-
Notifications
You must be signed in to change notification settings - Fork 6.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(scaffolder): add permission for template management features #26946
feat(scaffolder): add permission for template management features #26946
Conversation
Changed Packages
|
Signed-off-by: Stephen Glass <stephen@stephen.glass>
cab58a3
to
f61d4cc
Compare
@stephenglass thanks for raising this PR! I think that this is one of many improvement PR's that have been raised over the last few weeks with regards to permissions. My concern with all of those permission PR's is that they're released in a way that they're not backwards compatible as theres no default policy option for new permissions, so users if using I really want to try and push through us coming up with a fix for providing default policy responses like Me and @Rugvip spoke about this last week, and thinking that we might get some chance to fix that up this week, so if you don't mind I'd like to get that in before proceeding with this and #25969 and #26947 🙏 |
mmm I don't think this is a concern as the recommendation is to |
...scaffolder-react/src/next/components/ScaffolderPageContextMenu/ScaffolderPageContextMenu.tsx
Show resolved
Hide resolved
Signed-off-by: Stephen Glass <stephen@stephen.glass>
Signed-off-by: Stephen Glass <stephen@stephen.glass>
Added |
Hey @stephenglass 👋 Can you please solve conflicts? |
…scaffolder-permission-manage1 Signed-off-by: Stephen Glass <stephen@stephen.glass>
@acierto Done! Thanks! |
@@ -766,7 +767,7 @@ export async function createRouter( | |||
const credentials = await httpAuth.credentials(req); | |||
await checkPermission({ | |||
credentials, | |||
permissions: [taskCreatePermission], | |||
permissions: [taskCreatePermission, templateManagementPermission], |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
let's keep the two concept separated as you suggested!
permissions: [taskCreatePermission, templateManagementPermission], | |
permissions: [taskCreatePermission], |
.changeset/lemon-gifts-crash.md
Outdated
--- | ||
'@backstage/plugin-scaffolder-common': patch | ||
'@backstage/plugin-scaffolder-react': patch | ||
'@backstage/plugin-scaffolder-backend': patch |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
then this one should go away if we don't make any changes to scaffolder-backend
'@backstage/plugin-scaffolder-backend': patch |
.changeset/lemon-gifts-crash.md
Outdated
'@backstage/plugin-scaffolder-common': patch | ||
'@backstage/plugin-scaffolder-react': patch | ||
'@backstage/plugin-scaffolder-backend': patch | ||
'@backstage/plugin-scaffolder': patch |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@acierto would this be a minor then? 🤔
'@backstage/plugin-scaffolder': patch | |
'@backstage/plugin-scaffolder': minor |
Signed-off-by: Stephen Glass <stephen@stephen.glass>
@vinzscam I've addressed the comments 👍 |
Co-authored-by: Vincenzo Scamporlino <vincenzos@spotify.com> Signed-off-by: Stephen Glass <stephen@stephen.glass>
Signed-off-by: Stephen Glass <stephen@stephen.glass>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🚀
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @stephenglass! 🎉
Thank you for contributing to Backstage! The changes in this pull request will be part of the |
Hi @stephenglass, a little late here but any chance you could submit a follow up PR with some documentation around the new permissions, please? This isn't a great spot for them but for now it's the one that makes the most sense to me: https://backstage.io/docs/features/software-templates/authorizing-scaffolder-template-details |
Hey, I just made a Pull Request!
I have a need to disable the template management features (dry runner, playground, field explorer, etc). I've found in the Backstage Discord there are others with this same ask as well.
This PR adds a new permission that can be used to disable the template management routes and the "Manage Templates" option from appearing in the scaffolder page context menu.
✔️ Checklist
Signed-off-by
line in the message. (more info)