Harry Hogg
fd7fc3902e
Updated MetaData wording to Metadata
...
Signed-off-by: Harry Hogg <hhogg@spotify.com >
2022-10-17 17:45:16 +01:00
Harry Hogg
a7e4adf169
Updated import location
...
Signed-off-by: Harry Hogg <hhogg@spotify.com >
2022-10-17 17:00:10 +01:00
Harry Hogg
9335ad115e
Exported types for the permission router metadata endpoint
...
Signed-off-by: Harry Hogg <hhogg@spotify.com >
2022-10-12 08:21:57 +01:00
Harry Hogg
bbbe968e10
Fixed allowing optional params outside of the toQuery and apply
...
Signed-off-by: Harry Hogg <hhogg@spotify.com >
Co-authored-by: Mike Lewis <mlewis@spotify.com >
2022-10-11 11:53:02 +01:00
Harry Hogg
78e7698e4b
Removed unnecessary tupling of params
...
Signed-off-by: Harry Hogg <hhogg@spotify.com >
2022-10-07 12:08:00 +01:00
Harry Hogg
fa40df2bc7
Made changs to allow params and schemas to be defaulted and required only when there is params defined.
...
Co-authored-by: Vincenzo Scamporlino <vincenzos@spotify.com >
Co-authored-by: Mike Lewis <mlewis@spotify.com >
Signed-off-by: Harry Hogg <hhogg@spotify.com >
2022-10-06 12:09:42 +01:00
Harry Hogg
db63ce8b07
Rename schema to paramsSchema
...
Signed-off-by: Harry Hogg <hhogg@spotify.com >
2022-10-06 09:36:54 +01:00
Harry Hogg
26e5513c32
Update API reports
...
Signed-off-by: Harry Hogg <hhogg@spotify.com >
2022-10-04 15:57:04 +01:00
Harry Hogg
4eb0f6d23d
Limited the permission rule parameters to JsonPrimatives and array of
...
Signed-off-by: Harry Hogg <hhogg@spotify.com >
2022-10-04 13:24:33 +01:00
Harry Hogg
fbc636c4a5
Use z.input to corrently type the input to correctly reflect optional fields
...
Signed-off-by: Harry Hogg <hhogg@spotify.com >
2022-10-04 12:14:22 +01:00
Harry Hogg
445c5f41a5
Reworded and added missing parameter descriptions
...
Signed-off-by: Harry Hogg <hhogg@spotify.com >
2022-10-04 12:14:20 +01:00
Harry Hogg
42fa9cdcdb
Removed the parameters count from the permissions metadata endpoint
...
Signed-off-by: Harry Hogg <hhogg@spotify.com >
2022-10-04 12:03:17 +01:00
Harry Hogg
755361681c
Add explanation comment around the schema type and whay we need to remove the optional def for the schema
...
Signed-off-by: Harry Hogg <hhogg@spotify.com >
2022-10-04 12:03:17 +01:00
Harry Hogg
1d4b847c98
Explicitly use the schema to infer the types for the permission rule
...
Signed-off-by: Harry Hogg <hhogg@spotify.com >
2022-10-04 12:03:16 +01:00
Harry Hogg
6d447843fa
Changing over permission rules params API to accept a single object
...
Signed-off-by: Harry Hogg <hhogg@spotify.com >
2022-10-04 12:03:16 +01:00
Harry Hogg
eec3f766f2
Output a JSON schema from the .well-known metadata endpoint
...
Signed-off-by: Harry Hogg <hhogg@spotify.com >
2022-10-04 12:03:15 +01:00
Harry Hogg
9fe88c4fab
Added parameter validation using the param schemas
...
Signed-off-by: Harry Hogg <hhogg@spotify.com >
2022-10-04 12:03:15 +01:00
Harry Hogg
e9b4191071
Added parameter scheamas to permission rules
...
Signed-off-by: Harry Hogg <hhogg@spotify.com >
2022-10-04 12:03:15 +01:00
Fredrik Adelöw
aaab1e34da
Fix linting errors after #13392
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2022-08-30 13:44:09 +02:00
Fredrik Adelöw
9212439d15
just some more use of setupRequestMockHandlers
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2022-08-24 11:26:12 +02:00
Joon Park
58426f9c0f
Create permission aggregation endpoints ( #11695 )
...
