paulononato/backstage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Warn if permission backend is used without permissions enabled

Browse Source 
Signed-off-by: Joe Porpeglia <josephp@spotify.com>
This commit is contained in:
Joe Porpeglia
2022-02-14 12:45:44 -05:00
committed by Joe Porpeglia
parent a929ef20d3
commit e2cf0662eb
5 changed files with 38 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.changeset/green-bobcats-burn.md
+22
View File
@@ -0,0 +1,22 @@
---
'@backstage/plugin-permission-backend': minor
---
Add a warning if the permission backend is used without setting `permission.enabled=true`.
**BREAKING** Permission backend's `createRouter` now requires a `config` option.
```diff
// packages/backend/src/plugins/permission.ts
...
export default async function createPlugin({
...
+ config,
}: PluginEnvironment) {
return createRouter({
...
+ config,
});
}
```
packages/backend/src/plugins/permission.ts
+2 -1
View File
@@ -35,8 +35,9 @@ class AllowAllPermissionPolicy implements PermissionPolicy {
export default async function createPlugin(
env: PluginEnvironment,
): Promise<Router> {
const { logger, discovery } = env;
const { logger, discovery, config } = env;
return await createRouter({
config,
logger,
discovery,
policy: new AllowAllPermissionPolicy(),
plugins/permission-backend/api-report.md
+3
View File
@@ -3,6 +3,7 @@
> Do not edit this file. It is a report generated by [API Extractor](https://api-extractor.com/).
```ts
import { Config } from '@backstage/config';
import express from 'express';
import { IdentityClient } from '@backstage/plugin-auth-node';
import { Logger as Logger_2 } from 'winston';
@@ -14,6 +15,8 @@ export function createRouter(options: RouterOptions): Promise<express.Router>;
// @public
export interface RouterOptions {
// (undocumented)
config: Config;
// (undocumented)
discovery: PluginEndpointDiscovery;
// (undocumented)
plugins/permission-backend/src/service/router.test.ts
+2
View File
@@ -26,6 +26,7 @@ import {
import { PermissionIntegrationClient } from './PermissionIntegrationClient';
import { createRouter } from './router';
import { ConfigReader } from '@backstage/config';
const mockApplyConditions: jest.MockedFunction<
InstanceType<typeof PermissionIntegrationClient>['applyConditions']
@@ -63,6 +64,7 @@ describe('createRouter', () => {
beforeAll(async () => {
const router = await createRouter({
config: new ConfigReader({ permission: { enabled: true } }),
logger: getVoidLogger(),
discovery: {
getBaseUrl: jest.fn(),
plugins/permission-backend/src/service/router.ts
+9 -1
View File
@@ -44,6 +44,7 @@ import {
import { PermissionIntegrationClient } from './PermissionIntegrationClient';
import { memoize } from 'lodash';
import DataLoader from 'dataloader';
import { Config } from '@backstage/config';
const querySchema: z.ZodSchema<Identified<AuthorizeQuery>> = z.object({
id: z.string(),
@@ -79,6 +80,7 @@ export interface RouterOptions {
discovery: PluginEndpointDiscovery;
policy: PermissionPolicy;
identity: IdentityClient;
config: Config;
}
const handleRequest = async (
@@ -139,7 +141,13 @@ const handleRequest = async (
export async function createRouter(
options: RouterOptions,
): Promise<express.Router> {
const { policy, discovery, identity } = options;
const { policy, discovery, identity, config, logger } = options;
if (!config.getOptionalBoolean('permission.enabled')) {
logger.warn(
'Permission backend started with permissions disabled. Enable permissions by setting permission.enabled=true.',
);
}
const permissionIntegrationClient = new PermissionIntegrationClient({
discovery,