pn,{allowEmptyStrings:!0,key:w,onChange:T=>p(w,T),name:w===0?a:"",schema:{description:w===S-1?r:"",type:o.type},value:g,controls:e.createElement(j,{size:"small",onClick:()=>d(w)},e.createElement(ir,null))})),!!(m!=null&&m.length)&&e.createElement(E,{alignItems:"center",display:"flex",flexDirection:"row",justifyContent:"space-between"},e.createElement(E,null,e.createElement(It,{control:e.createElement(Ce,{checked:s,onChange:x,name:"checkedB",color:"primary"}),label:"Use the claims from the logged in users token"})),e.createElement(E,null,e.createElement(ge,{onClose:y,onOpen:f,open:i,title:"To add additional entries you must uncheck using the claims from the logged in user."},e.createElement("span",null,e.createElement(j,{disabled:s,size:"small",onClick:u},e.createElement(ut,null)))))))}function vo(t){const{onChange:n,schema:l,name:a,value:r}=t,{description:o}=l;return e.createElement(E,{mb:1},e.createElement(It,{control:e.createElement(Ce,{checked:r===!0,onChange:i=>{n(i.target.checked)},name:a,color:"primary"}),label:a}),o&&e.createElement(h,{display:"block",variant:"caption",color:"textSecondary"},o))}function bo({allowEmptyStrings:t,controls:n,name:l,onChange:a,schema:r,value:o}){const i=c=>{a(xo({value:c.currentTarget.value,type:r.type}))};return e.createElement(E,{mb:1},e.createElement(E,{display:"flex",gridGap:6},e.createElement(ce,{fullWidth:!0,id:l,label:l,placeholder:"Enter",variant:"outlined",size:"small",value:Co(o,t),onChange:wt(o,t)?void 0:i,disabled:wt(o,t)}),n&&e.createElement(E,{alignSelf:"center"},n)),r.description&&e.createElement(h,{variant:"caption",color:"textSecondary"},r.description,wt(o)&&!t&&e.createElement(e.Fragment,null," (switch to JSON editor to edit)")))}function wt(t,n=!1){return!n&&t===""||t===null||t===xe}function Co(t,n=!1){return!n&&t===""?"[empty string]":t===null?"[null]":t===xe?"[BackstageUserClaims]":t||""}function xo({value:t,type:n}){switch(n){case"string":return t===""?void 0:t;case"number":case"integer":return Number.isNaN(Number(t))?void 0:Number(t);case"null":return t==="null"?null:void 0;default:return}}function Nn(t){return!!t&&"type"in t&&(t.type==="array"||t.type==="boolean"||t.type==="null"||t.type==="number"||t.type==="integer"||t.type==="string")}function wo(t){return"type"in t&&t.type==="array"}function Do(t){return"type"in t&&t.type==="boolean"}function Pn({schema:t,...n}){return Nn(t)?wo(t)?e.createElement(ho,{...n,schema:t}):Do(t)?e.createElement(vo,{...n,schema:t}):e.createElement(bo,{...n,schema:t}):null}const No=new dt({allErrors:!0}),Po=C({textarea:{fontFamily:"monospace"}});function To({onChange:t,schema:n,value:l}){const a=Po(),[r,o]=R(!1),i=B(()=>No.compile(n),[n]);return e.createElement(ce,{InputProps:{classes:{input:a.textarea}},multiline:!0,fullWidth:!0,variant:"outlined",minRows:3,error:r,defaultValue:JSON.stringify(l,void 0,2),onChange:c=>{const m=c.target.value;if(m)try{const s=JSON.parse(m);i(s)&&(o(!1),t(s))}catch{o(!0)}}})}const So=new dt({allErrors:!0});function Ao({onChange:t,schema:n,value:l}){var a;const r=B(()=>So.compile(n),[n]),o=B(()=>r(l),[r,l]),i=Object.entries(n.properties),c=m=>s=>{t({...l,[m]:s})};return e.createElement(e.Fragment,null,i.map(([m,s])=>{var p;return e.createElement(Pn,{isRequired:((p=n.required)==null?void 0:p.includes(m))||!1,key:m,name:m,onChange:c(m),schema:s,value:l==null?void 0:l[m]})}),e.createElement(rt,{error:!o},(a=r.errors)==null?void 0:a[0].message))}const Ro=t=>!!t&&"properties"in t;function $o({onChange:t,rule:n,value:l}){const[a,r]=R(!1),{paramsSchema:o}=n!=null?n:{},i=()=>r(p=>!p);if(!Ro(o))return null;const c=!Io(o),m=c||a,s=e.createElement(P,{size:"small",onClick:i,disabled:c},m?"Close editor":"Edit as JSON");return e.createElement(E,{marginTop:2},e.createElement("form",null,m?e.createElement(To,{onChange:t,schema:o,value:l}):e.createElement(e.Fragment,null,e.createElement(E,{marginBottom:2},e.createElement(de,null,"Parameters")),e.createElement(Ao,{onChange:t,schema:o,value:l}))),e.createElement(E,{display:"flex",flexDirection:"column",alignItems:"flex-end",marginTop:1},c?e.createElement(ge,{title:"Only JSON editing is supported for this parameter",arrow:!0},e.createElement("span",null,s)):s))}function Io(t){return Object.values(t.properties).every(Nn)}const ko=C(t=>({conditionCard:{minWidth:t.spacing(63)},conditionCardBar:{height:t.spacing(1),backgroundImage:"linear-gradient(90deg, #007DFF 0%, #0057B2 100%)"},autocomplete:{flex:1}}));function Tn({ruleName:t,parameters:n,resourceType:l,onChange:a,onDelete:r}){var o;const i=ko(),c=Zt(),m=(o=c==null?void 0:c.filter(d=>d.resourceType===l))!=null?o:[],s=m.find(d=>d.name===t),p=d=>{a(d,{})},u=I(d=>{a(t,d)},[a,t]);return e.createElement(E,{display:"flex",alignItems:"center"},e.createElement(te,{className:i.conditionCard},e.createElement("div",{className:i.conditionCardBar}),e.createElement(he,null,e.createElement(E,null,e.createElement(E,null,e.createElement(mt,{className:i.autocomplete,"data-testid":"rule-select",getOptionLabel:d=>d.name,getOptionSelected:(d,x)=>d.name===x.name,options:m,onChange:(d,x)=>p(x?x.name:null),renderInput:d=>e.createElement(e.Fragment,null,e.createElement(E,{marginBottom:2},e.createElement(de,null,"Rule")),e.createElement(ce,{...d,placeholder:"Select",variant:"outlined",size:"small",name:"rule"})),renderOption:d=>e.createElement(E,null,e.createElement(h,{variant:"body2"},d.name),e.createElement(h,{noWrap:!0,variant:"caption"},d.description)),value:s||null,PopperComponent:d=>e.createElement(El,{...d,style:{width:"auto"},placement:"bottom-start"})})),e.createElement(E,{flex:"1"},e.createElement(E,{display:"flex",flexDirection:"column"},e.createElement($o,{rule:s,onChange:u,value:n})))))),e.createElement(E,{ml:1},e.createElement(j,{"aria-label":"delete",onClick:r,size:"small"},e.createElement(De,null))))}const Oo=C(t=>({conditionTypeFormControl:{minWidth:80,marginLeft:t.spacing(1)}}));function Bo({level:t,onSelect:n}){const l=Oo(),a=t.children.length>1;return e.createElement(E,{display:"flex",alignItems:"center"},e.createElement(ve,{className:l.conditionTypeFormControl},e.createElement(be,{value:t.levelType,onChange:r=>n==null?void 0:n(r.target.value)},e.createElement(H,{key:"anyOf",value:"anyOf"},"Any of"),e.createElement(H,{key:"allOf",value:"allOf"},"All of"),e.createElement(H,{key:"not",value:"not",disabled:a},"Not"))),e.createElement(E,{ml:1},e.createElement(j,{"aria-label":"delete",onClick:()=>n==null?void 0:n(null),size:"small"},e.createElement(De,null))))}function et(){return{id:pe(),ruleName:null,parameters:{}}}const Lo=C(t=>({treeVerticalSpacer:{width:t.spacing(2),borderLeft:`1px solid ${t.palette.status.aborted}`},treeHorizontalSpacer:{height:t.spacing(3),borderLeft:`1px solid ${t.palette.status.aborted}`},treeVerticalBranchHalf:{position:"absolute",height:"50%",borderLeft:`1px solid ${t.palette.status.aborted}`,alignSelf:"flex-start"},treeVerticalBranchFull:{borderLeft:`1px solid ${t.palette.status.aborted}`,alignSelf:"stretch"},treeHorizontalBranch:{width:t.spacing(2),borderTop:`1px solid ${t.palette.status.aborted}`}}));function Sn({level:t,resourceType:n,onChange:l,parentConditionType:a,isRoot:r=!1}){const o=Lo(),i=I((f,y)=>{const g=[...t.children];return g.splice(f,1,y),g},[t]),c=I(f=>{l({...t,children:f})},[l,t]),m=I(f=>{f===null?l(null):f==="not"&&t.children.length>1?l({...t,levelType:f,children:t.children.slice(0,1)}):l({...t,levelType:f})},[l,t]),s=I((f,y)=>{c(f===null?An(t.children,y):i(y,f))},[t,c,i]),p=f=>{const y=pe();f==="condition"?c([...t.children,et()]):f==="not"?c([...t.children,{id:y,levelType:f,children:[]}]):pa(f)&&c([...t.children,{id:y,levelType:f,children:[et()]}])},u=f=>{c(An(t.children,f))},d=B(()=>t.children.map((f,y)=>(g,w)=>{c(i(y,{...f,ruleName:g,parameters:w}))}),[t.children,c,i]),x=B(()=>t.children.map((f,y)=>g=>s(g,y)),[t.children,s]);return e.createElement("div",null,!r&&e.createElement("div",{className:o.treeHorizontalSpacer}),e.createElement(E,{display:"flex",alignItems:"center",position:"relative"},!r&&e.createElement(e.Fragment,null,e.createElement("div",{className:a==="not"?o.treeVerticalBranchHalf:o.treeVerticalBranchFull}),e.createElement("div",{className:o.treeHorizontalBranch})),e.createElement(Bo,{level:t,onSelect:m})),e.createElement(E,{display:"flex"},r||a==="not"?e.createElement(E,{pl:2}):e.createElement("div",{className:o.treeVerticalSpacer}),!r&&e.createElement(E,{pl:2}),e.createElement("div",null,t.children.map((f,y)=>Se(f)?e.createElement(E,{key:f.id},e.createElement(Sn,{level:f,resourceType:n,parentConditionType:t.levelType,onChange:x[y]})):e.createElement(Fe,{key:f.id},e.createElement("div",{className:o.treeHorizontalSpacer}),e.createElement(E,{display:"flex",alignItems:"center",position:"relative"},e.createElement("div",{className:t.levelType==="not"?o.treeVerticalBranchHalf:o.treeVerticalBranchFull}),e.createElement("div",{className:o.treeHorizontalBranch}),e.createElement(Tn,{ruleName:f.ruleName,parameters:f.parameters,resourceType:n,onChange:d[y],onDelete:()=>u(y)})))),!(t.levelType==="not"&&t.children.length>=1)&&e.createElement(e.Fragment,null,e.createElement("div",{className:o.treeHorizontalSpacer}),e.createElement(E,{display:"flex",alignItems:"center",position:"relative"},e.createElement("div",{className:o.treeVerticalBranchHalf}),e.createElement("div",{className:o.treeHorizontalBranch}),e.createElement(Dn,{onSelect:p}))))))}function An(t,n){const l=[...t];return l.splice(n,1),l}const Mo=C(t=>({paper:{backgroundColor:t.palette.background.default,padding:t.spacing(3),marginBottom:t.spacing(3),minHeight:t.spacing(48)}}));function Fo({permissionCriteria:t,resourceType:n,onUpdate:l,readonly:a=!1}){const r=Mo(),o=I(p=>{l(u=>({...u,...p}))},[l]),i=I(p=>{const u=pe();o(p==="condition"?et():p==="not"?{id:u,levelType:p,children:[]}:{id:u,levelType:p,children:[et()]})},[o]),c=I((p,u)=>{l(d=>({...d,ruleName:p,parameters:u}))},[l]),m=I(()=>{l(null)},[l]);let s;return a?s=e.createElement(un,{permissionCriteria:t}):t===null?s=e.createElement(Dn,{onSelect:i}):Ct(t)?s=e.createElement(Tn,{ruleName:t.ruleName,parameters:t.parameters,resourceType:n,onChange:c,onDelete:m}):Se(t)&&(s=e.createElement(Sn,{level:t,resourceType:n,onChange:l,isRoot:!0})),e.createElement(at,{variant:"outlined",className:r.paper},s)}const zo="Action";function Wo({actions:t,readonly:n,onActionsChange:l}){return e.createElement(mt,{multiple:!0,id:"match-by-attribute-dropdown",options:["create","read","update","delete"],getOptionLabel:a=>a,value:t!=null?t:[],onChange:(a,r)=>l==null?void 0:l(r),filterSelectedOptions:!0,renderInput:a=>e.createElement(ce,{...a,variant:"outlined",label:zo,placeholder:"Choose attributes",margin:"normal"}),disabled:n})}const Ho=C(()=>({fullWidth:{width:"100%","& > *":{flexGrow:1}}})),Rn="Permission name";function Uo({name:t="",readonly:n,onNameChange:l}){const a=Ho(),{permissions:r}=Te();return e.createElement(ve,{className:a.fullWidth,variant:"outlined",disabled:n},e.createElement(de,{id:"match-by-name-dropdown"},Rn),e.createElement(be,{labelId:"match-by-name-dropdown",label:Rn,value:r?t:"",onChange:o=>l==null?void 0:l(o.target.value)},r==null?void 0:r.map(o=>e.createElement(H,{key:o.name,value:o.name},o.name))))}const Vo=C(()=>({fullWidth:{width:"100%","& > *":{flexGrow:1}}})),$n="Resource type";function Go({resourceType:t="",readonly:n,onResourceTypeChange:l}){const a=Vo(),r=en();return e.createElement(ve,{className:a.fullWidth,variant:"outlined",disabled:n},e.createElement(de,{id:"match-by-resource-dropdown"},$n),e.createElement(be,{labelId:"match-by-resource-dropdown",label:$n,value:r?t:"",onChange:o=>l==null?void 0:l(o.target.value),displayEmpty:!0},r==null?void 0:r.map(o=>e.createElement(H,{key:o,value:o},o))))}function In(t){return`${t.palette.primary.main}50`}const jo=C(t=>({toggleButton:{"&.Mui-selected":{backgroundColor:In(t),color:t.palette.primary.main},"&.Mui-selected:hover":{backgroundColor:"#97BBE8"},color:t.palette.primary.main,border:`1px solid ${t.palette.primary.main}`}}));function Dt({className:t,...n}){const l=jo();return e.createElement(jl,{className:`${l.toggleButton} ${t}`,...n})}const _o=C({fullWidth:{width:"100%","& > *":{flexGrow:1}}});function Yo({className:t,fullWidth:n,...l}){const a=_o();return e.createElement(_l,{className:`${n?a.fullWidth:""} ${t}`,...l})}const Jo=C(t=>({indicator:{right:"unset"},tab:{maxWidth:"none","&.Mui-selected":{backgroundColor:In(t),color:t.palette.primary.main}}}));function qo({options:t,selected:n,onChange:l,readonly:a=!1}){const r=Jo();return e.createElement(fl,{orientation:"vertical",value:t.map(({id:o})=>o).indexOf(n),onChange:(o,i)=>l(t[i].id),indicatorColor:"primary",TabIndicatorProps:{className:r.indicator}},t.map(o=>e.createElement(yl,{key:o.id,label:o.displayText.toUpperCase(),className:r.tab,disabled:a})))}const Ko=C(t=>({dialogTitle:{display:"flex",alignItems:"center",justifyContent:"space-between"},fullWidth:{width:"100%","& > *":{flexGrow:1}},infoIcon:{position:"absolute",right:t.spacing(3)},content:{padding:t.spacing(7)},saveButton:{paddingLeft:t.spacing(5),paddingRight:t.spacing(5)},contentContainerConditional:{display:"flex",gap:t.spacing(5),maxWidth:1480}})),Qo={specificPermission:"Choose a specific permission",filter:"Filter by permission properties",all:"Match all permissions"},kn="Choose the name of a resource permission or filter by resource type to set a conditional decision.";function Xo({rolePermission:t,readonly:n=!1,onClose:l,onSave:a}){const r=Ko(),{permissions:o}=Te(),i=Zt(),c=ea(),m=ba(t),[s,p]=R(m.match),[u,d]=R(m.decisionType),[x,f]=R(m.criteria),y=B(()=>fo(o,s),[o,s]),g=u==="conditional",w=g?"xl":"sm";J(()=>{g&&o&&!y.commonResourceType&&d("allow")},[g,o,y.commonResourceType,d]);const S=A=>{A!==null&&d(A)},T=B(()=>s.method==="specificPermission"&&!s.name||s.method==="filter"&&!s.resourceType&&!s.actions,[s]),z=B(()=>y.permissions.length===0?!1:!T,[y,T]),M=B(()=>u!=="conditional"?!0:!(!y.commonResourceType||!(c!=null&&c[y.commonResourceType].pluginId)||!pn(x,i)),[u,y,c,x,i]),b=()=>{a==null||a(wa(m.id,s,u==="conditional"?{resourceType:y.commonResourceType,pluginId:c[y.commonResourceType].pluginId,conditions:xt(x)}:u))};return e.createElement(ie,{open:!0,maxWidth:w,onClose:l,fullWidth:!0},e.createElement(He,{disableTypography:!0,className:r.dialogTitle},e.createElement(h,{variant:"h4",component:"h2"},"New Permission Decision"),e.createElement(P,{startIcon:e.createElement(ct,null),onClick:l},"Close")),e.createElement(ee,{dividers:!0,className:r.content},e.createElement(E,{className:g?r.contentContainerConditional:void 0},e.createElement(E,{mb:5,flex:1},e.createElement(qo,{options:Object.entries(Qo).map(([A,v])=>({id:A,displayText:v})),selected:s.method,onChange:A=>p({method:A}),readonly:n})),e.createElement(E,{mb:5,height:189,flex:1},s.method==="specificPermission"&&e.createElement(Uo,{name:s.name,readonly:n,onNameChange:A=>p({...s,name:A})}),s.method==="filter"&&e.createElement(e.Fragment,null,e.createElement(Go,{resourceType:s.resourceType,readonly:n,onResourceTypeChange:A=>p({...s,resourceType:A})}),e.createElement(Wo,{actions:s.actions,readonly:n,onActionsChange:A=>p({...s,actions:A.length?A:void 0})}),T?null:e.createElement(e.Fragment,null,e.createElement(E,{marginY:2},e.createElement(it,{variant:"middle"})),e.createElement(rt,null,`Matched ${y.permissions.length} ${y.permissions.length===1?"permission":"permissions"}`)))),e.createElement(E,{mb:5,flex:1},e.createElement(E,{display:"flex",alignItems:"center"},e.createElement(Yo,{value:u,exclusive:!0,fullWidth:!0,"aria-label":"Decision result",onChange:(A,v)=>S(v)},e.createElement(Dt,{value:"allow","aria-label":"Decision allowed",disabled:n},"Allow"),e.createElement(Dt,{value:"deny","aria-label":"Decision denied",disabled:n},"Deny"),e.createElement(Dt,{value:"conditional","aria-label":"Decision conditionally allowed",disabled:!y.commonResourceType||n},"Conditional")),!g&&!n&&e.createElement(ge,{title:kn},e.createElement(Ht,{className:r.infoIcon,color:"primary","aria-label":kn}))))),u==="conditional"&&!!y.commonResourceType&&e.createElement(Fo,{permissionCriteria:x,resourceType:y.commonResourceType,onUpdate:f,readonly:n}),!n&&e.createElement(E,{display:"flex",justifyContent:"flex-end"},e.createElement(P,{variant:"contained",color:"primary",className:r.saveButton,onClick:b,disabled:!z||!M},"Save"))))}const Zo=e.forwardRef(function({children:t,role:n,...l},a){const r=B(()=>{const i=[];return Pt.forEach(t,c=>{if(ze(c)){const m=c.props.children[0];ze(m)&&i.push(m);const s=c.props.children[1];if(ze(s)){const p=Pt.toArray(s.props.children).filter(ze);i.push(...p)}}}),i},[t]),o=r.length;return e.createElement("div",{ref:a},e.createElement("ul",{...l},e.createElement(dr,{height:250,width:250,rowHeight:54,overscanCount:5,rowCount:o,rowRenderer:i=>e.cloneElement(r[i.index],{style:{...i.style,whiteSpace:"nowrap"}}),role:n})))}),ei=C({autocomplete:{display:"flex",flex:1}});function ti({members:t,options:n,namespaceOptions:l,loading:a=!1,disabled:r=!1,isMultiNamespaces:o=!1,onTextChange:i,onToggleMember:c,onChange:m}){const[s,p]=R(!1),u=ei(),[d,x]=Zn(g=>g+1,0),f=(g,w)=>{w&&(c(w),x())};J(()=>{s&&i("")},[s,i]);const y=o?l.concat((n==null?void 0:n.members)||[]):(n==null?void 0:n.members)||[];return e.createElement(E,{width:250},e.createElement(mt,{key:`${d}`,open:s,onOpen:()=>{p(!0)},onClose:()=>{p(!1)},onChange:f,getOptionLabel:Ie,groupBy:ni,ListboxComponent:Zo,renderOption:g=>e.createElement(e.Fragment,null,e.createElement(Ce,{id:`checkbox-${g.entityRef}`,checked:t.includes(g.entityRef),color:"primary"}),e.createElement("label",{htmlFor:`checkbox-${g.entityRef}`},o?Ie(g,!1):Ie(g))),options:y,openOnFocus:!0,disabled:r,loading:a,className:u.autocomplete,renderInput:g=>e.createElement(ce,{...g,label:o?"Select members":"Select specific users/groups",variant:"standard",onChange:m,InputProps:{...g.InputProps,endAdornment:e.createElement(e.Fragment,null,a?e.createElement(Tt,{color:"inherit",size:20}):null,g.InputProps.endAdornment)}})}))}function Ie(t,n=!0){var l;const a=ne(t.entityRef);return a.name==="*"?a.namespace:sr({...a,name:(l=t.name)!