fix(PermissionClient): fix rules schema to handle optional params

Signed-off-by: Phil Kuang <pkuang@factset.com>

.changeset/real-swans-repair.md

@@ -0,0 +1,5 @@
+---
+'@backstage/plugin-permission-common': patch
+---
+
+Properly handle rules that have no parameters in `PermissionClient`

plugins/permission-common/src/PermissionClient.test.ts

@@ -310,6 +310,40 @@ describe('PermissionClient', () => {
       ).rejects.toThrow(/request failed with 401/i);
     });
 
+    it('should handle reponses with rules with no params', async () => {
+      mockPolicyDecisionHandler.mockImplementationOnce(
+        (req, res, { json }: RestContext) => {
+          const responses = req.body.items.map(
+            (a: IdentifiedPermissionMessage<ConditionalPolicyDecision>) => ({
+              id: a.id,
+              pluginId: 'test-plugin',
+              resourceType: 'test-resource',
+              result: AuthorizeResult.CONDITIONAL,
+              conditions: {
+                resourceType: 'test-resource',
+                rule: 'FOO',
+              },
+            }),
+          );
+
+          return res(json({ items: responses }));
+        },
+      );
+
+      const response = await client.authorizeConditional([
+        mockResourceAuthorizeConditional,
+      ]);
+      expect(response[0]).toEqual(
+        expect.objectContaining({
+          result: AuthorizeResult.CONDITIONAL,
+          conditions: {
+            rule: 'FOO',
+            resourceType: 'test-resource',
+          },
+        }),
+      );
+    });
+
     it('should reject responses with missing ids', async () => {
       mockPolicyDecisionHandler.mockImplementationOnce(
         (_req, res, { json }: RestContext) => {

plugins/permission-common/src/PermissionClient.ts

@@ -41,7 +41,7 @@ const permissionCriteriaSchema: z.ZodSchema<
     .object({
       rule: z.string(),
       resourceType: z.string(),
-      params: z.record(z.any()),
+      params: z.record(z.any()).optional(),
     })
     .or(z.object({ anyOf: z.array(permissionCriteriaSchema).nonempty() }))
     .or(z.object({ allOf: z.array(permissionCriteriaSchema).nonempty() }))