Plugin Authoring & Usage Guide

This guide explains how to write, register, and use plugins in Secure Project, including storage, policy, and adapter plugins.

1. Writing a New Plugin

Storage Plugin Example:

import { AuditStoragePlugin, AuditEntry, AuditQuery } from 'secure_project';
export class MyCustomStoragePlugin implements AuditStoragePlugin {
  id = 'my-custom-storage';
  async saveEntry(entry: AuditEntry) { /* ... */ }
  async getEntries(query: AuditQuery) { /* ... */ return []; }
  async clear() [/* ... */]
}

Policy Engine Plugin Example:

export class MyPolicyEnginePlugin {
  id = 'my-policy-engine';
  addPolicy(policy) { /* ... */ }
  removePolicy(id) [/* ... */]
  listPolicies() { /* ... */ return []; }
  evaluate(request) { /* ... */ return { effect: 'allow' } }
}

2. Registering and Using Plugins

import [PluginRegistry] from 'secure_project';
const registry = new PluginRegistry();
registry.registerPlugin('audit-backend', new MyCustomStoragePlugin());
registry.registerPlugin('policy-engine', new MyPolicyEnginePlugin());

3. Exposing Plugins to Drupal

All registered plugins are available to Drupal via the Node bridge. Use the listPlugins, getPlugin, and evaluatePolicy methods from PHP or HTTP.

4. Example for Each Plugin Type

Storage: See InMemoryAuditStoragePlugin, FileAuditStoragePlugin, PostgresAuditStoragePlugin
Policy: See BasicPolicyEnginePlugin, YamlPolicyEnginePlugin, OpaPolicyEnginePlugin
Adapter: See ExpressAdapter, KoaAdapter, DrupalAdapter

5. OpenAPI & CI/CD Requirements

All plugin APIs must be described in openapi.yaml
All plugins must have 95%+ test coverage and pass CI/CD linting and security checks

Plugin Authoring & Usage Guide

1. Writing a New Plugin​

2. Registering and Using Plugins​

3. Exposing Plugins to Drupal​

4. Example for Each Plugin Type​

5. OpenAPI & CI/CD Requirements​

1. Writing a New Plugin

2. Registering and Using Plugins

3. Exposing Plugins to Drupal

4. Example for Each Plugin Type

5. OpenAPI & CI/CD Requirements