=null?l:a.name},{defaultKind:a.kind,defaultNamespace:n?cr:!1})}const On={user:"USERS",group:"GROUPS",namespace:"NAMESPACES"};function ni(t){const{name:n,kind:l}=ne(t.entityRef),a=n==="*"?"namespace":l;if(!On[a])throw new Error(`Group '${a}' is not supported for members in a policy`);return On[a]}const li=C(t=>({actionCol:{width:48},typeIconCol:{paddingRight:"0.4rem"},nameCol:{paddingLeft:0},typeIcon:{color:t.palette.grey[500]}}));function ri({diff:t,loading:n,isMultiNamespaces:l,members:a,error:r,onToggleMember:o,readonly:i=!1}){const c=li();if(n)return e.createElement(U,null,e.createElement(D,{scope:"row",colSpan:i?4:5},e.createElement(ke,null)));if(r&&r.message!=null,a==="*")return e.createElement(U,null,e.createElement(D,{colSpan:2,height:80},"All"),e.createElement(D,{colSpan:i?2:3},e.createElement($e,{operation:t==null?void 0:t.members["*"].operation})));if(a.length===0)return e.createElement(U,null,e.createElement(D,{scope:"row",colSpan:i?4:5},"Select users or groups using the drop-down menu above."));const m=a.sort((s,p)=>{let u=0;l&&p.name==="*"&&s.name!=="*"?u=1:l&&s.name==="*"&&p.name!=="*"&&(u=-1);const d=s.type.localeCompare(p.type),x=ne(s.entityRef).namespace.localeCompare(ne(p.entityRef).namespace),f=ne(s.entityRef).name.localeCompare(ne(p.entityRef).name);return u||d||x||f});return e.createElement(e.Fragment,null,m.map(s=>{var p;const{name:u,type:d,entityRef:x}=s;return e.createElement(U,{key:x},e.createElement(D,{className:c.typeIconCol},d==="group"&&e.createElement(ur,{className:c.typeIcon})||l&&u==="*"&&e.createElement(pr,{className:c.typeIcon})||e.createElement(Bt,{className:c.typeIcon})),e.createElement(D,{scope:"row",className:c.nameCol},(p=l?Ie(s,!1):Ie(s))!=null?p:"Unknown"),e.createElement(D,{scope:"row"},u==="*"&&l?"namespace":d),e.createElement(D,null,u&&e.createElement($e,{operation:t==null?void 0:t.members[x].operation})),!i&&e.createElement(D,{scope:"row",className:c.actionCol},e.createElement(j,{"aria-label":"delete",onClick:()=>o(s),size:"small"},e.createElement(De,null))))}))}const ai=C(()=>({header:{display:"flex",flexDirection:"row",justifyContent:"space-between",paddingLeft:"1rem",paddingRight:"1rem",gap:"1rem"},actionCol:{width:48},typeIconCol:{paddingRight:"0.4rem"},nameCol:{paddingLeft:0}}));function oi({diff:t,policyId:n,role:l,onToggleMember:a,readonly:r=!1,debounceTime:o=1e3}){const i=k(V),c=k(mr),m=ai(),s=l.members==="*",[p,u]=R(""),{current:d}=ye({}),x=v=>{d[v.entityRef]=v,a(v.entityRef)},f=v=>{var $;if(d[v])return d[v];const L=ne(v);return{entityRef:v,type:L.kind.toLowerCase(),name:($=L.name)!=null?$:v}},{value:y,loading:g}=Xr(),{loading:w,value:S}=we(async()=>{const v=await c.getEntityFacets({facets:["metadata.namespace"]}).then($=>$.facets["metadata.namespace"].map(L=>L.value));return ii(v)},[c]),T=S?(S==null?void 0:S.length)>1:!1,z=S?S.filter(v=>v.entityRef.toLowerCase().includes(p)):[],M=B(()=>gl(v=>{u(v.target.value.toLowerCase())},o),[u,o]),{loading:b,error:A}=we(async()=>{l.members==="*"||l.members.length===0||(await i.getPolicy(n)).roles.find(v=>v.id===l.id)===void 0||l.members.forEach(v=>{const $=f(v);d[$.entityRef]=$})},[n,s]);return e.createElement(e.Fragment,null,e.createElement("div",{className:m.header},e.createElement("h2",null,"Members"),e.createElement(ti,{onToggleMember:x,members:l.members,disabled:r,options:y,namespaceOptions:z,isMultiNamespaces:T,loading:g||w,onTextChange:u,onChange:M})),e.createElement(Ue,null,e.createElement(Ve,null,e.createElement(U,null,e.createElement(D,{className:m.typeIconCol}),e.createElement(D,{className:m.nameCol},"Name"),e.createElement(D,null,"Type"),e.createElement(D,null),!r&&e.createElement(D,{className:m.actionCol}))),e.createElement(Ge,null,e.createElement(ri,{diff:t,loading:b||w,isMultiNamespaces:T,error:A,members:Array.isArray(l.members)?l.members.map(f):l.members,onToggleMember:x,readonly:r}))))}function ii(t){return t.map(n=>({name:"*",type:"user",entityRef:`user:${n}/*`})).sort((n,l)=>n.entityRef.toLowerCase().localeCompare(l.entityRef.toLowerCase()))}const ci="Use the arrows to change the order in which permission decisions are evaluated.";function si({diff:t,permissions:n,onReorderPermissions:l,onNewPermissionClick:a,onOpenPermission:r,onRemovePermissionClick:o,anyAllow:i,readonly:c=!1}){return e.createElement(e.Fragment,null,e.createElement(E,{display:"flex",justifyContent:"space-between",padding:2},e.createElement(h,{variant:"h5"},"Permission Decisions"),!c&&n.length!==0&&e.createElement(P,{color:"primary",variant:"outlined",startIcon:e.createElement(ut,null),onClick:a},"New")),e.createElement(Ue,null,e.createElement(Ve,null,e.createElement(U,null,!c&&!i&&e.createElement(D,{style:{width:0}},e.createElement(xn,{helpText:ci})),e.createElement(D,null,"Match by"),e.createElement(D,null,"Decision"),e.createElement(D,null),!c&&e.createElement(D,null))),e.createElement(Ge,null,n.length===0&&e.createElement(U,null,e.createElement(D,{colSpan:5},e.createElement(Oe,{title:"No permission decisions set",description:"Click the button below to create your first permission.",missing:{customImage:e.createElement(wn,{src:Er,alt:"No permission placeholder"})},action:e.createElement(P,{variant:"contained",color:"primary",onClick:a},"New permission decision")}))),n.map((m,s)=>e.createElement(U,{key:s},!c&&!i&&e.createElement(D,null,e.createElement(Cn,{array:n,index:s,onReorder:l})),e.createElement(D,null,e.createElement(hl,{onClick:()=>r(s)},e.createElement(h,{variant:"body2",color:"primary"},pt(m)))),e.createElement(D,null,br(m)),e.createElement(D,null,e.createElement($e,{operation:t==null?void 0:t.permissions[m.id].operation})),!c&&e.createElement(D,{align:"right"},e.createElement(vn,{message:"Are you sure you want to remove this permission decision?",onConfirm:()=>o(s),title:"Remove?"},p=>e.createElement(j,{...p,"aria-label":"Remove permission decision",size:"small"},e.createElement(De,null)))))))))}function mi({roleId:t}){const{versionId:n,roleId:l}=nt(),a=t!=null?t:l;return je(a),je(n),e.createElement(Qe,{policyId:n},e.createElement(ui,{roleId:a}))}const di=C(t=>({cardContainer:{margin:t.spacing(0)}}));function ui({roleId:t}){const{diff:n,updateLocalDraft:l,policy:a}=_(),r=a.roles.find(v=>v.id===t),o=n==null?void 0:n.roles[t],[i,c]=R(null),[m,s]=R(!1),p=tt(),{NotFoundErrorPage:u}=p.getComponents(),d=q(),x=di();if(!r)return e.createElement(u,null);const f=r.name,y=v=>{const $=a.roles.findIndex(le=>le.id===v.id),L=[...a.roles];L.splice($,1,v),l({...a,roles:L})},g=v=>{y({...r,name:v})},w=v=>{if(i===null)y({...r,permissions:[v,...r.permissions]});else{const $=[...r.permissions];$.splice(i,1,v),y({...r,permissions:$})}s(!1)},S=v=>{if(v==="*")y({...r,members:r.members==="*"?[]:"*"});else if(r.members==="*")y({...r,members:[v]});else{const $=r.members.includes(v)?r.members.filter(L=>L!==v):[...r.members,v];y({...r,members:$.length===0?"*":$})}},T=v=>{y({...r,permissions:r.permissions.filter(($,L)=>v!==L)})},z=v=>{y({...r,permissions:v})},M=nn(Sl.safeParse(r)).name,b=a.status!=="draft",A=a.options.resolutionStrategy==="any-allow";return e.createElement(e.Fragment,null,e.createElement(qe,{pages:[{title:a.name,path:`../../../${a.id}`},{title:f}],header:e.createElement(Be,{titleComponent:e.createElement(rn,null,a.name," \xA0\u01C0",b?e.createElement(e.Fragment,null,"\xA0",f):e.createElement(ln,{invalid:M,value:f,onTextChange:g}),e.createElement($e,{operation:o==null?void 0:o.role.operation,size:"medium"})),description:a.description||void 0},e.createElement(P,{variant:"outlined",color:"primary",onClick:()=>d("../..",{relative:"path"})},"Back to policy"))},e.createElement(O,{container:!0,className:x.cardContainer,spacing:4,direction:"row"},e.createElement(O,{item:!0,xs:6},e.createElement(te,null,e.createElement(oi,{diff:o||null,role:r,policyId:a.id,onToggleMember:S,readonly:b}))),e.createElement(O,{item:!0,xs:6},e.createElement(te,null,e.createElement(si,{diff:o||null,permissions:r.permissions,onNewPermissionClick:()=>{c(null),s(!0)},onOpenPermission:v=>{c(v),s(!0)},onReorderPermissions:z,onRemovePermissionClick:T,anyAllow:A,readonly:b}))))),m&&e.createElement(Xo,{rolePermission:i!==null?r.permissions[i]:void 0,onClose:()=>s(!1),onSave:w,readonly:b}))}function pi(){const t=tt(),{NotFoundErrorPage:n}=t.getComponents();return e.createElement(nl,{loading:e.createElement(ke,null),unauthorized:e.createElement(n,null)},e.createElement(gr,null,e.createElement(Zr,null,e.createElement(Qr,null,e.createElement(tl,null,e.createElement(We,{element:e.createElement(Kr,null),path:"/"}),e.createElement(We,{element:e.createElement(uo,null),path:"/versions/:versionId"}),e.createElement(We,{element:e.createElement(aa,null),path:"/versions/:versionId/options"}),e.createElement(We,{element:e.createElement(mi,null),path:"/versions/:versionId/roles/:roleId"}))))))}export{pi as RBACRoot};
+//# sourceMappingURL=Root-5eafe743.esm.js.map

package/dist/esm/routes-28afb55d.esm.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import{createApiRef as v,createRouteRef as P}from"@backstage/core-plugin-api";import{ResponseError as R}from"@backstage/errors";import{PolicyResponseParser as $,PolicyParser as w,SearchMemberResponseParser as B,AuthorizeResponseParser as U,DraftResponseParser as u,TestPolicyDecisionResponseParser as T}from"@spotify/backstage-plugin-rbac-common";var C=Object.defineProperty,S=(s,i,t)=>i in s?C(s,i,{enumerable:!0,configurable:!0,writable:!0,value:t}):s[i]=t,m=(s,i,t)=>(S(s,typeof i!="symbol"?i+"":i,t),t),O=(s,i,t)=>{if(!i.has(s))throw TypeError("Cannot "+t)},y=(s,i,t)=>{if(i.has(s))throw TypeError("Cannot add the same private member more than once");i instanceof WeakSet?i.add(s):i.set(s,t)},r=(s,i,t)=>(O(s,i,"access private method"),t),f,A,d,b,c,o;const k=v({id:"plugin.rbac"});class D{constructor(i){y(this,f),y(this,d),y(this,c),m(this,"fetchApi"),m(this,"discoveryApi"),this.fetchApi=i.fetchApi,this.discoveryApi=i.discoveryApi}async getPolicies(){const{fetch:i}=this.fetchApi,t=await i(`${await this.discoveryApi.getBaseUrl("rbac")}/policies`),e=await r(this,c,o).call(this,t);return $.parse(e)}async getPolicy(i){const{fetch:t}=this.fetchApi,e=await t(`${await this.discoveryApi.getBaseUrl("rbac")}/policies/${i}`),a=await r(this,c,o).call(this,e);return w.parse(a)}async getActivePolicy(){const{fetch:i}=this.fetchApi,t=await i(`${await this.discoveryApi.getBaseUrl("rbac")}/policies/active`),e=await r(this,c,o).call(this,t);return w.parse(e)}async searchMembers(i){const{fetch:t}=this.fetchApi,e=await t(`${await this.discoveryApi.getBaseUrl("rbac")}/members?query=${encodeURIComponent(i.query)}`),a=await r(this,c,o).call(this,e);return B.parse(a)}async authorize(){const{fetch:i}=this.fetchApi,t=await i(`${await this.discoveryApi.getBaseUrl("rbac")}/authorize`),e=await r(this,c,o).call(this,t);return U.parse(e)}async createDraft(i){const{fetch:t}=this.fetchApi,e=await t(`${await this.discoveryApi.getBaseUrl("rbac")}/policies`,{method:"POST",body:JSON.stringify(i),headers:{"Content-Type":"application/json"}}),a=await r(this,c,o).call(this,e);return u.parse(a)}async updateDraft(i,t){const{fetch:e}=this.fetchApi,a=await e(`${await this.discoveryApi.getBaseUrl("rbac")}/policies/${i}`,{method:"PATCH",body:JSON.stringify(t),headers:{"Content-Type":"application/json"}}),n=await r(this,c,o).call(this,a);return u.parse(n)}async deleteDraft(i){const{fetch:t}=this.fetchApi,e=await t(`${await this.discoveryApi.getBaseUrl("rbac")}/policies/${i}`,{method:"DELETE"});return await r(this,c,o).call(this,e)}async publishPolicy(i,t){const{fetch:e}=this.fetchApi,a=await e(`${await this.discoveryApi.getBaseUrl("rbac")}/policies/${i}/publish`,{method:"PUT",headers:{"Content-Type":"application/json"},body:JSON.stringify(t)});return await r(this,c,o).call(this,a)}async testPolicyDecisions(i){return await Promise.all(i.map(async t=>{const{policyConfig:e,roleIds:a,permission:n}=t,{decision:h,decisionOrigin:l}=await r(this,f,A).call(this,e,a,n);return{decision:h,permission:n,decisionOrigin:l}}))}async fetchAllPermissionMetadata(i){const t=await Promise.all(i.map(e=>r(this,d,b).call(this,e)));return{permissions:t.flatMap(({permissions:e})=>e),rules:t.flatMap(({rules:e})=>e)}}}f=new WeakSet,A=async function(s,i,t){const{fetch:e}=this.fetchApi,a=await e(`${await this.discoveryApi.getBaseUrl("rbac")}/policies/test-policy-decision`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({policyConfig:s,roleIds:i,permission:t})}),n=await r(this,c,o).call(this,a);return T.parse(n)},d=new WeakSet,b=async function(s){var i,t,e,a;const n=await this.discoveryApi.getBaseUrl(s);let h;try{const p=await this.fetchApi.fetch(`${n}/.well-known/backstage/permissions/metadata`);h=await r(this,c,o).call(this,p)}catch{return{permissions:[],rules:[]}}const l=(t=(i=h.permissions)==null?void 0:i.filter(Boolean))!=null?t:[],g=(a=(e=h.rules)==null?void 0:e.filter(Boolean))!=null?a:[];return{permissions:l,rules:g.map(p=>({...p,pluginId:s}))}},c=new WeakSet,o=async function(s){var i,t;if(s.ok)return s.status===204?void 0:s.json();const e=await R.fromResponse(s);throw e.message=(t=(i=e.body.error.message)!=null?i:e.message)!=null?t:"Unknown error",e};const j=P({id:"rbac"});export{D as R,k as a,j as r};
2	+ //# sourceMappingURL=routes-28afb55d.esm.js.map

package/dist/index.d.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 /// <reference types="react" />
 import * as _backstage_core_plugin_api from '@backstage/core-plugin-api';
-import React from 'react';
 import { SidebarItem } from '@backstage/core-components';
+import React from 'react';
 /**
  * @public

package/dist/index.esm.js CHANGED Viewed

@@ -1,2 +1,2 @@
-import{R as m,c as p,b as R}from"./esm/index-9f94edaa.esm.js";import"@backstage/core-plugin-api";import"@spotify/backstage-plugin-rbac-common";import"@backstage/errors";export{m as RBACRoot,p as RBACSidebarItem,R as rbacPlugin};
+import{createPlugin as r,createApiFactory as i,fetchApiRef as a,discoveryApiRef as p,createRoutableExtension as n,createComponentExtension as m}from"@backstage/core-plugin-api";import{r as t,a as R,R as c}from"./esm/routes-28afb55d.esm.js";import"@backstage/errors";import"@spotify/backstage-plugin-rbac-common";const o=r({id:"rbac",routes:{root:t},apis:[i({api:R,deps:{fetchApi:a,discoveryApi:p},factory(e){return new c(e)}})]}),A=o.provide(n({name:"RBACRoot",component:()=>import("./esm/Root-5eafe743.esm.js").then(e=>e.RBACRoot),mountPoint:t})),s=o.provide(m({name:"RBACSidebarItem",component:{lazy:()=>import("./esm/RBACSidebarItem-9beee132.esm.js").then(e=>e.RBACSidebarItem)}}));export{A as RBACRoot,s as RBACSidebarItem,o as rbacPlugin};
 //# sourceMappingURL=index.esm.js.map

package/package.json CHANGED Viewed

@@ -1,19 +1,29 @@
 {
   "name": "@spotify/backstage-plugin-rbac",
   "description": "Control access to actions and data in Backstage with ease.",
-  "version": "0.5.12",
+  "version": "0.6.0",
   "license": "SEE LICENSE IN LICENSE.md",
   "homepage": "https://backstage.spotify.com",
-  "main": "dist/index.esm.js",
-  "types": "dist/index.d.ts",
-  "publishConfig": {
-    "main": "dist/index.esm.js",
-    "types": "dist/index.d.ts"
-  },
+  "main": "./dist/index.esm.js",
+  "types": "./dist/index.d.ts",
+  "publishConfig": {},
   "backstage": {
     "role": "frontend-plugin"
   },
   "sideEffects": false,
+  "exports": {
+    ".": {
+      "import": "./dist/index.esm.js",
+      "types": "./dist/index.d.ts",
+      "default": "./dist/index.esm.js"
+    },
+    "./alpha": {
+      "import": "./dist/alpha.esm.js",
+      "types": "./dist/alpha.d.ts",
+      "default": "./dist/alpha.esm.js"
+    },
+    "./package.json": "./package.json"
+  },
   "scripts": {
     "start": "backstage-cli package start",
     "build": "backstage-cli package build --minify",
@@ -24,21 +34,23 @@
     "postpack": "backstage-cli package postpack"
   },
   "dependencies": {
-    "@backstage/catalog-model": "^1.4.3",
-    "@backstage/core-components": "^0.13.10",
-    "@backstage/core-plugin-api": "^1.8.2",
+    "@backstage/catalog-model": "^1.4.4",
+    "@backstage/core-compat-api": "^0.2.0",
+    "@backstage/core-components": "^0.14.0",
+    "@backstage/core-plugin-api": "^1.9.0",
     "@backstage/errors": "^1.2.3",
-    "@backstage/plugin-catalog-react": "^1.9.3",
+    "@backstage/frontend-plugin-api": "^0.6.0",
+    "@backstage/plugin-catalog-react": "^1.10.0",
     "@backstage/plugin-permission-common": "^0.7.12",
-    "@backstage/plugin-permission-node": "^0.7.20",
-    "@backstage/plugin-permission-react": "^0.4.19",
-    "@backstage/theme": "^0.5.0",
+    "@backstage/plugin-permission-node": "^0.7.21",
+    "@backstage/plugin-permission-react": "^0.4.20",
+    "@backstage/theme": "^0.5.1",
     "@backstage/types": "^1.1.1",
     "@material-ui/core": "^4.12.2",
     "@material-ui/icons": "^4.9.1",
     "@material-ui/lab": "4.0.0-alpha.61",
-    "@spotify/backstage-plugin-core": "^0.5.9",
