rename hasCreatedBy to isTaskOwner

Signed-off-by: Kashish Mittal <kmittal@redhat.com>
This commit is contained in:
Kashish Mittal
2025-05-16 10:31:05 -04:00
parent e161cf1043
commit ea4bdfa48e
5 changed files with 16 additions and 16 deletions
+1 -1
View File
@@ -9,4 +9,4 @@
BREAKING :
- Converted `scaffolder.task.read` and `scaffolder.task.cancel` into Resource Permissions.
- Added a new scaffolder rule `hasCreatedBy` for `scaffolder.task.read` and `scaffolder.task.cancel` to allow for conditional permission policies such as restricting access to tasks and task events based on task creators.
- Added a new scaffolder rule `isTaskOwner` for `scaffolder.task.read` and `scaffolder.task.cancel` to allow for conditional permission policies such as restricting access to tasks and task events based on task creators.
@@ -220,7 +220,7 @@ class ExamplePermissionPolicy implements PermissionPolicy {
// Allow users to read tasks they created
return createScaffolderTaskConditionalDecision(
request.permission,
scaffolderTaskConditions.hasCreatedBy({
scaffolderTaskConditions.isTaskOwner({
createdBy: user?.info.userEntityRef ? [user?.info.userEntityRef] : [],
}),
);
@@ -245,7 +245,7 @@ class ExamplePermissionPolicy implements PermissionPolicy {
if (user?.info.userEntityRef === 'user:default/bob') {
return createScaffolderTaskConditionalDecision(
request.permission,
scaffolderTaskConditions.hasCreatedBy({
scaffolderTaskConditions.isTaskOwner({
createdBy: user?.info.userEntityRef
? [user?.info.userEntityRef]
: [],
@@ -85,7 +85,7 @@ export const scaffolderActionConditions: Conditions<{
// @alpha
export const scaffolderTaskConditions: Conditions<{
hasCreatedBy: PermissionRule<
isTaskOwner: PermissionRule<
SerializedTask,
{
key: string;
@@ -22,7 +22,7 @@ import {
hasProperty,
hasStringProperty,
hasTag,
hasCreatedBy,
isTaskOwner,
} from './rules';
import { createConditionAuthorizer } from '@backstage/plugin-permission-node';
import { RESOURCE_TYPE_SCAFFOLDER_ACTION } from '@backstage/plugin-scaffolder-common/alpha';
@@ -527,7 +527,7 @@ describe('hasStringProperty', () => {
});
});
describe('hasCreatedBy', () => {
describe('isTaskOwner', () => {
describe('apply', () => {
const task: SerializedTask = {
id: 'a-random-id',
@@ -538,28 +538,28 @@ describe('hasCreatedBy', () => {
};
it('returns false when createdBy is an empty array', () => {
expect(
hasCreatedBy.apply(task, {
isTaskOwner.apply(task, {
createdBy: [],
}),
).toEqual(false);
});
it('returns false when createdBy is not matched (single user in createdBy)', () => {
expect(
hasCreatedBy.apply(task, {
isTaskOwner.apply(task, {
createdBy: ['not-matched'],
}),
).toEqual(false);
});
it('returns true when createdBy matches (single user in createdBy)', () => {
expect(
hasCreatedBy.apply(task, {
isTaskOwner.apply(task, {
createdBy: ['user:default/user-1'],
}),
).toEqual(true);
});
it('returns false when createdBy is not matched (multiple users in createdBy)', () => {
expect(
hasCreatedBy.apply(task, {
isTaskOwner.apply(task, {
createdBy: [
'user:default/user-2',
'user:default/user-3',
@@ -570,7 +570,7 @@ describe('hasCreatedBy', () => {
});
it('returns true when createdBy matches (multiple users in createdBy)', () => {
expect(
hasCreatedBy.apply(task, {
isTaskOwner.apply(task, {
createdBy: [
'user:default/user-1',
'user:default/user-2',
@@ -583,7 +583,7 @@ describe('hasCreatedBy', () => {
describe('toQuery', () => {
it('returns the correct query filter with values (single user in createdBy)', () => {
expect(
hasCreatedBy.toQuery({
isTaskOwner.toQuery({
createdBy: ['user:default/user-1'],
}),
).toEqual({ key: 'created_by', values: ['user:default/user-1'] });
@@ -591,7 +591,7 @@ describe('hasCreatedBy', () => {
});
it('returns the correct query filter with values (multiple users in createdBy)', () => {
expect(
hasCreatedBy.toQuery({
isTaskOwner.toQuery({
createdBy: ['user:default/user-1', 'user:default/user-2'],
}),
).toEqual({
@@ -142,8 +142,8 @@ export const createTaskPermissionRule = makeCreatePermissionRule<
typeof RESOURCE_TYPE_SCAFFOLDER_TASK
>();
export const hasCreatedBy = createTaskPermissionRule({
name: 'HAS_CREATED_BY',
export const isTaskOwner = createTaskPermissionRule({
name: 'IS_TASK_OWNER',
description: 'Allows tasks created by certain users to be accessible',
resourceType: RESOURCE_TYPE_SCAFFOLDER_TASK,
paramsSchema: z.object({
@@ -174,4 +174,4 @@ export const scaffolderActionRules = {
hasNumberProperty,
hasStringProperty,
};
export const scaffolderTaskRules = { hasCreatedBy };
export const scaffolderTaskRules = { isTaskOwner };