@backstage/plugin-permission-node

What is @backstage/plugin-permission-node?

@backstage/plugin-permission-node is a plugin for the Backstage platform that provides a framework for managing permissions and access control within a Backstage application. It allows developers to define and enforce permissions for various resources and actions, ensuring that only authorized users can perform certain operations.

What are @backstage/plugin-permission-node's main functionalities?

Defining Permissions

This feature allows you to define permissions for specific actions or resources. In this example, a 'read' permission is created for a resource type 'example-resource'.

const { createPermission } = require('@backstage/plugin-permission-node');

const readPermission = createPermission({
  name: 'read',
  attributes: { resourceType: 'example-resource' },
});

Enforcing Permissions

This feature allows you to enforce permissions by checking if a user is authorized to perform a specific action. The 'authorize' function is used to determine if the user has the required permission.

const { authorize } = require('@backstage/plugin-permission-node');

async function checkPermission(user, action) {
  const result = await authorize(user, action);
  if (result.allowed) {
    console.log('Permission granted');
  } else {
    console.log('Permission denied');
  }
}

Permission Policies

This feature allows you to create policies that group multiple permissions together. In this example, an 'admin' policy is created that grants both 'read' and 'write' permissions for the 'example-resource' resource type.

const { createPolicy } = require('@backstage/plugin-permission-node');

const adminPolicy = createPolicy({
  name: 'admin',
  description: 'Admin policy with full access',
  rules: [
    { action: 'read', resourceType: 'example-resource' },
    { action: 'write', resourceType: 'example-resource' },
  ],
});

Other packages similar to @backstage/plugin-permission-node

casbin

Casbin is an authorization library that supports access control models like ACL, RBAC, and ABAC. It provides a flexible and powerful way to manage permissions and access control, similar to @backstage/plugin-permission-node, but with broader support for different access control models.

acl

ACL (Access Control List) is a package for managing user roles and permissions in Node.js applications. It provides a simpler approach to access control compared to @backstage/plugin-permission-node, focusing on role-based access control (RBAC).

README

@backstage/plugin-permission-node

Common permission and authorization utilities for backend plugins. For more information, see the permissions documentation on Backstage.io.