-    "@spotify/backstage-plugin-rbac-common": "^0.5.10",
+    "@spotify/backstage-plugin-core": "^0.6.0",
+    "@spotify/backstage-plugin-rbac-common": "^0.5.11",
     "ajv": "^8.11.2",
     "file-saver": "^2.0.5",
     "js-yaml": "^4.1.0",
@@ -48,25 +60,25 @@
     "react-use": "^17.2.4",
     "react-virtualized": "^9.22.5",
     "uuid": "^9.0.0",
-    "vanilla-jsoneditor": "0.19.0",
     "zod": "^3.20.0",
     "zod-to-json-schema": "^3.20.2"
   },
   "peerDependencies": {
-    "@backstage/plugin-permission-node": "^0.7.20",
-    "react": "^16.13.1 || ^17.0.0",
+    "@backstage/plugin-permission-node": "^0.7.21",
+    "react": "^16.13.1 || ^17.0.0 || ^18.0.0",
     "react-router-dom": "6.0.0-beta.0 || ^6.3.0"
   },
   "devDependencies": {
-    "@backstage/cli": "^0.25.1",
-    "@backstage/core-app-api": "^1.11.3",
-    "@backstage/dev-utils": "^1.0.26",
-    "@backstage/e2e-test-utils": "^0.1.0",
-    "@backstage/test-utils": "^1.4.7",
+    "@backstage/cli": "^0.25.2",
+    "@backstage/core-app-api": "^1.12.0",
+    "@backstage/dev-utils": "^1.0.27",
+    "@backstage/e2e-test-utils": "^0.1.1",
+    "@backstage/frontend-test-utils": "^0.1.2",
+    "@backstage/test-utils": "^1.5.0",
     "@playwright/test": "^1.32.3",
+    "@sp4b-dev/test-utils": "^0.0.1",
     "@testing-library/jest-dom": "^6.0.0",
-    "@testing-library/react": "^12.1.5",
-    "@testing-library/react-hooks": "^8.0.1",
+    "@testing-library/react": "^14.0.0",
     "@testing-library/user-event": "^14.0.0",
     "@types/file-saver": "^2.0.5",
     "@types/jest": "^29.4.0",
@@ -78,7 +90,8 @@
   "files": [
     "dist",
     "!dist/**/*.map",
-    "config.d.ts"
+    "config.d.ts",
+    "alpha"
   ],
   "configSchema": "config.d.ts",
   "module": "./dist/index.esm.js"

package/dist/esm/Authorized-ea25ddf4.esm.js DELETED Viewed

	@@ -1,2 +0,0 @@
1	- import{useApi as i}from"@backstage/core-plugin-api";import e from"react";import u from"react-use/lib/useAsync";import{r as m}from"./index-9f94edaa.esm.js";function p({children:n,loading:l=null,unauthorized:o=null}){var r;const a=i(m),t=u(()=>a.authorize(),[]);return t.loading?e.createElement(e.Fragment,null,l):(r=t.value)!=null&&r.authorized?e.createElement(e.Fragment,null,n):e.createElement(e.Fragment,null,o)}export{p as A};
2	- //# sourceMappingURL=Authorized-ea25ddf4.esm.js.map

package/dist/esm/RBACSidebarItem-6579d7e3.esm.js DELETED Viewed

	@@ -1,2 +0,0 @@
1	- import t from"react";import e from"@material-ui/icons/Lock";import{SidebarItem as m}from"@backstage/core-components";import{A as i}from"./Authorized-ea25ddf4.esm.js";import"@backstage/core-plugin-api";import"react-use/lib/useAsync";import"./index-9f94edaa.esm.js";import"@spotify/backstage-plugin-rbac-common";import"@backstage/errors";function p({text:r="RBAC",...o}){return t.createElement(i,null,t.createElement(m,{icon:e,to:"rbac",text:r,...o}))}export{p as RBACSidebarItem};
2	- //# sourceMappingURL=RBACSidebarItem-6579d7e3.esm.js.map

package/dist/esm/Root-315d5957.esm.js DELETED Viewed

@@ -1,3 +0,0 @@
-import e,{createContext as Ie,useState as R,useCallback as k,useMemo as B,useContext as Oe,useEffect as G,Fragment as Be,useRef as ee,Children as Dt,isValidElement as Le,useReducer as Gn,useLayoutEffect as _n}from"react";import{useNavigate as q,Link as Yn,useParams as tt,Routes as Jn,Route as Me}from"react-router-dom";import{useApi as I,configApiRef as qn,alertApiRef as oe,useRouteRef as Kn,useApp as nt}from"@backstage/core-plugin-api";import ye from"react-use/lib/useAsync";import{isResourcePermission as rt,AuthorizeResult as F}from"@backstage/plugin-permission-common";import{r as H,a as Qn}from"./index-9f94edaa.esm.js";import{forEach as Xn,mapValues as Zn,groupBy as er,uniq as tr}from"lodash";import{Breadcrumbs as nr,Link as ie,Page as rr,Header as lr,Content as ar,EmptyState as Fe,Progress as ze,ErrorPanel as Nt,Table as or,ContentHeader as We,UserIcon as ir}from"@backstage/core-components";import Pt from"react-use/lib/useMount";import{makeStyles as C,Typography as h,Container as cr,Grid as O,Button as P,Card as te,CardContent as ge,Box as E,Chip as ce,Tooltip as he,List as sr,ListItem as Tt,ListItemIcon as se,ListItemText as Q,CardActions as mr,Dialog as me,DialogContent as ne,DialogTitle as He,TextField as ve,DialogActions as lt,CircularProgress as St,IconButton as _,Checkbox as be,TableRow as j,TableCell as D,debounce as dr,Table as je,TableHead as Ue,TableBody as Ve,Tabs as ur,Tab as pr,FormControl as Ce,InputLabel as de,Select as xe,MenuItem as U,Menu as At,FormControlLabel as Rt,FormHelperText as at,Popper as Er,Paper as ot,Divider as it,DialogContentText as fr,ButtonBase as yr,CardHeader as $t,ButtonGroup as gr,MenuList as ct,Input as kt,TableContainer as hr,Accordion as vr,AccordionSummary as br,AccordionDetails as Cr,CardActionArea as xr,Radio as wr}from"@material-ui/core";import{SpotifyLicenseBanner as Dr,useAutoUpdatingRelativeTime as Nr,invariant as Ge}from"@spotify/backstage-plugin-core";import ue from"react-use/lib/useAsyncFn";import Pr,{dump as Tr}from"js-yaml";import{PolicyConfigParser as _e,isConditionalDecision as Ye,isAllOfPermissionCriteria as Sr,isAnyOfPermissionCriteria as Ar,isNotPermissionCriteria as Rr,isMatchingPermission as $r,BackstageUserPlaceholder as we,RoleParser as kr,getMatchingRolePermissions as It,UpdateDraftRequestParser as Ir}from"@spotify/backstage-plugin-rbac-common";import{v4 as pe}from"uuid";import Ot from"lodash/keyBy";import Or from"lodash/isEqual";import Bt from"@material-ui/icons/ReportProblemOutlined";import Br from"@material-ui/icons/CalendarToday";import Lt from"@material-ui/icons/Person";import Lr from"@material-ui/icons/FiberManualRecord";import{DateTime as Je}from"luxon";import Mt from"react-use/lib/useLocalStorage";import{saveAs as Mr}from"file-saver";import Ft from"lodash/omit";import Fr from"lodash/pickBy";import st from"@material-ui/icons/Close";import zr from"@material-ui/icons/Publish";import Wr from"@material-ui/icons/FilterNone";import{parseEntityRef as re,DEFAULT_NAMESPACE as Hr}from"@backstage/catalog-model";import{humanizeEntityRef as jr,catalogApiRef as Ur}from"@backstage/plugin-catalog-react";import{Autocomplete as mt,Alert as zt,ToggleButton as Vr,ToggleButtonGroup as Gr}from"@material-ui/lab";import{List as _r}from"react-virtualized";import De from"@material-ui/icons/Delete";import Yr from"@material-ui/icons/Group";import Jr from"@material-ui/icons/GroupWork";import Wt from"@material-ui/icons/Info";import Ht from"ajv";import qr from"lodash/uniqBy";import{JSONEditor as Kr,isTextContent as Qr,createAjvValidator as Xr,Mode as Zr}from"vanilla-jsoneditor";import dt from"@material-ui/icons/Add";import el from"@material-ui/icons/Remove";import tl from"@material-ui/icons/Edit";import nl from"@material-ui/icons/Check";import rl from"@material-ui/icons/KeyboardArrowDown";import ll from"@material-ui/icons/KeyboardArrowUp";import al from"../images/no-permissions.svg";import ol from"../images/no-roles.svg";import il from"@material-ui/icons/MoreHoriz";import cl from"@material-ui/icons/Undo";import sl from"@material-ui/icons/Save";import ml from"@material-ui/icons/Settings";import dl from"@material-ui/icons/VerticalAlignTop";import ul from"@material-ui/icons/Clear";import pl from"@material-ui/icons/InfoOutlined";import El from"@material-ui/icons/AccountTreeOutlined";import fl from"@material-ui/icons/CheckSharp";import yl from"@material-ui/icons/NotInterested";import gl from"@material-ui/icons/ExpandMore";import{z as jt}from"zod";import{A as hl}from"./Authorized-ea25ddf4.esm.js";import"@backstage/errors";const Ut=Ie(null),vl=({children:t})=>{const n=I(qn),r=I(H),a=I(oe),[l,o]=R(null),i=k(async()=>{var c;if(!l){const m=await r.fetchAllPermissionMetadata((c=n.getOptionalStringArray("permission.permissionedPlugins"))!=null?c:[]),s=Cl(m.rules);Xn(s,u=>{u.length!==1&&a.post({message:`The plugin(s) ${u.slice(1).join(", ")} expose rules which are conflicting with rules exposed by the ${u[0]} plugin. These rules will not be available for use. Please contact RBAC support if you need assistance resolving this issue.`,severity:"error"})});const p=xl(m,s);return o(p),p}return l},[a,l,r,n]);return e.createElement(Ut.Provider,{value:B(()=>({getMetadata:i}),[i])},t)};function qe(){const t=Oe(Ut),{value:n,loading:r}=ye(async()=>t==null?void 0:t.getMetadata(),[t]);return{metadata:n,isLoading:r}}function Vt(){var t;const{metadata:n}=qe();return(t=n==null?void 0:n.rules)!=null?t:null}function Ne(){var t;const{metadata:n,isLoading:r}=qe();return{permissions:(t=n==null?void 0:n.permissions)!=null?t:null,isLoading:r}}function Gt(){const{metadata:t}=qe();return t?[...new Set(t.permissions.filter(n=>rt(n)).map(({resourceType:n})=>n))]:null}function bl(){const{metadata:t}=qe(),n=Gt();return!t||!n?null:n.reduce((r,a)=>{const l=t.rules.find(o=>o.resourceType===a);return l&&(r[a]={pluginId:l.pluginId}),r},{})}function Cl(t){return Zn(er(t,"resourceType"),n=>tr(n.map(({pluginId:r})=>r)))}function xl(t,n){return{...t,rules:t.rules.filter(({resourceType:r,pluginId:a})=>{const l=n[r];return a===l[0]})}}const wl=C(t=>({breadcrumbs:{marginBottom:t.spacing(4)}}));function Dl({pages:t}){const n=Kn(Qn),r=wl();return e.createElement(nr,{className:r.breadcrumbs},e.createElement(ie,{to:n()},"Home"),t.map(({title:a,path:l},o)=>l?e.createElement(ie,{to:l,key:l,relative:"path"},a):e.createElement(h,{key:`${o}`},a)))}function Ke({children:t,header:n,pages:r}){return e.createElement(rr,{themeId:"tool"},e.createElement(Dr,{backend:"rbac",invalidLicenseMessage:"Your existing policy will continue to apply, but you will be unable to make any changes until you enter a valid license."}),e.createElement(lr,{title:"Role Based Access Control"}),e.createElement(ar,null,e.createElement(cr,{maxWidth:"lg"},e.createElement(O,{container:!0,spacing:4},e.createElement(O,{item:!0,xs:12},r&&e.createElement(Dl,{pages:r}),n),t))))}const _t=Ie({hasDraftPolicy:!1,policies:void 0,setPolicies:()=>{},setPolicy:()=>{},getPolicy:()=>{},removePolicy:()=>{}}),Qe=()=>Oe(_t);function Nl({children:t,initialState:n={policies:void 0,cache:{}}}){const[r,a]=R(n),l=k(m=>{a(s=>({...s,policies:m,cache:Yt(s.cache,m)}))},[]),o=k(m=>r.cache[m],[r.cache]),i=k(m=>a(s=>({...s,cache:{...s.cache,[m]:void 0},policies:void 0})),[]),c=k(m=>a(s=>({...s,policies:void 0,cache:Yt(s.cache,[m])})),[]);return e.createElement(_t.Provider,{value:B(()=>{var m;return{hasDraftPolicy:((m=r.policies)==null?void 0:m.some(({status:s})=>s==="draft"))||!1,policies:r.policies,setPolicies:l,setPolicy:c,getPolicy:o,removePolicy:i}},[r.policies,l,c,o,i])},t)}function Yt(t,n){if(!n)return t;const r={...t};return n.forEach(a=>{r[a.id]=a}),r}const Pe=()=>{const t=I(H),{setPolicies:n,policies:r}=Qe(),[{loading:a,error:l},o]=ue(()=>t.getPolicies(),[t],r?{loading:!1,value:{items:r,totalItems:r.length}}:{loading:!0}),i=k(async()=>{const c=await o();n(c.items)},[o,n]);return{loading:a,error:l,fetchPolicies:i}};function Pl(){const t=I(H),n=q(),r=I(oe);function a(l){var o,i;const c=(i=(o=l.target)==null?void 0:o.files)==null?void 0:i[0],m=new FileReader;c&&(m.readAsText(c,"utf-8"),m.onload=async s=>{var p,u;const d=(u=(p=s.target)==null?void 0:p.result)==null?void 0:u.toString();if(d){let x=null;try{x=Pr.load(d)}catch{r.post({message:"YAML file is invalid",severity:"error"});return}const f=_e.safeParse(x);if(!f.success){r.post({message:"Imported policy is invalid",severity:"error"});return}const y=f.data;if((await t.getPolicies()).items.some(w=>w.status==="draft")){r.post({message:"Unable to import new policy due to existing draft policy",severity:"error"});return}const g=await t.createDraft(y);n(`./versions/${g.id}`),r.post({message:"Policy imported successfully",severity:"success"})}})}return e.createElement(P,{variant:"outlined",color:"primary",component:"label"},"Import",e.createElement("input",{role:"input",type:"file",hidden:!0,onChange:a,accept:".yaml"}))}const Tl=C(t=>({cardContent:{padding:t.spacing(6,3),"& > *":{background:"transparent"}}}));function Sl(){const t=Tl(),n=I(H),r=q(),[a,l]=ue(async()=>n.createDraft({roles:[],options:{resolutionStrategy:"any-allow"}}),[n]);return G(()=>{a.value&&r(`./versions/${a.value.id}`)},[r,a.value]),e.createElement(te,null,e.createElement(ge,{className:t.cardContent},e.createElement(Fe,{missing:"content",title:"No policy configured",description:e.createElement(e.Fragment,null,e.createElement(E,{component:"span",display:"block",pb:2},"Until you've configured your policy, authorization will be denied for all permissions."),e.createElement(E,{component:"span",display:"block"},"Click the button below to create the first version of your policy.")),action:e.createElement(P,{variant:"contained",color:"primary",disabled:a.loading,onClick:l},"New version")})))}function Al(t){var n,r;return((r=(n=t==null?void 0:t.body)==null?void 0:n.response)==null?void 0:r.statusCode)===404}const Rl=(t,n)=>{const r={resolutionStrategy:{operation:"UNCHANGED",before:t==null?void 0:t.resolutionStrategy,after:n==null?void 0:n.resolutionStrategy}};for(const a of Object.keys(r)){const l=a;r[l].before!==r[l].after&&(r[l].operation="CHANGED")}return r},ut=(t,n)=>{const r=Object.entries(t);for(const[,a]of r){const l=n(a);for(const[,o]of r){const i=n(o);i.operation!=="ADDED"&&i.operation!=="REMOVED"&&(l.operation==="ADDED"&&l.indexAfter<i.indexAfter?i.indexBefore+=1:l.operation==="REMOVED"&&l.indexBefore<i.indexBefore&&(i.indexBefore-=1))}}for(const[,a]of r){const l=n(a);l.operation==="UNCHANGED"&&l.indexAfter!==l.indexBefore&&(l.operation=l.indexAfter>l.indexBefore?"MOVED_DOWN":"MOVED_UP")}return t},pt=(t,n)=>{if(t==="*")return n==="*"?{"*":{operation:"UNCHANGED",after:"*",before:"*",indexAfter:0,indexBefore:0}}:{"*":{operation:"REMOVED",after:null,before:"*",indexAfter:-1,indexBefore:0},...Object.fromEntries(n.map((a,l)=>[a,{operation:"ADDED",after:a,before:null,indexAfter:l,indexBefore:-1}]))};if(n==="*")return{"*":{operation:"ADDED",after:"*",before:null,indexAfter:0,indexBefore:-1},...Object.fromEntries(t.map((a,l)=>[a,{operation:"REMOVED",after:null,before:a,indexAfter:-1,indexBefore:l}]))};const r=Object.fromEntries(n.map((a,l)=>[a,{operation:"ADDED",after:a,before:null,indexAfter:l,indexBefore:-1}]));for(let a=0;a<t.length;a++){const l=t[a];r[l]?(r[l].before=l,r[l].indexBefore=a,r[l].operation="UNCHANGED"):r[l]={operation:"REMOVED",after:null,before:l,indexAfter:-1,indexBefore:a}}return ut(r,a=>a)},Et=(t,n)=>{const r=Ot(n,"id"),a=Object.fromEntries(n.map((l,o)=>[l.id,{operation:"ADDED",indexAfter:o,indexBefore:-1,after:l,before:null}]));for(let l=0;l<t.length;l++){const o=t[l];if(a[o.id]){const i=!Or(o,r[o.id]);a[o.id].before=o,a[o.id].indexBefore=l,a[o.id].operation=i?"CHANGED":"UNCHANGED"}else a[o.id]={operation:"REMOVED",after:null,before:o,indexAfter:-1,indexBefore:l}}return ut(a,l=>l)},$l=(t=[],n=[])=>{const r=Ot(n,"id"),a=Object.fromEntries(n.map((l,o)=>[l.id,{role:{operation:"ADDED",indexAfter:o,indexBefore:-1,after:l,before:null},members:pt([],l.members),permissions:Et([],l.permissions)}]));for(let l=0;l<t.length;l++){const o=t[l];if(r[o.id]){const i=r[o.id],c=pt(o.members,i.members),m=Et(o.permissions,i.permissions),s=Object.values(m).some(({operation:d})=>d!=="UNCHANGED"),p=Object.values(c).some(({operation:d})=>d!=="UNCHANGED"),u=o.name!==i.name||s||p;a[o.id].role.before=o,a[o.id].role.indexBefore=l,a[o.id].role.operation=u?"CHANGED":"UNCHANGED",a[o.id].members=c,a[o.id].permissions=m}else a[o.id]={role:{operation:"REMOVED",after:null,before:o,indexAfter:-1,indexBefore:l},members:pt(o.members,[]),permissions:Et(o.permissions,[])}}return ut(a,({role:l})=>l)},kl=(t,n)=>{const r=$l((t==null?void 0:t.roles)||[],n.roles||[]),a=Rl(t==null?void 0:t.options,n.options),l=(t==null?void 0:t.name)!==n.name,o=Object.values(a).some(({operation:i})=>i!=="UNCHANGED");return{policy:{operation:l||o?"CHANGED":"UNCHANGED",before:t,after:n},roles:r,options:a}},Jt=t=>{const n=I(H),{value:r,loading:a,error:l}=ye(()=>n.getActivePolicy(),[n]);return B(()=>t&&!a&&!l?kl(r,t):null,[r,t,a,l])},Il=C(t=>({chip:{margin:0},icon:{color:t.palette.success.main}}));function qt(t){const n=Il();return t.status==="inactive"?null:t.status==="draft"?e.createElement(ce,{className:n.chip,label:"Draft",size:t.size}):e.createElement(ce,{className:n.chip,classes:{icon:n.icon},label:"Active",icon:e.createElement(Lr,null),size:t.size})}const Ol=(t,n)=>{switch(n){case"ADDED":return t.palette.success.main;case"REMOVED":return t.palette.errorText;case"CHANGED":return t.palette.infoText;case"MOVED_UP":case"MOVED_DOWN":return t.palette.infoText;case"UNCHANGED":default:return t.palette.text.primary}},Bl=t=>{switch(t){case"ADDED":return"success";case"REMOVED":return"error";case"CHANGED":return"info";case"MOVED_UP":case"MOVED_DOWN":return"info";case"UNCHANGED":default:return"info"}},Ll=t=>{switch(t){case"ADDED":return"New";case"REMOVED":return"Removed";case"CHANGED":return"Changed";case"MOVED_UP":return"Moved up";case"MOVED_DOWN":return"Moved down";case"UNCHANGED":default:return"No changes"}};function Ml(t){var n;return Ye(t.decision)?"Conditional":(n={allow:"Allow",deny:"Deny"}[t.decision])!=null?n:"Unknown"}function ft(t){var n;if(t.match==="*")return"All";if(t.match.name)return t.match.name;const r=[];return t.match.resourceType&&r.push(t.match.resourceType),(n=t.match.actions)!