feat: add support for the new backend system to the rbac-backend pl…

…ugin (#1179) Add support for the new backend system Signed-off-by: David Festal <[email protected]>
janus-idp · Feb 8, 2024 · d625cb2 · d625cb2
1 parent 90b26a7
commit d625cb2
Show file tree

Hide file tree

Showing 16 changed files with 253 additions and 7 deletions.
diff --git a/plugins/rbac-backend/package.json b/plugins/rbac-backend/package.json
@@ -37,6 +37,7 @@
     "@backstage/plugin-permission-node": "^0.7.17",
     "@dagrejs/graphlib": "^2.1.13",
     "@janus-idp/backstage-plugin-rbac-common": "1.2.1",
+    "@janus-idp/backstage-plugin-rbac-node": "^0.1.0",
     "casbin": "^5.27.1",
     "express": "^4.18.2",
     "express-promise-router": "^4.1.1",

diff --git a/plugins/rbac-backend/src/index.ts b/plugins/rbac-backend/src/index.ts
@@ -1,2 +1,8 @@
 export * from './service/router';
 export * from './service/policy-builder';
+
+// To provide backward compatibility with client code implemented
+// before PluginIdProvider was moved to @janus-idp/backstage-plugin-rbac-node.
+export type { PluginIdProvider } from '@janus-idp/backstage-plugin-rbac-node';
+
+export { rbacPlugin as default } from './plugin';
diff --git a/plugins/rbac-backend/src/plugin.ts b/plugins/rbac-backend/src/plugin.ts
@@ -0,0 +1,82 @@
+import { loggerToWinstonLogger } from '@backstage/backend-common';
+import {
+  coreServices,
+  createBackendPlugin,
+} from '@backstage/backend-plugin-api';
+
+import { PolicyBuilder } from '@janus-idp/backstage-plugin-rbac-backend';
+import {
+  PluginIdProvider,
+  PluginIdProviderExtensionPoint,
+  pluginIdProviderExtensionPoint,
+} from '@janus-idp/backstage-plugin-rbac-node';
+
+/**
+ * RBAC plugin
+ *
+ */
+export const rbacPlugin = createBackendPlugin({
+  pluginId: 'permission',
+  register(env) {
+    const pluginIdProviderExtensionPointImpl = new (class PluginIdProviderImpl
+      implements PluginIdProviderExtensionPoint
+    {
+      pluginIdProviders: PluginIdProvider[] = [];
+
+      addPluginIdProvider(pluginIdProvider: PluginIdProvider): void {
+        this.pluginIdProviders.push(pluginIdProvider);
+      }
+    })();
+
+    env.registerExtensionPoint(
+      pluginIdProviderExtensionPoint,
+      pluginIdProviderExtensionPointImpl,
+    );
+
+    env.registerInit({
+      deps: {
+        http: coreServices.httpRouter,
+        config: coreServices.rootConfig,
+        logger: coreServices.logger,
+        discovery: coreServices.discovery,
+        identity: coreServices.identity,
+        permissions: coreServices.permissions,
+        tokenManager: coreServices.tokenManager,
+      },
+      async init({
+        http,
+        config,
+        logger,
+        discovery,
+        identity,
+        permissions,
+        tokenManager,
+      }) {
+        const winstonLogger = loggerToWinstonLogger(logger);
+
+        http.use(
+          await PolicyBuilder.build(
+            {
+              config,
+              logger: winstonLogger,
+              discovery,
+              identity,
+              permissions,
+              tokenManager,
+            },
+            {
+              getPluginIds: () =>
+                Array.from(
+                  new Set(
+                    pluginIdProviderExtensionPointImpl.pluginIdProviders.flatMap(
+                      p => p.getPluginIds(),
+                    ),
+                  ),
+                ),
+            },
+          ),
+        );
+      },
+    });
+  },
+});
diff --git a/plugins/rbac-backend/src/service/plugin-endpoints.ts b/plugins/rbac-backend/src/service/plugin-endpoints.ts
@@ -19,8 +19,7 @@ import {
 import { Logger } from 'winston';
 
 import { Policy } from '@janus-idp/backstage-plugin-rbac-common';
-
-import { PluginIdProvider } from './policy-builder';
+import { PluginIdProvider } from '@janus-idp/backstage-plugin-rbac-node';
 
 type PluginMetadataResponse = {
   pluginId: string;

diff --git a/plugins/rbac-backend/src/service/policies-rest-api.ts b/plugins/rbac-backend/src/service/policies-rest-api.ts
@@ -39,6 +39,7 @@ import {
   Role,
   RoleBasedPolicy,
 } from '@janus-idp/backstage-plugin-rbac-common';
+import { PluginIdProvider } from '@janus-idp/backstage-plugin-rbac-node';
 
 import { ConditionalStorage } from '../database/conditional-storage';
 import { RoleMetadataStorage } from '../database/role-metadata';
@@ -50,7 +51,6 @@ import {
   validatePolicy,
   validateRole,
 } from './policies-validation';
-import { PluginIdProvider } from './policy-builder';
 
 export class PolicesServer {
   constructor(

diff --git a/plugins/rbac-backend/src/service/policy-builder.ts b/plugins/rbac-backend/src/service/policy-builder.ts
@@ -14,6 +14,8 @@ import { FileAdapter, newEnforcer, newModelFromString } from 'casbin';
 import { Router } from 'express';
 import { Logger } from 'winston';
 
