@backstage/plugin-permission-common

What is @backstage/plugin-permission-common?

@backstage/plugin-permission-common is a package that provides common types and utilities for implementing permission-based access control in Backstage plugins. It helps in defining and managing permissions, rules, and policies to control access to various resources within a Backstage application.

What are @backstage/plugin-permission-common's main functionalities?

Defining Permissions

This feature allows you to define custom permissions for your Backstage plugins. The `createPermission` function is used to create a new permission with a specified name and attributes.

const { createPermission } = require('@backstage/plugin-permission-common');

const myPermission = createPermission({
  name: 'my-plugin.my-permission',
  attributes: { action: 'read' },
});

Creating Permission Rules

This feature allows you to create rules that determine whether a user has a specific permission. The `createPermissionRule` function is used to define a rule with a name, description, and an apply function that contains the logic for the rule.

const { createPermissionRule } = require('@backstage/plugin-permission-common');

const isUserAdmin = createPermissionRule({
  name: 'is-user-admin',
  description: 'Checks if the user is an admin',
  apply: (resource, user) => user.isAdmin,
});

Evaluating Permissions

This feature allows you to evaluate whether a user has a specific permission for a given resource. The `evaluatePermission` function takes a permission, user, and resource as arguments and returns the evaluation result.

const { evaluatePermission } = require('@backstage/plugin-permission-common');

const result = evaluatePermission(myPermission, user, resource);
console.log(result);

Other packages similar to @backstage/plugin-permission-common

casbin

Casbin is a powerful and efficient open-source access control library that supports various access control models like ACL, RBAC, and ABAC. It provides a flexible way to define permissions and policies, similar to @backstage/plugin-permission-common, but is more general-purpose and can be used outside of Backstage.

accesscontrol

AccessControl is a Node.js module that provides Role-Based Access Control (RBAC) for your application. It allows you to define roles and permissions in a flexible way. While it focuses on RBAC, it offers similar functionality to @backstage/plugin-permission-common in terms of defining and managing permissions.

README

@backstage/plugin-permission-common

NOTE: THIS PACKAGE IS EXPERIMENTAL, HERE BE DRAGONS

Isomorphic types and client for Backstage permissions and authorization. For more information, see the authorization PRFC.