=null&&n.length&&r.push(t.match.actions.join(", ")),r.join(" | ")}const Fl=C(t=>({root:({operation:n})=>({color:Ol(t,n)})})),W=t=>e.createElement(h,{...t,variant:"body2"}),N=t=>{const n=Fl(t);return e.createElement(E,{...t,className:n.root,component:"span",fontWeight:"fontWeightBold"})},Kt=({policy:t})=>{var n,r,a,l;const o=Jt(t),i=(o==null?void 0:o.policy.operation)==="CHANGED"||Object.values((n=o==null?void 0:o.roles)!=null?n:{}).some(u=>u.role.operation!=="UNCHANGED")||((r=o==null?void 0:o.options)==null?void 0:r.resolutionStrategy.operation)==="CHANGED";if(!o||!i)return e.createElement(E,null,"No changes");const c=!!o.policy.before&&!!o.policy.after&&o.policy.before.name!==o.policy.after.name,m=o.options.resolutionStrategy.operation==="CHANGED",s=({before:u,after:d})=>u&&d&&u.name!==d.name,p=({operation:u})=>u!=="ADDED"&&u!=="REMOVED";return e.createElement(E,null,c&&e.createElement(W,null,"Policy name ",e.createElement(N,{operation:"CHANGED"},"changed")," from"," ",e.createElement(N,null,'"',(a=o.policy.before)==null?void 0:a.name,'"')," to"," ",e.createElement(N,null,'"',(l=o.policy.after)==null?void 0:l.name,'"')),m&&e.createElement(W,null,"Resolution Strategy ",e.createElement(N,{operation:"CHANGED"},"changed")," ","from ",e.createElement(N,null,'"',o.options.resolutionStrategy.before,'"')," to"," ",e.createElement(N,null,'"',o.options.resolutionStrategy.after,'"')),Object.entries(o.roles).map(([u,{role:d,permissions:x,members:f}])=>{var y,g,w,S,T,z;return e.createElement(Be,{key:u},d.operation==="ADDED"&&e.createElement(W,null,"Role ",e.createElement(N,null,'"',(y=d.after)==null?void 0:y.name,'"')," has been"," ",e.createElement(N,{operation:"ADDED"},"added")),d.operation==="REMOVED"&&e.createElement(W,null,"Role ",e.createElement(N,null,'"',(g=d.before)==null?void 0:g.name,'"')," has been"," ",e.createElement(N,{operation:"REMOVED"},"removed")),s(d)&&e.createElement(W,null,"Role name changed from ",e.createElement(N,null,'"',(w=d.before)==null?void 0:w.name,'"')," ","to ",e.createElement(N,null,'"',(S=d.after)==null?void 0:S.name,'"')),d.indexAfter>d.indexBefore&&d.indexBefore!==-1&&e.createElement(W,null,"Role ",e.createElement(N,null,'"',(T=d.after)==null?void 0:T.name,'"')," has been"," ",e.createElement(N,{operation:"MOVED_DOWN"},"moved down")," in priority"),d.indexAfter<d.indexBefore&&d.indexAfter!==-1&&e.createElement(W,null,"Role ",e.createElement(N,null,'"',(z=d.after)==null?void 0:z.name,'"')," has been"," ",e.createElement(N,{operation:"MOVED_UP"},"moved up")," in priority"),p(d)&&e.createElement(e.Fragment,null,Object.entries(x).map(([M,b])=>{var A,v,$,L,le;const{before:X,after:Ee}=b,ae=X&&ft(X),Z=Ee&&ft(Ee);return e.createElement(Be,{key:M},b.operation==="ADDED"&&b.after&&e.createElement(W,null,"Permission decision"," ",e.createElement(N,null,'"',Z,'"')," has been"," ",e.createElement(N,{operation:"ADDED"},"added")," to"," ",e.createElement(N,null,'"',(A=d.after)==null?void 0:A.name,'"')),b.operation==="REMOVED"&&b.before&&e.createElement(W,null,"Permission decision"," ",e.createElement(N,null,'"',ae,'"')," has been"," ",e.createElement(N,{operation:"REMOVED"},"removed")," ","from ",e.createElement(N,null,'"',(v=d.after)==null?void 0:v.name,'"')),b.operation==="CHANGED"&&e.createElement(W,null,ae!==Z?e.createElement(e.Fragment,null,"Permission decision"," ",e.createElement(N,null,'"',ae,'"')," has been"," ",e.createElement(N,{operation:"CHANGED"},"updated")," ","to ",e.createElement(N,null,'"',Z,'"')):e.createElement(e.Fragment,null,"Permission decision"," ",e.createElement(N,null,'"',ae,'"')," has been"," ",e.createElement(N,{operation:"CHANGED"},"updated"))," ","in ",e.createElement(N,null,'"',($=d.after)==null?void 0:$.name,'"')),b.indexAfter>b.indexBefore&&b.indexBefore!==-1&&e.createElement(W,null,"Permission decision"," ",e.createElement(N,null,'"',Z,'"')," has been"," ",e.createElement(N,{operation:"MOVED_DOWN"},"moved down")," ","in priority in"," ",e.createElement(N,null,'"',(L=d.after)==null?void 0:L.name,'"')),b.indexAfter<b.indexBefore&&b.indexAfter!==-1&&e.createElement(W,null,"Permission decision"," ",e.createElement(N,null,'"',Z,'"')," has been"," ",e.createElement(N,{operation:"MOVED_UP"},"moved up")," ","in priority in"," ",e.createElement(N,null,'"',(le=d.after)==null?void 0:le.name,'"')))}),Object.entries(f).map(([M,b])=>{var A,v;return e.createElement(Be,{key:M},b.operation==="ADDED"&&b.after&&e.createElement(W,null,"Member ",e.createElement(N,null,'"',b.after,'"')," has been"," ",e.createElement(N,{operation:"ADDED"},"added")," to"," ",e.createElement(N,null,'"',(A=d.after)==null?void 0:A.name,'"')),b.operation==="REMOVED"&&b.before&&e.createElement(W,null,"Member ",e.createElement(N,null,'"',b.before,'"')," has been"," ",e.createElement(N,{operation:"REMOVED"},"removed")," from"," ",e.createElement(N,null,'"',(v=d.after)==null?void 0:v.name,'"')))})))}))},zl=C(()=>({root:{display:"inline-flex"}})),Qt=({timestamp:t,description:n})=>{const r=zl(),a=Je.fromISO(t).toLocaleString(Je.DATETIME_FULL),l=Nr(t),o=n?`${n}${l}`:l;return e.createElement("span",{className:r.root},e.createElement(he,{title:a},e.createElement(h,{component:"span",display:"inline",variant:"inherit"},o)))};function Xt(t,n,r){var a,l;let o=n.created,i=t.createdBy;r!=null&&r.created&&(i=r.created+i);let c=t.createdAt;return t.status==="active"?(o=n.published,i=(a=t.lastPublishedBy)!=null?a:"",r!=null&&r.published&&(i=r.published+i),c=(l=t.lastPublishedAt)!=null?l:""):t.createdAt!==t.updatedAt&&(o=n.updated,i=t.updatedBy,r!=null&&r.updated&&(i=r.updated+i),c=t.updatedAt),{activityDateText:o,activityUser:i,timestamp:c}}const Wl=C(t=>({card:n=>({backgroundImage:n.policy.status==="active"?"linear-gradient(256.15deg, #00782A 19.77%, #1DB954 100%)":"linear-gradient(256.15deg, #BDBDBD 19.77%, #EEEEEE 100%)",backgroundPosition:"top",backgroundSize:"100% 8px",backgroundRepeat:"no-repeat",paddingTop:"8px",height:"100%"}),diffSummaryContainer:{backgroundColor:t.palette.background.default,padding:t.spacing(2),borderWidth:"1px",borderStyle:"solid",borderColor:t.palette.divider,borderRadius:t.shape.borderRadius},header:{display:"flex",justifyContent:"space-between",alignItems:"center"},detailsHeader:{...t.typography.body1,paddingTop:t.spacing(2),color:t.palette.text.secondary},activityList:{color:t.palette.text.secondary},activityListItem:{padding:0},actions:{justifyContent:"flex-start"}}));function Te(t){const n=Wl(t),{policy:r,to:a,withChangeSummary:l}=t,o=`${r.name} ${r.status==="draft"?"- Draft":""}`,i={created:"Created: ",published:"Published: ",updated:"Updated: "},c={created:"Created by ",published:"Published by ",updated:"Updated by "},{activityDateText:m,activityUser:s,timestamp:p}=Xt(r,i,c);return e.createElement(te,{className:n.card},e.createElement(ge,null,e.createElement("div",{className:n.header},a?e.createElement(ie,{to:`versions/${r.id}`},e.createElement(h,{variant:"h5",component:"h1"},o)):e.createElement(h,{variant:"h5",component:"h1"},o),r.status==="active"?e.createElement(qt,{status:"active",size:"small"}):null),r.description?e.createElement(h,{variant:"body1",color:"textSecondary"},'"',r.description,'"'):null,e.createElement(h,{component:"h2",className:n.detailsHeader},"Details"),e.createElement(sr,{className:n.activityList},e.createElement(Tt,{className:n.activityListItem},e.createElement(se,null,e.createElement(Br,null)),e.createElement(Q,{primary:e.createElement(Qt,{timestamp:p,description:m})})),e.createElement(Tt,{className:n.activityListItem},e.createElement(se,null,e.createElement(Lt,null)),e.createElement(Q,{primary:s}))),l&&e.createElement(E,{paddingTop:2},e.createElement(h,{gutterBottom:!0,variant:"subtitle2"},"What's changed"),e.createElement(E,{className:n.diffSummaryContainer},e.createElement(Kt,{policy:r})))),t.actions?e.createElement(mr,{className:n.actions},t.actions):null)}const Hl=C(t=>({icon:{color:t.palette.warning.main,width:"2rem",height:"2rem"},label:{align:"center",display:"block",marginBottom:t.spacing(1),color:t.palette.text.secondary,fontSize:t.typography.caption.fontSize},policiesContainer:{display:"flex",gap:t.spacing(4),marginTop:t.spacing(4),marginBottom:t.spacing(4)},button:{marginTop:t.spacing(4)}})),jl=({localPolicy:t,onSelectLocalPolicy:n,onSelectServerPolicy:r,serverPolicy:a})=>{const l=Hl();return e.createElement(me,{open:!0,maxWidth:"md"},e.createElement(ne,null,e.createElement(E,{display:"flex",flexDirection:"column",gridGap:8},e.createElement(E,{display:"flex",justifyContent:"center"},e.createElement(Bt,{className:l.icon})),e.createElement(h,{align:"center",variant:"h6"},"There is a conflict with your drafts"),e.createElement(E,null,e.createElement(h,{align:"center"},"A newer version of the draft you are trying to edit has been recently saved."),e.createElement(h,{align:"center"},"Please review the changes and decide on a version to keep."))),e.createElement(E,{className:l.policiesContainer},e.createElement(E,{alignItems:"center",display:"flex",flexDirection:"column",flex:"1 1 0%"},e.createElement(h,{className:l.label,variant:"button"},"Your local draft"),e.createElement(Te,{policy:t,withChangeSummary:!0}),e.createElement(P,{className:l.button,color:"primary",onClick:n,variant:"outlined"},"Keep local draft")),e.createElement(E,{alignItems:"center",display:"flex",flexDirection:"column",flex:"1 1 0%"},e.createElement(h,{className:l.label,variant:"button"},"Recently saved draft"),e.createElement(Te,{policy:a,withChangeSummary:!0}),e.createElement(P,{className:l.button,color:"primary",onClick:r,variant:"outlined"},"Keep recently saved draft")))))},Ul=({serverPolicy:t,localPolicy:n})=>!n||!t?{policy:t,policyConflict:!1}:t.status!=="draft"?{policy:t,policyConflict:!1}:n.id!==t.id?{policy:t,policyConflict:!1}:n.updatedAt===t.updatedAt?{policy:n,policyConflict:!1}:{policy:n,policyConflict:!0},Vl=()=>Mt("@spotify/backstage-plugin-rbac:draftPolicy");function Zt(t){const n=new Blob([Gl(t)],{type:"text/yaml"});Mr(n,`${(t.name||"policy").toLocaleLowerCase().replace(/\W/g,"-")}.yaml`)}function Gl(t){const{name:n,roles:r,options:a,description:l}=t;return`# this is an autogenerated file, do not edit
-${Tr(Fr({name:n,description:l,options:a,roles:r.map(({permissions:o,...i})=>({...Ft(i,["id"]),permissions:o.map(c=>Ft(c,["id"]))}))},o=>o!==null||o!==void 0))}`}const _l=C(t=>({icon:{color:t.palette.warning.main,width:"2rem",height:"2rem"}})),Yl=({onConfirm:t,policy:n})=>{const r=_l(),a=()=>{Zt(n)};return e.createElement(me,{open:!0},e.createElement(ne,null,e.createElement(E,{display:"flex",flexDirection:"column",gridGap:16},e.createElement(E,{display:"flex",flexDirection:"column",gridGap:4},e.createElement(E,{display:"flex",justifyContent:"center"},e.createElement(Bt,{className:r.icon})),e.createElement(h,{align:"center",variant:"h6"},"Invalid local draft")),e.createElement(E,{display:"flex",flexDirection:"column",gridGap:8},e.createElement(h,{align:"center"},"You have a local draft that is no longer compatible or has become corrupted."),e.createElement(h,{align:"center"},"Click export to download your draft. You can attempt to restore your draft by importing this file on the RBAC home page."),e.createElement(h,{align:"center"},"Clicking continue will discard your draft."," ",e.createElement(E,{component:"span",fontWeight:"fontWeightBold"},"This action cannot be undone."))),e.createElement(E,{display:"flex",justifyContent:"center",gridGap:8,marginY:3},e.createElement(P,{color:"primary",onClick:a,variant:"outlined"},"Export"),e.createElement(P,{color:"primary",onClick:t,variant:"contained"},"Discard and continue")))))};function yt(){const t=I(H),n=I(oe),r=ue(async(l,o,i)=>{if(l)return await t.publishPolicy(l.id,{description:o,update:i}),t.getPolicy(l.id)},[]),[{error:a}]=r;return G(()=>{a&&n.post({message:a.message,severity:"error"})},[a,n]),r}const Jl=C(t=>({closeButton:{color:t.palette.text.secondary},diffSummaryContainer:{backgroundColor:t.palette.background.default,marginBottom:t.spacing(2)}}));function gt({open:t,onPublish:n,onClose:r,policy:a}){const[l,o]=R(!1),i=Jl(),c=ee(null),m=async()=>{var s,p;o(!0),await n((p=(s=c.current)==null?void 0:s.value)!=null?p:""),o(!1)};return e.createElement(me,{open:t,onClose:r,fullWidth:!0},e.createElement(He,null,e.createElement(E,{display:"flex",justifyContent:"space-between",alignItems:"center"},"Ready to publish?",e.createElement(P,{startIcon:e.createElement(st,null),onClick:r,className:i.closeButton},"Close")),e.createElement(h,null,"Double check your changes, then click Publish to activate this version of your policy. This will immediately apply the permissions defined in this version across Backstage.")),e.createElement(ne,{className:i.diffSummaryContainer,dividers:!0},e.createElement(Kt,{policy:a})),e.createElement(ne,null,e.createElement(ve,{variant:"outlined",fullWidth:!0,label:"Summary (optional)",placeholder:"Briefly describe this version (or changes from a previous version)",inputRef:c})),e.createElement(lt,null,e.createElement(P,{color:"primary",onClick:m,disabled:l},l?e.createElement(St,{size:20}):"Publish")))}const ql=C(t=>({paper:{padding:t.spacing(2,2,0,2)}})),ht=({isOpen:t,onClose:n,policy:r})=>{const a=ql();return e.createElement(me,{classes:{...a},open:t,onClose:n},e.createElement(He,{disableTypography:!0},e.createElement(E,{display:"flex",flexDirection:"row"},e.createElement(E,null,e.createElement(h,{variant:"h4",component:"h2"},"Success!"),e.createElement(h,null,r.name," has been published and is now your active policy.")),e.createElement(E,null,e.createElement(_,{onClick:n,title:"Close dialog"},e.createElement(st,null))))),e.createElement(ne,null,e.createElement(Te,{policy:r})),e.createElement(lt,null,e.createElement(E,{display:"flex",flexDirection:"row",flexGrow:1,justifyContent:"flex-start"},e.createElement(P,{component:Yn,color:"primary",onClick:n,role:"link",to:"/rbac"},"View all versions"))))},Kl={canPublish:!1,diff:null,hasChanges:!1,isValid:!1,policy:void 0,createNewRole:()=>"",discardLocalDraft:()=>{},exportPolicy:()=>{},publish:()=>{},saveLocalDraftToServer:()=>Promise.reject(),saveAndPublish:()=>Promise.reject(),refetchPolicy:()=>Promise.reject(),updateLocalDraft:()=>{}},en=Ie(Kl),Y=()=>Oe(en);function Xe({children:t,policyId:n}){const r=q(),a=I(oe),l=I(H),{getPolicy:o,setPolicy:i}=Qe(),c=nt(),{NotFoundErrorPage:m}=c.getComponents(),[s,p]=R({active:!1,update:!1}),[u,d]=R(!1),[{loading:x,value:f},y]=yt(),g=o(n),[w,S,T]=Vl(),z=!w||_e.safeParse(w).success,M=z?w:void 0,{policy:b,policyConflict:A}=Ul({serverPolicy:g,localPolicy:M}),v=Jt(b),$=_e.safeParse(b).success,L=$&&!M&&!x,[{loading:le,error:X},Ee]=ue(()=>l.getPolicy(n),[l,n],g?{loading:!1,value:g}:{loading:!0}),ae=()=>{p({active:!0,update:!1})},Z=()=>{p({active:!0,update:!0})},K=k(async()=>{const V=await Ee();i(V)},[Ee,i]),Ln=k(async V=>{await y(b,V,s.update?b:void 0),p({active:!1,update:!1}),K==null||K()},[b,s,y,p,K]),Mn=async()=>{d(!1)},Fn=()=>{S(V=>V&&g&&{...V,updatedAt:g.updatedAt})},zn=k(async()=>{if(!b)throw new Error("No policy to save");try{await l.updateDraft(b.id,{name:b.name,roles:b.roles,options:b.options}),a.post({message:"Policy saved",severity:"success"}),T(),K==null||K()}catch(V){a.post({message:(V==null?void 0:V.message)||"An error occurred while updating the policy",severity:"error"})}},[a,l,b,K,T]),Wn=k(()=>{if(!b)throw new Error("No policy to create a new role");const V=new Set(b.roles.map(Vn=>Vn.id));let fe;do fe=pe().split("-")[0];while(V.has(fe));const Un={name:`Role ${fe}`,permissions:[],members:"*",id:fe};return S({...b,roles:[...b.roles,Un]}),fe},[b,S]),Hn=()=>{T(),r("/rbac")},jn=()=>{b&&Zt(b)};return G(()=>{g||K()},[K,g]),G(()=>{f&&d(!0)},[f]),z?b?e.createElement(en.Provider,{value:{canPublish:L,diff:v,hasChanges:!!M,isValid:$,policy:b,createNewRole:Wn,discardLocalDraft:T,exportPolicy:jn,publish:ae,saveLocalDraftToServer:zn,refetchPolicy:K,updateLocalDraft:S,saveAndPublish:Z}},A&&M&&g&&e.createElement(jl,{localPolicy:M,onSelectLocalPolicy:Fn,onSelectServerPolicy:T,serverPolicy:g}),e.createElement(gt,{open:s.active,onClose:()=>p({active:!1,update:!1}),onPublish:Ln,policy:b}),f&&e.createElement(ht,{isOpen:u,onClose:Mn,policy:f}),t):le?e.createElement(ze,null):X?Al(X)?e.createElement(m,null):e.createElement(Nt,{error:X!