From fbb89a256d68d14f94d201f13f37e5503f4b0b3a Mon Sep 17 00:00:00 2001
From: Karthik <karthik.jk11@gmail.com>
Date: Fri, 22 Nov 2024 23:55:57 +0530
Subject: [PATCH] add permission support documentation

Signed-off-by: Karthik <karthik.jk11@gmail.com>
---
 .../plugins/lightspeed-backend/README.md      | 25 +++++++++++++++++
 .../lightspeed/plugins/lightspeed/README.md   | 27 +++++++++++++++++++
 2 files changed, 52 insertions(+)

diff --git a/workspaces/lightspeed/plugins/lightspeed-backend/README.md b/workspaces/lightspeed/plugins/lightspeed-backend/README.md
index 01cb7d0b..5bf7a2e6 100644
--- a/workspaces/lightspeed/plugins/lightspeed-backend/README.md
+++ b/workspaces/lightspeed/plugins/lightspeed-backend/README.md
@@ -46,3 +46,28 @@ lightspeed:
       url: 'https://localhost:443/v1'
       token: 'js92n-ssj28dbdk902' # dummy token
 ```
+
+#### Permission Framework Support
+
+The Lightspeed Backend plugin has support for the permission framework.
+
+- When [RBAC permission](https://github.com/backstage/community-plugins/tree/main/workspaces/rbac/plugins/rbac-backend#installation) framework is enabled, for non-admin users to access lightspeed backend API, the role associated with your user should have the following permission policies associated with it. Add the following in your permission policies configuration file named `rbac-policy.csv`:
+
+```CSV
+p, role:default/team_a, lightspeed.conversations.read, read, allow
+p, role:default/team_a, lightspeed.conversations.create, create, allow
+p, role:default/team_a, lightspeed.conversations.delete, delete, allow
+
+g, user:default/<your-user-name>, role:default/team_a
+
+```
+
+You can specify the path to this configuration file in your application configuration:
+
+```yaml
+permission:
+  enabled: true
+  rbac:
+    policies-csv-file: /some/path/rbac-policy.csv
+    policyFileReload: true
+```
diff --git a/workspaces/lightspeed/plugins/lightspeed/README.md b/workspaces/lightspeed/plugins/lightspeed/README.md
index 9f46d827..a73ab5a6 100644
--- a/workspaces/lightspeed/plugins/lightspeed/README.md
+++ b/workspaces/lightspeed/plugins/lightspeed/README.md
@@ -8,6 +8,33 @@ The Lightspeed plugin enables you to interact with any LLM server running a mode
 
 - Follow the lightspeed backend plugin [README](https://github.com/janus-idp/backstage-plugins/tree/main/plugins/lightspeed-backend) to integrate lightspeed backend in your Backstage instance.
 
+**Note**
+
+### Permission Framework Support
+
+The Lightspeed plugin has support for the permission framework.
+
+- When [RBAC permission](https://github.com/backstage/community-plugins/tree/main/workspaces/rbac/plugins/rbac-backend#installation) framework is enabled, for non-admin users to access lightspeed UI, the role associated with your user should have the following permission policies associated with it. Add the following in your permission policies configuration file named `rbac-policy.csv`:
+
+```CSV
+p, role:default/team_a, lightspeed.conversations.read, read, allow
+p, role:default/team_a, lightspeed.conversations.create, create, allow
+p, role:default/team_a, lightspeed.conversations.delete, delete, allow
+
+g, user:default/<your-user-name>, role:default/team_a
+
+```
+
+You can specify the path to this configuration file in your application configuration:
+
+```yaml
+permission:
+  enabled: true
+  rbac:
+    policies-csv-file: /some/path/rbac-policy.csv
+    policyFileReload: true
+```
+
 ### Installation
 
 1. Install the Lightspeed plugin using the following command: