rename hasCreatedBy to isTaskOwner
Signed-off-by: Kashish Mittal <kmittal@redhat.com>
This commit is contained in:
@@ -9,4 +9,4 @@
|
||||
BREAKING :
|
||||
|
||||
- Converted `scaffolder.task.read` and `scaffolder.task.cancel` into Resource Permissions.
|
||||
- Added a new scaffolder rule `hasCreatedBy` for `scaffolder.task.read` and `scaffolder.task.cancel` to allow for conditional permission policies such as restricting access to tasks and task events based on task creators.
|
||||
- Added a new scaffolder rule `isTaskOwner` for `scaffolder.task.read` and `scaffolder.task.cancel` to allow for conditional permission policies such as restricting access to tasks and task events based on task creators.
|
||||
|
||||
@@ -220,7 +220,7 @@ class ExamplePermissionPolicy implements PermissionPolicy {
|
||||
// Allow users to read tasks they created
|
||||
return createScaffolderTaskConditionalDecision(
|
||||
request.permission,
|
||||
scaffolderTaskConditions.hasCreatedBy({
|
||||
scaffolderTaskConditions.isTaskOwner({
|
||||
createdBy: user?.info.userEntityRef ? [user?.info.userEntityRef] : [],
|
||||
}),
|
||||
);
|
||||
@@ -245,7 +245,7 @@ class ExamplePermissionPolicy implements PermissionPolicy {
|
||||
if (user?.info.userEntityRef === 'user:default/bob') {
|
||||
return createScaffolderTaskConditionalDecision(
|
||||
request.permission,
|
||||
scaffolderTaskConditions.hasCreatedBy({
|
||||
scaffolderTaskConditions.isTaskOwner({
|
||||
createdBy: user?.info.userEntityRef
|
||||
? [user?.info.userEntityRef]
|
||||
: [],
|
||||
|
||||
@@ -85,7 +85,7 @@ export const scaffolderActionConditions: Conditions<{
|
||||
|
||||
// @alpha
|
||||
export const scaffolderTaskConditions: Conditions<{
|
||||
hasCreatedBy: PermissionRule<
|
||||
isTaskOwner: PermissionRule<
|
||||
SerializedTask,
|
||||
{
|
||||
key: string;
|
||||
|
||||
@@ -22,7 +22,7 @@ import {
|
||||
hasProperty,
|
||||
hasStringProperty,
|
||||
hasTag,
|
||||
hasCreatedBy,
|
||||
isTaskOwner,
|
||||
} from './rules';
|
||||
import { createConditionAuthorizer } from '@backstage/plugin-permission-node';
|
||||
import { RESOURCE_TYPE_SCAFFOLDER_ACTION } from '@backstage/plugin-scaffolder-common/alpha';
|
||||
@@ -527,7 +527,7 @@ describe('hasStringProperty', () => {
|
||||
});
|
||||
});
|
||||
|
||||
describe('hasCreatedBy', () => {
|
||||
describe('isTaskOwner', () => {
|
||||
describe('apply', () => {
|
||||
const task: SerializedTask = {
|
||||
id: 'a-random-id',
|
||||
@@ -538,28 +538,28 @@ describe('hasCreatedBy', () => {
|
||||
};
|
||||
it('returns false when createdBy is an empty array', () => {
|
||||
expect(
|
||||
hasCreatedBy.apply(task, {
|
||||
isTaskOwner.apply(task, {
|
||||
createdBy: [],
|
||||
}),
|
||||
).toEqual(false);
|
||||
});
|
||||
it('returns false when createdBy is not matched (single user in createdBy)', () => {
|
||||
expect(
|
||||
hasCreatedBy.apply(task, {
|
||||
isTaskOwner.apply(task, {
|
||||
createdBy: ['not-matched'],
|
||||
}),
|
||||
).toEqual(false);
|
||||
});
|
||||
it('returns true when createdBy matches (single user in createdBy)', () => {
|
||||
expect(
|
||||
hasCreatedBy.apply(task, {
|
||||
isTaskOwner.apply(task, {
|
||||
createdBy: ['user:default/user-1'],
|
||||
}),
|
||||
).toEqual(true);
|
||||
});
|
||||
it('returns false when createdBy is not matched (multiple users in createdBy)', () => {
|
||||
expect(
|
||||
hasCreatedBy.apply(task, {
|
||||
isTaskOwner.apply(task, {
|
||||
createdBy: [
|
||||
'user:default/user-2',
|
||||
'user:default/user-3',
|
||||
@@ -570,7 +570,7 @@ describe('hasCreatedBy', () => {
|
||||
});
|
||||
it('returns true when createdBy matches (multiple users in createdBy)', () => {
|
||||
expect(
|
||||
hasCreatedBy.apply(task, {
|
||||
isTaskOwner.apply(task, {
|
||||
createdBy: [
|
||||
'user:default/user-1',
|
||||
'user:default/user-2',
|
||||
@@ -583,7 +583,7 @@ describe('hasCreatedBy', () => {
|
||||
describe('toQuery', () => {
|
||||
it('returns the correct query filter with values (single user in createdBy)', () => {
|
||||
expect(
|
||||
hasCreatedBy.toQuery({
|
||||
isTaskOwner.toQuery({
|
||||
createdBy: ['user:default/user-1'],
|
||||
}),
|
||||
).toEqual({ key: 'created_by', values: ['user:default/user-1'] });
|
||||
@@ -591,7 +591,7 @@ describe('hasCreatedBy', () => {
|
||||
});
|
||||
it('returns the correct query filter with values (multiple users in createdBy)', () => {
|
||||
expect(
|
||||
hasCreatedBy.toQuery({
|
||||
isTaskOwner.toQuery({
|
||||
createdBy: ['user:default/user-1', 'user:default/user-2'],
|
||||
}),
|
||||
).toEqual({
|
||||
|
||||
@@ -142,8 +142,8 @@ export const createTaskPermissionRule = makeCreatePermissionRule<
|
||||
typeof RESOURCE_TYPE_SCAFFOLDER_TASK
|
||||
>();
|
||||
|
||||
export const hasCreatedBy = createTaskPermissionRule({
|
||||
name: 'HAS_CREATED_BY',
|
||||
export const isTaskOwner = createTaskPermissionRule({
|
||||
name: 'IS_TASK_OWNER',
|
||||
description: 'Allows tasks created by certain users to be accessible',
|
||||
resourceType: RESOURCE_TYPE_SCAFFOLDER_TASK,
|
||||
paramsSchema: z.object({
|
||||
@@ -174,4 +174,4 @@ export const scaffolderActionRules = {
|
||||
hasNumberProperty,
|
||||
hasStringProperty,
|
||||
};
|
||||
export const scaffolderTaskRules = { hasCreatedBy };
|
||||
export const scaffolderTaskRules = { isTaskOwner };
|
||||
|
||||
Reference in New Issue
Block a user