* Create permission aggregation endpoints
Signed-off-by: Joon Park <joonp@spotify.com >
* Spelling
Signed-off-by: Joon Park <joonp@spotify.com >
* Refactor permission metadata aggregation into one endpoint
Signed-off-by: Joe Porpeglia <josephp@spotify.com >
* Change parameter field shape
Signed-off-by: Joon Park <joonp@spotify.com >
Co-authored-by: Joe Porpeglia <josephp@spotify.com >
2022-06-10 11:32:28 +01:00
Joe Porpeglia
90754d4fa9
Remove strict validation from PermissionCriteria schemas
...
Signed-off-by: Joe Porpeglia <josephp@spotify.com >
2022-04-18 12:38:29 -04:00
Vincenzo Scamporlino
63902fcc17
PermissionEvaluator: rename query to authorizeConditional
...
Signed-off-by: Vincenzo Scamporlino <me@vinzscam.dev >
2022-04-08 12:29:00 +02:00
Vincenzo Scamporlino
2903c1fd5d
Move PolicyQuery to permission-node
...
Signed-off-by: Vincenzo Scamporlino <me@vinzscam.dev >
2022-04-08 12:28:59 +02:00
Vincenzo Scamporlino
8960a2bfed
Split PermissionClient#authorize
...
Co-authored-by: Mike Lewis <mtlewis@users.noreply.github.com >
Signed-off-by: Vincenzo Scamporlino <me@vinzscam.dev >
2022-04-08 12:28:59 +02:00
MT Lewis
8012ac46a0
permissions: ensure returned conditions match permission in PermissionPolicy#handle ( #10075 )
...
* permission-node: fix signature of permission rule in test suites
Signed-off-by: Mike Lewis <mtlewis@users.noreply.github.com >
* permission-common: add isPermission helper for comparing permissions
Signed-off-by: Mike Lewis <mtlewis@users.noreply.github.com >
* permission-node: adjust createConditionExports for more type safety
Signed-off-by: Mike Lewis <mtlewis@users.noreply.github.com >
* permissions: add resourceType property to PermissionCondition and PermissionRule
Signed-off-by: Mike Lewis <mtlewis@users.noreply.github.com >
* catalog: handle changes to PermissionCondition and PermissionRule types
Signed-off-by: Mike Lewis <mtlewis@users.noreply.github.com >
* catalog-backend: avoid re-exporting alpha import
cf. https://github.com/backstage/backstage/pull/10128
Signed-off-by: Mike Lewis <mtlewis@users.noreply.github.com >
* Update changeset
Signed-off-by: Joe Porpeglia <josephp@spotify.com >
* Resolve api-report conflict
Signed-off-by: Joon Park <joonp@spotify.com >
Co-authored-by: Joe Porpeglia <josephp@spotify.com >
Co-authored-by: Joon Park <joonp@spotify.com >
2022-03-28 11:06:38 +01:00
Joe Porpeglia
0b98a49509
Rename policy input type
...
Signed-off-by: Joe Porpeglia <josephp@spotify.com >
2022-03-25 10:02:46 -04:00
Joe Porpeglia
e43290ce96
Rename permission backend request and response types
...
Signed-off-by: Joe Porpeglia <josephp@spotify.com >
2022-03-25 10:02:46 -04:00
Joe Porpeglia
970814ed38
Move policy decision types to permission-common
...
Co-authored-by: Mike Lewis <mtlewis@users.noreply.github.com >
Signed-off-by: Joe Porpeglia <josephp@spotify.com >
2022-03-25 10:02:46 -04:00
Joe Porpeglia
ac0a6cb827
Introduce PermissionMessageBatch utility type. Rename Identified type to IdentifiedPermissionMessage.
...
Co-authored-by: Mike Lewis <mtlewis@users.noreply.github.com >
Signed-off-by: Joe Porpeglia <josephp@spotify.com >
2022-03-25 10:02:46 -04:00
Mike Lewis
899d38ea68
permission-common: add utility types for creating and refining Permissions
...