=null?X:new Error("Unknown")}):null:e.createElement(Yl,{onConfirm:Hn,policy:w})}function Ql(t){throw new Error("Invalid state")}function vt(){const t=I(H),n=I(oe),r=q(),{fetchPolicies:a}=Pe();return ue(async l=>{if(!l)return;const{roles:o,name:i,options:c}=l;try{const m=await t.createDraft({roles:o,options:c,name:i});return await a(),r(`/rbac/versions/${m.id}`),m}catch(m){throw m instanceof Error&&n.post({message:m.message,severity:"error"}),m}},[r,t,n,a])}const Xl=[{title:"Name",field:"name",render:t=>e.createElement(ie,{to:`versions/${t.id}`},t.name)},{title:"Status",field:"status",render:t=>{switch(t.status){case"active":return"Active";case"draft":return"Draft";case"inactive":return"Inactive";default:return Ql(t.status)}}},{title:"Publish date",field:"lastPublishedAt",render:t=>t.lastPublishedAt?Je.fromISO(t.lastPublishedAt).toLocaleString(Je.DATETIME_MED_WITH_SECONDS):"",type:"datetime",defaultSort:"desc"},{title:"Published by",field:"lastPublishedBy"}];function Zl(t){const n=t.data.length>3,{fetchPolicies:r}=Pe(),[{loading:a},l]=vt(),[{loading:o,value:i},c]=yt(),[m,s]=R(void 0),[p,u]=R(!1),d=()=>{s(void 0),r()},x=(m==null?void 0:m.id)===(i==null?void 0:i.id)?i:void 0,f=[y=>{const{tableData:g,...w}=y;return{icon:zr,tooltip:"Republish",onClick:()=>{s(w),u(!0)},disabled:o}},y=>{const{tableData:g,...w}=y;return{icon:Wr,tooltip:"Duplicate",disabled:a||!t.canDuplicate,onClick:()=>l(w)}}];return e.createElement(e.Fragment,null,e.createElement(or,{title:"Previous Versions",columns:Xl,data:t.data,options:{paging:n,pageSize:3,pageSizeOptions:[3,5,10,20],actionsColumnIndex:-1,loadingType:"linear"},actions:f}),m&&e.createElement(gt,{open:p,onPublish:y=>{c(m,y),u(!1)},onClose:()=>{s(void 0),u(!1)},policy:m}),x&&e.createElement(ht,{isOpen:!0,policy:x,onClose:d}))}const ea=t=>{const[n,r]=R(!1),{fetchPolicies:a}=Pe(),[{loading:l,value:o},i]=yt(),{policy:c,hasChanges:m}=Y(),s=_e.safeParse(c).success,p=!m&&s,u=async x=>{await i(c,x),r(!1)},d=()=>{a()};return e.createElement(e.Fragment,null,e.createElement(P,{...t,onClick:()=>r(!0),disabled:!p||l},"Publish"),e.createElement(gt,{open:n,onClose:()=>r(!1),onPublish:u,policy:c}),o&&e.createElement(ht,{isOpen:!0,onClose:d,policy:o}))};function ta(t){const n=I(H),r=I(oe),{fetchPolicies:a}=Pe();return ue(async()=>{if(t)return n.deleteDraft(t.id).then(a).catch(l=>(r.post({message:l.message,severity:"error"}),Promise.reject(l)))},[t])}function na({policies:t}){const n=t.find(s=>s.status==="draft"),r=t.find(s=>s.status==="active"),[a,l]=vt(),[o,i]=ta(n),c=q(),m=ra(t);return e.createElement(O,{container:!0,spacing:4},r?e.createElement(O,{item:!0,xs:12,md:6},e.createElement(Te,{policy:r,to:`./versions/${r.id}`,actions:e.createElement(P,{color:"primary",disabled:a.loading||!!n,onClick:()=>l(r)},"Duplicate")})):null,n?e.createElement(O,{item:!0,xs:12,md:6},e.createElement(Te,{policy:n,to:`./versions/${n.id}`,actions:e.createElement(e.Fragment,null,e.createElement(P,{onClick:()=>c(`versions/${n.id}`),color:"primary"},"Edit"),e.createElement(P,{color:"primary",disabled:o.loading,onClick:i},"Delete Draft"),e.createElement(Xe,{policyId:n.id},e.createElement(ea,{color:"primary"})))})):null,e.createElement(O,{item:!0,xs:12},e.createElement(Zl,{data:m,canDuplicate:!n})))}function ra(t){return t.filter(({status:n})=>n==="inactive")}function la(){const{policies:t}=Qe(),{loading:n,error:r,fetchPolicies:a}=Pe();Pt(()=>{t||a()});let l;return n?l=e.createElement(O,{item:!0,xs:12},e.createElement(ze,null)):r?l=e.createElement(Nt,{error:r}):!t||t.length===0?l=e.createElement(Sl,null):l=e.createElement(na,{policies:t}),e.createElement(Ke,{pages:void 0,header:e.createElement(We,{title:"RBAC Policies"},e.createElement(Pl,null))},l)}const aa=C(t=>({titleWrapper:{display:"flex",alignItems:"center",gap:t.spacing(2)}}));function tn({children:t}){const n=aa();return e.createElement(h,{noWrap:!0,variant:"h4",component:"h2",color:"textSecondary",className:n.titleWrapper},t)}const oa=e.forwardRef(function({children:t,role:n,...r},a){const l=B(()=>{const i=[];return Dt.forEach(t,c=>{if(Le(c)){const m=c.props.children[0];Le(m)&&i.push(m);const s=c.props.children[1];if(Le(s)){const p=Dt.toArray(s.props.children).filter(Le);i.push(...p)}}}),i},[t]),o=l.length;return e.createElement("div",{ref:a},e.createElement("ul",{...r},e.createElement(_r,{height:250,width:250,rowHeight:54,overscanCount:5,rowCount:o,rowRenderer:i=>e.cloneElement(l[i.index],{style:{...i.style,whiteSpace:"nowrap"}}),role:n})))}),ia=C({autocomplete:{display:"flex",flex:1}});function ca({members:t,options:n,namespaceOptions:r,loading:a=!1,disabled:l=!1,isMultiNamespaces:o=!1,onTextChange:i,onToggleMember:c,onChange:m}){const[s,p]=R(!1),u=ia(),[d,x]=Gn(g=>g+1,0),f=(g,w)=>{w&&(c(w),x())};G(()=>{s&&i("")},[s,i]);const y=o?r.concat((n==null?void 0:n.members)||[]):(n==null?void 0:n.members)||[];return e.createElement(E,{width:250},e.createElement(mt,{key:`${d}`,open:s,onOpen:()=>{p(!0)},onClose:()=>{p(!1)},onChange:f,getOptionLabel:Se,groupBy:sa,ListboxComponent:oa,renderOption:g=>e.createElement(e.Fragment,null,e.createElement(be,{id:`checkbox-${g.entityRef}`,checked:t.includes(g.entityRef),color:"primary"}),e.createElement("label",{htmlFor:`checkbox-${g.entityRef}`},o?Se(g,!1):Se(g))),options:y,openOnFocus:!0,disabled:l,loading:a,className:u.autocomplete,renderInput:g=>e.createElement(ve,{...g,label:o?"Select members":"Select specific users/groups",variant:"standard",onChange:m,InputProps:{...g.InputProps,endAdornment:e.createElement(e.Fragment,null,a?e.createElement(St,{color:"inherit",size:20}):null,g.InputProps.endAdornment)}})}))}function Se(t,n=!0){var r;const a=re(t.entityRef);return a.name==="*"?a.namespace:jr({...a,name:(r=t.name)!=null?r:a.name},{defaultKind:a.kind,defaultNamespace:n?Hr:!1})}const nn={user:"USERS",group:"GROUPS",namespace:"NAMESPACES"};function sa(t){const{name:n,kind:r}=re(t.entityRef),a=n==="*"?"namespace":r;if(!nn[a])throw new Error(`Group '${a}' is not supported for members in a policy`);return nn[a]}function rn(t,n){switch(n){case"small":return t.typography.caption;case"medium":return t.typography.body1;case"large":return t.typography.subtitle1;default:return t.typography.caption}}function ln(t){switch(t){case"small":return .2;case"medium":return .3;case"large":return 1;default:return .8}}const ma=C(t=>({root:{display:"inline-flex",fontWeight:"bold",borderRadius:"1000px",margin:t.spacing(1),padding:t.spacing(0,1)},message:({size:n})=>({fontSize:rn(t,n).fontSize,font:rn(t,n).font,verticalAlign:"middle",padding:t.spacing(ln(n),0,ln(n),0)})}),{name:"MuiAlert"});function an(t){var n;const r=ma({size:t.size||"small"});return e.createElement(zt,{classes:{root:r.root,message:r.message},role:"textbox",severity:t.severity,icon:(n=t.icon)!=null?n:!1,variant:t.outlined?"outlined":"standard",title:t.text},t.text)}const Ae=t=>{const n=Ll(t.operation);return!t.operation||t.operation==="UNCHANGED"?null:e.createElement(an,{size:t.size,text:n,severity:Bl(t.operation),outlined:!0})},da=C(t=>({actionCol:{width:48},typeIconCol:{paddingRight:"0.4rem"},nameCol:{paddingLeft:0},typeIcon:{color:t.palette.grey[500]}}));function ua({diff:t,loading:n,isMultiNamespaces:r,members:a,error:l,onToggleMember:o,readonly:i=!1}){const c=da();if(n)return e.createElement(j,null,e.createElement(D,{scope:"row",colSpan:i?4:5},e.createElement(ze,null)));if(l&&l.message!=null,a==="*")return e.createElement(j,null,e.createElement(D,{colSpan:2,height:80},"All"),e.createElement(D,{colSpan:i?2:3},e.createElement(Ae,{operation:t==null?void 0:t.members["*"].operation})));if(a.length===0)return e.createElement(j,null,e.createElement(D,{scope:"row",colSpan:i?4:5},"Select users or groups using the drop-down menu above."));const m=a.sort((s,p)=>{let u=0;r&&p.name==="*"&&s.name!=="*"?u=1:r&&s.name==="*"&&p.name!=="*"&&(u=-1);const d=s.type.localeCompare(p.type),x=re(s.entityRef).namespace.localeCompare(re(p.entityRef).namespace),f=re(s.entityRef).name.localeCompare(re(p.entityRef).name);return u||d||x||f});return e.createElement(e.Fragment,null,m.map(s=>{var p;const{name:u,type:d,entityRef:x}=s;return e.createElement(j,{key:x},e.createElement(D,{className:c.typeIconCol},d==="group"&&e.createElement(Yr,{className:c.typeIcon})||r&&u==="*"&&e.createElement(Jr,{className:c.typeIcon})||e.createElement(Lt,{className:c.typeIcon})),e.createElement(D,{scope:"row",className:c.nameCol},(p=r?Se(s,!1):Se(s))!=null?p:"Unknown"),e.createElement(D,{scope:"row"},u==="*"&&r?"namespace":d),e.createElement(D,null,u&&e.createElement(Ae,{operation:t==null?void 0:t.members[x].operation})),!i&&e.createElement(D,{scope:"row",className:c.actionCol},e.createElement(_,{"aria-label":"delete",onClick:()=>o(s),size:"small"},e.createElement(De,null))))}))}const on=Ie({loading:!1}),pa=({children:t})=>{const n=I(H),r=ye(async()=>await n.searchMembers({query:""}),[n]);return e.createElement(on.Provider,{value:r},t)},Ea=()=>Oe(on),fa=C(()=>({header:{display:"flex",flexDirection:"row",justifyContent:"space-between",paddingLeft:"1rem",paddingRight:"1rem",gap:"1rem"},actionCol:{width:48},typeIconCol:{paddingRight:"0.4rem"},nameCol:{paddingLeft:0}}));function ya({diff:t,policyId:n,role:r,onToggleMember:a,readonly:l=!1,debounceTime:o=1e3}){const i=I(H),c=I(Ur),m=fa(),s=r.members==="*",[p,u]=R(""),{current:d}=ee({}),x=v=>{d[v.entityRef]=v,a(v.entityRef)},f=v=>{var $;if(d[v])return d[v];const L=re(v);return{entityRef:v,type:L.kind.toLowerCase(),name:($=L.name)!=null?$:v}},{value:y,loading:g}=Ea(),{loading:w,value:S}=ye(async()=>{const v=await c.getEntityFacets({facets:["metadata.namespace"]}).then($=>$.facets["metadata.namespace"].map(L=>L.value));return ga(v)},[c]),T=S?(S==null?void 0:S.length)>1:!1,z=S?S.filter(v=>v.entityRef.toLowerCase().includes(p)):[],M=B(()=>dr(v=>{u(v.target.value.toLowerCase())},o),[u,o]),{loading:b,error:A}=ye(async()=>{r.members==="*"||r.members.length===0||(await i.getPolicy(n)).roles.find(v=>v.id===r.id)===void 0||r.members.forEach(v=>{const $=f(v);d[$.entityRef]=$})},[n,s]);return e.createElement(e.Fragment,null,e.createElement("div",{className:m.header},e.createElement("h2",null,"Members"),e.createElement(ca,{onToggleMember:x,members:r.members,disabled:l,options:y,namespaceOptions:z,isMultiNamespaces:T,loading:g||w,onTextChange:u,onChange:M})),e.createElement(je,null,e.createElement(Ue,null,e.createElement(j,null,e.createElement(D,{className:m.typeIconCol}),e.createElement(D,{className:m.nameCol},"Name"),e.createElement(D,null,"Type"),e.createElement(D,null),!l&&e.createElement(D,{className:m.actionCol}))),e.createElement(Ve,null,e.createElement(ua,{diff:t,loading:b||w,isMultiNamespaces:T,error:A,members:Array.isArray(r.members)?r.members.map(f):r.members,onToggleMember:x,readonly:l}))))}function ga(t){return t.map(n=>({name:"*",type:"user",entityRef:`user:${n}/*`})).sort((n,r)=>n.entityRef.toLowerCase().localeCompare(r.entityRef.toLowerCase()))}function cn(t){return`${t.palette.primary.main}50`}const ha=C(t=>({indicator:{right:"unset"},tab:{maxWidth:"none","&.Mui-selected":{backgroundColor:cn(t),color:t.palette.primary.main}}}));function va({options:t,selected:n,onChange:r,readonly:a=!1}){const l=ha();return e.createElement(ur,{orientation:"vertical",value:t.map(({id:o})=>o).indexOf(n),onChange:(o,i)=>r(t[i].id),indicatorColor:"primary",TabIndicatorProps:{className:l.indicator}},t.map(o=>e.createElement(pr,{key:o.id,label:o.displayText.toUpperCase(),className:l.tab,disabled:a})))}const ba=["condition","anyOf","allOf","not"],sn={condition:"Condition",anyOf:"Any of",allOf:"All of",not:"Not"};function bt(t){return t===null?!1:t.hasOwnProperty("id")&&t.hasOwnProperty("ruleName")&&t.hasOwnProperty("parameters")}function Re(t){return t.hasOwnProperty("levelType")}function Ca(t){return t==="anyOf"||t==="allOf"||t==="not"}function xa(t){return t?{id:t.id,match:wa(t),decisionType:Da(t),criteria:Ye(t.decision)?$e(t.decision.conditions):null}:{id:pe(),match:{method:"specificPermission"},decisionType:"allow",criteria:null}}function wa(t){var n;return t.match==="*"?{method:"all"}:t.match.name?{method:"specificPermission",name:t.match.name}:t.match.resourceType||(n=t.match.actions)!=null&&n.length?{method:"filter",resourceType:t.match.resourceType,actions:t.match.actions}:{method:"specificPermission"}}function Da(t){return typeof t.decision=="string"?t.decision:"conditional"}function $e(t){const n=pe();return Sr(t)?{id:n,levelType:"allOf",children:t.allOf.map(r=>$e(r))}:Ar(t)?{id:n,levelType:"anyOf",children:t.anyOf.map(r=>$e(r))}:Rr(t)?{id:n,levelType:"not",children:[$e(t.not)]}:{id:n,ruleName:t.rule,parameters:t.params}}function mn(t,n){if(!t)return!1;if(Re(t))return t.children.length>0&&t.children.every(a=>mn(a,n));if(!t.ruleName)return!1;const r=n==null?void 0:n.find(({name:a})=>a===t.ruleName);return r?r.paramsSchema?new Ht({allErrors:!0}).compile(r.paramsSchema)(t.parameters):!0:!1}function Na(t,n,r){return{id:t,match:dn(n,r),decision:r}}function dn({method:t,...n},r){return t==="all"?"*":r&&Ye(r)?{resourceType:r.resourceType,...n}:n}function Ct(t){return bt(t)?{rule:t.ruleName,params:t.parameters}:t.levelType==="not"?{not:Ct(t.children[0])}:{[t.levelType]:t.children.map(n=>Ct(n))}}const Pa=C(t=>({toggleButton:{"&.Mui-selected":{backgroundColor:cn(t),color:t.palette.primary.main},"&.Mui-selected:hover":{backgroundColor:"#97BBE8"},color:t.palette.primary.main,border:`1px solid ${t.palette.primary.main}`}}));function xt({className:t,...n}){const r=Pa();return e.createElement(Vr,{className:`${r.toggleButton} ${t}`,...n})}const Ta=C({fullWidth:{width:"100%","& > *":{flexGrow:1}}});function Sa({className:t,fullWidth:n,...r}){const a=Ta();return e.createElement(Gr,{className:`${n?a.fullWidth:""} ${t}`,...r})}function Aa(t,n){const r=(t!=null?t:[]).filter(o=>$r(o,dn(n))),a=qr(r,o=>rt(o)?o.resourceType:void 0),l=a.length===1&&rt(a[0])?a[0].resourceType:void 0;return{permissions:r,commonResourceType:l}}const Ra=C(()=>({fullWidth:{width:"100%","& > *":{flexGrow:1}}})),un="Permission name";function $a({name:t="",readonly:n,onNameChange:r}){const a=Ra(),{permissions:l}=Ne();return e.createElement(Ce,{className:a.fullWidth,variant:"outlined",disabled:n},e.createElement(de,{id:"match-by-name-dropdown"},un),e.createElement(xe,{labelId:"match-by-name-dropdown",label:un,value:l?t:"",onChange:o=>r==null?void 0:r(o.target.value)},l==null?void 0:l.map(o=>e.createElement(U,{key:o.name,value:o.name},o.name))))}const ka=C(()=>({fullWidth:{width:"100%","& > *":{flexGrow:1}}})),pn="Resource type";function Ia({resourceType:t="",readonly:n,onResourceTypeChange:r}){const a=ka(),l=Gt();return e.createElement(Ce,{className:a.fullWidth,variant:"outlined",disabled:n},e.createElement(de,{id:"match-by-resource-dropdown"},pn),e.createElement(xe,{labelId:"match-by-resource-dropdown",label:pn,value:l?t:"",onChange:o=>r==null?void 0:r(o.target.value),displayEmpty:!0},l==null?void 0:l.map(o=>e.createElement(U,{key:o,value:o},o))))}const Oa="Action";function Ba({actions:t,readonly:n,onActionsChange:r}){return e.createElement(mt,{multiple:!0,id:"match-by-attribute-dropdown",options:["create","read","update","delete"],getOptionLabel:a=>a,value:t!=null?t:[],onChange:(a,l)=>r==null?void 0:r(l),filterSelectedOptions:!0,renderInput:a=>e.createElement(ve,{...a,variant:"outlined",label:Oa,placeholder:"Choose attributes",margin:"normal"}),disabled:n})}const La=C(()=>({root:{fontFamily:"monospace"}})),En=({children:t})=>{const n=La();return e.createElement(h,{variant:"body2",className:n.root},t)},Ma=C(t=>({rule:{color:t.palette.type==="light"?"#EB0014":"#FF8F9C"},parameters:{color:t.palette.type==="light"?"#E22134":"#EE96A0"}}));function fn({condition:t}){const n=Ma();return e.createElement(En,null,e.createElement(E,{component:"span",className:n.rule},t.ruleName,"(",e.createElement(E,{component:"span",className:n.parameters},JSON.stringify(t.parameters,null,1)),")"))}const Fa=({children:t})=>e.createElement(E,{pl:2},t);function yn({level:t}){return e.createElement(e.Fragment,null,e.createElement(En,null,sn[t.levelType]),e.createElement(Fa,null,t.children.map((n,r)=>Re(n)?e.createElement(yn,{key:r,level:n}):e.createElement(fn,{key:r,condition:n}))))}const za=C(t=>({resultsBox:{border:`1px solid ${t.palette.border}`,borderRadius:t.shape.borderRadius,padding:t.spacing(2)}}));function Wa({permissionCriteria:t}){const n=za();return e.createElement(E,{className:n.resultsBox},bt(t)&&e.createElement(fn,{condition:t}),Re(t)&&e.createElement(yn,{level:t}))}const Ha=C(t=>({conditionResultText:{color:t.palette.success.main},conditionDecisionText:{padding:`0 0 ${t.spacing(3)}px`}}));function gn({permissionCriteria:t}){const n=Ha();return e.createElement("div",null,e.createElement(h,{component:"p",variant:"body1",className:n.conditionDecisionText},"If the below conditions are met then the action is"," ",e.createElement("strong",{className:n.conditionResultText},"allowed.")),e.createElement(Wa,{permissionCriteria:t}))}const ja=C(()=>({addButton:{paddingLeft:40,paddingRight:40}}));function hn({onSelect:t}){const n=ja(),r=ee(null),[a,l]=R(!1),o=()=>{l(i=>!i)};return e.createElement("div",null,e.createElement(P,{className:n.addButton,variant:"outlined",color:"primary",onClick:o,ref:r},"Add"),e.createElement(At,{anchorEl:r.current,open:a,onClose:o,BackdropProps:{}},ba.map(i=>e.createElement(U,{key:i,onClick:()=>{t==null||t(i),l(!1)}},sn[i]))))}const Ua=C(t=>({editor:{"--jse-main-border":`1px solid ${t.palette.divider}`,"--jse-panel-border":`1px solid ${t.palette.divider}`,"--jse-message-error-background":t.palette.error.main,"--jse-message-warning-background":t.palette.warning.main,"--jse-background-color":t.palette.background.default,"--jse-panel-background":t.palette.background.default,"--jse-delimiter-color":t.palette.type==="light"?"rgba(0, 0, 0, 0.38)":"rgba(255, 255, 255, 0.38)","--jse-error-color":t.palette.text.primary,"--jse-key-color":t.palette.text.primary,"--jse-value-color":t.palette.text.primary,"--jse-text-color":t.palette.text.primary,"--jse-panel-color-readonly":t.palette.text.hint,"--jse-value-color-string":t.palette.status.ok,"--jse-value-color-null":t.palette.status.warning,"--jse-value-color-number":t.palette.status.error,"--jse-value-color-boolean":t.palette.status.running,"--jse-font-family":"inherit"}})),Va=t=>"parseError"in t,Ga=t=>{var n;return t?Va(t)?!!t.parseError:((n=t==null?void 0:t.validationErrors)==null?void 0:n.length)>0:!1};function _a({onChange:t,schema:n,value:r}){const a=ee(null),l=ee(),o=Ua();return G(()=>(a.current&&!l.current&&(l.current=new Kr({target:a.current,props:{onChange:(i,c,{contentErrors:m})=>{!Ga(m)&&Qr(i)&&t(JSON.parse(i.text))},validator:Xr({schema:n}),content:{json:{}},mainMenuBar:!1,mode:Zr.text}})),()=>{var i;(i=l.current)==null||i.destroy(),l.current=void 0}),[t,n]),Pt(()=>{var i;(i=l.current)==null||i.updateProps({content:{json:r}})}),e.createElement("div",{ref:a,className:o.editor,style:{height:300}})}const Ya=[];function Ja(t){const{onChange:n,schema:r,name:a}=t,{description:l,items:o}=r,[i,c]=e.useState(!1),m=Array.isArray(t.value)?t.value:Ya,s=m.includes(we),p=(g,w)=>{if(!Array.isArray(w)){const S=[...m];S[g]=w||"",n(S)}},u=k(()=>{n([...m,""])},[n,m]),d=g=>{n(m.filter((w,S)=>S!