Get user permissions
To get all user permissions irrespective of the tenant, you can use the permit.GetUserPermissions
function.
This function determines all user permissions for every registered resource across all tenants.
Simple Usage
The permit.GetUserPermissions
function accepts a "User" as input and optionally a list of tenants to filter,
and returns an object containing the details about the request for each assigned tenant,
including the assigned tenant's attributes, and the allowed permissions:
- Node.js
- Java
- GoLang
const { Permit } = require("permitio");
const permit = new Permit({token: "<YOUR_API_KEY>", ...});
const userPermissions = await permit.getUserPermissions("john@doe.com");
import io.permit.sdk.Permit;
import io.permit.sdk.PermitConfig;
import io.permit.sdk.enforcement.*;
import java.util.Arrays;
Permit permit = new Permit(
new PermitConfig.Builder("[YOUR_API_KEY]").build()
);
UserPermissions permissions = permit.getUserPermissions(
new GetUserPermissionsQuery(
User.fromString("john@doe.com")
)
);
package main
import (
"encoding/json"
"fmt"
)
import p "github.com/permitio/permit-golang/pkg/permit"
import "github.com/permitio/permit-golang/pkg/config"
import "github.com/permitio/permit-golang/pkg/enforcement"
func main() {
// Create permit client
permitConfig := config.NewConfigBuilder("<YOUR_API_TOKEN>").Build()
permit := p.New(permitConfig)
// Create user and resource variables
user := enforcement.UserBuilder("john@doe.com").Build()
var userPermissions enforcement.UserPermissions
// List user permissions
userPermissions, err := permit.GetUserPermissions(
user,
// Optionally, you can specify a list of tenants to filter
"tenant-1",
"tenant-2",
)
if err != nil {
fmt.Printf("Error getting user permissions: %s", err)
} else if len(userPermissions) > 0 {
fmt.Println("John has a role assigned to some tenant in the environment")
for tenant, permissionsInTenant := range userPermissions {
attributes, _ := json.MarshalIndent(permissionsInTenant.Tenant.Attributes, "", "\t")
fmt.Printf("Allowed Tenant is '%s', attributes are:\n%s\nAllowed permissions are:\n%+q",
tenant, attributes, permissionsInTenant.Permissions,
)
}
} else {
fmt.Println("John is NOT PERMITTED to perform any action in any tenant in the environment")
}
}
info
Currently, using "GetUserPermissions" works only for RBAC & ReBAC.