@backstage/plugin-permission-common
Home > @backstage/plugin-permission-common
Isomorphic types and client for Backstage permissions and authorization
Classes
Class | Description |
---|---|
PermissionClient | An isomorphic client for requesting authorization for Backstage permissions. |
Enumerations
Enumeration | Description |
---|---|
AuthorizeResult | The result of an authorization request. |
Functions
Function | Description |
---|---|
createPermission(input) | Utility function for creating a valid ResourcePermission, inferring the appropriate type and resource type parameter. |
createPermission(input) | Utility function for creating a valid BasicPermission. |
isCreatePermission(permission) | Check if a given permission is related to a create action. |
isDeletePermission(permission) | Check if a given permission is related to a delete action. |
isPermission(permission, comparedPermission) | Check if the two parameters are equivalent permissions. |
isReadPermission(permission) | Check if a given permission is related to a read action. |
isResourcePermission(permission, resourceType) | Check if a given permission is a ResourcePermission. When resourceType is supplied as the second parameter, also checks if the permission has the specified resource type. |
isUpdatePermission(permission) | Check if a given permission is related to an update action. |
toPermissionEvaluator(permissionAuthorizer) | Convert PermissionAuthorizer to PermissionEvaluator. |
Interfaces
Interface | Description |
---|---|
EvaluatorRequestOptions | Options for PermissionEvaluator requests. This is currently empty, as there are no longer any common options for the permission evaluator. |
PermissionAuthorizer | A client interacting with the permission backend can implement this authorizer interface. |
PermissionEvaluator | A client interacting with the permission backend can implement this evaluator interface. |
Type Aliases
Type Alias | Description |
---|---|
AllOfCriteria | Represents a logical AND for the provided criteria. |
AnyOfCriteria | Represents a logical OR for the provided criteria. |
AuthorizePermissionRequest | Request object for PermissionEvaluator.authorize(). If a ResourcePermission is provided, it must include a corresponding resourceRef . |
AuthorizePermissionResponse | Response object for PermissionEvaluator.authorize(). |
AuthorizeRequestOptions | Options for authorization requests. |
BasicPermission | A standard Permission with no additional capabilities or restrictions. |
ConditionalPolicyDecision | A conditional decision returned by the PermissionPolicy. |
DefinitivePolicyDecision | A definitive decision returned by the PermissionPolicy. |
DiscoveryApi | This is a copy of the core DiscoveryApi, to avoid importing core. |
EvaluatePermissionRequest | An individual request sent to the permission backend. |
EvaluatePermissionRequestBatch | A batch of requests sent to the permission backend. |
EvaluatePermissionResponse | An individual response from the permission backend. |
EvaluatePermissionResponseBatch | A batch of responses from the permission backend. |
IdentifiedPermissionMessage | A request with a UUID identifier, so that batched responses can be matched up with the original requests. |
MetadataResponse | Response type for the .metadata endpoint in createPermissionIntegrationRouter() |
MetadataResponseSerializedRule | Serialized permission rules, with the paramsSchema converted from a ZodSchema to a JsonSchema. |
NotCriteria | Represents a negation of the provided criteria. |
Permission | A permission that can be checked through authorization. |
PermissionAttributes | The attributes related to a given permission; these should be generic and widely applicable to all permissions in the system. |
PermissionBase | Generic type for building Permission types. |
PermissionClientRequestOptions | Options for PermissionClient requests. |
PermissionCondition | A condition returned with a CONDITIONAL authorization response. Conditions are a reference to a rule defined by a plugin, and parameters to apply the rule. For example, a rule might be |
PermissionCriteria | Composes several PermissionConditions as criteria with a nested AND/OR structure. |
PermissionMessageBatch | A batch of request or response items. |
PermissionRuleParam | A parameter to a permission rule. |
PermissionRuleParams | Types that can be used as parameters to permission rules. |
PolicyDecision | A decision returned by the PermissionPolicy. |
QueryPermissionRequest | Request object for PermissionEvaluator.authorizeConditional(). |
QueryPermissionResponse | Response object for PermissionEvaluator.authorizeConditional(). |
ResourcePermission | ResourcePermissions are Permissions that can be authorized based on characteristics of a resource such a catalog entity. |