==g))},x=()=>{n(s?[]:[we])},f=()=>{s&&c(!0)},y=()=>{c(!1)};return G(()=>{m.length?s&&m.length>1&&n([we]):u()},[u,n,m,s]),!o||!("type"in o)?null:e.createElement(e.Fragment,null,(m!=null?m:[]).map((g,w,{length:S})=>e.createElement(bn,{allowEmptyStrings:!0,key:w,onChange:T=>p(w,T),name:w===0?a:"",schema:{description:w===S-1?l:"",type:o.type},value:g,controls:e.createElement(_,{size:"small",onClick:()=>d(w)},e.createElement(el,null))})),!!(m!=null&&m.length)&&e.createElement(E,{alignItems:"center",display:"flex",flexDirection:"row",justifyContent:"space-between"},e.createElement(E,null,e.createElement(Rt,{control:e.createElement(be,{checked:s,onChange:x,name:"checkedB",color:"primary"}),label:"Use the claims from the logged in users token"})),e.createElement(E,null,e.createElement(he,{onClose:y,onOpen:f,open:i,title:"To add additional entries you must uncheck using the claims from the logged in user."},e.createElement("span",null,e.createElement(_,{disabled:s,size:"small",onClick:u},e.createElement(dt,null)))))))}function qa(t){const{onChange:n,schema:r,name:a,value:l}=t,{description:o}=r;return e.createElement(E,{mb:1},e.createElement(Rt,{control:e.createElement(be,{checked:l===!0,onChange:i=>{n(i.target.checked)},name:a,color:"primary"}),label:a}),o&&e.createElement(h,{display:"block",variant:"caption",color:"textSecondary"},o))}function Ka({allowEmptyStrings:t,controls:n,name:r,onChange:a,schema:l,value:o}){const i=c=>{a(Xa({value:c.currentTarget.value,type:l.type}))};return e.createElement(E,{mb:1},e.createElement(E,{display:"flex",gridGap:6},e.createElement(ve,{fullWidth:!0,id:r,label:r,placeholder:"Enter",variant:"outlined",size:"small",value:Qa(o,t),onChange:wt(o,t)?void 0:i,disabled:wt(o,t)}),n&&e.createElement(E,{alignSelf:"center"},n)),l.description&&e.createElement(h,{variant:"caption",color:"textSecondary"},l.description,wt(o)&&!t&&e.createElement(e.Fragment,null," (switch to JSON editor to edit)")))}function wt(t,n=!1){return!n&&t===""||t===null||t===we}function Qa(t,n=!1){return!n&&t===""?"[empty string]":t===null?"[null]":t===we?"[BackstageUserClaims]":t||""}function Xa({value:t,type:n}){switch(n){case"string":return t===""?void 0:t;case"number":case"integer":return Number.isNaN(Number(t))?void 0:Number(t);case"null":return t==="null"?null:void 0;default:return}}function vn(t){return!!t&&"type"in t&&(t.type==="array"||t.type==="boolean"||t.type==="null"||t.type==="number"||t.type==="integer"||t.type==="string")}function Za(t){return"type"in t&&t.type==="array"}function eo(t){return"type"in t&&t.type==="boolean"}function bn({schema:t,...n}){return vn(t)?Za(t)?e.createElement(Ja,{...n,schema:t}):eo(t)?e.createElement(qa,{...n,schema:t}):e.createElement(Ka,{...n,schema:t}):null}const to=new Ht({allErrors:!0});function no({onChange:t,schema:n,value:r}){var a;const l=B(()=>to.compile(n),[n]),o=B(()=>l(r),[l,r]),i=Object.entries(n.properties),c=m=>s=>{t({...r,[m]:s})};return e.createElement(e.Fragment,null,i.map(([m,s])=>{var p;return e.createElement(bn,{isRequired:((p=n.required)==null?void 0:p.includes(m))||!1,key:m,name:m,onChange:c(m),schema:s,value:r==null?void 0:r[m]})}),e.createElement(at,{error:!o},(a=l.errors)==null?void 0:a[0].message))}const ro=t=>!!t&&"properties"in t;function lo({onChange:t,rule:n,value:r}){const[a,l]=R(!1),{paramsSchema:o}=n!=null?n:{},i=()=>l(p=>!p);if(!ro(o))return null;const c=!ao(o),m=c||a,s=e.createElement(P,{size:"small",onClick:i,disabled:c},m?"Close editor":"Edit as JSON");return e.createElement(E,{marginTop:2},e.createElement("form",null,m?e.createElement(_a,{onChange:t,schema:o,value:r}):e.createElement(e.Fragment,null,e.createElement(E,{marginBottom:2},e.createElement(de,null,"Parameters")),e.createElement(no,{onChange:t,schema:o,value:r}))),e.createElement(E,{display:"flex",flexDirection:"column",alignItems:"flex-end",marginTop:1},c?e.createElement(he,{title:"Only JSON editing is supported for this parameter",arrow:!0},e.createElement("span",null,s)):s))}function ao(t){return Object.values(t.properties).every(vn)}const oo=C(t=>({conditionCard:{minWidth:t.spacing(63)},conditionCardBar:{height:t.spacing(1),backgroundImage:"linear-gradient(90deg, #007DFF 0%, #0057B2 100%)"},autocomplete:{flex:1}}));function Cn({ruleName:t,parameters:n,resourceType:r,onChange:a,onDelete:l}){var o;const i=oo(),c=Vt(),m=(o=c==null?void 0:c.filter(d=>d.resourceType===r))!=null?o:[],s=m.find(d=>d.name===t),p=d=>{a(d,{})},u=k(d=>{a(t,d)},[a,t]);return e.createElement(E,{display:"flex",alignItems:"center"},e.createElement(te,{className:i.conditionCard},e.createElement("div",{className:i.conditionCardBar}),e.createElement(ge,null,e.createElement(E,null,e.createElement(E,null,e.createElement(mt,{className:i.autocomplete,"data-testid":"rule-select",getOptionLabel:d=>d.name,getOptionSelected:(d,x)=>d.name===x.name,options:m,onChange:(d,x)=>p(x?x.name:null),renderInput:d=>e.createElement(e.Fragment,null,e.createElement(E,{marginBottom:2},e.createElement(de,null,"Rule")),e.createElement(ve,{...d,placeholder:"Select",variant:"outlined",size:"small",name:"rule"})),renderOption:d=>e.createElement(E,null,e.createElement(h,{variant:"body2"},d.name),e.createElement(h,{noWrap:!0,variant:"caption"},d.description)),value:s||null,PopperComponent:d=>e.createElement(Er,{...d,style:{width:"auto"},placement:"bottom-start"})})),e.createElement(E,{flex:"1"},e.createElement(E,{display:"flex",flexDirection:"column"},e.createElement(lo,{rule:s,onChange:u,value:n})))))),e.createElement(E,{ml:1},e.createElement(_,{"aria-label":"delete",onClick:l,size:"small"},e.createElement(De,null))))}function Ze(){return{id:pe(),ruleName:null,parameters:{}}}const io=C(t=>({conditionTypeFormControl:{minWidth:80,marginLeft:t.spacing(1)}}));function co({level:t,onSelect:n}){const r=io(),a=t.children.length>1;return e.createElement(E,{display:"flex",alignItems:"center"},e.createElement(Ce,{className:r.conditionTypeFormControl},e.createElement(xe,{value:t.levelType,onChange:l=>n==null?void 0:n(l.target.value)},e.createElement(U,{key:"anyOf",value:"anyOf"},"Any of"),e.createElement(U,{key:"allOf",value:"allOf"},"All of"),e.createElement(U,{key:"not",value:"not",disabled:a},"Not"))),e.createElement(E,{ml:1},e.createElement(_,{"aria-label":"delete",onClick:()=>n==null?void 0:n(null),size:"small"},e.createElement(De,null))))}const so=C(t=>({treeVerticalSpacer:{width:t.spacing(2),borderLeft:`1px solid ${t.palette.status.aborted}`},treeHorizontalSpacer:{height:t.spacing(3),borderLeft:`1px solid ${t.palette.status.aborted}`},treeVerticalBranchHalf:{position:"absolute",height:"50%",borderLeft:`1px solid ${t.palette.status.aborted}`,alignSelf:"flex-start"},treeVerticalBranchFull:{borderLeft:`1px solid ${t.palette.status.aborted}`,alignSelf:"stretch"},treeHorizontalBranch:{width:t.spacing(2),borderTop:`1px solid ${t.palette.status.aborted}`}}));function xn({level:t,resourceType:n,onChange:r,parentConditionType:a,isRoot:l=!1}){const o=so(),i=k((f,y)=>{const g=[...t.children];return g.splice(f,1,y),g},[t]),c=k(f=>{r({...t,children:f})},[r,t]),m=k(f=>{f===null?r(null):f==="not"&&t.children.length>1?r({...t,levelType:f,children:t.children.slice(0,1)}):r({...t,levelType:f})},[r,t]),s=k((f,y)=>{c(f===null?wn(t.children,y):i(y,f))},[t,c,i]),p=f=>{const y=pe();f==="condition"?c([...t.children,Ze()]):f==="not"?c([...t.children,{id:y,levelType:f,children:[]}]):Ca(f)&&c([...t.children,{id:y,levelType:f,children:[Ze()]}])},u=f=>{c(wn(t.children,f))},d=B(()=>t.children.map((f,y)=>(g,w)=>{c(i(y,{...f,ruleName:g,parameters:w}))}),[t.children,c,i]),x=B(()=>t.children.map((f,y)=>g=>s(g,y)),[t.children,s]);return e.createElement("div",null,!l&&e.createElement("div",{className:o.treeHorizontalSpacer}),e.createElement(E,{display:"flex",alignItems:"center",position:"relative"},!l&&e.createElement(e.Fragment,null,e.createElement("div",{className:a==="not"?o.treeVerticalBranchHalf:o.treeVerticalBranchFull}),e.createElement("div",{className:o.treeHorizontalBranch})),e.createElement(co,{level:t,onSelect:m})),e.createElement(E,{display:"flex"},l||a==="not"?e.createElement(E,{pl:2}):e.createElement("div",{className:o.treeVerticalSpacer}),!l&&e.createElement(E,{pl:2}),e.createElement("div",null,t.children.map((f,y)=>Re(f)?e.createElement(E,{key:f.id},e.createElement(xn,{level:f,resourceType:n,parentConditionType:t.levelType,onChange:x[y]})):e.createElement(Be,{key:f.id},e.createElement("div",{className:o.treeHorizontalSpacer}),e.createElement(E,{display:"flex",alignItems:"center",position:"relative"},e.createElement("div",{className:t.levelType==="not"?o.treeVerticalBranchHalf:o.treeVerticalBranchFull}),e.createElement("div",{className:o.treeHorizontalBranch}),e.createElement(Cn,{ruleName:f.ruleName,parameters:f.parameters,resourceType:n,onChange:d[y],onDelete:()=>u(y)})))),!(t.levelType==="not"&&t.children.length>=1)&&e.createElement(e.Fragment,null,e.createElement("div",{className:o.treeHorizontalSpacer}),e.createElement(E,{display:"flex",alignItems:"center",position:"relative"},e.createElement("div",{className:o.treeVerticalBranchHalf}),e.createElement("div",{className:o.treeHorizontalBranch}),e.createElement(hn,{onSelect:p}))))))}function wn(t,n){const r=[...t];return r.splice(n,1),r}const mo=C(t=>({paper:{backgroundColor:t.palette.background.default,padding:t.spacing(3),marginBottom:t.spacing(3),minHeight:t.spacing(48)}}));function uo({permissionCriteria:t,resourceType:n,onUpdate:r,readonly:a=!1}){const l=mo(),o=k(p=>{r(u=>({...u,...p}))},[r]),i=k(p=>{const u=pe();o(p==="condition"?Ze():p==="not"?{id:u,levelType:p,children:[]}:{id:u,levelType:p,children:[Ze()]})},[o]),c=k((p,u)=>{r(d=>({...d,ruleName:p,parameters:u}))},[r]),m=k(()=>{r(null)},[r]);let s;return a?s=e.createElement(gn,{permissionCriteria:t}):t===null?s=e.createElement(hn,{onSelect:i}):bt(t)?s=e.createElement(Cn,{ruleName:t.ruleName,parameters:t.parameters,resourceType:n,onChange:c,onDelete:m}):Re(t)&&(s=e.createElement(xn,{level:t,resourceType:n,onChange:r,isRoot:!0})),e.createElement(ot,{variant:"outlined",className:l.paper},s)}const po=C(t=>({dialogTitle:{display:"flex",alignItems:"center",justifyContent:"space-between"},fullWidth:{width:"100%","& > *":{flexGrow:1}},infoIcon:{position:"absolute",right:t.spacing(3)},content:{padding:t.spacing(7)},saveButton:{paddingLeft:t.spacing(5),paddingRight:t.spacing(5)},contentContainerConditional:{display:"flex",gap:t.spacing(5),maxWidth:1480}})),Eo={specificPermission:"Choose a specific permission",filter:"Filter by permission properties",all:"Match all permissions"},Dn="Choose the name of a resource permission or filter by resource type to set a conditional decision.";function fo({rolePermission:t,readonly:n=!1,onClose:r,onSave:a}){const l=po(),{permissions:o}=Ne(),i=Vt(),c=bl(),m=xa(t),[s,p]=R(m.match),[u,d]=R(m.decisionType),[x,f]=R(m.criteria),y=B(()=>Aa(o,s),[o,s]),g=u==="conditional",w=g?"xl":"sm";G(()=>{g&&o&&!y.commonResourceType&&d("allow")},[g,o,y.commonResourceType,d]);const S=A=>{A!==null&&d(A)},T=B(()=>s.method==="specificPermission"&&!s.name||s.method==="filter"&&!s.resourceType&&!s.actions,[s]),z=B(()=>y.permissions.length===0?!1:!T,[y,T]),M=B(()=>u!=="conditional"?!0:!(!y.commonResourceType||!(c!=null&&c[y.commonResourceType].pluginId)||!mn(x,i)),[u,y,c,x,i]),b=()=>{a==null||a(Na(m.id,s,u==="conditional"?{resourceType:y.commonResourceType,pluginId:c[y.commonResourceType].pluginId,conditions:Ct(x)}:u))};return e.createElement(me,{open:!0,maxWidth:w,onClose:r,fullWidth:!0},e.createElement(He,{disableTypography:!0,className:l.dialogTitle},e.createElement(h,{variant:"h4",component:"h2"},"New Permission Decision"),e.createElement(P,{startIcon:e.createElement(st,null),onClick:r},"Close")),e.createElement(ne,{dividers:!0,className:l.content},e.createElement(E,{className:g?l.contentContainerConditional:void 0},e.createElement(E,{mb:5,flex:1},e.createElement(va,{options:Object.entries(Eo).map(([A,v])=>({id:A,displayText:v})),selected:s.method,onChange:A=>p({method:A}),readonly:n})),e.createElement(E,{mb:5,height:189,flex:1},s.method==="specificPermission"&&e.createElement($a,{name:s.name,readonly:n,onNameChange:A=>p({...s,name:A})}),s.method==="filter"&&e.createElement(e.Fragment,null,e.createElement(Ia,{resourceType:s.resourceType,readonly:n,onResourceTypeChange:A=>p({...s,resourceType:A})}),e.createElement(Ba,{actions:s.actions,readonly:n,onActionsChange:A=>p({...s,actions:A.length?A:void 0})}),T?null:e.createElement(e.Fragment,null,e.createElement(E,{marginY:2},e.createElement(it,{variant:"middle"})),e.createElement(at,null,`Matched ${y.permissions.length} ${y.permissions.length===1?"permission":"permissions"}`)))),e.createElement(E,{mb:5,flex:1},e.createElement(E,{display:"flex",alignItems:"center"},e.createElement(Sa,{value:u,exclusive:!0,fullWidth:!0,"aria-label":"Decision result",onChange:(A,v)=>S(v)},e.createElement(xt,{value:"allow","aria-label":"Decision allowed",disabled:n},"Allow"),e.createElement(xt,{value:"deny","aria-label":"Decision denied",disabled:n},"Deny"),e.createElement(xt,{value:"conditional","aria-label":"Decision conditionally allowed",disabled:!y.commonResourceType||n},"Conditional")),!g&&!n&&e.createElement(he,{title:Dn},e.createElement(Wt,{className:l.infoIcon,color:"primary","aria-label":Dn}))))),u==="conditional"&&!!y.commonResourceType&&e.createElement(uo,{permissionCriteria:x,resourceType:y.commonResourceType,onUpdate:f,readonly:n}),!n&&e.createElement(E,{display:"flex",justifyContent:"flex-end"},e.createElement(P,{variant:"contained",color:"primary",className:l.saveButton,onClick:b,disabled:!z||!M},"Save"))))}const yo=C(t=>({container:{display:"flex",position:"relative",alignItems:"center",gap:t.spacing(1),flexShrink:1,maxWidth:"100%",minWidth:0},input:({invalid:n})=>({boxSizing:"content-box",display:"block",maxWidth:"100%",padding:0,borderWidth:2,borderStyle:"solid",borderColor:n?t.palette.error.main:"transparent",borderRadius:t.shape.borderRadius,backgroundColor:"transparent",color:t.palette.textContrast,fontFamily:"inherit",fontSize:"inherit",lineHeight:"inherit",fontWeight:"inherit",textOverflow:"ellipsis"}),hiddenSpan:{position:"absolute",top:0,left:0,borderWidth:1,whiteSpace:"pre",opacity:0,pointerEvents:"none"}}));function Nn({invalid:t,name:n,value:r,onTextChange:a}){const l=yo({invalid:t}),[o,i]=R(!1),[c,m]=R(null),s=ee(null),[p,u]=R(r);G(()=>{u(r)},[r]),_n(()=>{s.current&&c&&s.current.style.setProperty("width",`max(${c.getBoundingClientRect().width}px, 3ch)`)},[c,p]);const d=()=>{i(!1),u(r)},x=()=>{i(!1),a==null||a(p)},f=()=>{var g;o?x():(i(!0),(g=s.current)==null||g.focus())},y=g=>{var w;g.key==="Enter"&&((w=s.current)==null||w.blur()),g.key==="Escape"&&d()};return e.createElement(e.Fragment,null,e.createElement("div",{className:l.container},e.createElement("input",{"aria-label":n,className:l.input,name:n,ref:s,onChange:g=>u(g.target.value),onFocus:f,onBlur:x,onKeyDown:y,value:p}),e.createElement("span",{"aria-hidden":"true",className:l.hiddenSpan,ref:m},p),e.createElement(_,{onClick:f,size:"small"},o?e.createElement(nl,{"aria-label":"Save title"}):e.createElement(tl,{"aria-label":"Edit title"}))))}const Pn=t=>{if(t.success)return{};const n={};for(const r of t.error.issues)n[r.path.join(".")]=!0;return n},Tn=({children:t,onConfirm:n,message:r,title:a})=>{const[l,o]=R(!1),i=()=>o(!1),c=()=>o(!0),m=()=>{n(),i()};return e.createElement(e.Fragment,null,t({onClick:c}),e.createElement(me,{open:l,onClose:i},e.createElement(He,null,e.createElement(E,{display:"flex",justifyContent:"space-between",alignItems:"center"},a)),e.createElement(ne,null,e.createElement(fr,null,r)),e.createElement(lt,null,e.createElement(P,{"aria-label":"Cancel action",color:"primary",onClick:i},"Cancel"),e.createElement(P,{"aria-label":"Confirm action",color:"secondary",onClick:m,variant:"contained"},"Confirm"))))},Sn=({helpText:t})=>e.createElement(E,{display:"flex",alignItems:"center"},e.createElement(E,{component:"span",mr:1},e.createElement(h,{variant:"body2",noWrap:!0},"Reorder")),e.createElement(he,{title:t},e.createElement(Wt,{color:"primary","aria-label":t}))),An=(t,n,r)=>{const a=n+r;if(a<0||a>=t.length)return t;const l=[...t];return[l[a],l[n]]=[l[n],l[a]],l},Rn=({array:t,index:n,onReorder:r})=>{const a=n===0,l=n===t.length-1;return e.createElement(E,{display:"flex"},e.createElement(_,{disabled:a,onClick:()=>r(An(t,n,-1)),"aria-label":"Move up",size:"small"},e.createElement(ll,null)),e.createElement(_,{disabled:l,onClick:()=>r(An(t,n,1)),"aria-label":"Move down",size:"small"},e.createElement(rl,null)))},go=C(()=>({emptyStateImage:{width:"95%",zIndex:2,position:"relative",left:"50%",top:"50%",transform:"translate(-50%, 15%)"}}));function $n({src:t,alt:n}){const r=go();return e.createElement("img",{src:t,className:`${r.emptyStateImage} `,alt:n})}const ho="Use the arrows to change the order in which permission decisions are evaluated.";function vo({diff:t,permissions:n,onReorderPermissions:r,onNewPermissionClick:a,onOpenPermission:l,onRemovePermissionClick:o,anyAllow:i,readonly:c=!1}){return e.createElement(e.Fragment,null,e.createElement(E,{display:"flex",justifyContent:"space-between",padding:2},e.createElement(h,{variant:"h5"},"Permission Decisions"),!c&&n.length!