Signed-off-by: Mike Lewis <mtlewis@users.noreply.github.com >
2022-03-22 14:32:38 -04:00
Vincenzo Scamporlino
7e0a0109bf
Export permission criteria utilities
...
Signed-off-by: Vincenzo Scamporlino <me@vinzscam.dev >
2022-03-01 12:44:06 +01:00
Joe Porpeglia
0816f8237a
Improve error message when permissions are enabled without backend-to-backend authentication
...
Signed-off-by: Joe Porpeglia <josephp@spotify.com >
2022-02-18 15:38:01 -05:00
Joe Porpeglia
6a079788e8
Cast type instead of throwing
...
Signed-off-by: Joe Porpeglia <josephp@spotify.com >
2022-02-11 11:08:56 -05:00
Joe Porpeglia
08ce0c83dd
Use strict() validation for permission criteria zod schemas
...
Signed-off-by: Joe Porpeglia <josephp@spotify.com >
2022-02-11 11:08:56 -05:00
Joe Porpeglia
e66bb84798
Require at least one item in allOf/anyOf criteria
...
Signed-off-by: Joe Porpeglia <josephp@spotify.com >
2022-02-11 11:08:56 -05:00
Fredrik Adelöw
86b40d464f
move over BackstageSignInResult, BackstageIdentityResponse, BackstageUserIdentity
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2022-02-09 17:10:18 +01:00
MT Lewis
0ae4f4cc82
permissions: rename authorize request and response types to avoid envelope suffix
...
Signed-off-by: MT Lewis <mtlewis@users.noreply.github.com >
2022-01-13 17:51:06 +00:00
MT Lewis
b768259244
permission-backend: wrap authorize request and response batches in envelope
...
Signed-off-by: MT Lewis <mtlewis@users.noreply.github.com >
2022-01-13 17:51:05 +00:00
MT Lewis
3bb0afb54c
permission-node: add test for apply conditions router
...
Signed-off-by: MT Lewis <mtlewis@users.noreply.github.com >
2022-01-13 13:04:30 +00:00
MT Lewis
34a4be296f
permission-node: list all incorrect resource types in apply-conditions handler
...
Signed-off-by: MT Lewis <mtlewis@users.noreply.github.com >
2022-01-13 13:04:06 +00:00
MT Lewis
1fb2e0e0b4
permission-node: wrap request and response arrays in object
...
Signed-off-by: MT Lewis <mtlewis@users.noreply.github.com >
2022-01-13 13:04:06 +00:00
MT Lewis
cbb85e07f0
permission-node: simplify undefined check and fix applyConditions signature
...
Signed-off-by: MT Lewis <mtlewis@users.noreply.github.com >
2022-01-13 13:04:05 +00:00
MT Lewis
8e72b573aa
permission-node: switch to array for getResources return value
...
Signed-off-by: MT Lewis <mtlewis@users.noreply.github.com >
2022-01-13 13:04:04 +00:00
MT Lewis
706b6c29e9
permission-node: allow batch retrieval of resources in /apply-conditions
...
Signed-off-by: MT Lewis <mtlewis@users.noreply.github.com >
2022-01-13 13:04:04 +00:00
MT Lewis
b66704db18
permission-node: accept batched requests in /apply-conditions
...
Signed-off-by: MT Lewis <mtlewis@users.noreply.github.com >
2022-01-13 13:04:03 +00:00
MT Lewis
9db1b86f32
permission-node: add helpers for creating PermissionRules
...
Signed-off-by: MT Lewis <mtlewis@users.noreply.github.com >
2022-01-07 16:06:58 +00:00
MT Lewis
bc9a205b86
backend-common: remove isSecure property in favour of a property on the NoopServerTokenManager
...
Signed-off-by: MT Lewis <mtlewis@users.noreply.github.com >
2021-12-21 10:04:04 +00:00
MT Lewis
20d10b57d6
permission-node: rename static create method to fromConfig
...
Signed-off-by: MT Lewis <mtlewis@users.noreply.github.com >
2021-12-21 09:46:22 +00:00
MT Lewis
c829631b4a
permission-node: use filename import in ServerPermissionClient test suite
...
Signed-off-by: MT Lewis <mtlewis@users.noreply.github.com >
2021-12-20 17:34:25 +00:00