+import { PluginIdProvider } from '@janus-idp/backstage-plugin-rbac-node';
+
 import { CasbinDBAdapterFactory } from '../database/casbin-adapter-factory';
 import { DataBaseConditionalStorage } from '../database/conditional-storage';
 import { migrate } from '../database/migration';
@@ -25,10 +27,6 @@ import { RBACPermissionPolicy } from './permission-policy';
 import { PolicesServer } from './policies-rest-api';
 import { BackstageRoleManager } from './role-manager';
 
-export interface PluginIdProvider {
-  getPluginIds: () => string[];
-}
-
 export class PolicyBuilder {
   public static async build(
     env: {

diff --git a/plugins/rbac-node/.eslintrc.js b/plugins/rbac-node/.eslintrc.js
@@ -0,0 +1 @@
+module.exports = require('@backstage/cli/config/eslint-factory')(__dirname);
diff --git a/plugins/rbac-node/README.md b/plugins/rbac-node/README.md
@@ -0,0 +1,5 @@
+# @backstage/plugin-rbac-node
+
+Welcome to the Node.js library package for the rbac plugin!
+
+For more information about RBAC plugin, see the [RBAC plugin documentation](https://github.com/janus-idp/backstage-plugins/tree/main/plugins/rbac-backend) on GitHub.
diff --git a/plugins/rbac-node/package.json b/plugins/rbac-node/package.json
@@ -0,0 +1,34 @@
+{
+  "name": "@janus-idp/backstage-plugin-rbac-node",
+  "description": "Node.js library for the rbac plugin",
+  "version": "0.1.0",
+  "main": "src/index.ts",
+  "types": "src/index.ts",
+  "license": "Apache-2.0",
+  "publishConfig": {
+    "access": "public",
+    "main": "dist/index.cjs.js",
+    "types": "dist/index.d.ts"
+  },
+  "backstage": {
+    "role": "node-library"
+  },
+  "scripts": {
+    "build": "backstage-cli package build",
+    "tsc": "tsc",
+    "lint": "backstage-cli package lint",
+    "test": "backstage-cli package test --passWithNoTests --coverage",
+    "clean": "backstage-cli package clean",
+    "prepack": "backstage-cli package prepack",
+    "postpack": "backstage-cli package postpack"
+  },
+  "devDependencies": {
+    "@backstage/cli": "0.23.0"
+  },
+  "files": [
+    "dist"
+  ],
+  "dependencies": {
+    "@backstage/backend-plugin-api": "^0.6.6"
+  }
+}
diff --git a/plugins/rbac-node/src/extensions.ts b/plugins/rbac-node/src/extensions.ts
@@ -0,0 +1,22 @@
+import { createExtensionPoint } from '@backstage/backend-plugin-api';
+
+import { PluginIdProvider } from './types';
+
+/**
+ * An extension point the exposes the ability to configure additional PluginIDProviders.
+ *
+ * @public
+ */
+export const pluginIdProviderExtensionPoint =
+  createExtensionPoint<PluginIdProviderExtensionPoint>({
+    id: 'permission.rbac.pluginIdProvider',
+  });
+
+/**
+ * The interface for {@link pluginIdProviderExtensionPoint}.
+ *
+ * @public
+ */
+export type PluginIdProviderExtensionPoint = {
+  addPluginIdProvider(pluginIdProvider: PluginIdProvider): void;
+};
diff --git a/plugins/rbac-node/src/index.ts b/plugins/rbac-node/src/index.ts
@@ -0,0 +1,24 @@
+/*
+ * Copyright 2024 The Backstage Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * Node.js library for the rbac plugin.
+ *
+ * @packageDocumentation
+ */
+
+export * from './extensions';
+export * from './types';
diff --git a/plugins/rbac-node/src/setupTests.ts b/plugins/rbac-node/src/setupTests.ts
@@ -0,0 +1,16 @@
+/*
+ * Copyright 2023 The Backstage Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+export {};
diff --git a/plugins/rbac-node/src/types/index.ts b/plugins/rbac-node/src/types/index.ts
@@ -0,0 +1,17 @@
+/*
+ * Copyright 2023 The Backstage Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+export * from './types';
diff --git a/plugins/rbac-node/src/types/types.ts b/plugins/rbac-node/src/types/types.ts
@@ -0,0 +1,23 @@
+/*
+ * Copyright 2024 The Backstage Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * Used to provide a list of pluginIDs on which a permission well-known endpoint is to be searched.
+ * @public
+ */
+export interface PluginIdProvider {
+  getPluginIds: () => string[];
+}
diff --git a/plugins/rbac-node/tsconfig.json b/plugins/rbac-node/tsconfig.json
@@ -0,0 +1,9 @@
+{
+  "extends": "@backstage/cli/config/tsconfig.json",
+  "include": ["src", "dev", "migrations"],
+  "exclude": ["node_modules"],
+  "compilerOptions": {
+    "outDir": "../../dist-types/plugins/rbac-node",
+    "rootDir": "."
+  }
+}
diff --git a/plugins/rbac-node/turbo.json b/plugins/rbac-node/turbo.json
@@ -0,0 +1,9 @@
+{
+  "extends": ["//"],
+  "pipeline": {
+    "tsc": {
+      "outputs": ["../../dist-types/plugins/rbac-node/**"],
+      "dependsOn": ["^tsc"]
+    }
+  }
+}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		module.exports = require('@backstage/cli/config/eslint-factory')(__dirname);