==0&&e.createElement(P,{color:"primary",variant:"outlined",startIcon:e.createElement(dt,null),onClick:a},"New")),e.createElement(je,null,e.createElement(Ue,null,e.createElement(j,null,!c&&!i&&e.createElement(D,{style:{width:0}},e.createElement(Sn,{helpText:ho})),e.createElement(D,null,"Match by"),e.createElement(D,null,"Decision"),e.createElement(D,null),!c&&e.createElement(D,null))),e.createElement(Ve,null,n.length===0&&e.createElement(j,null,e.createElement(D,{colSpan:5},e.createElement(Fe,{title:"No permission decisions set",description:"Click the button below to create your first permission.",missing:{customImage:e.createElement($n,{src:al,alt:"No permission placeholder"})},action:e.createElement(P,{variant:"contained",color:"primary",onClick:a},"New permission decision")}))),n.map((m,s)=>e.createElement(j,{key:s},!c&&!i&&e.createElement(D,null,e.createElement(Rn,{array:n,index:s,onReorder:r})),e.createElement(D,null,e.createElement(yr,{onClick:()=>l(s)},e.createElement(h,{variant:"body2",color:"primary"},ft(m)))),e.createElement(D,null,Ml(m)),e.createElement(D,null,e.createElement(Ae,{operation:t==null?void 0:t.permissions[m.id].operation})),!c&&e.createElement(D,{align:"right"},e.createElement(Tn,{message:"Are you sure you want to remove this permission decision?",onConfirm:()=>o(s),title:"Remove?"},p=>e.createElement(_,{...p,"aria-label":"Remove permission decision",size:"small"},e.createElement(De,null)))))))))}function bo({roleId:t}){const{versionId:n,roleId:r}=tt(),a=t!=null?t:r;return Ge(a),Ge(n),e.createElement(Xe,{policyId:n},e.createElement(xo,{roleId:a}))}const Co=C(t=>({cardContainer:{margin:t.spacing(0)}}));function xo({roleId:t}){const{diff:n,updateLocalDraft:r,policy:a}=Y(),l=a.roles.find(v=>v.id===t),o=n==null?void 0:n.roles[t],[i,c]=R(null),[m,s]=R(!1),p=nt(),{NotFoundErrorPage:u}=p.getComponents(),d=q(),x=Co();if(!l)return e.createElement(u,null);const f=l.name,y=v=>{const $=a.roles.findIndex(le=>le.id===v.id),L=[...a.roles];L.splice($,1,v),r({...a,roles:L})},g=v=>{y({...l,name:v})},w=v=>{if(i===null)y({...l,permissions:[v,...l.permissions]});else{const $=[...l.permissions];$.splice(i,1,v),y({...l,permissions:$})}s(!1)},S=v=>{if(v==="*")y({...l,members:l.members==="*"?[]:"*"});else if(l.members==="*")y({...l,members:[v]});else{const $=l.members.includes(v)?l.members.filter(L=>L!==v):[...l.members,v];y({...l,members:$.length===0?"*":$})}},T=v=>{y({...l,permissions:l.permissions.filter(($,L)=>v!==L)})},z=v=>{y({...l,permissions:v})},M=Pn(kr.safeParse(l)).name,b=a.status!=="draft",A=a.options.resolutionStrategy==="any-allow";return e.createElement(e.Fragment,null,e.createElement(Ke,{pages:[{title:a.name,path:`../../../${a.id}`},{title:f}],header:e.createElement(We,{titleComponent:e.createElement(tn,null,a.name," \xA0\u01C0",b?e.createElement(e.Fragment,null,"\xA0",f):e.createElement(Nn,{invalid:M,value:f,onTextChange:g}),e.createElement(Ae,{operation:o==null?void 0:o.role.operation,size:"medium"})),description:a.description||void 0},e.createElement(P,{variant:"outlined",color:"primary",onClick:()=>d("../..",{relative:"path"})},"Back to policy"))},e.createElement(O,{container:!0,className:x.cardContainer,spacing:4,direction:"row"},e.createElement(O,{item:!0,xs:6},e.createElement(te,null,e.createElement(ya,{diff:o||null,role:l,policyId:a.id,onToggleMember:S,readonly:b}))),e.createElement(O,{item:!0,xs:6},e.createElement(te,null,e.createElement(vo,{diff:o||null,permissions:l.permissions,onNewPermissionClick:()=>{c(null),s(!0)},onOpenPermission:v=>{c(v),s(!0)},onReorderPermissions:z,onRemovePermissionClick:T,anyAllow:A,readonly:b}))))),m&&e.createElement(fo,{rolePermission:i!==null?l.permissions[i]:void 0,onClose:()=>s(!1),onSave:w,readonly:b}))}const wo="Use the arrows to change the order in which roles are evaluated.";function Do({}){const{diff:t,policy:n,createNewRole:r,updateLocalDraft:a}=Y(),l=q(),o=No(n),i=n.status!=="draft",c=n.options.resolutionStrategy==="any-allow",m=u=>{a({...n,roles:u})},s=u=>{a({...n,roles:n.roles.filter(({id:d})=>d!==u)})},p=()=>{l(`./roles/${r()}`)};return e.createElement(ot,null,e.createElement(E,{display:"flex",justifyContent:"space-between",padding:2},e.createElement(h,{variant:"h3"},"Roles"),!i&&e.createElement(P,{color:"primary",variant:"outlined",startIcon:e.createElement(dt,null),onClick:()=>p()},"New role")),e.createElement(je,null,e.createElement(Ue,null,e.createElement(j,null,!i&&!c&&e.createElement(D,{style:{width:0}},e.createElement(Sn,{helpText:wo})),e.createElement(D,null,"Name"),e.createElement(D,null,"Users"),e.createElement(D,null,"Groups"),!i&&e.createElement(D,{style:{width:0}}))),e.createElement(Ve,null,o.map((u,d)=>e.createElement(j,{key:d},!i&&!c&&e.createElement(D,null,e.createElement(Rn,{array:n.roles,index:d,onReorder:m})),e.createElement(D,null,e.createElement(E,{alignItems:"center",display:"flex",gridGap:8},e.createElement(ie,{to:`roles/${u.id}`},u.name),e.createElement(Ae,{operation:t==null?void 0:t.roles[u.id].role.operation}))),e.createElement(D,null,u.userCount),e.createElement(D,null,u.groupCount),!i&&e.createElement(D,{align:"right"},e.createElement(Tn,{message:"Are you sure you want to remove this role?",title:"Remove role?",onConfirm:()=>s(u.id)},x=>e.createElement(_,{...x,"aria-label":"Remove role",size:"small"},e.createElement(De,null)))))))))}function No(t){return t.roles.map(n=>({id:n.id,name:n.name,userCount:Array.isArray(n.members)?n.members.filter(r=>r.startsWith("user:")).length:n.members,groupCount:Array.isArray(n.members)?n.members.filter(r=>r.startsWith("group:")).length:n.members}))}const Po=C(t=>({cardHeader:{padding:t.spacing(3,3),borderBottom:`1px solid ${t.palette.border}`},cardContent:{padding:t.spacing(6,3),"& > *":{background:"transparent"}},emptyStateImage:{width:"95%",zIndex:2,position:"relative",left:"50%",top:"50%",transform:"translate(-50%, 15%)"}}));function To({readonly:t}){const n=Po(),r=q(),{createNewRole:a}=Y(),l=()=>{const o=a();r(`./roles/${o}`)};return e.createElement(te,null,e.createElement($t,{title:"Roles",className:n.cardHeader}),e.createElement(ge,{className:n.cardContent},t?e.createElement(Fe,{title:"No roles configured",missing:"content"}):e.createElement(Fe,{title:"No roles yet",description:"Click the button below to create your first role.",missing:{customImage:e.createElement($n,{src:ol,alt:"No roles placeholder"})},action:e.createElement(P,{variant:"contained",color:"primary",onClick:()=>l()},"New role")})))}function So(){const[t,n]=R(null),{hasDraftPolicy:r}=Qe(),{isValid:a,discardLocalDraft:l,exportPolicy:o,hasChanges:i,policy:c,saveLocalDraftToServer:m,saveAndPublish:s,publish:p}=Y(),u=q(),[d,x]=vt(),f=g=>{n(g.currentTarget)},y=()=>{n(null)};return e.createElement(e.Fragment,null,e.createElement(gr,{variant:"contained",color:"primary"},c.status==="draft"&&e.createElement(P,{disabled:!a,onClick:()=>m()},"Save"),c.status==="inactive"&&e.createElement(P,{onClick:()=>p()},"Republish"),c.status==="active"&&e.createElement(P,{disabled:r||d.loading,onClick:()=>x(c)},"Duplicate"),e.createElement(P,{color:"primary",title:"options",size:"small",onClick:f},e.createElement(il,null))),e.createElement(At,{getContentAnchorEl:null,anchorEl:t,anchorOrigin:{vertical:"bottom",horizontal:"right"},open:!!t,onClose:y,PaperProps:{style:{width:240}}},c.status==="draft"&&e.createElement(ct,null,e.createElement(U,{disabled:!a,onClick:()=>s()},e.createElement(se,null,e.createElement(sl,{fontSize:"small"})),e.createElement(Q,null,"Save & Publish")),e.createElement(U,{disabled:!i,onClick:()=>l()},e.createElement(se,null,e.createElement(cl,{color:i?"secondary":"inherit",fontSize:"small"})),e.createElement(Q,null,e.createElement(h,{color:i?"secondary":"inherit"},"Discard changes"))),e.createElement(it,null)),e.createElement(ct,null,e.createElement(U,{onClick:()=>o()},e.createElement(se,null,e.createElement(dl,{fontSize:"small"})),e.createElement(Q,null,"Export"))),e.createElement(it,null),e.createElement(ct,null,e.createElement(U,{disabled:!a,onClick:()=>u("./options")},e.createElement(se,null,e.createElement(ml,{fontSize:"small"})),e.createElement(Q,null,"Options")))))}const Ao=C(t=>({chipContainer:{marginTop:t.spacing(1),marginLeft:t.spacing(1),display:"flex",flexWrap:"wrap"}})),Ro=({selectedRoleIds:t,setSelectedRoleIds:n})=>{const r=Ao(),{policy:a}=Y();return e.createElement(e.Fragment,null,e.createElement(Ce,{fullWidth:!0},e.createElement(de,{id:"selectLabel"},"Select roles"),e.createElement(xe,{native:!1,displayEmpty:!0,multiple:!0,value:t,onChange:l=>n(l.target.value),input:e.createElement(kt,null),"aria-labelledby":"selectLabel",renderValue:l=>e.createElement("div",{className:r.chipContainer,"aria-labelledby":"selectLabel"},a.roles.filter(o=>l.includes(o.id)).map(o=>e.createElement(ce,{key:o.name,label:o.name})))},a.roles.map(l=>e.createElement(U,{key:l.id,value:l.id},e.createElement(be,{color:"primary",checked:t.includes(l.id),name:l.name,value:l.id}),e.createElement(Q,{primary:l.name}))))))},$o=C(t=>({chipContainer:{marginTop:t.spacing(1),marginLeft:t.spacing(1),display:"flex",flexWrap:"wrap"}})),ko=e.forwardRef(({selectedPermissionNames:t,setSelectedPermissionNames:n,errorMessage:r},a)=>{const l=$o(),{permissions:o}=Ne();return e.createElement(e.Fragment,null,e.createElement(Ce,{fullWidth:!0,error:!!r},e.createElement(de,{id:"selectLabel"},"Select permissions"),e.createElement(xe,{ref:a,native:!1,displayEmpty:!0,multiple:!0,value:t,onChange:i=>n(i.target.value),input:e.createElement(kt,null),"aria-labelledby":"selectLabel",renderValue:i=>e.createElement("div",{className:l.chipContainer,"aria-labelledby":"selectLabel"},o==null?void 0:o.filter(c=>i.includes(c.name)).map(c=>e.createElement(ce,{key:c.name,label:c.name})))},o==null?void 0:o.map(i=>e.createElement(U,{key:i.name,value:i.name},e.createElement(be,{color:"primary",checked:t.includes(i.name),name:i.name,value:i.name,required:!0}),e.createElement(Q,{primary:i.name})))),e.createElement(at,null,r)))}),Io=()=>{const{policy:t}=Y(),{permissions:n}=Ne(),r=I(H),[a,l]=R([]),o=k(async(c,m)=>{if(!n)return;const s=(await r.testPolicyDecisions(n.filter(p=>m.includes(p.name)).map(p=>({policyConfig:t,roleIds:c,permission:p})))).map(p=>({...p,roles:t.roles.filter(u=>c.includes(u.id))}));l(s)},[t,n,r,l]),i=k(()=>{l([])},[l]);return[a,o,i]},J=({name:t})=>{const n=B(()=>t.includes(".")?t.split(/(\.)/g).flatMap(r=>[r,e.createElement("wbr",null)]):[t],[t]);return e.createElement(e.Fragment,null,n.map((r,a)=>e.createElement(e.Fragment,{key:a},r)))},Oo=C(t=>({container:{display:"flex",flexDirection:"row",gap:t.spacing(1)},infoIcon:{color:t.palette.textSubtle}})),Bo=({policy:t,roles:n,permission:r})=>{const a=n.flatMap(o=>It(o,r));let l;if(n.length===0)l=e.createElement(e.Fragment,null,"A user with no assigned roles will be denied access to"," ",e.createElement("strong",null,e.createElement(J,{name:r.name})),".");else if(!a.length)l=e.createElement(e.Fragment,null,"None of the roles explicitly sets a rule for the permission"," ",e.createElement("strong",null,e.createElement(J,{name:r.name})),", which means that a user who has all of these roles will be denied access to"," ",e.createElement("strong",null,e.createElement(J,{name:r.name})),".");else if(t.options.resolutionStrategy==="any-allow")l=e.createElement(e.Fragment,null,"None of the roles explicitly sets an allow or conditional rule for the permission"," ",e.createElement("strong",null,e.createElement(J,{name:r.name})),". Since the resolution strategy for this policy is"," ",e.createElement("strong",null,"any-allow"),", a user who has all of these roles will be denied access to"," ",e.createElement("strong",null,e.createElement(J,{name:r.name})),".");else throw t.options.resolutionStrategy==="first-match"?new Error("Trying to render ImplicitDecisionInfo for a first-match policy that has matching role permission. This should not happen, since the decision should be explicit by the matching role permission."):new Error(`Unknown resolution strategy ${t.options.resolutionStrategy}. Cannot render ImplicitDecisionInfo.`);return e.createElement(e.Fragment,null,e.createElement("strong",null,"Implicit decision")," \u2013 ",l)},Lo=({policy:t,permission:n,roles:r,decision:a,decisionOrigin:l})=>{const o=r.find(c=>c.id===l[0].roleId);let i;if(t.options.resolutionStrategy==="first-match"){if(!o)throw new Error("Expected decision origin role for first-match explicit decision but found none.");i=e.createElement(e.Fragment,null,"The role ",e.createElement("strong",null,o.name)," explicitly sets a rule for the permission"," ",e.createElement("strong",null,e.createElement(J,{name:n.name})),". Since the resolution strategy for this policy is"," ",e.createElement("strong",null,"first-match"),", no other roles are applied.")}else if(t.options.resolutionStrategy==="any-allow"){if(a.result===F.ALLOW){if(!o)throw new Error("Expected decision origin role for any-allow explicit allow decision but found none.");i=e.createElement(e.Fragment,null,"The role ",e.createElement("strong",null,o.name)," is the first role that explicitly sets an allow decision for the permission"," ",e.createElement("strong",null,e.createElement(J,{name:n.name})),". Since the resolution strategy for this policy is"," ",e.createElement("strong",null,"any-allow"),", this decides the outcome.")}else if(a.result===F.CONDITIONAL)if(l.length===1){if(!o)throw new Error("Expected decision origin role for any-allow explicit allow decision but found none.");i=e.createElement(e.Fragment,null,"The role ",e.createElement("strong",null,o.name)," is the first role that explicitly sets a decision for the permission"," ",e.createElement("strong",null,e.createElement(J,{name:n.name})),". Since the resolution strategy for this policy is"," ",e.createElement("strong",null,"any-allow"),", this decides the outcome.")}else i=e.createElement(e.Fragment,null,"Multiple roles explicitly set a rule for the permission"," ",e.createElement("strong",null,e.createElement(J,{name:n.name})),". Since the resolution strategy for this policy is"," ",e.createElement("strong",null,"any-allow"),", these decide the outcome.")}else throw new Error(`Unknown resolution strategy ${t.options.resolutionStrategy}. Cannot render ExplicitDecisionInfo.`);return e.createElement(e.Fragment,null,e.createElement("strong",null,"Explicit decision")," \u2013 ",i)},Mo=({roles:t,permission:n,decision:r,decisionOrigin:a})=>{const{policy:l}=Y(),o=Oo();return e.createElement("div",{className:o.container},e.createElement(pl,{fontSize:"small",titleAccess:"",className:o.infoIcon}),e.createElement(h,{variant:"body1",component:"p"},a.length===0?e.createElement(Bo,{policy:l,roles:t,permission:n}):e.createElement(Lo,{policy:l,permission:n,roles:t,decision:r,decisionOrigin:a})))},Fo=C(t=>({userCell:{borderRight:`1px solid ${t.palette.border}`,color:t.palette.text.secondary,background:t.palette.background.paper}})),zo=({rowCount:t})=>{const n=Fo();return e.createElement(D,{size:"small",padding:"none",align:"center",rowSpan:t,classes:{root:n.userCell}},e.createElement(ir,null))},Wo=C(()=>({decisionRowCell:{fontWeight:"bold"}})),et=({children:t,ledToDecision:n,color:r})=>{const a=Wo();return e.createElement(h,{variant:"body1",component:"span",classes:{root:n?a.decisionRowCell:void 0},color:r},t)},Ho=({role:t,ledToDecision:n})=>e.createElement(ie,{to:`roles/${t.id}`},e.createElement(et,{ledToDecision:n,color:"primary"},t.name)),jo=({permissionName:t,ledToDecision:n})=>e.createElement(et,{ledToDecision:n,color:n===!1?"textSecondary":void 0},e.createElement(J,{name:t})),kn=({authorizeResult:t,size:n})=>{switch(t){case F.ALLOW:return e.createElement(fl,{fontSize:n});case F.DENY:return e.createElement(yl,{fontSize:n});case F.CONDITIONAL:return e.createElement(El,{fontSize:n});default:return null}},Uo=C(t=>({decisionCell:{display:"flex",justifyItems:"center"},decisionIconContainer:{display:"flex",alignItems:"center",marginRight:t.spacing(1)},decisionIconAllow:{color:t.palette.success.main},decisionIconDeny:{color:t.palette.error.main},decisionIconConditional:{color:t.palette.info.main}})),Vo=t=>{switch(t){case F.ALLOW:return"Allow";case F.DENY:return"Deny";case F.CONDITIONAL:return"Conditional";default:return"Permission not found in role"}},Go=(t,n)=>{let r;switch(t){case F.ALLOW:r=n.decisionIconAllow;break;case F.DENY:r=n.decisionIconDeny;break;case F.CONDITIONAL:r=n.decisionIconConditional;break;default:return}return`${n.decisionIconContainer} ${r}`},_o=({ledToDecision:t,authorizeResult:n})=>{const r=Uo();return e.createElement("div",{className:r.decisionCell},n!==null&&e.createElement("span",{className:Go(n,r)},e.createElement(kn,{authorizeResult:n,size:"small"})),e.createElement(et,{ledToDecision:t,color:t===!1?"textSecondary":void 0},Vo(n)))},Yo=({ledToDecision:t})=>e.createElement(et,{ledToDecision:t,color:t===!1?"textSecondary":void 0},t?"Yes":"No"),Jo=C(t=>({tableHeader:{borderBottom:`1px solid ${t.palette.border}`}})),ke=({children:t})=>{const n=Jo();return e.createElement(D,{size:"small",classes:{root:n.tableHeader}},t)},qo=C(t=>({tableContainer:{border:`1px solid ${t.palette.border}`,borderRadius:t.shape.borderRadius},tableRow:{"&, &:nth-child(odd)":{background:t.palette.background.paper}},decisionTableRow:{"&, &:nth-child(odd)":{background:t.palette.type==="light"?t.palette.infoBackground:t.palette.grey[900]}}})),Ko=t=>{if(Ye(t))return F.CONDITIONAL;if(typeof t=="string")switch(t){case"allow":return F.ALLOW;case"deny":return F.DENY;default:throw new Error(`Unknown decision: ${t}`)}throw new Error("Unknown decision type found.")