@backstage/plugin-permission-common - npm Package Compare versions

Comparing version 0.0.0-nightly-20220325022909 to 0.0.0-nightly-20220326022848

CHANGELOG.md

 # @backstage/plugin-permission-common
 
-## 0.0.0-nightly-20220325022909
+## 0.0.0-nightly-20220326022848
 
+### Minor Changes
+
+- c98d271466: Refactor api types into more specific, decoupled names.
+
+  - **BREAKING:**
+    - Renamed `AuthorizeDecision` to `EvaluatePermissionResponse`
+    - Renamed `AuthorizeQuery` to `EvaluatePermissionRequest`
+    - Renamed `AuthorizeRequest` to `EvaluatePermissionRequestBatch`
+    - Renamed `AuthorizeResponse` to `EvaluatePermissionResponseBatch`
+    - Renamed `Identified` to `IdentifiedPermissionMessage`
+  - Add `PermissionMessageBatch` helper type
+  - Add `ConditionalPolicyDecision`, `DefinitivePolicyDecision`, and `PolicyDecision` types from `@backstage/plugin-permission-node`
+
 ### Patch Changes
@@ -6,0 +19,0 @@

dist/index.d.ts

@@ -71,3 +71,3 @@ import { Config } from '@backstage/config';
 interface PermissionAuthorizer {
-    authorize(queries: AuthorizeQuery[], options?: AuthorizeRequestOptions): Promise<AuthorizeDecision[]>;
+    authorize(requests: EvaluatePermissionRequest[], options?: AuthorizeRequestOptions): Promise<EvaluatePermissionResponse[]>;
 }
@@ -87,6 +87,13 @@ /**
  */
-declare type Identified<T> = T & {
+declare type IdentifiedPermissionMessage<T> = T & {
     id: string;
 };
 /**
+ * A batch of request or response items.
+ * @public
+ */
+declare type PermissionMessageBatch<T> = {
+    items: IdentifiedPermissionMessage<T>[];
+};
+/**
  * The result of an authorization request.
@@ -110,17 +117,37 @@ * @public
 /**
- * An individual authorization request for {@link PermissionClient#authorize}.
+ * A definitive decision returned by the {@link @backstage/plugin-permission-node#PermissionPolicy}.
+ *
+ * @remarks
+ *
+ * This indicates that the policy unconditionally allows (or denies) the request.
+ *
  * @public
  */
-declare type AuthorizeQuery = {
-    permission: Permission;
-    resourceRef?: string;
+declare type DefinitivePolicyDecision = {
+    result: AuthorizeResult.ALLOW | AuthorizeResult.DENY;
 };
 /**
- * A batch of authorization requests from {@link PermissionClient#authorize}.
+ * A conditional decision returned by the {@link @backstage/plugin-permission-node#PermissionPolicy}.
+ *
+ * @remarks
+ *
+ * This indicates that the policy allows authorization for the request, given that the returned
+ * conditions hold when evaluated. The conditions will be evaluated by the corresponding plugin
+ * which knows about the referenced permission rules.
+ *
  * @public
  */
-declare type AuthorizeRequest = {
-    items: Identified<AuthorizeQuery>[];
+declare type ConditionalPolicyDecision = {
+    result: AuthorizeResult.CONDITIONAL;
+    pluginId: string;
+    resourceType: string;
+    conditions: PermissionCriteria<PermissionCondition>;
 };
 /**
+ * A decision returned by the {@link @backstage/plugin-permission-node#PermissionPolicy}.
+ *
+ * @public
+ */
+declare type PolicyDecision = DefinitivePolicyDecision | ConditionalPolicyDecision;
+/**
  * A condition returned with a CONDITIONAL authorization response.
@@ -169,18 +196,31 @@ *
 /**
- * An individual authorization response from {@link PermissionClient#authorize}.
+ * An individual request sent to the permission backend.
  * @public
  */
-declare type AuthorizeDecision = {
-    result: AuthorizeResult.ALLOW | AuthorizeResult.DENY;
-} | {
-    result: AuthorizeResult.CONDITIONAL;
-    conditions: PermissionCriteria<PermissionCondition>;
+declare type EvaluatePermissionRequest = {
+    permission: Permission;
+    resourceRef?: string;
 };
 /**
- * A batch of authorization responses from {@link PermissionClient#authorize}.
+ * A batch of requests sent to the permission backend.
  * @public
  */
-declare type AuthorizeResponse = {
-    items: Identified<AuthorizeDecision>[];
-};
+declare type EvaluatePermissionRequestBatch = PermissionMessageBatch<EvaluatePermissionRequest>;
+/**
+ * An individual response from the permission backend.
+ *
+ * @remarks
+ *
+ * This response type is an alias of {@link PolicyDecision} to maintain separation between the
+ * {@link @backstage/plugin-permission-node#PermissionPolicy} interface and the permission backend
+ * api. They may diverge at some point in the future. The response
+ *
+ * @public
+ */
+declare type EvaluatePermissionResponse = PolicyDecision;
+/**
+ * A batch of responses from the permission backend.
+ * @public
+ */
+declare type EvaluatePermissionResponseBatch = PermissionMessageBatch<EvaluatePermissionResponse>;
 
@@ -272,3 +312,3 @@ /**
      */
-    authorize(queries: AuthorizeQuery[], options?: AuthorizeRequestOptions): Promise<AuthorizeDecision[]>;
+    authorize(queries: EvaluatePermissionRequest[], options?: AuthorizeRequestOptions): Promise<EvaluatePermissionResponse[]>;
     private getAuthorizationHeader;
@@ -278,2 +318,2 @@ private assertValidResponse;
 
-export { AllOfCriteria, AnyOfCriteria, AuthorizeDecision, AuthorizeQuery, AuthorizeRequest, AuthorizeRequestOptions, AuthorizeResponse, AuthorizeResult, BasicPermission, DiscoveryApi, Identified, NotCriteria, Permission, PermissionAttributes, PermissionAuthorizer, PermissionBase, PermissionClient, PermissionCondition, PermissionCriteria, ResourcePermission, createPermission, isCreatePermission, isDeletePermission, isReadPermission, isResourcePermission, isUpdatePermission };
+export { AllOfCriteria, AnyOfCriteria, AuthorizeRequestOptions, AuthorizeResult, BasicPermission, ConditionalPolicyDecision, DefinitivePolicyDecision, DiscoveryApi, EvaluatePermissionRequest, EvaluatePermissionRequestBatch, EvaluatePermissionResponse, EvaluatePermissionResponseBatch, IdentifiedPermissionMessage, NotCriteria, Permission, PermissionAttributes, PermissionAuthorizer, PermissionBase, PermissionClient, PermissionCondition, PermissionCriteria, PermissionMessageBatch, PolicyDecision, ResourcePermission, createPermission, isCreatePermission, isDeletePermission, isReadPermission, isResourcePermission, isUpdatePermission };

package.json

 {
   "name": "@backstage/plugin-permission-common",
   "description": "Isomorphic types and client for Backstage permissions and authorization",
-  "version": "0.0.0-nightly-20220325022909",
+  "version": "0.0.0-nightly-20220326022848",
   "main": "dist/index.cjs.js",
@@ -51,3 +51,3 @@ "types": "dist/index.d.ts",
   "devDependencies": {
-    "@backstage/cli": "^0.0.0-nightly-20220325022909",
+    "@backstage/cli": "^0.0.0-nightly-20220326022848",
     "@types/jest": "^26.0.7",
@@ -54,0 +54,0 @@ "msw": "^0.35.0"

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

63178

increased by9.12%

Lines of code

585

increased by7.54%

No dependency changes