},Qo=(t,n)=>n.some(r=>r.rolePermissionId===t.id),Xo=t=>B(()=>{const{roles:n,permission:r,decisionOrigin:a}=t,l=[];for(const o of n){const i=It(o,r);if(i.length>0)for(const c of i)l.push({role:o,permission:r,authorizeResult:Ko(c.decision),ledToDecision:Qo(c,a)});else l.push({role:o,permission:r,authorizeResult:null,ledToDecision:!1})}return l},[t]),Zo=({resultRow:t})=>{const n=qo(),r=Xo(t);return e.createElement(E,{marginTop:3,marginBottom:3},e.createElement(hr,{classes:{root:n.tableContainer}},e.createElement(je,null,e.createElement(Ue,null,e.createElement(j,{classes:{root:n.tableRow}},e.createElement(ke,null),e.createElement(ke,null,"Role"),e.createElement(ke,null,"Permission"),e.createElement(ke,null,"Decision"),e.createElement(ke,null,"Is deciding role"))),e.createElement(Ve,null,r.map((a,l)=>{const o=l===0;return e.createElement(j,{key:l,classes:{root:a.ledToDecision?n.decisionTableRow:n.tableRow}},o?e.createElement(zo,{rowCount:r.length}):null,e.createElement(D,{size:"small"},e.createElement(Ho,{role:a.role,ledToDecision:a.ledToDecision})),e.createElement(D,{size:"small"},e.createElement(jo,{permissionName:a.permission.name,ledToDecision:a.ledToDecision})),e.createElement(D,{size:"small"},e.createElement(_o,{authorizeResult:a.authorizeResult,ledToDecision:a.ledToDecision})),e.createElement(D,{size:"small"},e.createElement(Yo,{ledToDecision:a.ledToDecision})))})))))},ei=C(t=>({heading:{fontWeight:"bold"},subtitle:{color:t.palette.text.secondary},criteriaSummarySpacing:{marginBottom:t.spacing(3)}})),ti=({resultRow:t})=>{const n=ei();return e.createElement(e.Fragment,null,t.roles.length>0?e.createElement(e.Fragment,null,e.createElement(h,{variant:"body1",component:"h6",className:n.heading},"Decision breakdown"),e.createElement(h,{variant:"subtitle1",component:"p",className:n.subtitle},"See what role results in this decision."),e.createElement(Zo,{resultRow:t})):null,t.decision.result===F.CONDITIONAL?e.createElement("div",{className:n.criteriaSummarySpacing},e.createElement(gn,{permissionCriteria:$e(t.decision.conditions)})):null,e.createElement(Mo,{roles:t.roles,permission:t.permission,decision:t.decision,decisionOrigin:t.decisionOrigin}))};function ni({decision:t}){let n;switch(t.result){case"ALLOW":n={severity:"success",text:"Allow"};break;case"DENY":n={severity:"error",text:"Deny"};break;default:n={severity:"info",text:"Conditional"};break}return e.createElement(an,{text:n.text,severity:n.severity,icon:e.createElement(kn,{authorizeResult:t.result}),title:`${n.text} decision chip`,size:"large"})}const ri=C(t=>({permissionName:{display:"flex",alignItems:"center",height:"100%",fontWeight:"bold"},detailsContainer:{padding:`${t.spacing(2)}px  ${t.spacing(1)}px 0`,borderTop:`1px solid ${t.palette.divider}`}})),li=({resultRow:t})=>{const n=ri();return e.createElement(vr,null,e.createElement(br,{expandIcon:e.createElement(gl,null),"aria-controls":"result{$resultIndex}-content",id:t.permission.name},e.createElement(O,{container:!0},e.createElement(O,{item:!0,xs:12,md:4},e.createElement(h,{variant:"body1",className:n.permissionName,component:"h5"},e.createElement(J,{name:t.permission.name}))),e.createElement(O,{item:!0,xs:12,md:8},e.createElement(h,{variant:"body2"},t.roles.length>0?"For a user who has all the selected roles, the result will be:":"For a user with no assigned roles, the result will be:"),e.createElement(ni,{decision:t.decision})))),e.createElement(Cr,null,e.createElement("div",{className:n.detailsContainer},e.createElement(ti,{resultRow:t}))))},ai=C(t=>({header:{borderTop:`1px solid ${t.palette.divider}`,padding:`${t.spacing(3)}px ${t.spacing(1)}px`,borderBottom:`1px solid ${t.palette.divider}`},resultHeading:{marginBottom:t.spacing(1)},accordionHeader:{padding:`${t.spacing(1)}px ${t.spacing(6)}px ${t.spacing(1)}px ${t.spacing(0)}px`,margin:"0"}})),oi=({results:t,resolutionStrategy:n})=>{const r=ai();return t.length?e.createElement(e.Fragment,null,e.createElement("div",{className:r.header},e.createElement(h,{variant:"h5",component:"h4",color:"textPrimary",className:r.resultHeading},"Test results"),e.createElement(zt,{severity:"info"},"All the tests are evaluated using"," ",e.createElement("strong",null,n),", which is the policy resolution strategy")),e.createElement(O,{container:!0,className:r.accordionHeader},e.createElement(O,{item:!0,xs:12,md:4},e.createElement(h,{variant:"body1",color:"textSecondary"},"Permission")),e.createElement(O,{item:!0,xs:12,md:8},e.createElement(h,{variant:"body1",color:"textSecondary"},"Result"))),t.map(a=>e.createElement(li,{resultRow:a,key:a.permission.name}))):null},ii=jt.array(jt.string()),In=(t,n,r)=>{const[a,l]=Mt(`@spotify/backstage-plugin-rbac:policyTesterForm:${t}`,[],{raw:!1,serializer:i=>JSON.stringify(i),deserializer:i=>{let c;try{c=JSON.parse(i)}catch(s){return console.error("Failed to parse json",s),[]}const m=ii.safeParse(c);return m.success?m.data:(console.error(`Stored value for ${t} has the wrong shape`,m.error),[])}}),o=B(()=>a!=null?a:[],[a]);return G(()=>{const i=new Set(n),c=o.some(m=>!i.has(m));!r&&c&&l(o.filter(m=>i.has(m)))},[n,o,l,r]),[o,l]},ci=C(t=>({fieldset:{border:"none",margin:`${t.spacing(3)}px 0 ${t.spacing(3)}px`,paddingLeft:"0"}})),On=({children:t,title:n})=>{const r=ci();return e.createElement("fieldset",{className:r.fieldset},e.createElement(h,{variant:"h6",component:"legend"},n),t)},si=C(t=>({bodyText:{margin:`${t.spacing(1)}px 0`},clearButton:{marginLeft:t.spacing(1)}}));function mi(){const{policy:t}=Y(),{permissions:n,isLoading:r}=Ne(),a=B(()=>t.roles.map(T=>T.id),[t.roles]),l=B(()=>(n==null?void 0:n.map(T=>T.name))||[],[n]),o=ee(null),[i,c]=In("roleIds",a),[m,s]=In("permissionNames",l,r),[p,u]=R(""),[d,x,f]=Io();G(()=>{f()},[t.roles,t.options,f]);const y=()=>{var T,z;m.length===0?((z=(T=o.current)==null?void 0:T.firstChild)==null||z.focus(),u("Please select at least one permission.")):x(i,m)},g=()=>{c([]),s([]),f(),u("")},w=si(),S=T=>{s(T),T.length>0&&u("")};return e.createElement(ot,null,e.createElement(E,{justifyContent:"space-between",padding:2},e.createElement(h,{variant:"h3"},"Policy Tester"),e.createElement(h,{variant:"body1",component:"p",className:w.bodyText},"Use the policy tester to check if your changes will provide the access you intended for a user that has the roles you select below."),e.createElement(On,{title:"Which permissions do you want to test?"},e.createElement(ko,{selectedPermissionNames:m,setSelectedPermissionNames:S,ref:o,errorMessage:p})),e.createElement(On,{title:"Which roles should the simulated user have?"},e.createElement(Ro,{selectedRoleIds:i,setSelectedRoleIds:c})),e.createElement(E,{marginTop:3,component:"section"},e.createElement(P,{onClick:y,variant:"contained",color:"primary"},"Run tests"),e.createElement(P,{className:w.clearButton,color:"primary",variant:"outlined",startIcon:e.createElement(ul,null),onClick:g},"Clear")),d&&d.length?e.createElement(E,{sx:{flexGrow:1},marginTop:4},e.createElement(oi,{results:d,resolutionStrategy:t.options.resolutionStrategy})):null))}function di(){const{versionId:t}=tt();return Ge(t),e.createElement(Xe,{policyId:t},e.createElement(ui,null))}function ui(){const{policy:t,updateLocalDraft:n}=Y(),r=o=>{n({...t,name:o})},a=Pn(Ir.safeParse(t)).name,l=t.status!=="draft";return e.createElement(Ke,{pages:[{title:t.name}],header:e.createElement(We,{title:t.name,titleComponent:e.createElement(e.Fragment,null,e.createElement(tn,null,l?t.name:e.createElement(Nn,{invalid:a,name:"Policy name",value:t.name,onTextChange:r}),e.createElement(qt,{status:t.status})),pi(t))},e.createElement(So,null))},e.createElement(O,{container:!0,spacing:4},e.createElement(O,{item:!0,xs:12},t.roles.length>0?e.createElement(Do,null):e.createElement(To,{readonly:l})),e.createElement(O,{item:!0,xs:12},e.createElement(mi,null))))}function pi(t){const n={created:"Created by ",published:"Last published by ",updated:"Last updated by "},{activityDateText:r,activityUser:a,timestamp:l}=Xt(t,n);return e.createElement(h,{variant:"body2"},e.createElement(h,{component:"span",display:"inline",variant:"body2"},`${r} ${a} `),e.createElement(Qt,{timestamp:l}))}const Ei=C(t=>({card:n=>({marginTop:t.spacing(3),height:"100%","&:hover":n.readonly?{pointerEvents:"none"}:{}}),cardHeader:{paddingBottom:t.spacing(2),alignItems:"flex-start"},defaultChip:{marginLeft:t.spacing(1),marginBottom:0},title:{display:"flex",alignItems:"center",paddingTop:t.spacing(.5),paddingBottom:t.spacing(1)}}));function Bn(t){const n=Ei(t),{title:r,description:a,active:l,changeResolutionStrategy:o,defaultOption:i,readonly:c}=t,m=()=>{c||o()};return e.createElement(te,{className:`${n.card}`,onClick:m},e.createElement(xr,{disabled:c},e.createElement(ge,null,e.createElement($t,{className:n.cardHeader,avatar:e.createElement(wr,{checked:l,color:"primary",disabled:c}),title:e.createElement("div",{className:n.title},e.createElement(h,{variant:"h6",component:"h2"},r),i?e.createElement(ce,{label:"Default",size:"small",className:n.defaultChip}):null),subheader:a}))))}const fi=C(t=>({title:{display:"flex",alignItems:"center",paddingBottom:t.spacing(2)},maxWidthWrapper:{maxWidth:"800px"},readOnlyChip:{marginLeft:t.spacing(1)},paragraph:{paddingBottom:t.spacing(1)}}));function yi(){const{versionId:t}=tt();return Ge(t),e.createElement(Xe,{policyId:t},e.createElement(gi,null))}function gi(){const t=fi(),{policy:n,updateLocalDraft:r}=Y(),a=q(),l=n.status!=="draft",o=i=>{r({...n,options:{...n.options,resolutionStrategy:i}})};return e.createElement(Ke,{pages:[{title:n.name,path:".."},{title:"Options"}],header:e.createElement(We,{title:"Options"},e.createElement(P,{variant:"outlined",color:"primary",onClick:()=>a("..",{relative:"path"})},"Back to policy"))},e.createElement(O,{item:!0,xs:12,className:t.maxWidthWrapper},e.createElement("div",null,e.createElement("div",{className:t.title},e.createElement(h,{variant:"h5",component:"h1"},"Decision resolution strategy"),l?e.createElement(ce,{label:"Read only",className:t.readOnlyChip}):null),e.createElement(h,{variant:"body2",component:"p",className:t.paragraph},"Multiple decisions from multiple roles could be applicable to a single user when authorizing a permission request. Please select the decision resolution strategy that makes sense for your policy."),e.createElement(h,{variant:"body2",component:"p",className:t.paragraph},"Please note this strategy will be applied to the whole policy and greatly affects the outcome of permission decisions."),e.createElement(Bn,{title:"Any-allow",changeResolutionStrategy:()=>o("any-allow"),readonly:l,defaultOption:!0,description:e.createElement(e.Fragment,null,e.createElement(h,{variant:"body2",color:"textSecondary",component:"p",className:t.paragraph},"The first allow decision from all of the roles and decisions is the final result. A single explicit allow or an allow as a result of a conditional decision would result in a final allow decision, otherwise the decision is deny."),e.createElement(h,{variant:"body2",color:"textSecondary",component:"p",className:t.paragraph},"With this option, the order of roles and decisions does not matter.")),active:n.options.resolutionStrategy==="any-allow"}),e.createElement(Bn,{title:"First match",changeResolutionStrategy:()=>o("first-match"),readonly:l,description:e.createElement(e.Fragment,null,e.createElement(h,{variant:"body2",color:"textSecondary",component:"p",className:t.paragraph},"The first matching decision from the first matching role that is applicable to the user is the final result, regardless if that decision is an allow, deny or conditional."),e.createElement(h,{variant:"body2",color:"textSecondary",component:"p",className:t.paragraph},"With this option, the order in which you define roles and decisions matters.")),active:n.options.resolutionStrategy==="first-match"}))))}function hi(){const t=nt(),{NotFoundErrorPage:n}=t.getComponents();return e.createElement(hl,{loading:e.createElement(ze,null),unauthorized:e.createElement(n,null)},e.createElement(Nl,null,e.createElement(vl,null,e.createElement(pa,null,e.createElement(Jn,null,e.createElement(Me,{element:e.createElement(la,null),path:"/"}),e.createElement(Me,{element:e.createElement(di,null),path:"/versions/:versionId"}),e.createElement(Me,{element:e.createElement(yi,null),path:"/versions/:versionId/options"}),e.createElement(Me,{element:e.createElement(bo,null),path:"/versions/:versionId/roles/:roleId"}))))))}export{hi as RBACRoot};
-//# sourceMappingURL=Root-315d5957.esm.js.map

package/dist/esm/index-9f94edaa.esm.js DELETED Viewed

	@@ -1,2 +0,0 @@
1	- import{createApiRef as B,createRouteRef as C,createPlugin as $,createApiFactory as S,fetchApiRef as U,discoveryApiRef as T,createRoutableExtension as O,createComponentExtension as k}from"@backstage/core-plugin-api";import{PolicyResponseParser as D,PolicyParser as w,SearchMemberResponseParser as E,AuthorizeResponseParser as I,DraftResponseParser as A,TestPolicyDecisionResponseParser as j}from"@spotify/backstage-plugin-rbac-common";import{ResponseError as M}from"@backstage/errors";var z=Object.defineProperty,J=(s,t,i)=>t in s?z(s,t,{enumerable:!0,configurable:!0,writable:!0,value:i}):s[t]=i,b=(s,t,i)=>(J(s,typeof t!="symbol"?t+"":t,i),i),N=(s,t,i)=>{if(!t.has(s))throw TypeError("Cannot "+i)},y=(s,t,i)=>{if(t.has(s))throw TypeError("Cannot add the same private member more than once");t instanceof WeakSet?t.add(s):t.set(s,i)},r=(s,t,i)=>(N(s,t,"access private method"),i),f,v,d,g,o,c;const R=B({id:"plugin.rbac"});class W{constructor(t){y(this,f),y(this,d),y(this,o),b(this,"fetchApi"),b(this,"discoveryApi"),this.fetchApi=t.fetchApi,this.discoveryApi=t.discoveryApi}async getPolicies(){const{fetch:t}=this.fetchApi,i=await t(`${await this.discoveryApi.getBaseUrl("rbac")}/policies`),e=await r(this,o,c).call(this,i);return D.parse(e)}async getPolicy(t){const{fetch:i}=this.fetchApi,e=await i(`${await this.discoveryApi.getBaseUrl("rbac")}/policies/${t}`),a=await r(this,o,c).call(this,e);return w.parse(a)}async getActivePolicy(){const{fetch:t}=this.fetchApi,i=await t(`${await this.discoveryApi.getBaseUrl("rbac")}/policies/active`),e=await r(this,o,c).call(this,i);return w.parse(e)}async searchMembers(t){const{fetch:i}=this.fetchApi,e=await i(`${await this.discoveryApi.getBaseUrl("rbac")}/members?query=${encodeURIComponent(t.query)}`),a=await r(this,o,c).call(this,e);return E.parse(a)}async authorize(){const{fetch:t}=this.fetchApi,i=await t(`${await this.discoveryApi.getBaseUrl("rbac")}/authorize`),e=await r(this,o,c).call(this,i);return I.parse(e)}async createDraft(t){const{fetch:i}=this.fetchApi,e=await i(`${await this.discoveryApi.getBaseUrl("rbac")}/policies`,{method:"POST",body:JSON.stringify(t),headers:{"Content-Type":"application/json"}}),a=await r(this,o,c).call(this,e);return A.parse(a)}async updateDraft(t,i){const{fetch:e}=this.fetchApi,a=await e(`${await this.discoveryApi.getBaseUrl("rbac")}/policies/${t}`,{method:"PATCH",body:JSON.stringify(i),headers:{"Content-Type":"application/json"}}),n=await r(this,o,c).call(this,a);return A.parse(n)}async deleteDraft(t){const{fetch:i}=this.fetchApi,e=await i(`${await this.discoveryApi.getBaseUrl("rbac")}/policies/${t}`,{method:"DELETE"});return await r(this,o,c).call(this,e)}async publishPolicy(t,i){const{fetch:e}=this.fetchApi,a=await e(`${await this.discoveryApi.getBaseUrl("rbac")}/policies/${t}/publish`,{method:"PUT",headers:{"Content-Type":"application/json"},body:JSON.stringify(i)});return await r(this,o,c).call(this,a)}async testPolicyDecisions(t){return await Promise.all(t.map(async i=>{const{policyConfig:e,roleIds:a,permission:n}=i,{decision:p,decisionOrigin:h}=await r(this,f,v).call(this,e,a,n);return{decision:p,permission:n,decisionOrigin:h}}))}async fetchAllPermissionMetadata(t){const i=await Promise.all(t.map(e=>r(this,d,g).call(this,e)));return{permissions:i.flatMap(({permissions:e})=>e),rules:i.flatMap(({rules:e})=>e)}}}f=new WeakSet,v=async function(s,t,i){const{fetch:e}=this.fetchApi,a=await e(`${await this.discoveryApi.getBaseUrl("rbac")}/policies/test-policy-decision`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({policyConfig:s,roleIds:t,permission:i})}),n=await r(this,o,c).call(this,a);return j.parse(n)},d=new WeakSet,g=async function(s){var t,i,e,a;const n=await this.discoveryApi.getBaseUrl(s);let p;try{const l=await this.fetchApi.fetch(`${n}/.well-known/backstage/permissions/metadata`);p=await r(this,o,c).call(this,l)}catch{return{permissions:[],rules:[]}}const h=(i=(t=p.permissions)==null?void 0:t.filter(Boolean))!=null?i:[],P=(a=(e=p.rules)==null?void 0:e.filter(Boolean))!=null?a:[];return{permissions:h,rules:P.map(l=>({...l,pluginId:s}))}},o=new WeakSet,c=async function(s){var t,i;if(s.ok)return s.status===204?void 0:s.json();const e=await M.fromResponse(s);throw e.message=(i=(t=e.body.error.message)!=null?t:e.message)!=null?i:"Unknown error",e};const m=C({id:"rbac"}),u=$({id:"rbac",routes:{root:m},apis:[S({api:R,deps:{fetchApi:U,discoveryApi:T},factory(s){return new W(s)}})]}),x=u.provide(O({name:"RBACRoot",component:()=>import("./Root-315d5957.esm.js").then(s=>s.RBACRoot),mountPoint:m})),q=u.provide(k({name:"RBACSidebarItem",component:{lazy:()=>import("./RBACSidebarItem-6579d7e3.esm.js").then(s=>s.RBACSidebarItem)}}));export{x as R,m as a,u as b,q as c,R as r};
2	- //# sourceMappingURL=index-9f94edaa.esm.js.map